Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/iWSclaQZfzj2yBVklMeVJtwA-b4.roa
File:                     iWSclaQZfzj2yBVklMeVJtwA-b4.roa (raw, json)
Hash identifier:          KGyBwxv+pFbuNuME3l7CVzDq3RcoaEHFb3Fm2d3SdMw=
Subject key identifier:   89:64:9C:95:A4:19:7F:38:F6:C8:15:64:94:C7:95:26:DC:00:F9:BE
Certificate issuer:       /CN=3be2f0164b66a76795860b4ea3586fad563bac47
Certificate serial:       01856D13A7695A4FE63BFEDD5DBAC7E536D0
Authority key identifier: 3B:E2:F0:16:4B:66:A7:67:95:86:0B:4E:A3:58:6F:AD:56:3B:AC:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O-LwFktmp2eVhgtOo1hvrVY7rEc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/iWSclaQZfzj2yBVklMeVJtwA-b4.roa
Signing time:             Sun 01 Jan 2023 11:24:42 +0000
ROA not before:           Sun 01 Jan 2023 11:24:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206264
IP address blocks:        5.183.209.0/24 maxlen: 24
                          185.191.125.0/24 maxlen: 24
                          185.191.124.0/24 maxlen: 24
                          89.249.49.0/24 maxlen: 24
                          185.191.126.0/24 maxlen: 24
                          93.123.72.0/24 maxlen: 24
                          94.156.33.0/24 maxlen: 24
                          185.191.127.0/24 maxlen: 24
                          45.139.122.0/24 maxlen: 24
                          2a0d:1000::/30 maxlen: 30
                          2a0d:1000::/29 maxlen: 29
                          2a0d:1004::/30 maxlen: 30

Validation:               Failed, certificate revoked on Mon 20 Feb 2023 14:46:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:13:a7:69:5a:4f:e6:3b:fe:dd:5d:ba:c7:e5:36:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3be2f0164b66a76795860b4ea3586fad563bac47
        Validity
            Not Before: Jan  1 11:24:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=89649c95a4197f38f6c8156494c79526dc00f9be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:dd:9f:23:7c:8b:61:cc:d7:f7:a4:2d:71:52:
                    3f:86:3a:2f:de:fc:74:fb:d8:41:b1:f0:9c:b8:37:
                    2d:75:53:8c:fc:95:af:72:17:e0:4f:16:b3:87:f5:
                    0e:ea:46:91:1c:ce:d8:e9:12:0d:9e:65:26:01:8c:
                    90:aa:29:ed:9d:8c:d5:92:17:d6:34:11:71:7c:60:
                    26:13:a2:2d:4d:84:5d:11:6f:3b:74:83:85:45:30:
                    9d:73:17:77:b2:95:5c:fd:ae:81:b1:22:ec:cb:40:
                    ec:c3:85:f3:b5:16:76:55:fe:a9:91:20:fe:1a:13:
                    44:c7:79:64:00:29:2d:ae:a4:1f:12:77:67:e4:29:
                    b6:32:5e:a3:ca:a6:a5:b2:a5:7f:01:0c:52:a3:24:
                    2e:2f:b8:d0:d2:b6:f6:38:af:bd:ff:55:64:55:50:
                    6b:91:d1:e1:43:8b:f5:72:fe:a0:00:94:76:f8:58:
                    f9:d8:87:8d:1d:dd:7c:6d:a5:06:16:93:8a:e4:af:
                    eb:60:7a:0f:7c:4c:3c:22:27:52:dc:72:73:a4:e0:
                    2a:c1:f6:8b:b8:a1:24:a3:96:3a:37:d6:53:bb:e8:
                    47:38:ca:77:df:bd:25:2d:15:52:3b:16:c0:cc:4e:
                    ec:95:be:e9:2e:33:e3:ac:38:32:81:5e:98:49:a3:
                    4e:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:64:9C:95:A4:19:7F:38:F6:C8:15:64:94:C7:95:26:DC:00:F9:BE
            X509v3 Authority Key Identifier:
