Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/WXDqNcG6lCLt7Hrwl52jFr4m29c.roa
File:                     WXDqNcG6lCLt7Hrwl52jFr4m29c.roa (raw, json)
Hash identifier:          WCeANRxOY2mdkTj/iCY5T444inPY1NrA5HcY2A1jfos=
Subject key identifier:   59:70:EA:35:C1:BA:94:22:ED:EC:7A:F0:97:9D:A3:16:BE:26:DB:D7
Certificate issuer:       /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial:       018CC26D2BFEEB3FB44386BCBD6F70778A90
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/WXDqNcG6lCLt7Hrwl52jFr4m29c.roa
Signing time:             Mon 01 Jan 2024 00:29:43 +0000
ROA not before:           Mon 01 Jan 2024 00:29:43 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     199393
IP address blocks:        185.101.105.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 11 Apr 2024 13:57:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:2b:fe:eb:3f:b4:43:86:bc:bd:6f:70:77:8a:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
        Validity
            Not Before: Jan  1 00:29:43 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5970ea35c1ba9422edec7af0979da316be26dbd7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:29:3b:fa:e1:fc:dd:62:8a:24:f6:eb:d8:63:
                    c9:8f:bd:c9:f8:f3:e3:a8:53:fc:a3:5e:05:f8:46:
                    b5:c9:68:94:d9:80:9d:9e:49:4b:cb:31:76:b1:1b:
                    fd:56:23:be:f6:61:3f:d0:5b:7a:35:17:ee:f2:23:
                    84:34:84:e2:e9:fb:e0:22:4f:85:db:ac:88:43:7e:
                    58:f3:d9:c3:42:c9:13:b3:35:99:33:66:35:60:2d:
                    82:27:6c:33:9d:79:a6:37:d2:5a:c4:80:ec:60:6b:
                    46:ea:2e:03:17:5a:42:94:38:c4:5d:c2:d1:4a:2a:
                    d1:61:c3:aa:8e:8b:53:84:da:8f:a5:80:84:8b:64:
                    43:84:55:9c:54:b2:fe:f0:72:23:e6:b4:a1:01:c6:
                    48:eb:03:df:88:72:ac:d2:95:f4:67:4f:84:34:09:
                    9f:7e:81:49:24:eb:c4:16:9b:1e:f3:a9:cc:31:75:
                    25:61:f5:e2:69:75:90:05:6e:28:69:72:64:86:1d:
                    b9:e9:b9:2c:18:38:59:7b:27:37:d9:e8:73:fe:3b:
                    d6:b6:58:e0:e6:d2:cd:ed:8f:98:d3:7f:5b:5e:8d:
                    03:2b:8b:94:e7:11:18:82:b8:89:41:75:83:d9:67:
                    e4:e2:03:ad:d1:2e:18:ff:fb:0c:f8:60:9b:b8:79:
                    e9:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:70:EA:35:C1:BA:94:22:ED:EC:7A:F0:97:9D:A3:16:BE:26:DB:D7
            X509v3 Authority Key Identifier:
                keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/WXDqNcG6lCLt7Hrwl52jFr4m29c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.101.105.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:0f:5b:b5:44:a3:e7:55:e6:23:0f:13:fa:1a:6b:28:04:33:
         15:6d:64:f1:b7:0c:3f:23:f1:d5:15:d4:6d:06:a7:ee:2d:94:
         d4:ff:5f:41:95:50:bd:f6:b1:4d:fc:06:f9:45:ce:89:ee:cf:
         ba:72:24:b4:6e:35:29:2f:29:18:c7:de:15:5d:c0:ad:f4:34:
         bd:24:93:7b:be:a2:ea:c2:e8:5f:52:00:4c:d4:3f:9b:f5:fc:
         e9:31:a7:46:cd:fe:78:44:63:54:e4:2b:fd:de:54:67:58:4d:
         32:8c:11:e7:a5:c9:e5:14:6a:a2:d0:ae:d5:57:ee:e4:67:4d:
         62:36:48:aa:54:7a:17:17:56:41:ad:15:cb:83:3e:b1:46:24:
         3d:21:0c:f8:48:9d:90:65:c3:fb:65:16:02:d4:1b:92:ed:46:
         61:bd:cd:17:9a:06:b4:05:e7:38:af:66:92:bb:1b:ce:e5:b6:
         4a:fd:f5:70:43:d6:98:72:77:3a:45:c7:2e:2a:88:51:41:aa:
         3c:3d:50:12:d6:85:45:c2:63:59:ae:a1:24:99:9c:96:37:13:
         bb:ef:74:28:bb:02:09:9e:52:94:2a:d8:3a:35:f8:0d:eb:07:
         b9:40:0c:f3:37:3d:18:67:98:23:10:f8:fc:b1:87:38:be:0f:
         d5:41:e2:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbSv+6z+0Q4a8vW9wd4qQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTAxMDAyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTcwZWEzNWMxYmE5NDIyZWRlYzdhZjA5NzlkYTMxNmJlMjZkYmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyk7+uH83WKKJPbr2GPJj73J+PPj
qFP8o14F+Ea1yWiU2YCdnklLyzF2sRv9ViO+9mE/0Ft6NRfu8iOENITi6fvgIk+F
26yIQ35Y89nDQskTszWZM2Y1YC2CJ2wznXmmN9JaxIDsYGtG6i4DF1pClDjEXcLR
SirRYcOqjotThNqPpYCEi2RDhFWcVLL+8HIj5rShAcZI6wPfiHKs0pX0Z0+ENAmf
foFJJOvEFpse86nMMXUlYfXiaXWQBW4oaXJkhh256bksGDhZeyc32ehz/jvWtljg
5tLN7Y+Y039bXo0DK4uU5xEYgriJQXWD2Wfk4gOt0S4Y//sM+GCbuHnpgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFlw6jXBupQi7ex68Jedoxa+JtvXMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvV1hEcU5jRzZsQ0x0N0hyd2w1MmpGcjRtMjljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWVpMA0G
CSqGSIb3DQEBCwUAA4IBAQCHD1u1RKPnVeYjDxP6GmsoBDMVbWTxtww/I/HVFdRt
BqfuLZTU/19BlVC99rFN/Ab5Rc6J7s+6ciS0bjUpLykYx94VXcCt9DS9JJN7vqLq
wuhfUgBM1D+b9fzpMadGzf54RGNU5Cv93lRnWE0yjBHnpcnlFGqi0K7VV+7kZ01i
NkiqVHoXF1ZBrRXLgz6xRiQ9IQz4SJ2QZcP7ZRYC1BuS7UZhvc0Xmga0Bec4r2aS
uxvO5bZK/fVwQ9aYcnc6RccuKohRQao8PVAS1oVFwmNZrqEkmZyWNxO773QouwIJ
nlKUKtg6NfgN6we5QAzzNz0YZ5gjEPj8sYc4vg/VQeLF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org