Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/a8de56-edcc-40b1-b87f-4a07f97e98a9/1/WKGhjlxCewKsJmFuQcFy5FxTCL4.roa
File:                     WKGhjlxCewKsJmFuQcFy5FxTCL4.roa (raw, json)
Hash identifier:          8H73R9uROHZQ1VwuxR493tS2k741NqBHijd5KlTX6WI=
Subject key identifier:   58:A1:A1:8E:5C:42:7B:02:AC:26:61:6E:41:C1:72:E4:5C:53:08:BE
Certificate issuer:       /CN=5b34b184861100071fe4db3dda84a82cc1bbcc62
Certificate serial:       01856FC2518A2C7EDD697ABB247C2B03E135
Authority key identifier: 5B:34:B1:84:86:11:00:07:1F:E4:DB:3D:DA:84:A8:2C:C1:BB:CC:62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WzSxhIYRAAcf5Ns92oSoLMG7zGI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/a8de56-edcc-40b1-b87f-4a07f97e98a9/1/WKGhjlxCewKsJmFuQcFy5FxTCL4.roa
Signing time:             Sun 01 Jan 2023 23:54:43 +0000
ROA not before:           Sun 01 Jan 2023 23:54:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16328
IP address blocks:        193.108.32.0/23 maxlen: 23
                          193.178.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:c2:51:8a:2c:7e:dd:69:7a:bb:24:7c:2b:03:e1:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b34b184861100071fe4db3dda84a82cc1bbcc62
        Validity
            Not Before: Jan  1 23:54:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=58a1a18e5c427b02ac26616e41c172e45c5308be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:d8:ab:f7:dc:ad:97:d3:a9:92:c2:88:cc:28:
                    ce:54:f4:1b:69:21:b8:c3:39:b0:38:7b:80:90:8d:
                    ee:8b:7f:a0:a9:f8:3b:96:43:59:34:5c:09:de:c1:
                    e8:c2:d2:f3:96:fc:e8:42:15:5e:5a:7a:3e:80:eb:
                    aa:75:ea:7f:99:af:6a:89:6c:12:f6:ba:8e:aa:de:
                    d1:7c:0c:50:a4:db:c6:6c:aa:f1:14:e5:98:19:a6:
                    91:f9:12:c0:81:59:b3:f8:47:32:78:4c:07:6f:cc:
                    6e:7a:a7:0b:1a:96:38:8e:e7:e3:b2:ab:b8:c4:07:
                    94:89:48:fb:1f:13:1f:8e:30:14:1e:61:de:87:d6:
                    d2:29:fb:05:b2:68:1a:34:39:30:42:f4:e5:52:ac:
                    1f:c4:92:1d:68:91:52:34:bd:f8:0b:2e:d2:0d:d6:
                    5c:d8:e4:48:09:79:3d:b9:10:12:99:26:95:51:9a:
                    d3:e6:0c:5a:f6:74:db:98:7f:d6:f5:ed:39:1c:b7:
                    e1:0d:1f:9f:20:a2:8d:0a:04:31:53:86:32:0d:f5:
                    f2:1e:09:20:b9:84:70:da:de:20:56:1f:84:f8:10:
                    f0:de:da:9e:fd:55:76:ea:f3:06:49:67:32:1b:a9:
                    df:c2:01:b3:35:8c:87:27:9c:e8:00:e0:0f:80:96:
                    56:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:A1:A1:8E:5C:42:7B:02:AC:26:61:6E:41:C1:72:E4:5C:53:08:BE
            X509v3 Authority Key Identifier:
                keyid:5B:34:B1:84:86:11:00:07:1F:E4:DB:3D:DA:84:A8:2C:C1:BB:CC:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WzSxhIYRAAcf5Ns92oSoLMG7zGI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/a8de56-edcc-40b1-b87f-4a07f97e98a9/1/WKGhjlxCewKsJmFuQcFy5FxTCL4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/a8de56-edcc-40b1-b87f-4a07f97e98a9/1/WzSxhIYRAAcf5Ns92oSoLMG7zGI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.108.32.0/23
