Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/608e21-6a40-4711-9c83-d024ad4b7beb/1/W-KMCgYiR4TZzISaUQMzYu8c2h4.roa
File:                     W-KMCgYiR4TZzISaUQMzYu8c2h4.roa (raw, json)
Hash identifier:          2q9ocXJFVwUmj3KP/yDueODoC1sobRGeTWtoRVTd19w=
Subject key identifier:   5B:E2:8C:0A:06:22:47:84:D9:CC:84:9A:51:03:33:62:EF:1C:DA:1E
Certificate issuer:       /CN=3e332dd2994c6ee89436158a2eac1f482922cd2a
Certificate serial:       018B34CB886EA70BD9FD33C9E171CEAE5A03
Authority key identifier: 3E:33:2D:D2:99:4C:6E:E8:94:36:15:8A:2E:AC:1F:48:29:22:CD:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PjMt0plMbuiUNhWKLqwfSCkizSo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/608e21-6a40-4711-9c83-d024ad4b7beb/1/W-KMCgYiR4TZzISaUQMzYu8c2h4.roa
Signing time:             Sun 15 Oct 2023 19:23:55 +0000
ROA not before:           Sun 15 Oct 2023 19:23:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205049
IP address blocks:        185.230.43.0/24 maxlen: 24
                          185.230.40.0/24 maxlen: 24
                          185.230.40.0/22 maxlen: 22
                          185.230.41.0/24 maxlen: 24
                          185.230.42.0/24 maxlen: 24
                          2a13:3680:6000::/35 maxlen: 35
                          2a13:3680:4000::/35 maxlen: 35
                          2a13:3680:2000::/35 maxlen: 35
                          2a13:3680::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:34:cb:88:6e:a7:0b:d9:fd:33:c9:e1:71:ce:ae:5a:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e332dd2994c6ee89436158a2eac1f482922cd2a
        Validity
            Not Before: Oct 15 19:23:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5be28c0a06224784d9cc849a51033362ef1cda1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:bc:7b:84:fc:25:de:e1:71:a2:c4:cf:74:cb:
                    2a:b4:37:11:5e:9e:c6:7b:c9:a4:ab:f9:95:21:9e:
                    c1:c6:72:fc:e7:ce:ec:40:91:9c:16:20:e4:81:5c:
                    d8:e6:bd:68:dd:0e:5f:61:34:15:61:bf:0d:b9:b8:
                    c1:be:c4:1e:7f:e9:b4:a6:cd:a6:a8:e0:26:27:e4:
                    57:84:8f:54:65:fa:fd:7a:d4:06:59:04:21:bf:af:
                    9e:91:dc:4f:0d:18:f2:14:64:78:65:7c:06:d0:8e:
                    01:77:8e:17:9c:44:d3:1c:45:ab:be:89:81:d6:6b:
                    1b:4b:31:e5:3b:b2:8b:6e:c5:ce:5a:5d:0f:a6:8c:
                    75:ef:1e:f7:5f:0a:cb:22:c1:27:5f:ab:97:53:a7:
                    d5:c6:e1:f9:b1:6e:1d:16:21:33:dc:a8:ee:1a:e6:
                    b7:c1:4a:8c:c0:bd:6b:63:88:52:f5:f3:70:61:1b:
                    b1:ce:90:8a:18:9c:b7:98:d8:0e:fd:b3:bd:4e:ca:
                    88:cf:f0:93:14:ad:54:7e:7e:7d:4d:a9:ed:f0:a9:
                    45:78:be:81:3b:c7:b1:8f:d5:d5:a5:41:f8:83:48:
                    72:68:d9:94:1e:59:93:bc:26:53:61:e1:6f:88:b4:
                    5e:98:03:50:3c:57:bb:66:99:fe:f5:92:a2:67:88:
                    80:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:E2:8C:0A:06:22:47:84:D9:CC:84:9A:51:03:33:62:EF:1C:DA:1E
