Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/wnPkNbGwnaUtqR3q1cpZdDB7fj4.roa
File:                     wnPkNbGwnaUtqR3q1cpZdDB7fj4.roa (raw, json)
Hash identifier:          avwSqxXM26/vXJG9y7bW87xIB+aeWcNEi3ftvpJF1SU=
Subject key identifier:   C2:73:E4:35:B1:B0:9D:A5:2D:A9:1D:EA:D5:CA:59:74:30:7B:7E:3E
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       0187FC7FD7AEED07E9C7005618CE00377160
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/wnPkNbGwnaUtqR3q1cpZdDB7fj4.roa
Signing time:             Mon 08 May 2023 17:54:09 +0000
ROA not before:           Mon 08 May 2023 17:54:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204339
IP address blocks:        2a0d:2e40::/30 maxlen: 30
                          2a10:d8c0::/30 maxlen: 30

Validation:               Failed, certificate revoked on Mon 31 Jul 2023 20:14:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:fc:7f:d7:ae:ed:07:e9:c7:00:56:18:ce:00:37:71:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: May  8 17:54:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c273e435b1b09da52da91dead5ca5974307b7e3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:c9:58:67:fa:57:1b:2b:a1:ec:69:3f:c7:5d:
                    c4:c3:17:5a:fe:ed:45:e9:e2:90:7f:d9:eb:e4:a1:
                    de:dc:bf:a4:30:9b:a8:e5:29:4e:d7:33:e4:4c:fc:
                    ba:44:0f:76:88:44:29:b5:ad:0b:44:3c:fd:64:bf:
                    de:5a:a8:ef:83:16:a5:9b:02:29:75:0e:5b:33:b7:
                    c9:3f:7e:48:f4:73:b5:f5:b4:eb:ac:9f:f5:92:a4:
                    87:f1:04:c3:34:f8:ef:4b:a3:f3:d2:22:3f:f8:a3:
                    02:64:d1:e0:c5:08:c4:1d:65:1a:7a:ae:da:aa:87:
                    01:fe:16:8d:d1:b0:84:10:a6:eb:47:a9:6b:4c:76:
                    01:9a:4c:9b:25:16:79:e9:1b:48:b0:31:f1:32:de:
                    61:67:d4:98:87:cf:09:4c:72:b8:1e:87:4d:ad:8c:
                    fb:ce:e3:92:f4:90:25:49:25:0a:cf:b6:e2:4c:ea:
                    f1:cf:21:fb:c2:8a:b0:cb:bd:76:f9:8a:48:8a:ab:
                    a4:0f:1c:8c:ed:7c:c1:4f:76:3e:76:32:3b:6b:9a:
                    70:5a:64:06:7f:3f:3c:1d:2a:bd:c5:51:18:83:50:
                    f3:98:9f:ba:92:41:e3:1f:08:0a:56:4b:67:96:a5:
                    81:69:4f:4e:de:b9:ff:57:a8:09:5c:2f:11:6e:d8:
                    64:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:73:E4:35:B1:B0:9D:A5:2D:A9:1D:EA:D5:CA:59:74:30:7B:7E:3E
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/wnPkNbGwnaUtqR3q1cpZdDB7fj4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:2e40::/30
                  2a10:d8c0::/30

    Signature Algorithm: sha256WithRSAEncryption
         52:74:19:4a:6e:b6:e6:f2:af:b3:e3:70:9a:e9:06:e7:75:dd:
         44:18:e1:57:1a:e4:65:db:48:cc:ba:75:9b:17:ee:20:bf:d8:
         d4:9e:30:4a:8c:cb:0f:e9:72:d1:09:ab:8d:7c:f1:95:e4:5c:
         1b:fc:a6:ee:dc:fd:1d:87:d8:d2:01:c5:fd:2b:bd:b6:cd:6c:
         b8:74:61:0c:b9:ea:7d:7d:e9:65:44:50:4b:a6:87:07:9d:06:
         cb:05:1b:bd:a2:19:e6:f7:2d:80:eb:0d:e3:bc:1d:99:b5:e2:
         a6:ed:02:6d:20:4c:20:7d:69:a6:80:ca:1a:44:c8:34:3c:ac:
         ca:20:de:27:5a:af:09:b7:77:1f:0f:96:e8:93:3a:46:2f:fe:
         c7:1a:cf:79:7d:f6:30:ab:d3:23:fa:89:7c:9a:a2:af:51:83:
         fc:f3:ca:e2:3a:8b:20:33:d4:05:9a:07:b4:da:9e:88:97:d3:
         c1:f1:5d:bc:00:e7:85:a9:ee:e9:1a:10:5f:8b:37:39:fd:cb:
         44:e4:f4:03:c7:7e:1a:ff:c7:4f:8c:df:0a:52:ab:cf:5e:10:
         aa:b1:77:8a:ad:73:92:c3:e7:33:1f:a3:d6:73:b9:bb:21:b6:
         41:48:d2:9c:52:ba:06:cf:5f:c8:94:86:72:46:73:5b:12:d4:
         e5:2f:8a:9d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYf8f9eu7QfpxwBWGM4AN3FgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwNTA4MTc1NDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjczZTQzNWIxYjA5ZGE1MmRhOTFkZWFkNWNhNTk3NDMwN2I3ZTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMlYZ/pXGyuh7Gk/x13Ewxda/u1F
6eKQf9nr5KHe3L+kMJuo5SlO1zPkTPy6RA92iEQpta0LRDz9ZL/eWqjvgxalmwIp
dQ5bM7fJP35I9HO19bTrrJ/1kqSH8QTDNPjvS6Pz0iI/+KMCZNHgxQjEHWUaeq7a
qocB/haN0bCEEKbrR6lrTHYBmkybJRZ56RtIsDHxMt5hZ9SYh88JTHK4HodNrYz7
zuOS9JAlSSUKz7biTOrxzyH7woqwy712+YpIiqukDxyM7XzBT3Y+djI7a5pwWmQG
fz88HSq9xVEYg1DzmJ+6kkHjHwgKVktnlqWBaU9O3rn/V6gJXC8RbthkmQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMJz5DWxsJ2lLakd6tXKWXQwe34+MB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvd25Qa05iR3duYVV0cVIzcTFjcFpkREI3Zmo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUCKg0uQAMF
AioQ2MAwDQYJKoZIhvcNAQELBQADggEBAFJ0GUputubyr7PjcJrpBud13UQY4Vca
5GXbSMy6dZsX7iC/2NSeMEqMyw/pctEJq4188ZXkXBv8pu7c/R2H2NIBxf0rvbbN
bLh0YQy56n196WVEUEumhwedBssFG72iGeb3LYDrDeO8HZm14qbtAm0gTCB9aaaA
yhpEyDQ8rMog3idarwm3dx8PluiTOkYv/scaz3l99jCr0yP6iXyaoq9Rg/zzyuI6
iyAz1AWaB7TanoiX08HxXbwA54Wp7ukaEF+LNzn9y0Tk9APHfhr/x0+M3wpSq89e
EKqxd4qtc5LD5zMfo9ZzubshtkFI0pxSugbPX8iUhnJGc1sS1OUvip0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:59 2024 by rpki-client on console-ams.rpki-client.org