Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/wFZIITBjarMnNuRDs99HSW-hF44.roa
File:                     wFZIITBjarMnNuRDs99HSW-hF44.roa (raw, json)
Hash identifier:          HXVqvjkTuYgzpz6ThBxEXMgk6rH4Rpt2+Pr2MZ7f2EQ=
Subject key identifier:   C0:56:48:21:30:63:6A:B3:27:36:E4:43:B3:DF:47:49:6F:A1:17:8E
Certificate issuer:       /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial:       01856D78A36B9558DBCB744979C19096A614
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/wFZIITBjarMnNuRDs99HSW-hF44.roa
Signing time:             Sun 01 Jan 2023 13:15:00 +0000
ROA not before:           Sun 01 Jan 2023 13:15:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        185.164.64.0/23 maxlen: 23
                          2a0f:4cc0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:78:a3:6b:95:58:db:cb:74:49:79:c1:90:96:a6:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
        Validity
            Not Before: Jan  1 13:15:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c056482130636ab32736e443b3df47496fa1178e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:80:df:93:c3:3f:93:4f:ab:e8:4f:2e:75:84:
                    61:8a:7a:47:8c:29:03:18:68:67:6a:36:cb:c2:3d:
                    4a:60:ac:81:13:0a:85:7b:0d:9f:30:e1:ba:32:79:
                    7e:76:b1:58:9f:9a:d5:71:21:be:42:78:92:7b:68:
                    46:ac:35:cd:88:ed:a0:16:33:60:17:93:0c:44:4b:
                    8a:f5:6a:a1:4c:60:d4:1a:b7:eb:96:40:5d:d3:22:
                    89:b9:d7:a5:55:07:63:a5:40:aa:44:3f:82:b3:b2:
                    c1:ec:fa:ee:13:f3:c9:03:6d:5f:0e:e7:c6:94:d6:
                    13:7a:09:ed:c9:5c:f3:02:fb:f9:51:a5:bc:f2:56:
                    ca:11:04:40:73:24:04:cd:85:50:25:19:29:8d:b1:
                    2c:47:eb:a3:b9:c4:71:eb:20:67:e9:73:d5:17:39:
                    99:49:51:6c:57:c9:8c:2a:8b:5a:3d:58:70:1a:d4:
                    5f:a6:61:f0:41:67:3f:b0:c8:a6:5f:74:14:cc:3d:
                    68:7b:05:01:0b:58:c5:2e:62:67:2a:a1:e4:25:e3:
                    ff:ba:34:24:3c:53:f4:44:7c:a1:1e:d7:01:ac:83:
                    a0:27:af:7c:92:70:96:42:f1:f7:af:e1:1e:5e:7c:
                    f4:f8:cd:03:b2:b2:99:fa:54:76:b7:ac:b1:3b:48:
                    62:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:56:48:21:30:63:6A:B3:27:36:E4:43:B3:DF:47:49:6F:A1:17:8E
            X509v3 Authority Key Identifier:
                keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/wFZIITBjarMnNuRDs99HSW-hF44.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.164.64.0/23
                IPv6:
                  2a0f:4cc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         a4:68:13:dc:49:7d:6c:88:1c:81:a8:c7:7d:3a:45:79:34:ed:
         c9:d6:99:fe:01:a4:5e:5b:44:ac:b3:2a:d1:f0:88:c4:b6:73:
         74:1e:5c:91:c5:35:70:a7:0a:c5:1d:5e:28:47:54:65:1d:db:
         ce:4f:a7:b6:7b:21:9c:4c:17:c2:ea:d8:1a:b2:47:90:8f:52:
         f9:28:ff:54:5f:6e:26:c1:71:8a:81:b9:85:7c:c8:72:c9:b4:
         0e:3e:45:10:b5:57:b0:27:5f:65:15:0e:b5:8e:a9:45:fc:06:
         5f:d1:9d:88:27:76:e4:a9:7b:36:5f:8f:2d:79:dd:bb:87:40:
         65:28:f0:2b:6c:8b:cc:90:cd:6c:59:0b:15:73:72:75:71:16:
         cd:c7:db:63:5e:99:1d:8a:7d:d4:13:8d:fe:41:db:d8:d4:fc:
         d5:75:33:dc:37:36:70:cc:01:76:d2:35:0e:8c:37:f4:6f:d8:
         35:bc:8b:46:c7:65:fc:fa:81:c1:a8:26:4e:03:72:46:9c:5b:
         43:a2:0f:41:e7:d7:2b:0e:73:d5:d4:d9:a5:c2:c4:82:65:43:
         9a:e8:97:35:2c:ac:6a:ad:7d:07:3c:d4:2b:de:7a:01:2f:8a:
         0d:d8:5f:35:9a:53:10:91:2e:32:70:4c:31:06:68:a8:f5:79:
         ab:d9:ea:df
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVteKNrlVjby3RJecGQlqYUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjMwMTAxMTMxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDU2NDgyMTMwNjM2YWIzMjczNmU0NDNiM2RmNDc0OTZmYTExNzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4Dfk8M/k0+r6E8udYRhinpHjCkD
GGhnajbLwj1KYKyBEwqFew2fMOG6Mnl+drFYn5rVcSG+QniSe2hGrDXNiO2gFjNg
F5MMREuK9WqhTGDUGrfrlkBd0yKJudelVQdjpUCqRD+Cs7LB7PruE/PJA21fDufG
lNYTegntyVzzAvv5UaW88lbKEQRAcyQEzYVQJRkpjbEsR+ujucRx6yBn6XPVFzmZ
SVFsV8mMKotaPVhwGtRfpmHwQWc/sMimX3QUzD1oewUBC1jFLmJnKqHkJeP/ujQk
PFP0RHyhHtcBrIOgJ698knCWQvH3r+EeXnz0+M0DsrKZ+lR2t6yxO0hi5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMBWSCEwY2qzJzbkQ7PfR0lvoReOMB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvd0ZaSUlUQmphck1uTnVSRHM5OUhTVy1oRjQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuaRAMA0E
AgACMAcDBQMqD0zAMA0GCSqGSIb3DQEBCwUAA4IBAQCkaBPcSX1siByBqMd9OkV5
NO3J1pn+AaReW0SssyrR8IjEtnN0HlyRxTVwpwrFHV4oR1RlHdvOT6e2eyGcTBfC
6tgaskeQj1L5KP9UX24mwXGKgbmFfMhyybQOPkUQtVewJ19lFQ61jqlF/AZf0Z2I
J3bkqXs2X48ted27h0BlKPArbIvMkM1sWQsVc3J1cRbNx9tjXpkdin3UE43+QdvY
1PzVdTPcNzZwzAF20jUOjDf0b9g1vItGx2X8+oHBqCZOA3JGnFtDog9B59crDnPV
1NmlwsSCZUOa6Jc1LKxqrX0HPNQr3noBL4oN2F81mlMQkS4ycEwxBmio9Xmr2erf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:08 2024 by rpki-client on console-ams.rpki-client.org