Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5809a5-bbdc-43ea-94c4-9d1a2e0911b9/1/wJ2mmwSv-ub320icANkwC5GTPHI.roa
File:                     wJ2mmwSv-ub320icANkwC5GTPHI.roa (raw, json)
Hash identifier:          jXhPTxLm0rddyOXTr2p2EalRRdVSeXzEdcVHUliW9xc=
Subject key identifier:   C0:9D:A6:9B:04:AF:FA:E6:F7:DB:48:9C:00:D9:30:0B:91:93:3C:72
Certificate issuer:       /CN=a4f2e2c7753652c77dbb79cbe069b2bab03f60dd
Certificate serial:       018571D78CC53FBE1D8B0DE41A57BBD65CE2
Authority key identifier: A4:F2:E2:C7:75:36:52:C7:7D:BB:79:CB:E0:69:B2:BA:B0:3F:60:DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pPLix3U2Usd9u3nL4GmyurA_YN0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/5809a5-bbdc-43ea-94c4-9d1a2e0911b9/1/wJ2mmwSv-ub320icANkwC5GTPHI.roa
Signing time:             Mon 02 Jan 2023 09:37:09 +0000
ROA not before:           Mon 02 Jan 2023 09:37:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12945
IP address blocks:        194.126.241.0/24 maxlen: 24
                          91.212.176.0/24 maxlen: 24
                          2001:67c:2e20::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:d7:8c:c5:3f:be:1d:8b:0d:e4:1a:57:bb:d6:5c:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4f2e2c7753652c77dbb79cbe069b2bab03f60dd
        Validity
            Not Before: Jan  2 09:37:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c09da69b04affae6f7db489c00d9300b91933c72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:d0:71:72:a9:03:b4:7b:14:b8:03:97:1c:45:
                    81:d5:01:1c:70:d6:d2:9f:42:a3:4e:c6:49:e2:05:
                    c9:7a:b5:48:bf:5c:4d:e0:31:51:88:5f:f7:32:f0:
                    c9:ce:0b:8e:25:37:73:98:df:0f:78:08:56:92:f7:
                    25:41:65:b3:1b:ea:01:03:47:cd:e5:b0:22:45:1e:
                    38:d2:2d:76:50:c4:33:9f:3c:b6:7e:4d:6c:79:fa:
                    57:a5:f7:c9:85:88:ed:b2:ca:7f:8e:ac:82:28:61:
                    1c:7d:ac:15:70:9c:8e:78:86:97:2e:8b:d0:bf:8a:
                    18:13:ab:a8:a7:a6:22:6d:f9:d0:76:b2:42:0a:97:
                    38:46:da:92:97:14:81:0b:8f:39:d6:86:4c:8b:44:
                    e4:df:5a:d7:f0:c4:f7:e2:9f:24:20:f9:69:06:56:
                    11:00:10:ae:e8:a1:8e:4a:30:1a:81:49:a2:03:00:
                    1a:b4:5a:ad:84:e8:93:74:5c:24:fb:8b:77:61:6a:
                    76:d9:7e:90:61:09:28:1b:0c:8b:1a:de:51:db:71:
                    f7:b4:73:b9:6f:53:e5:dc:79:99:10:36:2c:eb:89:
                    f2:37:7b:aa:87:89:c9:90:9d:86:d2:76:69:65:3d:
                    8d:d4:42:b4:74:53:0d:43:22:9f:0f:1b:74:38:d4:
                    2d:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:9D:A6:9B:04:AF:FA:E6:F7:DB:48:9C:00:D9:30:0B:91:93:3C:72
            X509v3 Authority Key Identifier:
                keyid:A4:F2:E2:C7:75:36:52:C7:7D:BB:79:CB:E0:69:B2:BA:B0:3F:60:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPLix3U2Usd9u3nL4GmyurA_YN0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5809a5-bbdc-43ea-94c4-9d1a2e0911b9/1/wJ2mmwSv-ub320icANkwC5GTPHI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5809a5-bbdc-43ea-94c4-9d1a2e0911b9/1/pPLix3U2Usd9u3nL4GmyurA_YN0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.212.176.0/24
