Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/004284-d4a7-4962-9697-f23b077edb96/1/wWfKDbKLvvWeE2cnF78E52BYBrs.roa
File:                     wWfKDbKLvvWeE2cnF78E52BYBrs.roa (raw, json)
Hash identifier:          etGyy5bSDOoZtOVIEIphO4pRG9RFiZ8wMs4P3lFxnsw=
Subject key identifier:   C1:67:CA:0D:B2:8B:BE:F5:9E:13:67:27:17:BF:04:E7:60:58:06:BB
Certificate issuer:       /CN=83fb34b21a0ef8c40191c0e07c3b4524e323b2cf
Certificate serial:       01856CF85FC543E227AC5ED1FBBBDDAD32E0
Authority key identifier: 83:FB:34:B2:1A:0E:F8:C4:01:91:C0:E0:7C:3B:45:24:E3:23:B2:CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g_s0shoO-MQBkcDgfDtFJOMjss8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/004284-d4a7-4962-9697-f23b077edb96/1/wWfKDbKLvvWeE2cnF78E52BYBrs.roa
Signing time:             Sun 01 Jan 2023 10:54:54 +0000
ROA not before:           Sun 01 Jan 2023 10:54:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6712
IP address blocks:        91.204.196.0/22 maxlen: 22
                          91.204.196.0/23 maxlen: 23
                          91.204.196.0/24 maxlen: 24
                          91.204.198.0/24 maxlen: 24
                          91.204.198.0/23 maxlen: 23
                          91.204.197.0/24 maxlen: 24
                          91.204.199.0/24 maxlen: 24
                          91.246.134.0/24 maxlen: 24
                          91.246.133.0/24 maxlen: 24
                          91.246.135.0/24 maxlen: 24
                          91.246.134.0/23 maxlen: 23
                          91.246.136.0/21 maxlen: 21
                          91.246.139.0/24 maxlen: 24
                          91.246.136.0/24 maxlen: 24
                          91.246.136.0/23 maxlen: 23
                          91.246.138.0/24 maxlen: 24
                          91.246.138.0/23 maxlen: 23
                          91.246.137.0/24 maxlen: 24
                          91.246.140.0/24 maxlen: 24
                          91.246.140.0/23 maxlen: 23
                          91.246.142.0/24 maxlen: 24
                          91.246.142.0/23 maxlen: 23
                          91.246.141.0/24 maxlen: 24
                          91.246.143.0/24 maxlen: 24
                          91.246.145.0/24 maxlen: 24
                          91.246.144.0/21 maxlen: 21
                          91.246.144.0/23 maxlen: 23
                          91.246.144.0/24 maxlen: 24
                          91.246.146.0/24 maxlen: 24
                          91.246.147.0/24 maxlen: 24
                          91.246.151.0/24 maxlen: 24
                          91.246.146.0/23 maxlen: 23
                          91.246.149.0/24 maxlen: 24
                          91.246.148.0/24 maxlen: 24
                          91.246.148.0/23 maxlen: 23
                          91.246.150.0/23 maxlen: 23
                          91.246.150.0/24 maxlen: 24
                          91.246.152.0/21 maxlen: 21
                          91.246.152.0/24 maxlen: 24
