Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/1e63b6-3956-4d12-b19f-5bef6420a028/1/wtV0ZlKY124S7JaFYh1czr7hncg.roa
File:                     wtV0ZlKY124S7JaFYh1czr7hncg.roa (raw, json)
Hash identifier:          SrDDfD9Hxac4Usl45ZfNB6EWo4e+/HlvTtPlo+agVXE=
Subject key identifier:   C2:D5:74:66:52:98:D7:6E:12:EC:96:85:62:1D:5C:CE:BE:E1:9D:C8
Certificate issuer:       /CN=3cc94ff479778651a605121f1ffe678196328f35
Certificate serial:       018570CBF8162365D561A9E933703A061B8F
Authority key identifier: 3C:C9:4F:F4:79:77:86:51:A6:05:12:1F:1F:FE:67:81:96:32:8F:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PMlP9Hl3hlGmBRIfH_5ngZYyjzU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/1e63b6-3956-4d12-b19f-5bef6420a028/1/wtV0ZlKY124S7JaFYh1czr7hncg.roa
Signing time:             Mon 02 Jan 2023 04:44:53 +0000
ROA not before:           Mon 02 Jan 2023 04:44:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     28929
IP address blocks:        94.73.127.0/24 maxlen: 24
                          188.228.128.0/17 maxlen: 17
                          78.26.111.0/24 maxlen: 24
                          37.77.208.0/20 maxlen: 20
                          185.29.104.0/22 maxlen: 22
                          94.73.64.0/18 maxlen: 18
                          193.25.178.0/23 maxlen: 23
                          78.26.64.0/18 maxlen: 18
                          195.47.199.0/24 maxlen: 24
                          2a02:f8::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:cb:f8:16:23:65:d5:61:a9:e9:33:70:3a:06:1b:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cc94ff479778651a605121f1ffe678196328f35
        Validity
            Not Before: Jan  2 04:44:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c2d574665298d76e12ec9685621d5ccebee19dc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:e6:5f:0b:2c:8e:26:ce:ff:05:40:28:0d:69:
                    a4:c5:91:eb:6f:26:4e:cf:02:10:cf:89:b5:f5:2b:
                    a6:08:ac:e7:b4:92:81:0b:f1:5c:25:87:1f:c4:f2:
                    12:5e:db:43:ab:82:ac:2b:35:02:ca:68:ff:0f:57:
                    da:5b:71:f2:c8:3c:0a:22:85:82:d1:bf:0c:4e:ca:
                    71:0a:fb:a4:e8:12:13:b2:80:b2:14:3c:4b:65:8d:
                    e2:1b:e4:eb:01:29:dc:d3:7b:fe:ff:cd:7c:3b:28:
                    83:fb:38:73:be:aa:a2:57:c7:0e:69:ed:e8:82:13:
                    77:ee:2e:7d:25:9e:71:e1:0c:39:5c:39:5e:4b:9f:
                    d9:92:92:76:4d:ec:8d:62:3c:93:0e:bd:cf:a9:ec:
                    f7:30:0f:67:72:e1:85:ae:4a:d9:19:c7:25:2e:1f:
                    0e:5b:ea:a3:27:4e:98:8f:89:2c:4e:ca:15:e2:7f:
                    34:7d:b5:35:98:54:7c:78:10:ae:f1:60:0a:f2:59:
                    de:99:d3:60:9c:93:f9:3e:28:d2:6a:ad:10:89:42:
                    27:22:b9:28:09:f4:1b:d2:2f:9d:71:38:dd:ff:71:
                    77:9c:ae:df:e2:99:eb:9a:ca:b6:c3:92:24:26:21:
                    40:5b:c7:ab:c8:eb:60:21:26:60:1f:88:5e:c4:fa:
                    d2:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:D5:74:66:52:98:D7:6E:12:EC:96:85:62:1D:5C:CE:BE:E1:9D:C8
            X509v3 Authority Key Identifier:
