Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/bf8411-6960-4cef-91f9-13b6a6d71a41/1/WfywEaX9Z_3DFC_6GtMMZsY7Tqk.roa
File:                     WfywEaX9Z_3DFC_6GtMMZsY7Tqk.roa (raw, json)
Hash identifier:          Qp1wlN6ofmTGid724WflyA9bUvLddZlJchpKwWSLo7Q=
Subject key identifier:   59:FC:B0:11:A5:FD:67:FD:C3:14:2F:FA:1A:D3:0C:66:C6:3B:4E:A9
Certificate issuer:       /CN=a77325e495cb0150203b79f246f4cd4c0fec24ff
Certificate serial:       018571F0DFEB0757BF3C1FA1761758426945
Authority key identifier: A7:73:25:E4:95:CB:01:50:20:3B:79:F2:46:F4:CD:4C:0F:EC:24:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p3Ml5JXLAVAgO3nyRvTNTA_sJP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/bf8411-6960-4cef-91f9-13b6a6d71a41/1/WfywEaX9Z_3DFC_6GtMMZsY7Tqk.roa
Signing time:             Mon 02 Jan 2023 10:04:49 +0000
ROA not before:           Mon 02 Jan 2023 10:04:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15520
IP address blocks:        194.176.172.0/24 maxlen: 24
                          194.176.168.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:f0:df:eb:07:57:bf:3c:1f:a1:76:17:58:42:69:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a77325e495cb0150203b79f246f4cd4c0fec24ff
        Validity
            Not Before: Jan  2 10:04:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=59fcb011a5fd67fdc3142ffa1ad30c66c63b4ea9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:39:76:92:4b:a2:eb:a2:da:1e:04:5f:ed:99:
                    aa:c0:d9:6b:62:0b:ff:52:46:46:77:41:ba:85:d5:
                    fa:a2:47:d1:20:7b:88:96:2f:7c:f9:e3:1b:e2:fd:
                    5e:30:ed:74:43:5c:24:c4:40:2d:0d:9d:8d:47:d5:
                    d5:5e:a3:e4:d7:16:e1:b2:64:bc:10:62:4c:49:bb:
                    41:66:c6:4c:da:56:af:c4:29:2a:a1:36:b9:75:7b:
                    b7:68:cf:b2:a3:c4:94:dd:73:4c:e2:64:a3:91:84:
                    8c:e8:2b:88:2d:e5:2f:54:48:57:08:44:ce:78:d7:
                    a4:ed:fa:79:85:6a:b2:6c:14:22:3c:00:c0:f8:00:
                    f7:19:d2:e9:7b:d6:d9:0d:7c:fe:f2:05:e2:86:f6:
                    81:45:05:b7:93:51:ef:6a:e8:c5:53:72:99:ac:f0:
                    61:60:d6:c6:de:b2:08:8c:bf:ea:00:f4:aa:cb:a9:
                    ed:d2:1e:da:cc:ba:39:40:d5:78:9b:85:48:5a:1e:
                    c1:0b:32:ea:6f:36:2c:a6:8c:d4:6d:e9:81:86:a9:
                    49:95:a2:f8:ca:bc:9e:ac:8a:13:40:22:70:c3:32:
                    1e:06:ac:3a:ca:d1:c7:57:1c:32:52:af:f4:a3:1a:
                    92:50:67:1c:5e:5c:0c:b9:b2:fc:66:45:70:9a:c6:
                    ba:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:FC:B0:11:A5:FD:67:FD:C3:14:2F:FA:1A:D3:0C:66:C6:3B:4E:A9
            X509v3 Authority Key Identifier:
                keyid:A7:73:25:E4:95:CB:01:50:20:3B:79:F2:46:F4:CD:4C:0F:EC:24:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p3Ml5JXLAVAgO3nyRvTNTA_sJP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/bf8411-6960-4cef-91f9-13b6a6d71a41/1/WfywEaX9Z_3DFC_6GtMMZsY7Tqk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/bf8411-6960-4cef-91f9-13b6a6d71a41/1/p3Ml5JXLAVAgO3nyRvTNTA_sJP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.176.168.0-194.176.172.255