                keyid:3B:E2:F0:16:4B:66:A7:67:95:86:0B:4E:A3:58:6F:AD:56:3B:AC:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-LwFktmp2eVhgtOo1hvrVY7rEc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/iWSclaQZfzj2yBVklMeVJtwA-b4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/O-LwFktmp2eVhgtOo1hvrVY7rEc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.183.209.0/24
                  45.139.122.0/24
                  89.249.49.0/24
                  93.123.72.0/24
                  94.156.33.0/24
                  185.191.124.0/22
                IPv6:
                  2a0d:1000::/29

    Signature Algorithm: sha256WithRSAEncryption
         b0:51:9c:4b:9a:3e:54:e7:d1:f5:18:c4:35:7d:c7:86:86:9f:
         a6:b3:12:52:d7:b3:3d:78:c5:03:1a:4e:a0:f2:2b:e1:49:07:
         e8:ff:ce:0a:85:5f:b3:e2:54:76:5a:20:4c:61:d3:38:1d:ed:
         b4:68:b7:d8:a5:25:85:16:48:3d:a8:66:54:e9:db:e2:7a:12:
         34:14:0f:6c:1b:db:64:74:e1:66:87:f4:f0:5e:70:11:bb:1a:
         1e:e7:d3:8d:a4:40:5f:f2:49:82:21:e8:dd:71:31:9b:45:c8:
         cc:92:66:54:e7:79:39:a4:3a:99:7a:86:28:ca:a0:49:4f:7c:
         1c:23:00:a5:6c:15:26:db:7c:ed:db:38:c4:46:8f:d1:3a:53:
         7a:a6:54:73:42:bd:ec:db:a9:53:0a:93:26:23:f2:0f:9c:8e:
         ec:1c:70:20:91:b8:69:71:fc:e3:dd:29:ec:36:f5:fe:f4:3b:
         cc:b5:67:5c:94:d3:9e:0f:ab:96:c2:09:ce:1f:94:a6:dd:0e:
         07:03:6a:2a:a8:8e:6d:58:2b:3d:f7:01:a4:25:19:1d:cd:f5:
         08:de:00:b2:a1:cc:1d:ce:93:9e:a8:5b:fe:a4:2b:34:0d:14:
         7c:cb:e3:33:9a:b3:28:3f:b8:3e:2d:74:04:72:55:e0:11:03:
         9f:c7:5c:16
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVtE6dpWk/mO/7dXbrH5TbQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZTJmMDE2NGI2NmE3Njc5NTg2MGI0ZWEzNTg2ZmFkNTYz
YmFjNDcwHhcNMjMwMTAxMTEyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTY0OWM5NWE0MTk3ZjM4ZjZjODE1NjQ5NGM3OTUyNmRjMDBmOWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlN2fI3yLYczX96QtcVI/hjov3vx0
+9hBsfCcuDctdVOM/JWvchfgTxazh/UO6kaRHM7Y6RINnmUmAYyQqintnYzVkhfW
NBFxfGAmE6ItTYRdEW87dIOFRTCdcxd3spVc/a6BsSLsy0Dsw4XztRZ2Vf6pkSD+
GhNEx3lkACktrqQfEndn5Cm2Ml6jyqalsqV/AQxSoyQuL7jQ0rb2OK+9/1VkVVBr
kdHhQ4v1cv6gAJR2+Fj52IeNHd18baUGFpOK5K/rYHoPfEw8IidS3HJzpOAqwfaL
uKEko5Y6N9ZTu+hHOMp3370lLRVSOxbAzE7slb7pLjPjrDgygV6YSaNOXQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFIlknJWkGX849sgVZJTHlSbcAPm+MB8GA1UdIwQY
MBaAFDvi8BZLZqdnlYYLTqNYb61WO6xHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTy1Md0ZrdG1wMmVWaGd0T28xaHZyVlk3ckVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9jNzJiNjctNzZlYy00YWZhLWIzNzYt
ZjlhZDM4MDUxMjIwLzEvaVdTY2xhUVpmemoyeUJWa2xNZVZKdHdBLWI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9jNzJiNjctNzZlYy00YWZhLWIzNzYtZjlhZDM4MDUxMjIw
LzEvTy1Md0ZrdG1wMmVWaGd0T28xaHZyVlk3ckVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQABbfRAwQA
LYt6AwQAWfkxAwQAXXtIAwQAXpwhAwQCub98MA0EAgACMAcDBQMqDRAAMA0GCSqG
SIb3DQEBCwUAA4IBAQCwUZxLmj5U59H1GMQ1fceGhp+msxJS17M9eMUDGk6g8ivh
SQfo/84KhV+z4lR2WiBMYdM4He20aLfYpSWFFkg9qGZU6dviehI0FA9sG9tkdOFm
h/TwXnARuxoe59ONpEBf8kmCIejdcTGbRcjMkmZU53k5pDqZeoYoyqBJT3wcIwCl
bBUm23zt2zjERo/ROlN6plRzQr3s26lTCpMmI/IPnI7sHHAgkbhpcfzj3SnsNvX+
9DvMtWdclNOeD6uWwgnOH5Sm3Q4HA2oqqI5tWCs99wGkJRkdzfUI3gCyocwdzpOe
qFv+pCs0DRR8y+MzmrMoP7g+LXQEclXgEQOfx1wW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:17 2024 by rpki-client on console-fra.rpki-client.org