Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/6508a1-4412-40c7-8a72-52cd6e89aa8d/1/W9oPBsO--IRUCND0R0-e5_dXURU.roa
File:                     W9oPBsO--IRUCND0R0-e5_dXURU.roa (raw, json)
Hash identifier:          GtOQAuc/0GAhR9fx692IzoPcLEh6Pz7uEjNNFsTy+zQ=
Subject key identifier:   5B:DA:0F:06:C3:BE:F8:84:54:08:D0:F4:47:4F:9E:E7:F7:57:51:15
Certificate issuer:       /CN=34ddcbc8f61b260fd3f3e78b6b86877cb95fd83e
Certificate serial:       01856BE5AAA6DB1B3DE2BFECAAB39F435D06
Authority key identifier: 34:DD:CB:C8:F6:1B:26:0F:D3:F3:E7:8B:6B:86:87:7C:B9:5F:D8:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NN3LyPYbJg_T8-eLa4aHfLlf2D4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/6508a1-4412-40c7-8a72-52cd6e89aa8d/1/W9oPBsO--IRUCND0R0-e5_dXURU.roa
Signing time:             Sun 01 Jan 2023 05:54:51 +0000
ROA not before:           Sun 01 Jan 2023 05:54:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206936
IP address blocks:        185.160.240.0/23 maxlen: 23
                          185.160.240.0/22 maxlen: 22
                          185.160.243.0/24 maxlen: 24
                          2a0a:8500::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:e5:aa:a6:db:1b:3d:e2:bf:ec:aa:b3:9f:43:5d:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34ddcbc8f61b260fd3f3e78b6b86877cb95fd83e
        Validity
            Not Before: Jan  1 05:54:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5bda0f06c3bef8845408d0f4474f9ee7f7575115
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:d1:59:73:3f:c3:1e:27:4f:dc:29:58:dc:ea:
                    5a:e3:a4:8e:0a:48:b9:7e:6e:c8:b1:b6:de:af:65:
                    3e:92:c0:23:8f:6d:f6:61:c6:ff:b8:f5:a5:35:e5:
                    82:b9:d5:44:1a:47:89:c4:4a:ba:c9:36:61:01:92:
                    b4:28:75:1e:5d:3d:aa:53:ce:39:5b:e3:59:c3:e7:
                    73:41:00:84:93:6c:97:57:10:24:d2:c6:f5:f0:ef:
                    6a:56:d9:52:4d:82:4a:be:77:ec:0d:a8:0d:ad:a4:
                    d0:fb:50:3d:19:34:c3:7f:a7:75:c7:70:2d:f0:6d:
                    77:32:c4:fd:e7:2b:71:a9:b9:c5:7f:26:9c:47:6b:
                    9a:02:cd:89:39:9b:9c:f7:3f:2b:10:fd:36:fa:87:
                    a3:a4:5f:92:56:67:ed:af:95:81:e7:11:5f:a4:55:
                    72:e7:9e:e0:0d:15:f7:95:1a:fc:67:4e:14:72:78:
                    3a:ee:82:43:32:c3:b6:31:11:3b:a4:a3:d9:eb:b8:
                    98:b0:0d:21:91:f7:80:b1:8c:8f:84:4f:62:22:74:
                    dd:ee:c9:05:91:39:9d:eb:c6:9b:a6:a5:3e:7b:f8:
                    bd:76:28:f4:93:99:c0:77:e4:2f:d6:7f:8d:e2:4b:
                    27:a6:b8:71:27:37:05:97:82:71:f2:56:47:bc:5c:
                    ca:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:DA:0F:06:C3:BE:F8:84:54:08:D0:F4:47:4F:9E:E7:F7:57:51:15
            X509v3 Authority Key Identifier:
                keyid:34:DD:CB:C8:F6:1B:26:0F:D3:F3:E7:8B:6B:86:87:7C:B9:5F:D8:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NN3LyPYbJg_T8-eLa4aHfLlf2D4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/6508a1-4412-40c7-8a72-52cd6e89aa8d/1/W9oPBsO--IRUCND0R0-e5_dXURU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/6508a1-4412-40c7-8a72-52cd6e89aa8d/1/NN3LyPYbJg_T8-eLa4aHfLlf2D4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.160.240.0/22
                IPv6:
                  2a0a:8500::/29

    Signature Algorithm: sha256WithRSAEncryption
         48:5f:02:64:8e:29:6d:47:c6:5e:f3:a5:aa:eb:e8:23:2e:01:
         dc:03:17:8e:4b:44:6f:70:0c:df:0d:46:d2:14:cc:b8:36:e4:
         3b:41:14:ff:01:da:53:1d:e9:77:c8:6f:ec:96:ba:96:f3:45:
         8c:b5:ea:9b:77:a9:d3:00:38:21:e6:eb:32:38:7c:72:c6:7f:
         aa:80:ad:81:84:73:93:72:08:29:d4:ed:cc:3f:95:61:8d:96:
         1a:96:70:c5:e3:4a:74:d2:39:ad:9a:98:db:f3:89:5d:40:7f:
         d6:18:64:99:8f:e1:26:64:ba:61:2c:82:29:38:be:46:3b:5c:
         59:c0:79:65:59:49:a3:17:e7:ba:c6:61:c6:e2:46:36:eb:58:
         a8:5a:a7:09:49:a0:98:99:d4:0e:a9:70:fc:24:7c:01:72:58:
         c3:57:cb:96:d6:0a:c5:50:ae:49:35:73:1b:4f:ff:83:ea:ed:
         17:f0:97:0b:6d:c3:1d:47:d5:35:ad:17:0c:ec:5b:1a:8f:05:
         da:f7:90:5c:39:c2:d3:12:47:1a:39:b4:45:b3:82:2c:11:1e:
         79:56:d4:4c:bc:00:7b:53:17:e2:a1:7d:42:80:39:bd:95:48:
         bf:19:80:bf:ae:14:0f:08:81:78:ae:07:da:86:89:0f:40:ca:
         4a:47:e8:c1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVr5aqm2xs94r/sqrOfQ10GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZGRjYmM4ZjYxYjI2MGZkM2YzZTc4YjZiODY4NzdjYjk1
ZmQ4M2UwHhcNMjMwMTAxMDU1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmRhMGYwNmMzYmVmODg0NTQwOGQwZjQ0NzRmOWVlN2Y3NTc1MTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9FZcz/DHidP3ClY3Opa46SOCki5
fm7Isbber2U+ksAjj232Ycb/uPWlNeWCudVEGkeJxEq6yTZhAZK0KHUeXT2qU845
W+NZw+dzQQCEk2yXVxAk0sb18O9qVtlSTYJKvnfsDagNraTQ+1A9GTTDf6d1x3At
8G13MsT95ytxqbnFfyacR2uaAs2JOZuc9z8rEP02+oejpF+SVmftr5WB5xFfpFVy
557gDRX3lRr8Z04Ucng67oJDMsO2MRE7pKPZ67iYsA0hkfeAsYyPhE9iInTd7skF
kTmd68abpqU+e/i9dij0k5nAd+Qv1n+N4ksnprhxJzcFl4Jx8lZHvFzKwQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFvaDwbDvviEVAjQ9EdPnuf3V1EVMB8GA1UdIwQY
MBaAFDTdy8j2GyYP0/Pni2uGh3y5X9g+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk4zTHlQWWJKZ19UOC1lTGE0YUhmTGxmMkQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC82NTA4YTEtNDQxMi00MGM3LThhNzIt
NTJjZDZlODlhYThkLzEvVzlvUEJzTy0tSVJVQ05EMFIwLWU1X2RYVVJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC82NTA4YTEtNDQxMi00MGM3LThhNzItNTJjZDZlODlhYThk
LzEvTk4zTHlQWWJKZ19UOC1lTGE0YUhmTGxmMkQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaDwMA0E
AgACMAcDBQMqCoUAMA0GCSqGSIb3DQEBCwUAA4IBAQBIXwJkjiltR8Ze86Wq6+gj
LgHcAxeOS0RvcAzfDUbSFMy4NuQ7QRT/AdpTHel3yG/slrqW80WMteqbd6nTADgh
5usyOHxyxn+qgK2BhHOTcggp1O3MP5VhjZYalnDF40p00jmtmpjb84ldQH/WGGSZ
j+EmZLphLIIpOL5GO1xZwHllWUmjF+e6xmHG4kY261ioWqcJSaCYmdQOqXD8JHwB
cljDV8uW1grFUK5JNXMbT/+D6u0X8JcLbcMdR9U1rRcM7FsajwXa95BcOcLTEkca
ObRFs4IsER55VtRMvAB7UxfioX1CgDm9lUi/GYC/rhQPCIF4rgfahokPQMpKR+jB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:56 2024 by rpki-client on console-ams.rpki-client.org