                  193.178.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:b2:01:77:3f:c4:16:56:9e:e9:df:57:9b:e2:7a:0b:41:b8:
         7e:29:ae:01:91:2e:fc:b9:f8:d1:8f:b6:88:cd:8e:4c:2d:0d:
         1e:9d:e3:fe:3b:97:51:66:31:13:ce:84:9d:19:f7:24:be:4f:
         0b:7e:48:f7:1d:9a:eb:c6:8c:7c:16:5d:86:96:49:7b:56:20:
         bc:65:f3:b1:47:97:b1:f7:cd:f8:20:fd:b9:7d:4c:34:16:88:
         df:37:c2:1e:09:cc:6b:de:ae:d5:c8:1e:b8:fb:8f:1f:f8:57:
         68:72:c9:05:03:0d:f7:b9:32:b6:6c:77:6c:0e:5d:12:80:11:
         84:26:28:4d:7c:10:3c:6a:a0:f9:50:15:10:90:dd:01:3b:76:
         24:d6:1c:51:57:ed:b6:bd:40:19:40:7a:ae:b5:5f:90:f4:85:
         bd:c3:f5:34:32:4d:de:f1:c1:a8:4f:40:4d:f2:82:ad:41:6c:
         06:8b:29:00:f5:ea:f3:90:82:4a:b0:d0:a4:d1:a0:4b:a9:6e:
         dc:94:a6:49:50:9d:94:f0:76:c9:3e:f0:a3:28:13:84:ca:60:
         78:ed:a1:35:a0:1e:9e:89:2d:88:73:8b:95:b3:07:5b:eb:3a:
         c7:c0:d4:c0:07:f3:b9:6b:91:c3:09:c8:14:04:db:d8:72:f5:
         23:ae:37:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvwlGKLH7daXq7JHwrA+E1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMzRiMTg0ODYxMTAwMDcxZmU0ZGIzZGRhODRhODJjYzFi
YmNjNjIwHhcNMjMwMTAxMjM1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGExYTE4ZTVjNDI3YjAyYWMyNjYxNmU0MWMxNzJlNDVjNTMwOGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dir99ytl9OpksKIzCjOVPQbaSG4
wzmwOHuAkI3ui3+gqfg7lkNZNFwJ3sHowtLzlvzoQhVeWno+gOuqdep/ma9qiWwS
9rqOqt7RfAxQpNvGbKrxFOWYGaaR+RLAgVmz+EcyeEwHb8xueqcLGpY4jufjsqu4
xAeUiUj7HxMfjjAUHmHeh9bSKfsFsmgaNDkwQvTlUqwfxJIdaJFSNL34Cy7SDdZc
2ORICXk9uRASmSaVUZrT5gxa9nTbmH/W9e05HLfhDR+fIKKNCgQxU4YyDfXyHgkg
uYRw2t4gVh+E+BDw3tqe/VV26vMGSWcyG6nfwgGzNYyHJ5zoAOAPgJZWSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFihoY5cQnsCrCZhbkHBcuRcUwi+MB8GA1UdIwQY
MBaAFFs0sYSGEQAHH+TbPdqEqCzBu8xiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3pTeGhJWVJBQWNmNU5zOTJvU29MTUc3ekdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9hOGRlNTYtZWRjYy00MGIxLWI4N2Yt
NGEwN2Y5N2U5OGE5LzEvV0tHaGpseENld0tzSm1GdVFjRnk1RnhUQ0w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9hOGRlNTYtZWRjYy00MGIxLWI4N2YtNGEwN2Y5N2U5OGE5
LzEvV3pTeGhJWVJBQWNmNU5zOTJvU29MTUc3ekdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwWwgAwQA
wbLeMA0GCSqGSIb3DQEBCwUAA4IBAQCCsgF3P8QWVp7p31eb4noLQbh+Ka4BkS78
ufjRj7aIzY5MLQ0eneP+O5dRZjETzoSdGfckvk8Lfkj3HZrrxox8Fl2Glkl7ViC8
ZfOxR5ex9834IP25fUw0FojfN8IeCcxr3q7VyB64+48f+FdocskFAw33uTK2bHds
Dl0SgBGEJihNfBA8aqD5UBUQkN0BO3Yk1hxRV+22vUAZQHqutV+Q9IW9w/U0Mk3e
8cGoT0BN8oKtQWwGiykA9erzkIJKsNCk0aBLqW7clKZJUJ2U8HbJPvCjKBOEymB4
7aE1oB6eiS2Ic4uVswdb6zrHwNTAB/O5a5HDCcgUBNvYcvUjrjcb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:13 2024 by rpki-client on console-fra.rpki-client.org