Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/rhWeslSxz2KbXSEePw_jx1wJv4E.roa
File:                     rhWeslSxz2KbXSEePw_jx1wJv4E.roa (raw, json)
Hash identifier:          YiFXtE7j1TPT02vqqeIufU32Ts8f0wZSwMWJLZuEGoA=
Subject key identifier:   AE:15:9E:B2:54:B1:CF:62:9B:5D:21:1E:3F:0F:E3:C7:5C:09:BF:81
Certificate issuer:       /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial:       018C0A3C6E5A2ED00BE1AA1E315E89A4C96F
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/rhWeslSxz2KbXSEePw_jx1wJv4E.roa
Signing time:             Sun 26 Nov 2023 06:06:21 +0000
ROA not before:           Sun 26 Nov 2023 06:06:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207724
IP address blocks:        185.239.2.0/24 maxlen: 24
                          185.239.3.0/24 maxlen: 24
                          5.159.49.0/24 maxlen: 24
                          5.159.54.0/24 maxlen: 24
                          45.94.213.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 26 Nov 2023 06:21:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:0a:3c:6e:5a:2e:d0:0b:e1:aa:1e:31:5e:89:a4:c9:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
        Validity
            Not Before: Nov 26 06:06:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ae159eb254b1cf629b5d211e3f0fe3c75c09bf81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:00:90:49:5a:41:a7:cd:5a:d5:27:e0:ec:77:
                    76:01:87:18:f7:da:08:54:24:a2:85:32:29:81:7f:
                    06:01:e9:fc:91:d3:a0:35:99:9c:84:50:31:61:1d:
                    f1:d0:45:21:87:81:2e:cb:b8:0f:aa:29:e1:bf:b9:
                    b8:76:a5:b0:30:39:c1:ca:55:6d:74:e1:69:8d:4e:
                    e7:f1:41:04:bc:32:38:1a:05:d5:50:c6:59:08:66:
                    ac:4d:dd:15:8a:d8:ac:86:8c:4a:06:2a:fc:7f:24:
                    54:32:e9:d3:89:5a:5b:44:36:a4:a7:03:47:f1:f7:
                    da:91:14:b6:12:37:65:6b:9f:53:94:c8:a5:74:93:
                    ab:0a:b0:0a:93:ba:90:44:1b:bc:9d:ed:81:be:d2:
                    97:97:67:be:71:ea:57:66:60:a5:b4:26:b4:c3:8e:
                    d3:1d:50:f5:c1:d6:8e:8e:46:c7:c7:3b:23:d3:2b:
                    29:55:0e:77:60:0e:9c:f4:54:51:eb:6f:eb:cf:5b:
                    ed:a5:66:61:d1:f4:32:98:5c:64:c8:be:1e:da:00:
                    78:1a:eb:1e:0b:0b:42:4a:2e:81:96:0a:e9:71:e0:
                    c8:b4:3e:54:ad:1e:40:75:81:54:f5:01:2f:f0:7f:
                    9c:05:c7:58:2e:74:ef:c4:71:a1:c0:14:0c:06:54:
                    58:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:15:9E:B2:54:B1:CF:62:9B:5D:21:1E:3F:0F:E3:C7:5C:09:BF:81
            X509v3 Authority Key Identifier:
                keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/rhWeslSxz2KbXSEePw_jx1wJv4E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.159.49.0/24
                  5.159.54.0/24
                  45.94.213.0/24
                  185.239.2.0/23

    Signature Algorithm: sha256WithRSAEncryption
         28:42:c5:1c:4d:e9:31:d5:0d:07:d0:7b:31:24:35:65:df:da:
         91:4d:33:0f:10:27:d7:0d:d3:3f:b5:3e:14:f9:74:89:e5:c1:
         b2:82:50:07:11:80:b0:50:51:26:7a:69:bd:49:ac:08:59:36:
         09:b8:73:0e:ba:d6:7d:b5:d9:2e:d6:f5:fa:9f:92:ac:f1:68:
         89:57:eb:ff:68:18:6d:63:b4:5c:33:22:7c:43:00:47:05:ef:
         58:ae:2a:5c:82:67:33:c6:1f:94:06:41:e4:4a:2b:d4:76:51:
         13:0a:71:5e:ae:8f:ff:57:78:9d:a2:3e:cf:3c:ad:f3:d0:2f:
         70:f5:ec:54:c5:d8:23:bb:37:62:67:fc:e4:38:40:b7:fb:31:
         db:07:18:a9:72:b9:f9:4d:53:f5:b8:a8:5a:01:ad:a4:ab:70:
         31:3c:bb:e3:ed:1d:6f:4c:ac:a5:48:b2:58:ad:05:6b:4d:9d:
         37:8e:4f:46:7e:41:ee:54:2d:51:80:4f:90:fb:f4:33:4f:b9:
         2b:b6:15:db:e0:fe:a1:f5:bf:b8:f5:21:23:ff:50:db:fd:ca:
         5f:f5:77:f9:cb:5c:4c:69:02:6d:2b:de:93:e7:b0:8b:e1:bb:
         1a:f5:d4:58:19:5e:30:ba:53:36:52:67:6a:59:46:85:85:1f:
         03:05:91:61
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYwKPG5aLtAL4aoeMV6JpMlvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMxMTI2MDYwNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTE1OWViMjU0YjFjZjYyOWI1ZDIxMWUzZjBmZTNjNzVjMDliZjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuACQSVpBp81a1Sfg7Hd2AYcY99oI
VCSihTIpgX8GAen8kdOgNZmchFAxYR3x0EUhh4Euy7gPqinhv7m4dqWwMDnBylVt
dOFpjU7n8UEEvDI4GgXVUMZZCGasTd0VitishoxKBir8fyRUMunTiVpbRDakpwNH
8ffakRS2Ejdla59TlMildJOrCrAKk7qQRBu8ne2BvtKXl2e+cepXZmCltCa0w47T
HVD1wdaOjkbHxzsj0yspVQ53YA6c9FRR62/rz1vtpWZh0fQymFxkyL4e2gB4Guse
CwtCSi6BlgrpceDItD5UrR5AdYFU9QEv8H+cBcdYLnTvxHGhwBQMBlRYjwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK4VnrJUsc9im10hHj8P48dcCb+BMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvcmhXZXNsU3h6MktiWFNFZVB3X2p4MXdKdjRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABZ8xAwQA
BZ82AwQALV7VAwQBue8CMA0GCSqGSIb3DQEBCwUAA4IBAQAoQsUcTekx1Q0H0Hsx
JDVl39qRTTMPECfXDdM/tT4U+XSJ5cGyglAHEYCwUFEmemm9SawIWTYJuHMOutZ9
tdku1vX6n5Ks8WiJV+v/aBhtY7RcMyJ8QwBHBe9Yripcgmczxh+UBkHkSivUdlET
CnFero//V3idoj7PPK3z0C9w9exUxdgjuzdiZ/zkOEC3+zHbBxipcrn5TVP1uKha
Aa2kq3AxPLvj7R1vTKylSLJYrQVrTZ03jk9GfkHuVC1RgE+Q+/QzT7krthXb4P6h
9b+49SEj/1Db/cpf9Xf5y1xMaQJtK96T57CL4bsa9dRYGV4wulM2UmdqWUaFhR8D
BZFh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:49 2024 by rpki-client on console-ams.rpki-client.org