    Signature Algorithm: sha256WithRSAEncryption
         ba:43:4c:9f:45:5c:b9:3f:48:49:86:39:0c:cf:1a:ad:09:13:
         26:d8:5e:7a:ca:9f:1d:66:ab:cd:24:a3:f2:f0:50:db:1d:6c:
         b4:9c:15:d3:8e:1e:57:2d:1a:5d:56:44:05:49:af:8d:eb:32:
         d6:80:e2:9d:ca:05:06:03:01:5c:9f:fc:8a:4b:c7:06:8b:42:
         4a:a9:1a:77:f4:6d:16:e2:dc:d5:02:81:00:e3:aa:80:ba:c9:
         92:24:91:c3:11:d2:5b:07:a6:69:14:9e:81:bd:8f:41:23:f5:
         b8:bd:07:21:35:3a:53:96:8f:a2:25:b3:44:2e:78:85:06:ab:
         c2:a4:1b:b8:9d:26:2e:0d:27:73:f1:b7:29:a4:8a:7d:96:1f:
         22:65:f1:d2:68:1c:56:36:1f:87:79:09:97:fe:39:f1:cb:d1:
         f7:bd:2a:e7:e5:ce:bd:4c:88:5a:48:b1:79:5b:46:9e:a3:24:
         67:d6:25:7b:75:96:cf:3e:ac:a2:cb:39:0c:38:54:18:dd:a6:
         9f:a9:ac:7d:3a:81:6b:dd:0e:f9:5e:ab:08:56:b7:d7:9e:ed:
         c2:eb:2a:d4:6a:92:8e:ba:86:7b:92:36:fc:dd:ea:95:0f:31:
         4b:31:31:6c:45:30:62:9c:a6:f7:61:9e:61:90:30:f7:c1:38:
         6f:c2:6b:21
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVx8N/rB1e/PB+hdhdYQmlFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NzMyNWU0OTVjYjAxNTAyMDNiNzlmMjQ2ZjRjZDRjMGZl
YzI0ZmYwHhcNMjMwMTAyMTAwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWZjYjAxMWE1ZmQ2N2ZkYzMxNDJmZmExYWQzMGM2NmM2M2I0ZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjl2kkui66LaHgRf7ZmqwNlrYgv/
UkZGd0G6hdX6okfRIHuIli98+eMb4v1eMO10Q1wkxEAtDZ2NR9XVXqPk1xbhsmS8
EGJMSbtBZsZM2lavxCkqoTa5dXu3aM+yo8SU3XNM4mSjkYSM6CuILeUvVEhXCETO
eNek7fp5hWqybBQiPADA+AD3GdLpe9bZDXz+8gXihvaBRQW3k1HvaujFU3KZrPBh
YNbG3rIIjL/qAPSqy6nt0h7azLo5QNV4m4VIWh7BCzLqbzYspozUbemBhqlJlaL4
yryerIoTQCJwwzIeBqw6ytHHVxwyUq/0oxqSUGccXlwMubL8ZkVwmsa6RwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFn8sBGl/Wf9wxQv+hrTDGbGO06pMB8GA1UdIwQY
MBaAFKdzJeSVywFQIDt58kb0zUwP7CT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDNNbDVKWExBVkFnTzNueVJ2VE5UQV9zSlA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9iZjg0MTEtNjk2MC00Y2VmLTkxZjkt
MTNiNmE2ZDcxYTQxLzEvV2Z5d0VhWDlaXzNERkNfNkd0TU1ac1k3VHFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9iZjg0MTEtNjk2MC00Y2VmLTkxZjktMTNiNmE2ZDcxYTQx
LzEvcDNNbDVKWExBVkFnTzNueVJ2VE5UQV9zSlA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAPCsKgD
BADCsKwwDQYJKoZIhvcNAQELBQADggEBALpDTJ9FXLk/SEmGOQzPGq0JEybYXnrK
nx1mq80ko/LwUNsdbLScFdOOHlctGl1WRAVJr43rMtaA4p3KBQYDAVyf/IpLxwaL
QkqpGnf0bRbi3NUCgQDjqoC6yZIkkcMR0lsHpmkUnoG9j0Ej9bi9ByE1OlOWj6Il
s0QueIUGq8KkG7idJi4NJ3Pxtymkin2WHyJl8dJoHFY2H4d5CZf+OfHL0fe9Kufl
zr1MiFpIsXlbRp6jJGfWJXt1ls8+rKLLOQw4VBjdpp+prH06gWvdDvleqwhWt9ee
7cLrKtRqko66hnuSNvzd6pUPMUsxMWxFMGKcpvdhnmGQMPfBOG/CayE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:50 2024 by rpki-client on console-fra.rpki-client.org