                          91.246.152.0/23 maxlen: 23
                          91.246.158.0/24 maxlen: 24
                          91.246.159.0/24 maxlen: 24
                          91.246.158.0/23 maxlen: 23
                          91.246.154.0/23 maxlen: 23
                          91.246.154.0/24 maxlen: 24
                          91.246.153.0/24 maxlen: 24
                          91.246.156.0/24 maxlen: 24
                          91.246.156.0/23 maxlen: 23
                          91.246.157.0/24 maxlen: 24
                          91.246.155.0/24 maxlen: 24
                          91.246.132.0/24 maxlen: 24
                          91.246.131.0/24 maxlen: 24
                          91.246.130.0/23 maxlen: 23
                          91.246.130.0/24 maxlen: 24
                          91.246.132.0/23 maxlen: 23
                          91.246.129.0/24 maxlen: 24
                          91.246.128.0/24 maxlen: 24
                          91.246.128.0/23 maxlen: 23
                          91.246.128.0/21 maxlen: 21
                          91.246.128.0/19 maxlen: 19

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:f8:5f:c5:43:e2:27:ac:5e:d1:fb:bb:dd:ad:32:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=83fb34b21a0ef8c40191c0e07c3b4524e323b2cf
        Validity
            Not Before: Jan  1 10:54:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c167ca0db28bbef59e13672717bf04e7605806bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:d8:9e:5d:5a:3f:74:bc:7a:e8:a3:f4:f9:54:
                    46:46:9b:71:b0:40:a6:ea:7f:c5:b9:13:72:53:9b:
                    4c:cb:a5:fd:69:54:1d:40:f0:e1:a3:2f:09:5e:8e:
                    66:c7:45:6b:84:1e:66:15:0d:24:d4:4e:82:98:00:
                    f9:49:dd:ab:e7:06:f0:64:1b:85:c9:39:2a:53:45:
                    ea:f8:55:0b:29:d5:07:0e:55:25:18:7d:d1:0b:2d:
                    21:13:23:c8:6d:90:bc:da:33:7d:93:6d:c5:51:7f:
                    54:ec:19:7c:46:9c:cf:d6:cf:11:3a:9e:c7:d6:2d:
                    64:d0:2b:d6:ea:b8:a8:9b:bd:c4:0d:fd:a0:17:00:
                    35:0c:1e:17:b5:26:e8:a6:5f:94:34:38:c0:6a:5e:
                    91:a6:9a:42:f6:5d:0a:29:7c:49:9d:da:9f:0d:a1:
                    29:bd:3b:ac:52:f6:2f:82:5d:13:a7:38:18:66:48:
                    54:25:34:d2:ff:23:de:65:84:f3:3c:c8:13:c0:ca:
                    87:c3:9e:bb:b8:23:c4:75:bd:57:ba:80:ae:cc:bb:
                    88:92:95:a9:12:b6:93:6e:4f:20:1b:7b:28:b3:98:
                    27:e4:70:d0:3d:fd:de:58:f9:f2:fe:b1:f1:0c:e3:
                    67:9f:27:07:f9:56:74:55:b1:48:37:78:45:3c:0a:
                    54:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:67:CA:0D:B2:8B:BE:F5:9E:13:67:27:17:BF:04:E7:60:58:06:BB
            X509v3 Authority Key Identifier:
