Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/WtSuHOngN5ei7hc8cpKLle_3Hfo.roa
File:                     WtSuHOngN5ei7hc8cpKLle_3Hfo.roa (raw, json)
Hash identifier:          slNEdEqON1/QptmSSqFSG7zX3Rv22oC2bXAPbXvtyCo=
Subject key identifier:   5A:D4:AE:1C:E9:E0:37:97:A2:EE:17:3C:72:92:8B:95:EF:F7:1D:FA
Certificate issuer:       /CN=b135377901a7871d3bff7a70277a2f4e2fc0e277
Certificate serial:       018CC5DC6BCC90C017AF216F9AC7EDD3A8E8
Authority key identifier: B1:35:37:79:01:A7:87:1D:3B:FF:7A:70:27:7A:2F:4E:2F:C0:E2:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sTU3eQGnhx07_3pwJ3ovTi_A4nc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/WtSuHOngN5ei7hc8cpKLle_3Hfo.roa
Signing time:             Mon 01 Jan 2024 16:30:06 +0000
ROA not before:           Mon 01 Jan 2024 16:30:06 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209220
IP address blocks:        185.104.122.0/24 maxlen: 24
                          185.104.122.0/23 maxlen: 23
                          185.104.123.0/24 maxlen: 24
                          2a06:3000:1000::/36 maxlen: 48

Validation:               Failed, certificate revoked on Thu 05 Sep 2024 14:16:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:6b:cc:90:c0:17:af:21:6f:9a:c7:ed:d3:a8:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b135377901a7871d3bff7a70277a2f4e2fc0e277
        Validity
            Not Before: Jan  1 16:30:06 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5ad4ae1ce9e03797a2ee173c72928b95eff71dfa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:bc:30:6c:79:13:e0:c4:8e:2a:03:32:be:f0:
                    f3:46:89:7f:80:69:f4:28:ff:f1:95:bd:92:5f:88:
                    17:65:06:aa:2e:4d:d1:5d:0c:20:d1:f5:99:74:f0:
                    42:6f:1a:c7:86:73:f0:03:0a:6b:5e:5a:24:21:a4:
                    85:a5:16:ec:c2:42:66:0a:66:9c:bb:e2:99:1d:a4:
                    a4:a5:93:e0:3f:b2:d2:74:5e:b3:3c:b7:0a:51:40:
                    ba:53:f0:72:5a:57:0c:0a:25:0c:33:80:e1:3e:f7:
                    df:23:aa:13:c2:5b:78:05:d7:08:41:24:41:74:82:
                    36:86:78:2d:4a:a0:88:6d:8b:e9:42:d4:ba:9d:9d:
                    87:d3:9a:52:2a:f0:4f:1a:3e:7d:4f:0e:c5:06:ec:
                    75:db:41:1f:03:86:4b:9d:a6:15:e2:ff:37:b5:22:
                    42:2f:02:c5:5a:05:6d:24:3c:f6:eb:c9:f9:a1:7d:
                    99:10:12:78:52:a6:c5:54:81:eb:07:5b:15:63:1d:
                    e2:e0:fa:21:2a:e0:5b:f3:63:e2:b0:d4:39:7a:3e:
                    37:40:38:42:e6:64:20:54:9d:9c:e5:82:4e:6a:33:
                    14:13:73:27:fc:38:c8:66:02:2c:0b:a7:a1:84:fb:
                    08:f5:c2:3c:af:ac:7e:c7:3f:32:fe:2b:0b:9d:ae:
                    0e:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:D4:AE:1C:E9:E0:37:97:A2:EE:17:3C:72:92:8B:95:EF:F7:1D:FA
            X509v3 Authority Key Identifier:
