Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/wCQkWQIek-fWz5fAtsCDXmF9nWE.roa
File:                     wCQkWQIek-fWz5fAtsCDXmF9nWE.roa (raw, json)
Hash identifier:          rQmf4EavTtZBTY7JMTIRaLgA2EDBe6BcAdiQFyRUwsI=
Subject key identifier:   C0:24:24:59:02:1E:93:E7:D6:CF:97:C0:B6:C0:83:5E:61:7D:9D:61
Certificate issuer:       /CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
Certificate serial:       018CC86F74CC25B5D1150415B19D45A1B219
Authority key identifier: 11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/wCQkWQIek-fWz5fAtsCDXmF9nWE.roa
Signing time:             Tue 02 Jan 2024 04:29:56 +0000
ROA not before:           Tue 02 Jan 2024 04:29:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210644
IP address blocks:        178.236.246.0/23 maxlen: 23
                          94.228.162.0/23 maxlen: 23
                          94.228.164.0/23 maxlen: 23
                          94.228.168.0/24 maxlen: 24
                          94.228.169.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 01 Aug 2024 06:45:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:6f:74:cc:25:b5:d1:15:04:15:b1:9d:45:a1:b2:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
        Validity
            Not Before: Jan  2 04:29:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c0242459021e93e7d6cf97c0b6c0835e617d9d61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:2c:ba:9a:3e:28:82:06:88:34:18:31:2d:cf:
                    6c:ec:60:ec:d2:67:5f:63:8c:be:e3:5a:9a:db:e4:
                    5c:a9:49:f3:2f:37:00:b4:e4:76:d5:8d:1a:e4:c1:
                    b1:9f:8f:7a:25:19:83:d6:7e:c1:6d:f8:08:7d:58:
                    df:85:89:4e:c5:25:52:fb:bc:0c:b0:e7:23:8c:de:
                    44:92:29:43:94:d4:46:87:96:9a:c3:e9:3b:93:7f:
                    5a:97:5d:3d:cb:97:ce:9b:7e:63:6d:ab:9f:8a:72:
                    bb:b0:d0:9f:f4:d1:99:5e:f6:c2:d9:07:dc:12:52:
                    60:0b:07:46:00:9e:22:7f:af:29:cf:90:d8:a9:14:
                    9c:63:cd:78:e5:ef:8e:86:b2:1e:b5:df:11:ab:70:
                    5d:55:4c:42:f1:23:e0:e7:8b:d6:d8:0d:d7:ab:db:
                    f9:a9:72:d4:4d:b8:42:45:26:3e:b7:82:78:35:50:
                    63:dd:77:55:01:f6:ed:05:21:f0:ee:63:8b:46:b1:
                    7b:8b:96:48:d3:be:09:24:72:bc:66:07:7f:cd:1f:
                    0b:f3:80:68:69:ec:95:fa:9e:3e:f3:3b:6a:f6:9e:
                    d7:f0:2b:1b:da:2d:dc:09:9a:fd:41:f7:32:46:a7:
                    4c:59:93:51:a6:25:93:47:68:3c:18:f3:5c:50:1f:
                    0d:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:24:24:59:02:1E:93:E7:D6:CF:97:C0:B6:C0:83:5E:61:7D:9D:61
            X509v3 Authority Key Identifier:
                keyid:11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/wCQkWQIek-fWz5fAtsCDXmF9nWE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.228.162.0-94.228.165.255
                  94.228.168.0/23
                  178.236.246.0/23

    Signature Algorithm: sha256WithRSAEncryption
         50:89:d1:20:dd:7d:dc:bd:9d:f1:f5:e1:0e:21:37:ab:52:a8:
         5f:ce:0e:d1:c9:6b:5e:79:e2:2e:68:a0:59:0b:f7:36:ad:b3:
         1e:cc:20:ca:d2:88:82:2b:dc:bd:c6:31:61:05:8d:60:ec:d1:
         13:28:a9:b2:10:53:83:4a:91:6a:0f:08:ed:e4:5a:f0:8e:15:
         8a:3b:79:14:f2:fd:7e:dc:71:ea:3e:f3:28:f0:43:6a:ee:0a:
         14:42:ad:9e:37:4b:fd:e7:82:77:1c:88:c4:72:b0:74:d6:bd:
         fb:4f:16:a3:e6:f0:3b:21:cf:c8:95:f8:27:ac:bd:f8:71:aa:
         ef:de:37:ba:c5:68:3c:f3:02:bc:2b:2d:8c:21:a0:dc:b5:36:
         03:55:0c:4b:ca:46:9d:d6:96:2b:19:c7:9c:40:11:72:5c:42:
         44:a6:f7:42:6e:c5:44:fb:23:2a:5c:5e:52:82:c5:c7:63:55:
         60:20:b6:3e:ea:5f:0a:56:df:93:db:1f:9f:ed:9b:00:ce:e3:
         6f:94:a7:db:60:6c:65:3b:ae:09:3c:29:95:9f:e1:99:f8:70:
         1e:29:98:6b:18:ea:bb:47:53:5c:8c:6f:3c:f0:b0:05:39:6f:
         ca:ca:2f:18:63:8a:19:e6:2c:6b:e5:d9:01:50:ee:a8:23:11:
         2d:81:aa:44
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzIb3TMJbXRFQQVsZ1FobIZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExN2Y5ZDU1ODI2YjQyNDg2ZGZjODRkMzVjMWE2M2E1Y2U4
NzUwN2MwHhcNMjQwMTAyMDQyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDI0MjQ1OTAyMWU5M2U3ZDZjZjk3YzBiNmMwODM1ZTYxN2Q5ZDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyy6mj4oggaINBgxLc9s7GDs0mdf
Y4y+41qa2+RcqUnzLzcAtOR21Y0a5MGxn496JRmD1n7BbfgIfVjfhYlOxSVS+7wM
sOcjjN5EkilDlNRGh5aaw+k7k39al109y5fOm35jbaufinK7sNCf9NGZXvbC2Qfc
ElJgCwdGAJ4if68pz5DYqRScY8145e+OhrIetd8Rq3BdVUxC8SPg54vW2A3Xq9v5
qXLUTbhCRSY+t4J4NVBj3XdVAfbtBSHw7mOLRrF7i5ZI074JJHK8Zgd/zR8L84Bo
aeyV+p4+8ztq9p7X8Csb2i3cCZr9QfcyRqdMWZNRpiWTR2g8GPNcUB8NewIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMAkJFkCHpPn1s+XwLbAg15hfZ1hMB8GA1UdIwQY
MBaAFBF/nVWCa0JIbfyE01waY6XOh1B8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMt
M2ZiYmJhOTI0OWNkLzEvd0NRa1dRSWVrLWZXejVmQXRzQ0RYbUY5bldFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMtM2ZiYmJhOTI0OWNk
LzEvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAFe5KID
BAFe5KQDBAFe5KgDBAGy7PYwDQYJKoZIhvcNAQELBQADggEBAFCJ0SDdfdy9nfH1
4Q4hN6tSqF/ODtHJa1554i5ooFkL9zatsx7MIMrSiIIr3L3GMWEFjWDs0RMoqbIQ
U4NKkWoPCO3kWvCOFYo7eRTy/X7cceo+8yjwQ2ruChRCrZ43S/3ngncciMRysHTW
vftPFqPm8Dshz8iV+Cesvfhxqu/eN7rFaDzzArwrLYwhoNy1NgNVDEvKRp3WlisZ
x5xAEXJcQkSm90JuxUT7IypcXlKCxcdjVWAgtj7qXwpW35PbH5/tmwDO42+Up9tg
bGU7rgk8KZWf4Zn4cB4pmGsY6rtHU1yMbzzwsAU5b8rKLxhjihnmLGvl2QFQ7qgj
ES2BqkQ=
-----END CERTIFICATE-----
Generated at Thu Aug 1 08:26:23 2024 by rpki-client on console-ams.rpki-client.org