Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/w_QeUURLv-XvJ5rw7mWbjR2INFw.roa
File:                     w_QeUURLv-XvJ5rw7mWbjR2INFw.roa (raw, json)
Hash identifier:          glGvgiomUiOG6KoppMawhAAbJaMOsjY+fzooNdx5ZFs=
Subject key identifier:   C3:F4:1E:51:44:4B:BF:E5:EF:27:9A:F0:EE:65:9B:8D:1D:88:34:5C
Certificate issuer:       /CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Certificate serial:       018571D79424D116A38F264BA73E71A72A21
Authority key identifier: A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/w_QeUURLv-XvJ5rw7mWbjR2INFw.roa
Signing time:             Mon 02 Jan 2023 09:37:11 +0000
ROA not before:           Mon 02 Jan 2023 09:37:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29396
IP address blocks:        84.53.64.0/18 maxlen: 24
                          185.41.144.0/22 maxlen: 24
                          91.194.8.0/23 maxlen: 24
                          82.148.192.0/19 maxlen: 24
                          90.145.0.0/16 maxlen: 24
                          2a01:5620::/29 maxlen: 48
                          2a02:120::/29 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:d7:94:24:d1:16:a3:8f:26:4b:a7:3e:71:a7:2a:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a86580e18ad6ff8dc942be883c16de8b731f9605
        Validity
            Not Before: Jan  2 09:37:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c3f41e51444bbfe5ef279af0ee659b8d1d88345c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:77:67:db:52:12:67:79:2b:83:e9:9b:77:aa:
                    4e:f8:78:52:9e:45:12:bc:27:2b:c5:64:c6:b8:db:
                    7e:75:fe:17:7c:10:a4:ca:6e:ff:a5:d1:14:2c:93:
                    a1:7e:02:55:00:db:0a:d2:08:14:74:f9:70:5a:1c:
                    c1:73:02:9f:ce:10:b5:ce:d5:38:d1:27:74:04:0e:
                    55:55:f7:b1:9e:d1:d9:16:0b:4d:ad:32:7f:70:5d:
                    59:74:13:06:7d:73:3d:86:43:d3:9e:40:86:c7:13:
                    2d:df:47:10:54:e7:4a:ce:22:d6:57:4d:20:59:13:
                    89:5a:66:8d:0e:67:14:ae:ae:36:f2:fb:93:29:9e:
                    0d:bc:37:3f:1e:78:14:65:cc:4b:3c:a8:24:1f:9b:
                    3c:e9:1b:f0:20:16:3c:26:a7:ee:6d:18:56:0a:82:
                    7d:00:21:65:b3:34:70:dd:04:6b:67:88:14:a3:d8:
                    be:8a:12:b9:a9:78:d1:32:ad:e4:ea:32:42:b4:7a:
                    3e:70:05:7d:26:bb:4d:14:05:08:43:29:94:c9:66:
                    79:c4:92:2d:40:8d:02:89:95:8d:a8:ee:82:d7:ad:
                    45:f5:9d:d6:f7:9f:a0:d2:bf:27:a3:f3:b5:f2:03:
                    21:12:66:c9:4a:91:a6:a6:f1:a9:55:4b:39:d5:8d:
                    84:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:F4:1E:51:44:4B:BF:E5:EF:27:9A:F0:EE:65:9B:8D:1D:88:34:5C
            X509v3 Authority Key Identifier:
                keyid:A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/w_QeUURLv-XvJ5rw7mWbjR2INFw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/qGWA4YrW_43JQr6IPBbei3MflgU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.148.192.0/19
