Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/WGryK5aQ4sKQBg5C5QCRI8NENKI.roa
File:                     WGryK5aQ4sKQBg5C5QCRI8NENKI.roa (raw, json)
Hash identifier:          Dyj8f1uERW/nGSpfXBu6uYhNC/hIu0lYuxdZBNVCJ0U=
Subject key identifier:   58:6A:F2:2B:96:90:E2:C2:90:06:0E:42:E5:00:91:23:C3:44:34:A2
Certificate issuer:       /CN=a16b0d8ab49436550b6abf45b79035aec6aff23c
Certificate serial:       0189F840E11CD86A77464881B3D207AECD0F
Authority key identifier: A1:6B:0D:8A:B4:94:36:55:0B:6A:BF:45:B7:90:35:AE:C6:AF:F2:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oWsNirSUNlULar9Ft5A1rsav8jw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/WGryK5aQ4sKQBg5C5QCRI8NENKI.roa
Signing time:             Tue 15 Aug 2023 08:12:28 +0000
ROA not before:           Tue 15 Aug 2023 08:12:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48611
IP address blocks:        2a00:dcc7:2200::/40 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:31:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:f8:40:e1:1c:d8:6a:77:46:48:81:b3:d2:07:ae:cd:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a16b0d8ab49436550b6abf45b79035aec6aff23c
        Validity
            Not Before: Aug 15 08:12:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=586af22b9690e2c290060e42e5009123c34434a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:1d:9f:ad:8f:d9:8e:85:c2:90:af:c8:fd:ee:
                    32:d4:9c:07:83:cf:4e:f2:0d:81:45:25:b6:c1:0a:
                    24:8a:bb:49:80:4b:74:40:82:2a:6e:d7:80:f8:e3:
                    9b:8e:c4:3e:78:28:6c:b6:ff:79:53:4f:29:e9:39:
                    89:9c:a9:c7:38:57:8c:6d:c8:66:0f:4d:ae:86:bb:
                    7b:38:7f:ee:46:b2:e8:6e:65:a3:6d:d1:17:e4:06:
                    a1:7a:59:46:8e:bf:f1:65:ea:34:6d:b0:56:a7:5d:
                    ff:6d:ae:83:91:52:19:74:93:6e:62:72:11:11:08:
                    0f:78:b5:41:81:1c:c7:ba:49:8b:ae:3c:0a:b5:3e:
                    ff:93:27:25:a2:bd:e2:74:e9:46:81:43:7e:1f:8a:
                    cc:1c:83:62:ed:fe:b3:6b:63:40:ba:6d:6a:7f:5d:
                    37:f1:75:5a:73:5e:a3:72:43:e4:88:79:55:96:4b:
                    9a:b7:d5:40:92:0d:de:6d:69:f3:72:7d:5f:f7:6d:
                    ed:b9:24:ed:48:27:b4:ff:0d:da:7b:29:7c:48:69:
                    da:0e:0f:e7:2c:07:5d:74:d0:1b:b8:0a:4d:5f:df:
                    c8:92:8a:4d:04:d0:57:51:b5:3a:80:02:86:4b:4a:
                    37:41:66:b0:65:92:3a:6e:95:d0:41:85:8a:27:1a:
                    1d:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:6A:F2:2B:96:90:E2:C2:90:06:0E:42:E5:00:91:23:C3:44:34:A2
            X509v3 Authority Key Identifier:
                keyid:A1:6B:0D:8A:B4:94:36:55:0B:6A:BF:45:B7:90:35:AE:C6:AF:F2:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWsNirSUNlULar9Ft5A1rsav8jw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/WGryK5aQ4sKQBg5C5QCRI8NENKI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/oWsNirSUNlULar9Ft5A1rsav8jw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:dcc7:2200::/40