                keyid:B1:35:37:79:01:A7:87:1D:3B:FF:7A:70:27:7A:2F:4E:2F:C0:E2:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTU3eQGnhx07_3pwJ3ovTi_A4nc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/WtSuHOngN5ei7hc8cpKLle_3Hfo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/sTU3eQGnhx07_3pwJ3ovTi_A4nc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.104.122.0/23
                IPv6:
                  2a06:3000:1000::/36

    Signature Algorithm: sha256WithRSAEncryption
         7b:a7:92:b7:cc:ee:c1:65:2f:47:74:2c:73:9f:7f:28:eb:c2:
         fc:a6:fa:1e:39:b2:e7:a2:48:dc:80:43:a7:50:d0:94:40:a7:
         b3:12:8f:4a:d0:16:f6:9b:4a:89:25:9f:c1:11:9d:98:36:29:
         5c:6b:a4:d6:b6:8d:c4:a1:c4:cb:17:d0:7a:00:82:06:6d:bb:
         fe:fe:91:31:ae:f6:99:d5:43:e9:b6:a1:ab:74:8b:d2:ac:19:
         bb:bb:5b:72:2b:10:21:8e:e7:f4:d8:80:98:b8:7b:fd:f9:ef:
         19:c2:37:41:74:f5:0f:65:f8:87:71:31:f1:7a:cb:8b:35:50:
         1b:7f:a6:37:cf:e2:17:49:24:83:fd:6f:ee:42:83:d1:85:4a:
         40:9d:6b:fd:d3:78:69:9d:b1:5a:60:99:d7:06:59:c2:5b:61:
         fc:23:5c:e1:58:8d:51:64:f5:54:d2:52:17:7c:06:f1:ee:02:
         6d:28:b2:cb:12:09:e2:da:a7:7b:e7:28:4e:45:5d:f4:e7:7e:
         13:2a:38:b4:58:11:72:9b:f2:35:66:b4:e3:7b:03:76:3b:de:
         13:ab:06:25:30:b3:b8:19:67:fc:b4:d5:69:19:14:23:2f:58:
         e3:11:9e:55:0a:8f:07:36:d6:20:62:d4:ac:e2:6a:14:27:3d:
         c7:69:32:89
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzF3GvMkMAXryFvmsft06joMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzUzNzc5MDFhNzg3MWQzYmZmN2E3MDI3N2EyZjRlMmZj
MGUyNzcwHhcNMjQwMTAxMTYzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWQ0YWUxY2U5ZTAzNzk3YTJlZTE3M2M3MjkyOGI5NWVmZjcxZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LwwbHkT4MSOKgMyvvDzRol/gGn0
KP/xlb2SX4gXZQaqLk3RXQwg0fWZdPBCbxrHhnPwAwprXlokIaSFpRbswkJmCmac
u+KZHaSkpZPgP7LSdF6zPLcKUUC6U/ByWlcMCiUMM4DhPvffI6oTwlt4BdcIQSRB
dII2hngtSqCIbYvpQtS6nZ2H05pSKvBPGj59Tw7FBux120EfA4ZLnaYV4v83tSJC
LwLFWgVtJDz268n5oX2ZEBJ4UqbFVIHrB1sVYx3i4PohKuBb82PisNQ5ej43QDhC
5mQgVJ2c5YJOajMUE3Mn/DjIZgIsC6ehhPsI9cI8r6x+xz8y/isLna4OpwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFFrUrhzp4DeXou4XPHKSi5Xv9x36MB8GA1UdIwQY
MBaAFLE1N3kBp4cdO/96cCd6L04vwOJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RVM2VRR25oeDA3XzNwd0ozb3ZUaV9BNG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi80NjVjNDAtNjcxOC00ZWE5LTkxZTUt
OTEyMDQ3MTUzZTAxLzEvV3RTdUhPbmdONWVpN2hjOGNwS0xsZV8zSGZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi80NjVjNDAtNjcxOC00ZWE5LTkxZTUtOTEyMDQ3MTUzZTAx
LzEvc1RVM2VRR25oeDA3XzNwd0ozb3ZUaV9BNG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuWh6MA4E
AgACMAgDBgQqBjAAEDANBgkqhkiG9w0BAQsFAAOCAQEAe6eSt8zuwWUvR3Qsc59/
KOvC/Kb6Hjmy56JI3IBDp1DQlECnsxKPStAW9ptKiSWfwRGdmDYpXGuk1raNxKHE
yxfQegCCBm27/v6RMa72mdVD6bahq3SL0qwZu7tbcisQIY7n9NiAmLh7/fnvGcI3
QXT1D2X4h3Ex8XrLizVQG3+mN8/iF0kkg/1v7kKD0YVKQJ1r/dN4aZ2xWmCZ1wZZ
wlth/CNc4ViNUWT1VNJSF3wG8e4CbSiyyxIJ4tqne+coTkVd9Od+Eyo4tFgRcpvy
NWa043sDdjveE6sGJTCzuBln/LTVaRkUIy9Y4xGeVQqPBzbWIGLUrOJqFCc9x2ky
iQ==
-----END CERTIFICATE-----
Generated at Thu Sep 5 16:46:35 2024 by rpki-client on console-fra.rpki-client.org