                  84.53.64.0/18
                  90.145.0.0/16
                  91.194.8.0/23
                  185.41.144.0/22
                IPv6:
                  2a01:5620::/29
                  2a02:120::/29

    Signature Algorithm: sha256WithRSAEncryption
         6b:8d:0d:16:e9:54:cd:bd:f2:88:37:ed:81:e5:4e:c0:2f:93:
         ad:0c:6d:9b:b3:c5:d1:ba:ed:a2:04:8c:68:07:23:20:ff:42:
         0e:13:c2:26:5f:16:f7:97:4a:96:0b:26:ed:5a:7a:92:7d:77:
         6e:25:09:5a:9a:f2:26:cb:e0:6a:1f:ab:b9:d9:4d:16:d2:f6:
         c4:66:88:42:87:f9:ec:26:6a:36:bd:60:cb:9a:81:8e:83:5c:
         76:4b:b8:24:d8:a4:03:8f:02:40:e5:8a:2d:27:84:be:2a:c4:
         80:a0:dc:db:d7:67:71:75:30:77:42:e0:9b:03:5d:b6:5c:36:
         4f:ff:fb:2f:52:09:ec:91:02:2b:84:62:fb:b8:75:b8:18:08:
         ab:d1:83:9c:0d:94:b6:51:9b:a7:26:b7:ab:a3:65:91:7f:ef:
         d6:8f:2f:e6:65:92:c4:c0:51:a1:d3:4b:01:2d:f9:82:4c:df:
         30:58:d2:1b:99:cf:9a:51:db:c3:0a:81:62:f4:3c:1e:3c:84:
         4d:bd:4e:8d:1e:37:a3:3f:d1:f3:98:52:b8:15:25:a1:78:98:
         4f:db:3d:48:1b:df:8b:a9:3f:b8:f4:fc:17:ef:f1:59:43:f3:
         60:1f:e1:9b:da:c8:18:fe:b4:71:2f:c9:b4:38:aa:dc:19:ff:
         62:0e:58:c1
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVx15Qk0RajjyZLpz5xpyohMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjU4MGUxOGFkNmZmOGRjOTQyYmU4ODNjMTZkZThiNzMx
Zjk2MDUwHhcNMjMwMTAyMDkzNzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2Y0MWU1MTQ0NGJiZmU1ZWYyNzlhZjBlZTY1OWI4ZDFkODgzNDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhndn21ISZ3krg+mbd6pO+HhSnkUS
vCcrxWTGuNt+df4XfBCkym7/pdEULJOhfgJVANsK0ggUdPlwWhzBcwKfzhC1ztU4
0Sd0BA5VVfexntHZFgtNrTJ/cF1ZdBMGfXM9hkPTnkCGxxMt30cQVOdKziLWV00g
WROJWmaNDmcUrq428vuTKZ4NvDc/HngUZcxLPKgkH5s86RvwIBY8JqfubRhWCoJ9
ACFlszRw3QRrZ4gUo9i+ihK5qXjRMq3k6jJCtHo+cAV9JrtNFAUIQymUyWZ5xJIt
QI0CiZWNqO6C161F9Z3W95+g0r8no/O18gMhEmbJSpGmpvGpVUs51Y2EqwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFMP0HlFES7/l7yea8O5lm40diDRcMB8GA1UdIwQY
MBaAFKhlgOGK1v+NyUK+iDwW3otzH5YFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXQTRZcldfNDNKUXI2SVBCYmVpM01mbGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lMjlkY2UtYTE3NC00Yjc3LTg5YWEt
MjM2ZTkyZmM2YTU5LzEvd19RZVVVUkx2LVh2SjVydzdtV2JqUjJJTkZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9lMjlkY2UtYTE3NC00Yjc3LTg5YWEtMjM2ZTkyZmM2YTU5
LzEvcUdXQTRZcldfNDNKUXI2SVBCYmVpM01mbGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAjBAIAATAdAwQFUpTAAwQG
VDVAAwMAWpEDBAFbwggDBAK5KZAwFAQCAAIwDgMFAyoBViADBQMqAgEgMA0GCSqG
SIb3DQEBCwUAA4IBAQBrjQ0W6VTNvfKIN+2B5U7AL5OtDG2bs8XRuu2iBIxoByMg
/0IOE8ImXxb3l0qWCybtWnqSfXduJQlamvImy+BqH6u52U0W0vbEZohCh/nsJmo2
vWDLmoGOg1x2S7gk2KQDjwJA5YotJ4S+KsSAoNzb12dxdTB3QuCbA122XDZP//sv
UgnskQIrhGL7uHW4GAir0YOcDZS2UZunJrero2WRf+/Wjy/mZZLEwFGh00sBLfmC
TN8wWNIbmc+aUdvDCoFi9DwePIRNvU6NHjejP9HzmFK4FSWheJhP2z1IG9+LqT+4
9PwX7/FZQ/NgH+Gb2sgY/rRxL8m0OKrcGf9iDljB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:35 2024 by rpki-client on console-ams.rpki-client.org