Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/WlmNA-JzYBVnfpxwDyO3_2fH-iU.roa
File:                     WlmNA-JzYBVnfpxwDyO3_2fH-iU.roa (raw, json)
Hash identifier:          51w68ipY4FN4u33cSAmErwFUV2WXDsc3NswbxOWhkBo=
Subject key identifier:   5A:59:8D:03:E2:73:60:15:67:7E:9C:70:0F:23:B7:FF:67:C7:FA:25
Certificate issuer:       /CN=172537601a31697404922d957e74450f5a9cbe73
Certificate serial:       018A68ADB18EF3FB291EDE392AEBBF40F901
Authority key identifier: 17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/WlmNA-JzYBVnfpxwDyO3_2fH-iU.roa
Signing time:             Wed 06 Sep 2023 04:08:48 +0000
ROA not before:           Wed 06 Sep 2023 04:08:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61185
IP address blocks:        109.238.160.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Wed 22 Nov 2023 11:43:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:68:ad:b1:8e:f3:fb:29:1e:de:39:2a:eb:bf:40:f9:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=172537601a31697404922d957e74450f5a9cbe73
        Validity
            Not Before: Sep  6 04:08:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5a598d03e2736015677e9c700f23b7ff67c7fa25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:53:a0:93:f8:d2:12:b8:32:b1:2c:b5:dd:22:
                    60:5f:97:58:bf:d3:9f:fe:b1:14:a6:df:ce:16:15:
                    51:65:68:e8:30:82:10:7f:38:5c:c6:42:74:9b:4e:
                    1c:0f:80:26:25:83:e3:09:27:a5:21:6e:02:27:a5:
                    1c:80:da:a9:43:7f:78:a0:40:5f:ca:28:19:ae:ee:
                    19:15:6c:17:ca:5a:39:81:e0:a2:c3:bb:64:9d:28:
                    c6:cc:d6:86:52:53:56:81:8a:a7:41:61:0e:8f:1c:
                    ef:0a:0b:b8:55:d3:23:e6:1b:e9:a2:b0:60:30:e8:
                    68:2b:15:7a:2f:cf:fd:ad:02:a2:96:19:ce:0e:3e:
                    a6:dd:4d:aa:17:9d:5e:a9:75:1e:5e:5e:38:f5:f7:
                    74:05:4f:e7:7a:41:6e:31:ec:19:0e:d3:60:21:d1:
                    07:fe:0d:69:d0:f5:c5:97:39:15:93:0f:25:0a:d5:
                    a1:7f:d5:64:c0:4b:af:27:7c:1e:dd:33:e9:7d:90:
                    53:6a:03:5a:48:3c:a9:7d:4c:c1:ab:e2:4a:93:2d:
                    55:08:2a:ef:99:52:2a:c6:bc:de:9e:c0:61:2e:69:
                    f6:ac:b5:cd:1c:3f:1a:c3:19:9e:87:c5:12:86:73:
                    a7:7d:59:41:3d:3d:74:4b:8b:27:5c:3a:57:78:69:
                    d8:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:59:8D:03:E2:73:60:15:67:7E:9C:70:0F:23:B7:FF:67:C7:FA:25
            X509v3 Authority Key Identifier:
                keyid:17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/WlmNA-JzYBVnfpxwDyO3_2fH-iU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.238.160.0/21

    Signature Algorithm: sha256WithRSAEncryption
         51:5c:e5:2a:cf:43:dc:0a:2b:31:49:39:59:f2:eb:48:40:d7:
         be:7f:87:f9:10:40:5e:53:45:16:be:2b:31:17:05:e6:aa:7b:
         2a:68:87:e7:73:9b:f1:21:47:d5:e4:11:35:4a:a4:f6:c3:44:
         d0:a6:cf:e3:97:89:36:b5:22:c6:e2:b1:f0:bc:5b:c9:19:52:
         55:c4:9e:28:f5:76:a5:a5:5b:64:91:8d:b9:9f:3d:1d:78:d9:
         66:14:94:c6:ed:b9:4a:f5:c6:d5:8a:62:58:11:19:21:16:2d:
         f2:2b:bc:e7:a3:7d:87:19:24:e5:23:c9:d1:1b:ab:0c:fe:a4:
         d9:56:d3:a1:96:eb:67:a6:06:64:5a:04:85:a7:02:b3:28:2d:
         0d:d0:fb:f8:f4:79:53:b7:5c:23:20:27:f7:7d:2f:3c:33:36:
         ee:f7:a8:e1:9f:61:e5:62:af:81:56:a7:64:4b:10:1c:b3:fe:
         ad:a0:13:fa:9f:59:45:a8:a4:d8:ac:2a:5c:98:5c:d4:5d:a5:
         aa:ad:cf:78:b7:73:34:f6:85:77:25:2e:0c:f9:00:f5:b9:91:
         ee:bd:51:c8:28:45:57:91:a6:04:17:ab:07:42:a8:dd:f1:14:
         a5:16:40:9f:0c:b2:76:bb:b2:37:45:b3:db:3e:78:dd:8a:c6:
         9f:72:12:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYporbGO8/spHt45Kuu/QPkBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MjUzNzYwMWEzMTY5NzQwNDkyMmQ5NTdlNzQ0NTBmNWE5
Y2JlNzMwHhcNMjMwOTA2MDQwODQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTU5OGQwM2UyNzM2MDE1Njc3ZTljNzAwZjIzYjdmZjY3YzdmYTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVOgk/jSErgysSy13SJgX5dYv9Of
/rEUpt/OFhVRZWjoMIIQfzhcxkJ0m04cD4AmJYPjCSelIW4CJ6UcgNqpQ394oEBf
yigZru4ZFWwXylo5geCiw7tknSjGzNaGUlNWgYqnQWEOjxzvCgu4VdMj5hvporBg
MOhoKxV6L8/9rQKilhnODj6m3U2qF51eqXUeXl449fd0BU/nekFuMewZDtNgIdEH
/g1p0PXFlzkVkw8lCtWhf9VkwEuvJ3we3TPpfZBTagNaSDypfUzBq+JKky1VCCrv
mVIqxrzensBhLmn2rLXNHD8awxmeh8UShnOnfVlBPT10S4snXDpXeGnYVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFpZjQPic2AVZ36ccA8jt/9nx/olMB8GA1UdIwQY
MBaAFBclN2AaMWl0BJItlX50RQ9anL5zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQt
ZTYwNGI2MWJlMGVhLzEvV2xtTkEtSnpZQlZuZnB4d0R5TzNfMmZILWlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQtZTYwNGI2MWJlMGVh
LzEvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbe6gMA0G
CSqGSIb3DQEBCwUAA4IBAQBRXOUqz0PcCisxSTlZ8utIQNe+f4f5EEBeU0UWvisx
FwXmqnsqaIfnc5vxIUfV5BE1SqT2w0TQps/jl4k2tSLG4rHwvFvJGVJVxJ4o9Xal
pVtkkY25nz0deNlmFJTG7blK9cbVimJYERkhFi3yK7zno32HGSTlI8nRG6sM/qTZ
VtOhlutnpgZkWgSFpwKzKC0N0Pv49HlTt1wjICf3fS88Mzbu96jhn2HlYq+BVqdk
SxAcs/6toBP6n1lFqKTYrCpcmFzUXaWqrc94t3M09oV3JS4M+QD1uZHuvVHIKEVX
kaYEF6sHQqjd8RSlFkCfDLJ2u7I3RbPbPnjdisafchIx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:25 2024 by rpki-client on console-fra.rpki-client.org