Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/WoQnp0DJ-3ebTn4KVYhaipkO6lo.roa
File:                     WoQnp0DJ-3ebTn4KVYhaipkO6lo.roa (raw, json)
Hash identifier:          KbafML5z4xjR3NQ6lhm45ol0/xDlPaheFA1oedgYcFU=
Subject key identifier:   5A:84:27:A7:40:C9:FB:77:9B:4E:7E:0A:55:88:5A:8A:99:0E:EA:5A
Certificate issuer:       /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial:       018DC10ABAFBFAF0DBEDD7051DF9B05C7791
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/WoQnp0DJ-3ebTn4KVYhaipkO6lo.roa
Signing time:             Mon 19 Feb 2024 11:05:22 +0000
ROA not before:           Mon 19 Feb 2024 11:05:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     41313
IP address blocks:        46.35.160.0/19 maxlen: 24
                          79.110.120.0/21 maxlen: 24
                          79.110.124.0/24 maxlen: 24
                          80.95.16.0/21 maxlen: 24
                          80.95.22.0/24 maxlen: 24
                          93.152.234.0/23 maxlen: 24
                          93.175.244.0/23 maxlen: 24
                          95.158.128.0/18 maxlen: 24
                          151.252.192.0/20 maxlen: 24
                          185.18.228.0/22 maxlen: 24
                          185.40.164.0/22 maxlen: 24
                          212.21.128.0/19 maxlen: 24
                          2a00:e200::/32 maxlen: 48
                          2a00:e200:107::/48 maxlen: 48
                          2a0d:3b40::/29 maxlen: 48

Validation:               Failed, certificate revoked on Mon 19 Aug 2024 07:57:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:c1:0a:ba:fb:fa:f0:db:ed:d7:05:1d:f9:b0:5c:77:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
        Validity
            Not Before: Feb 19 11:05:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5a8427a740c9fb779b4e7e0a55885a8a990eea5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:b6:70:4d:e1:4a:98:2e:98:12:5d:33:db:8e:
                    08:ca:13:e7:51:ed:4e:56:53:5d:d0:f0:86:71:ee:
                    f0:1c:72:a6:0d:ef:90:51:81:c0:7b:2b:ba:2d:6e:
                    c0:3f:2a:02:09:1e:b1:eb:80:d8:23:3e:bc:45:62:
                    29:7a:1a:ee:55:5f:c4:c7:04:18:52:1c:9a:b8:c0:
                    2b:68:cc:3e:38:d5:57:8d:6f:bd:f4:34:59:bb:1d:
                    71:85:8a:c4:62:7e:40:b4:4e:7d:9a:58:ec:64:d0:
                    44:84:6b:8d:ae:04:12:7d:4c:a4:78:a9:94:5d:e2:
                    eb:b3:e1:cf:ed:b4:a8:78:0e:d7:0c:be:42:44:bc:
                    74:ab:31:1d:a8:6b:c2:ed:00:6f:36:69:6c:d2:9d:
                    9e:45:6a:a8:aa:f3:75:01:32:c7:da:05:d6:38:e8:
                    d3:17:f6:c5:19:9a:ff:f6:6a:92:48:de:26:c7:95:
                    70:cb:b5:22:7a:ef:b8:37:de:eb:ec:59:57:d6:ee:
                    1f:18:6a:c4:a8:1d:df:9d:02:22:61:d0:bc:d9:dd:
                    e9:9f:1c:b9:8d:15:98:4a:97:de:d5:1c:ac:1f:82:
                    fa:ee:46:3d:17:3a:7d:55:2c:43:e8:59:ce:a3:34:
                    05:a3:29:52:a4:8c:6e:54:9c:ec:9b:53:fa:a8:d2:
                    ce:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:84:27:A7:40:C9:FB:77:9B:4E:7E:0A:55:88:5A:8A:99:0E:EA:5A
            X509v3 Authority Key Identifier:
                keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/WoQnp0DJ-3ebTn4KVYhaipkO6lo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.35.160.0/19
                  79.110.120.0/21
                  80.95.16.0/21
                  93.152.234.0/23
                  93.175.244.0/23
                  95.158.128.0/18
                  151.252.192.0/20
                  185.18.228.0/22
                  185.40.164.0/22
                  212.21.128.0/19
                IPv6:
                  2a00:e200::/32
                  2a0d:3b40::/29

    Signature Algorithm: sha256WithRSAEncryption
         63:88:ff:70:89:05:47:0b:88:a7:7f:24:13:c1:69:dd:56:33:
         2c:59:03:d1:33:96:e2:8e:f0:76:93:2b:52:47:11:60:4a:ef:
         00:84:35:5b:66:e7:65:26:95:ef:05:28:c9:2e:69:57:cd:2b:
         ea:4d:23:89:e3:d4:0f:16:07:84:22:a8:f9:44:fd:fd:bb:3a:
         15:23:51:31:18:01:1b:a8:3e:8d:fa:ce:15:77:9e:a5:ec:d6:
         fb:d7:c4:7e:c2:20:82:d7:e6:59:81:4b:1a:93:8e:f9:a2:59:
         55:41:00:95:85:3e:c9:8b:0e:5f:24:a4:82:2d:de:e6:04:6e:
         15:5a:fd:d7:b3:7e:25:02:73:de:71:29:fa:fd:aa:64:1a:34:
         ea:c0:1c:32:82:45:3c:3b:9e:2a:7e:f5:b8:77:bf:18:3e:e4:
         0e:0d:cd:37:1c:eb:3c:ae:f3:00:f4:e3:5f:33:03:05:e0:9a:
         38:b9:ad:76:f0:bd:ae:16:70:6d:bd:a5:69:8a:4c:64:55:b6:
         bc:22:37:07:67:78:67:45:8e:d1:d0:fe:12:0f:5a:83:2c:b8:
         3b:30:fe:93:3b:28:97:7c:20:11:f4:c0:77:0a:f3:b8:4a:b1:
         62:3b:f3:dc:ba:50:bd:62:c4:fb:6a:0b:e8:2c:90:ba:70:d2:
         c2:07:d7:10
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAY3BCrr7+vDb7dcFHfmwXHeRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWM5MDMwYzcwYTNkNDE5MmQ1OWMyOGRjYzhkNTQ3Njk0
MzQwYjMwHhcNMjQwMjE5MTEwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTg0MjdhNzQwYzlmYjc3OWI0ZTdlMGE1NTg4NWE4YTk5MGVlYTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrZwTeFKmC6YEl0z244IyhPnUe1O
VlNd0PCGce7wHHKmDe+QUYHAeyu6LW7APyoCCR6x64DYIz68RWIpehruVV/ExwQY
UhyauMAraMw+ONVXjW+99DRZux1xhYrEYn5AtE59mljsZNBEhGuNrgQSfUykeKmU
XeLrs+HP7bSoeA7XDL5CRLx0qzEdqGvC7QBvNmls0p2eRWqoqvN1ATLH2gXWOOjT
F/bFGZr/9mqSSN4mx5Vwy7Uieu+4N97r7FlX1u4fGGrEqB3fnQIiYdC82d3pnxy5
jRWYSpfe1RysH4L67kY9Fzp9VSxD6FnOozQFoylSpIxuVJzsm1P6qNLOLwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFFqEJ6dAyft3m05+ClWIWoqZDupaMB8GA1UdIwQY
MBaAFOvskDDHCj1BktWcKNzI1UdpQ0CzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQt
NGE2Zjg2ODMyNjVjLzEvV29RbnAwREotM2ViVG40S1ZZaGFpcGtPNmxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQtNGE2Zjg2ODMyNjVj
LzEvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQFLiOgAwQD
T254AwQDUF8QAwQBXZjqAwQBXa/0AwQGX56AAwQEl/zAAwQCuRLkAwQCuSikAwQF
1BWAMBQEAgACMA4DBQAqAOIAAwUDKg07QDANBgkqhkiG9w0BAQsFAAOCAQEAY4j/
cIkFRwuIp38kE8Fp3VYzLFkD0TOW4o7wdpMrUkcRYErvAIQ1W2bnZSaV7wUoyS5p
V80r6k0jiePUDxYHhCKo+UT9/bs6FSNRMRgBG6g+jfrOFXeepezW+9fEfsIggtfm
WYFLGpOO+aJZVUEAlYU+yYsOXySkgi3e5gRuFVr917N+JQJz3nEp+v2qZBo06sAc
MoJFPDueKn71uHe/GD7kDg3NNxzrPK7zAPTjXzMDBeCaOLmtdvC9rhZwbb2laYpM
ZFW2vCI3B2d4Z0WO0dD+Eg9agyy4OzD+kzsol3wgEfTAdwrzuEqxYjvz3LpQvWLE
+2oL6CyQunDSwgfXEA==
-----END CERTIFICATE-----
Generated at Mon Aug 19 11:23:49 2024 by rpki-client on console-ams.rpki-client.org