Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/zWd7HivjqlpNj6N4gLv7ZRH5Ue0.roa
File:                     zWd7HivjqlpNj6N4gLv7ZRH5Ue0.roa (raw, json)
Hash identifier:          4p8wsmlHmphaDgLqEb3HjaWbudyK5byuWziCfX7s4ew=
Subject key identifier:   CD:67:7B:1E:2B:E3:AA:5A:4D:8F:A3:78:80:BB:FB:65:11:F9:51:ED
Certificate issuer:       /CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Certificate serial:       018DF017CE82E8C25A26C29D630CFF950B98
Authority key identifier: 88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/zWd7HivjqlpNj6N4gLv7ZRH5Ue0.roa
Signing time:             Wed 28 Feb 2024 14:21:48 +0000
ROA not before:           Wed 28 Feb 2024 14:21:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     50810
IP address blocks:        37.98.64.0/18 maxlen: 22
                          37.98.114.0/24 maxlen: 24
                          62.102.128.0/20 maxlen: 22
                          93.117.176.0/20 maxlen: 22
                          93.119.208.0/20 maxlen: 22
                          178.131.0.0/18 maxlen: 22
                          178.131.4.0/24 maxlen: 24
                          178.131.64.0/18 maxlen: 22
                          178.131.128.0/18 maxlen: 22
                          188.211.0.0/20 maxlen: 20
                          188.212.240.0/21 maxlen: 21
                          188.213.192.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 10 Jun 2024 07:40:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:f0:17:ce:82:e8:c2:5a:26:c2:9d:63:0c:ff:95:0b:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
        Validity
            Not Before: Feb 28 14:21:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=cd677b1e2be3aa5a4d8fa37880bbfb6511f951ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:3e:a4:9a:aa:9d:7e:51:43:99:3d:42:21:3a:
                    97:a5:57:1f:30:99:df:48:db:8c:f0:12:71:31:4f:
                    ad:50:c6:b6:d4:e2:ce:19:16:7b:72:f5:aa:d1:6e:
                    93:ca:57:1e:30:98:80:12:4b:5b:3e:8f:59:3b:bd:
                    aa:a3:4d:4e:1f:d0:57:07:98:ee:98:fa:cd:f0:47:
                    9c:68:59:3c:5d:c0:96:bb:6b:ac:f6:a9:60:3a:e7:
                    e7:bd:15:24:a4:55:f0:29:8e:59:93:e3:f7:92:a7:
                    b5:87:9a:aa:40:ec:cc:81:3c:94:4f:9a:da:6d:75:
                    cc:9a:ad:fb:e3:41:f7:06:5c:6d:e7:3b:6d:58:99:
                    7f:7e:76:8c:ff:0e:1f:2a:b3:66:e2:68:6b:89:bb:
                    77:c2:84:6d:c0:67:7c:76:91:2c:1d:7d:19:a1:cf:
                    dc:61:b4:d7:19:78:77:98:87:56:de:8b:b9:88:f3:
                    16:c6:a7:70:c2:af:e8:a7:11:14:b7:d8:8e:fd:ba:
                    e9:7f:22:3e:66:fc:da:83:95:77:8d:79:26:05:ad:
                    99:f9:6b:b5:da:e4:ae:a8:57:76:c8:9e:1f:0b:f6:
                    49:01:66:d3:3b:87:3f:ff:09:36:e5:2c:88:8a:e7:
                    62:3b:83:38:fa:47:b1:d1:c3:b5:1e:7b:a0:00:74:
                    2f:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:67:7B:1E:2B:E3:AA:5A:4D:8F:A3:78:80:BB:FB:65:11:F9:51:ED
            X509v3 Authority Key Identifier:
                keyid:88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/zWd7HivjqlpNj6N4gLv7ZRH5Ue0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/iEeqkbBtjGuHKE8_RaIdwoH3ulU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.98.64.0/18
                  62.102.128.0/20
                  93.117.176.0/20
                  93.119.208.0/20
                  178.131.0.0-178.131.191.255
                  188.211.0.0/20
                  188.212.240.0/21
                  188.213.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         50:5c:7c:74:c1:54:fe:73:db:4e:08:d2:f0:56:9b:d4:dd:ec:
         59:64:f0:aa:4f:51:04:b1:c3:62:ae:a4:20:d7:b2:93:bd:3e:
         22:0e:ab:07:25:1d:29:d7:a5:cc:02:95:3e:7d:cf:06:0d:24:
         1e:36:0c:54:45:aa:91:e1:ef:ca:d6:1d:05:70:3a:5f:6d:42:
         be:cf:02:cc:34:71:66:5a:ee:55:90:84:0d:1d:cf:0b:54:33:
         5c:d9:e9:d7:2b:d9:e2:95:83:49:db:45:40:c0:6a:24:d3:6b:
         92:5d:0b:17:cc:a6:cd:bd:49:45:bd:76:71:8f:b8:46:9f:12:
         14:54:24:83:1b:58:80:fa:6e:cf:e8:ab:33:b4:af:39:84:5c:
         73:8d:7e:d5:d1:60:36:2f:cc:fa:12:57:13:b1:a6:ba:19:01:
         50:8d:f7:51:11:f5:76:22:72:58:8f:b3:45:44:e9:f9:3f:00:
         73:7b:df:92:a1:5d:57:f4:51:2f:9b:54:cc:78:84:8d:d2:11:
         e9:81:27:df:73:2a:41:91:20:81:bc:6c:c1:83:35:00:07:b3:
         ac:ab:c2:35:de:44:cb:ac:74:a7:d3:e8:54:03:de:9b:dc:16:
         1f:75:1d:41:33:30:b3:35:55:45:b6:d5:c4:00:5e:43:86:a8:
         35:22:1c:25
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAY3wF86C6MJaJsKdYwz/lQuYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NDdhYTkxYjA2ZDhjNmI4NzI4NGYzZjQ1YTIxZGMyODFm
N2JhNTUwHhcNMjQwMjI4MTQyMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDY3N2IxZTJiZTNhYTVhNGQ4ZmEzNzg4MGJiZmI2NTExZjk1MWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5T6kmqqdflFDmT1CITqXpVcfMJnf
SNuM8BJxMU+tUMa21OLOGRZ7cvWq0W6TylceMJiAEktbPo9ZO72qo01OH9BXB5ju
mPrN8EecaFk8XcCWu2us9qlgOufnvRUkpFXwKY5Zk+P3kqe1h5qqQOzMgTyUT5ra
bXXMmq3740H3Blxt5zttWJl/fnaM/w4fKrNm4mhribt3woRtwGd8dpEsHX0Zoc/c
YbTXGXh3mIdW3ou5iPMWxqdwwq/opxEUt9iO/brpfyI+Zvzag5V3jXkmBa2Z+Wu1
2uSuqFd2yJ4fC/ZJAWbTO4c//wk25SyIiudiO4M4+kex0cO1HnugAHQvIQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFM1nex4r46paTY+jeIC7+2UR+VHtMB8GA1UdIwQY
MBaAFIhHqpGwbYxrhyhPP0WiHcKB97pVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYt
Y2VhNzVkMGNkNjcxLzEveldkN0hpdmpxbHBOajZONGdMdjdaUkg1VWUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYtY2VhNzVkMGNkNjcx
LzEvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzA9BAIAATA3AwQGJWJAAwQE
PmaAAwQEXXWwAwQEXXfQMAsDAwCygwMEBrKDgAMEBLzTAAMEA7zU8AMEArzVwDAN
BgkqhkiG9w0BAQsFAAOCAQEAUFx8dMFU/nPbTgjS8Fab1N3sWWTwqk9RBLHDYq6k
INeyk70+Ig6rByUdKdelzAKVPn3PBg0kHjYMVEWqkeHvytYdBXA6X21Cvs8CzDRx
ZlruVZCEDR3PC1QzXNnp1yvZ4pWDSdtFQMBqJNNrkl0LF8ymzb1JRb12cY+4Rp8S
FFQkgxtYgPpuz+irM7SvOYRcc41+1dFgNi/M+hJXE7GmuhkBUI33URH1diJyWI+z
RUTp+T8Ac3vfkqFdV/RRL5tUzHiEjdIR6YEn33MqQZEggbxswYM1AAezrKvCNd5E
y6x0p9PoVAPem9wWH3UdQTMwszVVRbbVxABeQ4aoNSIcJQ==
-----END CERTIFICATE-----
Generated at Mon Jun 10 09:43:47 2024 by rpki-client on console-fra.rpki-client.org