Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/3WNWGzW47bIulX1_aLvEKKpQLok.roa
File:                     3WNWGzW47bIulX1_aLvEKKpQLok.roa (raw, json)
Hash identifier:          rdLxQjyrn8U1tDWwxiR5R9jJF1AGVjTsvuIpvQXb4CQ=
Subject key identifier:   DD:63:56:1B:35:B8:ED:B2:2E:95:7D:7F:68:BB:C4:28:AA:50:2E:89
Certificate issuer:       /CN=166afc51c922fd842fec5b0cbbd26ebdbd1a161e
Certificate serial:       018C71ACE7C7F394FD1D42DC010D20D64B88
Authority key identifier: 16:6A:FC:51:C9:22:FD:84:2F:EC:5B:0C:BB:D2:6E:BD:BD:1A:16:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/3WNWGzW47bIulX1_aLvEKKpQLok.roa
Signing time:             Sat 16 Dec 2023 08:10:06 +0000
ROA not before:           Sat 16 Dec 2023 08:10:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203847
IP address blocks:        185.206.52.0/23 maxlen: 23
                          193.162.128.0/24 maxlen: 24
                          185.122.44.0/22 maxlen: 22
                          45.142.15.0/24 maxlen: 24
                          2a01:57e0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Fri 22 Dec 2023 08:48:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:71:ac:e7:c7:f3:94:fd:1d:42:dc:01:0d:20:d6:4b:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=166afc51c922fd842fec5b0cbbd26ebdbd1a161e
        Validity
            Not Before: Dec 16 08:10:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dd63561b35b8edb22e957d7f68bbc428aa502e89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:32:6f:27:fd:4f:64:71:17:62:35:92:2c:94:
                    c8:9c:2b:e8:be:09:bc:a1:77:c0:6f:29:b2:7c:7f:
                    0f:c9:89:a1:17:52:e7:78:95:68:8f:07:0d:f1:53:
                    52:21:27:c6:68:2b:89:29:84:6a:e8:0b:76:32:70:
                    15:60:e0:73:43:d3:39:fc:e1:b4:01:f2:2b:af:36:
                    8d:b3:91:54:19:88:78:0d:7b:6b:91:f1:db:d3:e4:
                    81:06:60:32:11:69:9c:79:76:2e:c4:98:a9:d9:27:
                    5e:0b:53:20:21:18:49:e8:ca:6c:82:28:46:dc:22:
                    62:99:9b:0c:46:53:7e:bd:22:b2:ca:2c:5f:fd:51:
                    43:6a:05:94:e6:76:aa:14:cd:8b:16:18:bf:3c:dc:
                    5f:78:13:c7:68:0d:bb:39:1c:7d:51:44:bc:6c:d1:
                    36:92:4b:4e:88:23:03:9f:c4:e0:6a:5b:e0:02:1b:
                    a9:a9:a1:55:45:9b:c8:cd:9d:01:65:4f:f1:0d:2b:
                    ab:ee:35:c5:12:01:f9:77:49:87:ba:d2:40:cf:4a:
                    7c:e2:17:37:3d:e3:cf:b9:8c:ec:15:89:04:82:9a:
                    10:c3:ae:ee:37:90:d7:c1:ec:9a:06:57:52:14:92:
                    ba:e8:3b:75:b0:47:cd:1a:6f:ba:a8:f6:c8:b5:bc:
                    d9:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:63:56:1B:35:B8:ED:B2:2E:95:7D:7F:68:BB:C4:28:AA:50:2E:89
            X509v3 Authority Key Identifier:
                keyid:16:6A:FC:51:C9:22:FD:84:2F:EC:5B:0C:BB:D2:6E:BD:BD:1A:16:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/3WNWGzW47bIulX1_aLvEKKpQLok.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.15.0/24
