Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/WLoNzADjnxoMDc5cWJaBFLZ65dY.roa
File:                     WLoNzADjnxoMDc5cWJaBFLZ65dY.roa (raw, json)
Hash identifier:          nN8g1XSObGkIPNty6WvSFvv2FfDU96rOIv6m6vgM5VI=
Subject key identifier:   58:BA:0D:CC:00:E3:9F:1A:0C:0D:CE:5C:58:96:81:14:B6:7A:E5:D6
Certificate issuer:       /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial:       01893ECC2B0292A666934FFD4C89A329A0D4
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/WLoNzADjnxoMDc5cWJaBFLZ65dY.roa
Signing time:             Mon 10 Jul 2023 07:55:14 +0000
ROA not before:           Mon 10 Jul 2023 07:55:14 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202636
IP address blocks:        158.255.232.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:3e:cc:2b:02:92:a6:66:93:4f:fd:4c:89:a3:29:a0:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
        Validity
            Not Before: Jul 10 07:55:14 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=58ba0dcc00e39f1a0c0dce5c58968114b67ae5d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:21:e5:c7:90:5d:90:bc:6b:63:d1:77:75:35:
                    fd:6b:4b:43:9e:f7:eb:13:98:29:74:1d:85:e5:90:
                    e0:da:49:75:ad:49:21:1a:91:6d:15:93:b6:fc:1c:
                    e0:5f:3e:59:4e:29:31:d2:60:53:74:1d:9c:5c:c3:
                    b5:ce:40:20:02:7e:52:f9:87:bc:26:22:0a:27:b9:
                    82:ac:52:0b:e5:e3:19:44:98:58:dc:cb:37:69:1b:
                    e9:f1:3b:fe:1f:fc:8d:45:3b:4c:fc:d9:4c:25:a1:
                    b0:3c:a1:19:d4:4e:9d:ed:ea:34:65:ba:b5:21:78:
                    cd:db:79:3d:d0:f3:e3:9e:fe:38:da:0e:7b:f6:8a:
                    59:71:c8:4c:a4:45:2a:54:32:2e:c8:75:86:dc:b5:
                    07:3c:5b:a2:34:17:b8:79:91:a6:a5:b8:27:46:ed:
                    70:62:22:ec:6a:d5:8d:7a:43:80:b3:42:1b:76:a6:
                    66:f0:20:e6:64:b2:cf:3a:a9:c6:8e:34:23:eb:c0:
                    9d:25:ac:64:d1:a0:c6:d2:0e:04:0d:b0:d1:cf:57:
                    13:96:ca:4d:5a:c0:62:d5:e2:9d:ed:10:2e:67:d2:
                    02:2b:8b:f0:09:7a:f3:60:5d:53:1d:7e:56:2b:43:
                    7e:e7:27:58:2f:67:8f:24:89:a1:67:ea:19:74:4d:
                    75:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:BA:0D:CC:00:E3:9F:1A:0C:0D:CE:5C:58:96:81:14:B6:7A:E5:D6
            X509v3 Authority Key Identifier:
                keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/WLoNzADjnxoMDc5cWJaBFLZ65dY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  158.255.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:c7:56:3b:72:ee:24:0a:6c:d9:1c:2f:61:f6:7d:de:b4:b9:
         65:d2:4a:dd:34:8b:41:1f:a6:bd:ef:94:4e:34:88:a8:ef:c7:
         7e:93:30:4f:2d:80:c9:66:9a:f7:46:d9:df:2f:c5:b7:30:1b:
         00:56:fe:54:0c:86:8b:1b:ac:88:fa:a6:ec:c8:05:f6:cd:25:
         9f:52:99:43:65:32:61:cf:3f:ef:5d:30:ba:27:2f:9e:51:9f:
         23:d4:fd:08:8b:ee:bd:6f:1f:a1:64:b1:87:93:09:65:31:da:
         c0:d9:a1:e4:e2:07:7d:4b:00:20:32:0e:56:be:5b:b7:eb:cc:
         64:d9:32:6a:b8:e2:f7:7c:f7:31:fd:e3:8a:fb:1c:13:bc:fa:
         5c:d2:dd:08:b9:cd:28:c8:25:f3:9b:80:42:31:62:de:a8:e8:
         4b:99:63:ed:9d:28:21:c7:84:fc:28:85:18:a5:8b:d7:a9:7f:
         2f:8e:06:5c:52:98:95:33:41:66:5c:dc:83:4f:88:49:dd:2f:
         db:d3:68:2d:25:a1:03:92:eb:13:fb:a3:94:7f:57:c8:05:a5:
         72:33:57:c6:f3:63:48:08:94:e1:d0:2a:4c:ec:90:7d:a5:4f:
         6d:39:52:71:fe:3f:16:a5:cd:d1:46:22:c3:c5:06:c0:48:a6:
         14:90:f3:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYk+zCsCkqZmk0/9TImjKaDUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjMwNzEwMDc1NTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGJhMGRjYzAwZTM5ZjFhMGMwZGNlNWM1ODk2ODExNGI2N2FlNWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyHlx5BdkLxrY9F3dTX9a0tDnvfr
E5gpdB2F5ZDg2kl1rUkhGpFtFZO2/BzgXz5ZTikx0mBTdB2cXMO1zkAgAn5S+Ye8
JiIKJ7mCrFIL5eMZRJhY3Ms3aRvp8Tv+H/yNRTtM/NlMJaGwPKEZ1E6d7eo0Zbq1
IXjN23k90PPjnv442g579opZcchMpEUqVDIuyHWG3LUHPFuiNBe4eZGmpbgnRu1w
YiLsatWNekOAs0IbdqZm8CDmZLLPOqnGjjQj68CdJaxk0aDG0g4EDbDRz1cTlspN
WsBi1eKd7RAuZ9ICK4vwCXrzYF1THX5WK0N+5ydYL2ePJImhZ+oZdE11LwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFi6DcwA458aDA3OXFiWgRS2euXWMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvV0xvTnpBRGpueG9NRGM1Y1dKYUJGTFo2NWRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnv/oMA0G
CSqGSIb3DQEBCwUAA4IBAQB+x1Y7cu4kCmzZHC9h9n3etLll0krdNItBH6a975RO
NIio78d+kzBPLYDJZpr3RtnfL8W3MBsAVv5UDIaLG6yI+qbsyAX2zSWfUplDZTJh
zz/vXTC6Jy+eUZ8j1P0Ii+69bx+hZLGHkwllMdrA2aHk4gd9SwAgMg5Wvlu368xk
2TJquOL3fPcx/eOK+xwTvPpc0t0Iuc0oyCXzm4BCMWLeqOhLmWPtnSghx4T8KIUY
pYvXqX8vjgZcUpiVM0FmXNyDT4hJ3S/b02gtJaEDkusT+6OUf1fIBaVyM1fG82NI
CJTh0CpM7JB9pU9tOVJx/j8Wpc3RRiLDxQbASKYUkPMu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:54 2024 by rpki-client on console-ams.rpki-client.org