    Signature Algorithm: sha256WithRSAEncryption
         61:f8:e7:f9:0f:70:d9:8f:04:50:c7:b3:a7:61:30:ca:7a:24:
         a6:c5:3c:dc:25:ee:70:7e:a1:45:be:84:08:08:77:48:fb:b0:
         85:96:f8:83:ec:f4:97:04:35:02:ae:fa:d9:67:04:86:e9:67:
         f3:2e:40:29:49:72:90:f1:ad:ff:46:c7:72:b9:8b:47:67:20:
         4c:24:d4:f6:8d:c9:dd:a8:93:e2:2b:3e:2e:a5:33:14:9c:54:
         55:54:c4:11:53:bf:47:88:03:32:56:c0:bd:3e:bd:28:8c:01:
         f6:ee:9b:ce:44:f8:59:f9:06:37:cc:b6:c1:ab:9e:ca:b4:16:
         57:8a:a4:96:5d:c2:68:0a:24:f4:e8:e6:cb:d9:3d:d9:b8:1c:
         5b:d5:f1:07:be:5e:9e:7c:eb:78:23:7b:f6:2c:b4:32:c8:f1:
         21:75:d4:ef:8e:9e:0d:ae:bf:e0:fa:c5:2a:30:4a:02:13:e0:
         07:61:46:3a:a1:17:3e:50:78:dd:5e:cb:7c:c3:dd:b4:53:bf:
         4a:d3:8a:69:c4:83:69:3e:ea:01:cf:c3:18:b6:92:d9:1e:4f:
         c9:d9:12:8d:f2:b8:e1:a1:0e:1a:20:36:42:23:2e:c0:cd:66:
         3f:57:06:4f:0d:0d:f7:f4:8e:fa:1e:97:d9:f7:b8:8d:3f:b8:
         ec:51:e3:d5
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYn4QOEc2Gp3RkiBs9IHrs0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNmIwZDhhYjQ5NDM2NTUwYjZhYmY0NWI3OTAzNWFlYzZh
ZmYyM2MwHhcNMjMwODE1MDgxMjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODZhZjIyYjk2OTBlMmMyOTAwNjBlNDJlNTAwOTEyM2MzNDQzNGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyB2frY/ZjoXCkK/I/e4y1JwHg89O
8g2BRSW2wQokirtJgEt0QIIqbteA+OObjsQ+eChstv95U08p6TmJnKnHOFeMbchm
D02uhrt7OH/uRrLobmWjbdEX5AahellGjr/xZeo0bbBWp13/ba6DkVIZdJNuYnIR
EQgPeLVBgRzHukmLrjwKtT7/kyclor3idOlGgUN+H4rMHINi7f6za2NAum1qf103
8XVac16jckPkiHlVlkuat9VAkg3ebWnzcn1f923tuSTtSCe0/w3aeyl8SGnaDg/n
LAdddNAbuApNX9/IkopNBNBXUbU6gAKGS0o3QWawZZI6bpXQQYWKJxodXwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFhq8iuWkOLCkAYOQuUAkSPDRDSiMB8GA1UdIwQY
MBaAFKFrDYq0lDZVC2q/RbeQNa7Gr/I8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dzTmlyU1VObFVMYXI5RnQ1QTFyc2F2OGp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC81ZjQ1MTgtODJlOS00MjkyLWE1NGUt
MTVjYzlkYzdiZDg3LzEvV0dyeUs1YVE0c0tRQmc1QzVRQ1JJOE5FTktJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC81ZjQ1MTgtODJlOS00MjkyLWE1NGUtMTVjYzlkYzdiZDg3
LzEvb1dzTmlyU1VObFVMYXI5RnQ1QTFyc2F2OGp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgDcxyIw
DQYJKoZIhvcNAQELBQADggEBAGH45/kPcNmPBFDHs6dhMMp6JKbFPNwl7nB+oUW+
hAgId0j7sIWW+IPs9JcENQKu+tlnBIbpZ/MuQClJcpDxrf9Gx3K5i0dnIEwk1PaN
yd2ok+IrPi6lMxScVFVUxBFTv0eIAzJWwL0+vSiMAfbum85E+Fn5BjfMtsGrnsq0
FleKpJZdwmgKJPTo5svZPdm4HFvV8Qe+Xp5863gje/YstDLI8SF11O+Ong2uv+D6
xSowSgIT4AdhRjqhFz5QeN1ey3zD3bRTv0rTimnEg2k+6gHPwxi2ktkeT8nZEo3y
uOGhDhogNkIjLsDNZj9XBk8NDff0jvoel9n3uI0/uOxR49U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:11 2024 by rpki-client on console-fra.rpki-client.org