                keyid:83:FB:34:B2:1A:0E:F8:C4:01:91:C0:E0:7C:3B:45:24:E3:23:B2:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g_s0shoO-MQBkcDgfDtFJOMjss8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/004284-d4a7-4962-9697-f23b077edb96/1/wWfKDbKLvvWeE2cnF78E52BYBrs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/004284-d4a7-4962-9697-f23b077edb96/1/g_s0shoO-MQBkcDgfDtFJOMjss8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.204.196.0/22
                  91.246.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         69:86:82:00:d2:be:6e:8c:ed:47:91:fe:49:71:05:bc:9d:92:
         36:b3:e5:88:cb:47:76:ec:1c:40:39:34:1d:37:1b:22:f5:0e:
         2f:5c:5a:86:76:d2:ea:8c:fa:8d:3b:e2:55:82:c4:a9:82:c3:
         cb:77:98:6c:73:40:d8:0a:ac:08:a2:18:43:cb:cb:51:98:e6:
         0c:50:8a:80:ab:b9:a7:b0:df:f0:de:ca:f2:11:0c:cf:80:98:
         34:a6:97:de:5e:c0:92:4c:26:d6:6f:2d:00:47:1d:66:fe:c3:
         4c:f2:83:ac:f5:b9:d6:2a:48:c7:ed:7c:7a:9d:03:40:43:cd:
         79:47:48:58:45:d1:4e:97:d9:cc:bd:03:8d:70:76:d2:6d:b7:
         26:3a:40:d1:fa:65:3f:64:00:af:c5:83:f9:99:dd:18:77:d1:
         14:9e:26:a4:6e:5d:c0:ce:d6:c5:6a:7a:67:5d:02:33:41:13:
         04:b0:88:3e:7c:93:8a:d8:ab:75:e0:b0:e8:d8:ac:69:8e:67:
         cb:7b:4b:c7:8c:30:80:9d:05:69:ea:a9:72:ba:f4:4a:33:15:
         de:32:e8:39:e0:ac:ba:0e:7d:17:37:30:b6:9a:89:eb:ad:af:
         06:a5:c7:7c:6e:b4:a0:94:2a:75:d3:39:b1:0b:4e:e8:25:a5:
         ea:f8:2d:4a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVs+F/FQ+InrF7R+7vdrTLgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZmIzNGIyMWEwZWY4YzQwMTkxYzBlMDdjM2I0NTI0ZTMy
M2IyY2YwHhcNMjMwMTAxMTA1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTY3Y2EwZGIyOGJiZWY1OWUxMzY3MjcxN2JmMDRlNzYwNTgwNmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtieXVo/dLx66KP0+VRGRptxsECm
6n/FuRNyU5tMy6X9aVQdQPDhoy8JXo5mx0VrhB5mFQ0k1E6CmAD5Sd2r5wbwZBuF
yTkqU0Xq+FULKdUHDlUlGH3RCy0hEyPIbZC82jN9k23FUX9U7Bl8RpzP1s8ROp7H
1i1k0CvW6riom73EDf2gFwA1DB4XtSbopl+UNDjAal6RpppC9l0KKXxJndqfDaEp
vTusUvYvgl0TpzgYZkhUJTTS/yPeZYTzPMgTwMqHw567uCPEdb1XuoCuzLuIkpWp
EraTbk8gG3sos5gn5HDQPf3eWPny/rHxDONnnycH+VZ0VbFIN3hFPApUtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMFnyg2yi771nhNnJxe/BOdgWAa7MB8GA1UdIwQY
MBaAFIP7NLIaDvjEAZHA4Hw7RSTjI7LPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ19zMHNob08tTVFCa2NEZ2ZEdEZKT01qc3M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8wMDQyODQtZDRhNy00OTYyLTk2OTct
ZjIzYjA3N2VkYjk2LzEvd1dmS0RiS0x2dldlRTJjbkY3OEU1MkJZQnJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8wMDQyODQtZDRhNy00OTYyLTk2OTctZjIzYjA3N2VkYjk2
LzEvZ19zMHNob08tTVFCa2NEZ2ZEdEZKT01qc3M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8zEAwQF
W/aAMA0GCSqGSIb3DQEBCwUAA4IBAQBphoIA0r5ujO1Hkf5JcQW8nZI2s+WIy0d2
7BxAOTQdNxsi9Q4vXFqGdtLqjPqNO+JVgsSpgsPLd5hsc0DYCqwIohhDy8tRmOYM
UIqAq7mnsN/w3sryEQzPgJg0ppfeXsCSTCbWby0ARx1m/sNM8oOs9bnWKkjH7Xx6
nQNAQ815R0hYRdFOl9nMvQONcHbSbbcmOkDR+mU/ZACvxYP5md0Yd9EUniakbl3A
ztbFanpnXQIzQRMEsIg+fJOK2Kt14LDo2KxpjmfLe0vHjDCAnQVp6qlyuvRKMxXe
Mug54Ky6Dn0XNzC2monrra8Gpcd8brSglCp10zmxC07oJaXq+C1K
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:52 2024 by rpki-client on console-ams.rpki-client.org