                  194.126.241.0/24
                IPv6:
                  2001:67c:2e20::/48

    Signature Algorithm: sha256WithRSAEncryption
         4e:4e:a7:cb:d5:1a:98:bb:36:1d:23:63:c1:04:b2:1c:49:99:
         ea:75:19:04:a0:8c:d6:eb:2d:78:2c:cb:a8:82:fe:b0:24:29:
         75:f2:01:25:74:02:44:3e:d8:92:b3:5d:3f:7d:32:f6:cb:77:
         e5:ad:22:52:6d:cb:f5:d9:c9:6b:03:9a:66:79:a2:7d:cc:ba:
         e5:11:fc:fb:df:32:7f:89:64:c1:45:3f:aa:40:7a:a1:49:b4:
         20:8f:1c:5b:fd:8d:cc:8a:ee:82:50:c7:66:7f:38:fa:63:a0:
         2c:f6:5f:23:b2:63:41:5a:3c:28:c1:2f:3d:1f:34:1d:3c:d3:
         98:84:6b:8b:ff:d5:98:37:2b:76:8c:2f:57:a0:2b:17:f2:9f:
         93:e2:f5:2a:70:57:b2:af:43:03:62:8b:f7:45:b5:66:81:44:
         81:00:a4:e0:ec:3c:26:79:05:eb:41:d0:dd:3d:a6:fd:b5:7c:
         6d:01:63:b7:a0:7b:79:22:d6:01:5f:8f:2e:40:69:fe:94:ad:
         b7:dd:29:7a:9e:41:49:1c:84:e4:3b:52:19:28:4d:c5:69:52:
         13:cf:c7:16:64:56:e7:92:c2:84:7f:f6:5a:28:69:83:1b:b8:
         32:a3:36:06:84:15:ea:43:0c:f6:eb:c8:5c:f8:36:f9:de:7e:
         77:cc:5b:f0
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVx14zFP74diw3kGle71lziMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZjJlMmM3NzUzNjUyYzc3ZGJiNzljYmUwNjliMmJhYjAz
ZjYwZGQwHhcNMjMwMTAyMDkzNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDlkYTY5YjA0YWZmYWU2ZjdkYjQ4OWMwMGQ5MzAwYjkxOTMzYzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtBxcqkDtHsUuAOXHEWB1QEccNbS
n0KjTsZJ4gXJerVIv1xN4DFRiF/3MvDJzguOJTdzmN8PeAhWkvclQWWzG+oBA0fN
5bAiRR440i12UMQznzy2fk1sefpXpffJhYjtssp/jqyCKGEcfawVcJyOeIaXLovQ
v4oYE6uop6YibfnQdrJCCpc4RtqSlxSBC4851oZMi0Tk31rX8MT34p8kIPlpBlYR
ABCu6KGOSjAagUmiAwAatFqthOiTdFwk+4t3YWp22X6QYQkoGwyLGt5R23H3tHO5
b1Pl3HmZEDYs64nyN3uqh4nJkJ2G0nZpZT2N1EK0dFMNQyKfDxt0ONQtEQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMCdppsEr/rm99tInADZMAuRkzxyMB8GA1UdIwQY
MBaAFKTy4sd1NlLHfbt5y+BpsrqwP2DdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBMaXgzVTJVc2Q5dTNuTDRHbXl1ckFfWU4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81ODA5YTUtYmJkYy00M2VhLTk0YzQt
OWQxYTJlMDkxMWI5LzEvd0oybW13U3YtdWIzMjBpY0FOa3dDNUdUUEhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81ODA5YTUtYmJkYy00M2VhLTk0YzQtOWQxYTJlMDkxMWI5
LzEvcFBMaXgzVTJVc2Q5dTNuTDRHbXl1ckFfWU4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW9SwAwQA
wn7xMA8EAgACMAkDBwAgAQZ8LiAwDQYJKoZIhvcNAQELBQADggEBAE5Op8vVGpi7
Nh0jY8EEshxJmep1GQSgjNbrLXgsy6iC/rAkKXXyASV0AkQ+2JKzXT99MvbLd+Wt
IlJty/XZyWsDmmZ5on3MuuUR/PvfMn+JZMFFP6pAeqFJtCCPHFv9jcyK7oJQx2Z/
OPpjoCz2XyOyY0FaPCjBLz0fNB0805iEa4v/1Zg3K3aML1egKxfyn5Pi9SpwV7Kv
QwNii/dFtWaBRIEApODsPCZ5BetB0N09pv21fG0BY7ege3ki1gFfjy5Aaf6Urbfd
KXqeQUkchOQ7UhkoTcVpUhPPxxZkVueSwoR/9looaYMbuDKjNgaEFepDDPbryFz4
NvnefnfMW/A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:06 2024 by rpki-client on console-ams.rpki-client.org