                  185.122.44.0/22
                  185.206.52.0/23
                  193.162.128.0/24
                IPv6:
                  2a01:57e0::/29

    Signature Algorithm: sha256WithRSAEncryption
         84:84:23:56:45:c0:b8:91:13:af:6f:2a:79:38:42:37:c0:d5:
         0a:e3:25:0a:a5:25:2f:83:56:94:d7:ac:35:27:c9:0c:d7:17:
         8c:16:67:27:a0:90:8a:8d:97:87:09:7c:5a:5f:fc:0b:81:b0:
         f7:66:9d:16:6b:96:04:08:67:cc:5d:31:03:29:d6:8f:bd:a6:
         e1:72:1e:18:59:d8:45:8d:37:4d:07:47:40:35:fd:54:59:f4:
         c3:c6:c6:02:2b:8b:42:58:56:5c:71:b8:34:b8:a1:20:47:b3:
         a2:84:40:3b:fa:26:53:4f:2e:ac:26:b3:5a:17:66:6f:de:f2:
         49:e7:29:88:a6:0d:8c:6c:fa:cf:0d:08:9f:94:02:9a:98:08:
         01:11:a5:ce:1a:14:f3:e7:13:d8:4e:4e:8e:4d:15:ef:9d:6c:
         c6:56:3a:7c:1d:f6:eb:1c:d2:60:f6:d3:38:aa:df:2d:59:a1:
         ae:3f:67:6f:f2:6e:93:ed:30:a7:a6:92:75:3e:54:57:3b:54:
         b6:5a:46:af:35:f8:61:d1:8b:cc:05:59:48:50:c0:52:37:29:
         7f:b5:97:74:b4:24:33:d9:4d:be:92:15:21:5d:88:f0:dd:75:
         e0:8b:3d:f1:5a:7a:9e:f6:b8:5c:b2:5a:c2:79:bf:34:8e:91:
         67:08:cb:ba
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYxxrOfH85T9HULcAQ0g1kuIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NmFmYzUxYzkyMmZkODQyZmVjNWIwY2JiZDI2ZWJkYmQx
YTE2MWUwHhcNMjMxMjE2MDgxMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDYzNTYxYjM1YjhlZGIyMmU5NTdkN2Y2OGJiYzQyOGFhNTAyZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTJvJ/1PZHEXYjWSLJTInCvovgm8
oXfAbymyfH8PyYmhF1LneJVojwcN8VNSISfGaCuJKYRq6At2MnAVYOBzQ9M5/OG0
AfIrrzaNs5FUGYh4DXtrkfHb0+SBBmAyEWmceXYuxJip2SdeC1MgIRhJ6MpsgihG
3CJimZsMRlN+vSKyyixf/VFDagWU5naqFM2LFhi/PNxfeBPHaA27ORx9UUS8bNE2
kktOiCMDn8TgalvgAhupqaFVRZvIzZ0BZU/xDSur7jXFEgH5d0mHutJAz0p84hc3
PePPuYzsFYkEgpoQw67uN5DXweyaBldSFJK66Dt1sEfNGm+6qPbItbzZPQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFN1jVhs1uO2yLpV9f2i7xCiqUC6JMB8GA1UdIwQY
MBaAFBZq/FHJIv2EL+xbDLvSbr29GhYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm1yOFVja2lfWVF2N0ZzTXU5SnV2YjBhRmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy84OGM0NTQtY2JhYS00M2ZkLWIzYzEt
MTNiOTExMGNlMjBjLzEvM1dOV0d6VzQ3Ykl1bFgxX2FMdkVLS3BRTG9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy84OGM0NTQtY2JhYS00M2ZkLWIzYzEtMTNiOTExMGNlMjBj
LzEvRm1yOFVja2lfWVF2N0ZzTXU5SnV2YjBhRmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQALY4PAwQC
uXosAwQBuc40AwQAwaKAMA0EAgACMAcDBQMqAVfgMA0GCSqGSIb3DQEBCwUAA4IB
AQCEhCNWRcC4kROvbyp5OEI3wNUK4yUKpSUvg1aU16w1J8kM1xeMFmcnoJCKjZeH
CXxaX/wLgbD3Zp0Wa5YECGfMXTEDKdaPvabhch4YWdhFjTdNB0dANf1UWfTDxsYC
K4tCWFZccbg0uKEgR7OihEA7+iZTTy6sJrNaF2Zv3vJJ5ymIpg2MbPrPDQiflAKa
mAgBEaXOGhTz5xPYTk6OTRXvnWzGVjp8HfbrHNJg9tM4qt8tWaGuP2dv8m6T7TCn
ppJ1PlRXO1S2WkavNfhh0YvMBVlIUMBSNyl/tZd0tCQz2U2+khUhXYjw3XXgiz3x
Wnqe9rhcslrCeb80jpFnCMu6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:19 2024 by rpki-client on console-ams.rpki-client.org