                keyid:3C:C9:4F:F4:79:77:86:51:A6:05:12:1F:1F:FE:67:81:96:32:8F:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PMlP9Hl3hlGmBRIfH_5ngZYyjzU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/1e63b6-3956-4d12-b19f-5bef6420a028/1/wtV0ZlKY124S7JaFYh1czr7hncg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/1e63b6-3956-4d12-b19f-5bef6420a028/1/PMlP9Hl3hlGmBRIfH_5ngZYyjzU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.77.208.0/20
                  78.26.64.0/18
                  94.73.64.0/18
                  185.29.104.0/22
                  188.228.128.0/17
                  193.25.178.0/23
                  195.47.199.0/24
                IPv6:
                  2a02:f8::/32

    Signature Algorithm: sha256WithRSAEncryption
         d7:3e:c5:1c:f6:7b:5a:ff:21:44:23:3c:24:23:ba:38:4f:6c:
         d0:eb:c2:cf:b2:ee:28:7b:c5:c4:a0:8f:2a:21:c2:46:6e:58:
         bd:de:a0:d1:af:0b:44:eb:cf:f8:92:c0:aa:15:13:1f:ad:68:
         d3:29:76:c2:32:e7:4c:80:70:e6:80:a8:08:0f:9c:88:f1:de:
         1e:39:4d:9b:32:f4:c6:60:fa:d0:e0:87:04:27:82:66:d1:a9:
         4c:5a:97:de:5d:c2:bb:13:b7:64:62:93:36:80:da:b1:58:1d:
         f0:b3:c3:26:32:be:65:4d:dc:89:2d:3b:8b:43:ad:f8:e9:7d:
         56:99:1b:60:6a:b2:d8:4d:a7:f1:43:c9:e9:4d:19:b9:39:fe:
         68:05:9d:68:59:42:7b:56:df:45:8d:ce:6e:84:b0:f1:ed:61:
         7c:ca:60:bf:3d:a5:d4:33:02:01:e0:a1:d1:f8:48:13:b4:b5:
         09:fe:43:bf:ed:14:a8:7c:5e:90:62:7d:a1:7b:b9:9a:a4:77:
         f0:aa:ed:7f:74:a3:88:73:9f:03:ca:ec:09:d5:3c:79:27:16:
         70:e0:c3:7f:54:bc:f1:29:03:75:95:e7:86:40:6c:b3:ad:99:
         7a:25:7c:4e:e6:e9:9f:d1:f9:82:88:34:f5:45:40:cc:b1:a6:
         52:34:53:f2
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVwy/gWI2XVYanpM3A6BhuPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjYzk0ZmY0Nzk3Nzg2NTFhNjA1MTIxZjFmZmU2NzgxOTYz
MjhmMzUwHhcNMjMwMTAyMDQ0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmQ1NzQ2NjUyOThkNzZlMTJlYzk2ODU2MjFkNWNjZWJlZTE5ZGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueZfCyyOJs7/BUAoDWmkxZHrbyZO
zwIQz4m19SumCKzntJKBC/FcJYcfxPISXttDq4KsKzUCymj/D1faW3HyyDwKIoWC
0b8MTspxCvuk6BITsoCyFDxLZY3iG+TrASnc03v+/818OyiD+zhzvqqiV8cOae3o
ghN37i59JZ5x4Qw5XDleS5/ZkpJ2TeyNYjyTDr3Pqez3MA9ncuGFrkrZGcclLh8O
W+qjJ06Yj4ksTsoV4n80fbU1mFR8eBCu8WAK8lnemdNgnJP5PijSaq0QiUInIrko
CfQb0i+dcTjd/3F3nK7f4pnrmsq2w5IkJiFAW8eryOtgISZgH4hexPrSLwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFMLVdGZSmNduEuyWhWIdXM6+4Z3IMB8GA1UdIwQY
MBaAFDzJT/R5d4ZRpgUSHx/+Z4GWMo81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE1sUDlIbDNobEdtQlJJZkhfNW5nWll5anpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8xZTYzYjYtMzk1Ni00ZDEyLWIxOWYt
NWJlZjY0MjBhMDI4LzEvd3RWMFpsS1kxMjRTN0phRlloMWN6cjdobmNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8xZTYzYjYtMzk1Ni00ZDEyLWIxOWYtNWJlZjY0MjBhMDI4
LzEvUE1sUDlIbDNobEdtQlJJZkhfNW5nWll5anpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQEJU3QAwQG
ThpAAwQGXklAAwQCuR1oAwQHvOSAAwQBwRmyAwQAwy/HMA0EAgACMAcDBQAqAgD4
MA0GCSqGSIb3DQEBCwUAA4IBAQDXPsUc9nta/yFEIzwkI7o4T2zQ68LPsu4oe8XE
oI8qIcJGbli93qDRrwtE68/4ksCqFRMfrWjTKXbCMudMgHDmgKgID5yI8d4eOU2b
MvTGYPrQ4IcEJ4Jm0alMWpfeXcK7E7dkYpM2gNqxWB3ws8MmMr5lTdyJLTuLQ634
6X1WmRtgarLYTafxQ8npTRm5Of5oBZ1oWUJ7Vt9Fjc5uhLDx7WF8ymC/PaXUMwIB
4KHR+EgTtLUJ/kO/7RSofF6QYn2he7mapHfwqu1/dKOIc58DyuwJ1Tx5JxZw4MN/
VLzxKQN1leeGQGyzrZl6JXxO5umf0fmCiDT1RUDMsaZSNFPy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:30 2024 by rpki-client on console-ams.rpki-client.org