Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/WiCqcuSDqGNNrthtUtVk0EuMpv0.roa
File:                     WiCqcuSDqGNNrthtUtVk0EuMpv0.roa (raw, json)
Hash identifier:          14Y2Wv0uC+0L3hZVpxcipiK2hPwNwq9uriq/x/DFvsE=
Subject key identifier:   5A:20:AA:72:E4:83:A8:63:4D:AE:D8:6D:52:D5:64:D0:4B:8C:A6:FD
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       01856E8B3F431DC1E372E0783100C63B38AC
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/WiCqcuSDqGNNrthtUtVk0EuMpv0.roa
Signing time:             Sun 01 Jan 2023 18:14:57 +0000
ROA not before:           Sun 01 Jan 2023 18:14:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        194.33.36.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:8b:3f:43:1d:c1:e3:72:e0:78:31:00:c6:3b:38:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Jan  1 18:14:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5a20aa72e483a8634daed86d52d564d04b8ca6fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:23:14:92:62:87:d6:f7:41:58:e2:74:2e:d6:
                    9b:0c:33:2e:93:d5:83:af:d3:11:67:2b:06:18:03:
                    ac:26:3b:c9:b1:2e:f8:c5:d0:b8:72:1e:77:51:90:
                    ef:42:11:49:3e:7a:aa:64:53:2e:e3:3a:19:89:d4:
                    39:34:44:20:ad:3b:4f:68:bf:8d:2c:a9:fe:83:d2:
                    35:69:62:db:1c:a1:68:fa:0e:ec:35:ef:f5:54:1b:
                    90:35:d4:f6:0f:33:a6:3c:6b:9c:48:4a:2c:a3:1b:
                    e7:41:38:95:bd:9e:9b:c8:35:c1:dd:0e:70:39:e8:
                    dd:7e:ec:47:47:43:53:73:0d:f4:46:0b:b9:59:12:
                    b9:ea:f1:08:47:96:3c:9d:a8:fe:3f:b3:f6:7b:0f:
                    eb:83:f0:2d:c7:58:01:f3:fc:6a:01:70:3f:47:ce:
                    a8:c2:6c:92:b9:ee:72:71:23:e8:05:42:2e:41:de:
                    88:de:cb:73:17:bb:ab:63:9e:2a:40:81:6b:05:67:
                    a1:1a:0d:a1:4c:12:a3:4a:9d:32:05:db:4d:33:fe:
                    46:2b:6b:68:5c:cd:c0:7a:8e:ab:fb:b3:4f:a7:a8:
                    34:5c:82:9d:83:c5:07:ae:70:06:8f:26:5c:20:fc:
                    df:a6:00:4c:59:bc:9e:5c:51:cd:b9:d5:5a:9c:32:
                    22:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:20:AA:72:E4:83:A8:63:4D:AE:D8:6D:52:D5:64:D0:4B:8C:A6:FD
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/WiCqcuSDqGNNrthtUtVk0EuMpv0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.33.36.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:12:2a:e1:f0:a1:b2:5a:f4:30:65:85:00:10:55:6e:a1:01:
         e7:f7:67:f6:7b:70:5e:d9:b8:93:e1:c7:6a:44:17:81:16:4f:
         12:20:47:19:5e:ad:ed:fa:7f:89:95:ea:e3:9e:f4:76:3b:4d:
         f0:2a:3b:79:af:ec:0b:5e:cc:d8:aa:b6:e4:b7:c3:28:7c:21:
         cf:15:d4:4a:8d:61:86:6c:29:e8:e2:4d:ac:1a:38:15:ca:0b:
         97:64:09:89:7c:f3:86:39:b7:0f:d5:e0:60:07:92:8e:df:f1:
         5a:70:71:7d:7a:6d:e8:23:83:61:06:cb:a8:2a:1e:28:81:6e:
         46:e6:b7:12:09:2a:a7:d2:7b:cd:9d:a9:ab:24:af:0f:11:45:
         0f:cb:c6:10:2c:c0:ee:51:8e:6b:d2:98:7d:cf:6e:27:5e:7a:
         54:30:cb:ed:f8:12:46:df:be:e0:5f:13:7d:a0:b3:72:7b:91:
         95:ad:45:f8:f4:24:7e:2d:6f:91:7d:71:fa:f5:2f:d6:81:cb:
         39:b5:ac:59:f1:fd:39:b0:ba:42:3b:3f:26:a7:37:62:b6:b1:
         76:33:4c:2d:b5:26:ae:97:6c:da:5a:aa:7d:bd:9a:d6:2a:28:
         98:3d:ff:76:f1:df:0f:58:96:ab:9c:7c:2a:b1:51:45:59:d0:
         8e:a2:4c:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuiz9DHcHjcuB4MQDGOzisMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwMTAxMTgxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTIwYWE3MmU0ODNhODYzNGRhZWQ4NmQ1MmQ1NjRkMDRiOGNhNmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSMUkmKH1vdBWOJ0LtabDDMuk9WD
r9MRZysGGAOsJjvJsS74xdC4ch53UZDvQhFJPnqqZFMu4zoZidQ5NEQgrTtPaL+N
LKn+g9I1aWLbHKFo+g7sNe/1VBuQNdT2DzOmPGucSEosoxvnQTiVvZ6byDXB3Q5w
OejdfuxHR0NTcw30Rgu5WRK56vEIR5Y8naj+P7P2ew/rg/Atx1gB8/xqAXA/R86o
wmySue5ycSPoBUIuQd6I3stzF7urY54qQIFrBWehGg2hTBKjSp0yBdtNM/5GK2to
XM3Aeo6r+7NPp6g0XIKdg8UHrnAGjyZcIPzfpgBMWbyeXFHNudVanDIiDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFogqnLkg6hjTa7YbVLVZNBLjKb9MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvV2lDcWN1U0RxR05OcnRodFV0VmswRXVNcHYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiEkMA0G
CSqGSIb3DQEBCwUAA4IBAQCQEirh8KGyWvQwZYUAEFVuoQHn92f2e3Be2biT4cdq
RBeBFk8SIEcZXq3t+n+JlerjnvR2O03wKjt5r+wLXszYqrbkt8MofCHPFdRKjWGG
bCno4k2sGjgVyguXZAmJfPOGObcP1eBgB5KO3/FacHF9em3oI4NhBsuoKh4ogW5G
5rcSCSqn0nvNnamrJK8PEUUPy8YQLMDuUY5r0ph9z24nXnpUMMvt+BJG377gXxN9
oLNye5GVrUX49CR+LW+RfXH69S/Wgcs5taxZ8f05sLpCOz8mpzditrF2M0wttSau
l2zaWqp9vZrWKiiYPf928d8PWJarnHwqsVFFWdCOokz8
-----END CERTIFICATE-----
Generated at Thu Sep 7 05:40:38 2023 by rpki-client on console-fra.rpki-client.org