Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/WmXaTyZ0yCV7nVNEzHv8115SVYo.roa
File:                     WmXaTyZ0yCV7nVNEzHv8115SVYo.roa (raw, json)
Hash identifier:          740MJAs+s/gN3CchaxRzEy1m2zwCz6xXlEELG+fWlB0=
Subject key identifier:   5A:65:DA:4F:26:74:C8:25:7B:9D:53:44:CC:7B:FC:D7:5E:52:55:8A
Certificate issuer:       /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial:       018DFB50BA9E1C20F9531768BF7B18FE67A2
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/WmXaTyZ0yCV7nVNEzHv8115SVYo.roa
Signing time:             Fri 01 Mar 2024 18:39:48 +0000
ROA not before:           Fri 01 Mar 2024 18:39:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     7018
IP address blocks:        37.218.208.0/21 maxlen: 24
                          37.218.216.0/21 maxlen: 24
                          82.163.68.0/22 maxlen: 24
                          149.126.88.0/22 maxlen: 24
                          185.86.140.0/23 maxlen: 24
                          185.86.142.0/23 maxlen: 24
                          188.215.124.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sun 28 Apr 2024 13:04:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:fb:50:ba:9e:1c:20:f9:53:17:68:bf:7b:18:fe:67:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
        Validity
            Not Before: Mar  1 18:39:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5a65da4f2674c8257b9d5344cc7bfcd75e52558a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:9d:87:f3:22:d4:d9:e0:f6:6d:19:3c:c2:bf:
                    5c:83:2b:33:b1:d9:16:44:bd:26:cc:ff:4f:e1:05:
                    19:aa:96:33:f1:c5:78:32:f5:60:d0:03:2e:f5:cb:
                    10:21:47:4e:08:aa:9a:bc:1c:53:be:e2:83:d7:e0:
                    59:13:20:85:97:72:0f:f2:22:ac:11:96:df:ea:5f:
                    1f:b7:b2:1e:db:d4:49:de:70:e5:01:54:37:b4:a8:
                    a1:13:71:06:b3:ca:f5:a4:74:0c:08:0a:32:47:7c:
                    d9:27:fe:6d:81:57:0f:37:fb:46:28:6e:84:52:8f:
                    7e:ba:1d:d5:d6:7a:6d:4a:ae:d7:1c:28:7e:d6:5d:
                    db:6d:50:27:54:7e:ca:a5:eb:c5:8a:1f:a2:8a:48:
                    86:5f:a2:c9:39:30:c6:e0:c1:92:e9:6e:b9:71:d9:
                    d7:3f:32:e8:a5:c9:fd:e6:87:93:74:45:3d:73:d3:
                    b9:43:43:f7:b4:95:50:3f:88:20:c7:03:e5:b7:92:
                    1b:60:0f:45:91:98:1e:82:b5:6a:ee:34:8c:43:28:
                    62:22:fe:b8:5d:2b:85:7a:f9:cd:d4:2e:cd:9c:51:
                    62:aa:34:da:45:e7:86:22:af:fe:81:39:95:e9:1c:
                    fa:94:77:fe:ee:06:d6:43:be:b9:bc:b0:dd:07:f0:
                    98:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:65:DA:4F:26:74:C8:25:7B:9D:53:44:CC:7B:FC:D7:5E:52:55:8A
            X509v3 Authority Key Identifier:
                keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/WmXaTyZ0yCV7nVNEzHv8115SVYo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.218.208.0/20
                  82.163.68.0/22
                  149.126.88.0/22
                  185.86.140.0/22
                  188.215.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         30:c2:7d:12:54:98:4d:ba:0c:6f:35:ba:11:33:0f:89:5e:ac:
         f9:1d:56:34:04:d6:e2:c6:12:85:f5:bc:ec:1a:42:19:dc:5d:
         f9:7c:a1:d0:f5:96:30:d7:3e:68:61:9c:7f:11:15:d6:ec:3c:
         d7:73:c0:f5:d9:a8:8d:72:12:82:63:6e:53:e9:ac:a7:0f:54:
         17:e3:9a:7a:a5:71:d3:46:92:49:d2:3b:de:ba:bd:bd:87:0a:
         57:3d:50:69:64:4a:35:b6:3b:7a:6f:1b:bc:df:de:e8:c2:78:
         d3:cf:36:47:5e:7c:9f:97:70:ba:ff:6f:ec:79:d9:2e:8e:5a:
         ce:7c:17:08:a1:2f:3b:2e:bf:2a:3c:de:3e:37:2e:53:cb:47:
         4b:ca:0e:1a:a9:6a:99:44:50:19:11:e3:91:9a:87:9d:1f:a0:
         53:6a:41:26:1f:95:91:17:9f:ec:61:d2:9a:c6:06:d2:7d:77:
         0e:a8:79:6c:38:20:3f:c4:81:dd:71:b1:1e:e9:81:45:25:a9:
         79:56:0b:86:e2:37:3a:fa:ba:5b:87:0e:b6:3d:9d:c9:6b:4f:
         57:3d:f4:71:6c:9c:de:71:8b:ee:2e:00:fc:4d:53:9d:1d:be:
         52:be:70:ed:2f:da:35:5e:f5:48:e7:09:a1:02:34:d3:d5:a2:
         90:d9:8b:69
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY37ULqeHCD5Uxdov3sY/meiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMzAxMTgzOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTY1ZGE0ZjI2NzRjODI1N2I5ZDUzNDRjYzdiZmNkNzVlNTI1NThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx52H8yLU2eD2bRk8wr9cgyszsdkW
RL0mzP9P4QUZqpYz8cV4MvVg0AMu9csQIUdOCKqavBxTvuKD1+BZEyCFl3IP8iKs
EZbf6l8ft7Ie29RJ3nDlAVQ3tKihE3EGs8r1pHQMCAoyR3zZJ/5tgVcPN/tGKG6E
Uo9+uh3V1nptSq7XHCh+1l3bbVAnVH7KpevFih+iikiGX6LJOTDG4MGS6W65cdnX
PzLopcn95oeTdEU9c9O5Q0P3tJVQP4ggxwPlt5IbYA9FkZgegrVq7jSMQyhiIv64
XSuFevnN1C7NnFFiqjTaReeGIq/+gTmV6Rz6lHf+7gbWQ765vLDdB/CYgwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFpl2k8mdMgle51TRMx7/NdeUlWKMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvV21YYVR5WjB5Q1Y3blZORXpIdjgxMTVTVllvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEJdrQAwQC
UqNEAwQClX5YAwQCuVaMAwQCvNd8MA0GCSqGSIb3DQEBCwUAA4IBAQAwwn0SVJhN
ugxvNboRMw+JXqz5HVY0BNbixhKF9bzsGkIZ3F35fKHQ9ZYw1z5oYZx/ERXW7DzX
c8D12aiNchKCY25T6aynD1QX45p6pXHTRpJJ0jveur29hwpXPVBpZEo1tjt6bxu8
397ownjTzzZHXnyfl3C6/2/sedkujlrOfBcIoS87Lr8qPN4+Ny5Ty0dLyg4aqWqZ
RFAZEeORmoedH6BTakEmH5WRF5/sYdKaxgbSfXcOqHlsOCA/xIHdcbEe6YFFJal5
VguG4jc6+rpbhw62PZ3Ja09XPfRxbJzecYvuLgD8TVOdHb5SvnDtL9o1XvVI5wmh
AjTT1aKQ2Ytp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org