            X509v3 Authority Key Identifier:
                keyid:3E:33:2D:D2:99:4C:6E:E8:94:36:15:8A:2E:AC:1F:48:29:22:CD:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PjMt0plMbuiUNhWKLqwfSCkizSo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/608e21-6a40-4711-9c83-d024ad4b7beb/1/W-KMCgYiR4TZzISaUQMzYu8c2h4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/608e21-6a40-4711-9c83-d024ad4b7beb/1/PjMt0plMbuiUNhWKLqwfSCkizSo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.230.40.0/22
                IPv6:
                  2a13:3680::/29

    Signature Algorithm: sha256WithRSAEncryption
         07:17:8f:56:3d:a4:fd:4e:41:53:d0:22:df:61:54:62:ea:5b:
         17:d5:60:28:ec:34:2e:04:72:66:a0:33:33:73:fa:8e:f4:df:
         c2:12:7c:7d:f6:69:57:9d:f2:d8:3d:46:a1:e5:7c:5a:05:68:
         64:67:37:19:ff:96:da:da:e3:c1:6f:93:61:2e:58:4c:c8:4e:
         0d:48:c4:4e:2c:80:01:64:ff:b3:d5:d9:68:96:95:98:28:dd:
         4d:41:9d:8b:bf:99:db:57:0f:24:20:c0:c3:f3:b4:79:3c:d9:
         01:06:56:c2:33:18:6c:4a:e1:c1:41:59:8a:31:c5:90:4e:e4:
         61:d9:2f:33:bd:a0:e2:aa:67:dc:c0:bb:67:4a:0a:69:e8:a4:
         f4:40:f3:6a:c2:a7:d9:3e:79:ca:10:82:d6:e8:96:96:73:17:
         66:18:03:e9:12:51:e4:f4:89:34:9e:c0:59:57:54:c5:07:0f:
         d7:3f:ff:e5:b8:27:0a:af:f7:4f:b5:14:cc:0c:5a:3d:4a:f8:
         00:2e:3e:55:83:e3:7f:c4:f4:0b:ca:d3:3b:ff:f7:03:42:bf:
         7c:22:0c:eb:a2:e7:33:36:00:d6:96:c9:76:88:33:a7:ff:f0:
         f2:42:e7:f0:55:eb:76:5e:8e:c9:be:c2:aa:81:01:eb:79:ac:
         af:eb:96:ff
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYs0y4hupwvZ/TPJ4XHOrloDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMzMyZGQyOTk0YzZlZTg5NDM2MTU4YTJlYWMxZjQ4Mjky
MmNkMmEwHhcNMjMxMDE1MTkyMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmUyOGMwYTA2MjI0Nzg0ZDljYzg0OWE1MTAzMzM2MmVmMWNkYTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLx7hPwl3uFxosTPdMsqtDcRXp7G
e8mkq/mVIZ7BxnL8587sQJGcFiDkgVzY5r1o3Q5fYTQVYb8NubjBvsQef+m0ps2m
qOAmJ+RXhI9UZfr9etQGWQQhv6+ekdxPDRjyFGR4ZXwG0I4Bd44XnETTHEWrvomB
1msbSzHlO7KLbsXOWl0Ppox17x73XwrLIsEnX6uXU6fVxuH5sW4dFiEz3KjuGua3
wUqMwL1rY4hS9fNwYRuxzpCKGJy3mNgO/bO9TsqIz/CTFK1Ufn59Tant8KlFeL6B
O8exj9XVpUH4g0hyaNmUHlmTvCZTYeFviLRemANQPFe7Zpn+9ZKiZ4iAcwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFvijAoGIkeE2cyEmlEDM2LvHNoeMB8GA1UdIwQY
MBaAFD4zLdKZTG7olDYVii6sH0gpIs0qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGpNdDBwbE1idWlVTmhXS0xxd2ZTQ2tpelNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82MDhlMjEtNmE0MC00NzExLTljODMt
ZDAyNGFkNGI3YmViLzEvVy1LTUNnWWlSNFRaeklTYVVRTXpZdThjMmg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82MDhlMjEtNmE0MC00NzExLTljODMtZDAyNGFkNGI3YmVi
LzEvUGpNdDBwbE1idWlVTmhXS0xxd2ZTQ2tpelNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueYoMA0E
AgACMAcDBQMqEzaAMA0GCSqGSIb3DQEBCwUAA4IBAQAHF49WPaT9TkFT0CLfYVRi
6lsX1WAo7DQuBHJmoDMzc/qO9N/CEnx99mlXnfLYPUah5XxaBWhkZzcZ/5ba2uPB
b5NhLlhMyE4NSMROLIABZP+z1dlolpWYKN1NQZ2Lv5nbVw8kIMDD87R5PNkBBlbC
MxhsSuHBQVmKMcWQTuRh2S8zvaDiqmfcwLtnSgpp6KT0QPNqwqfZPnnKEILW6JaW
cxdmGAPpElHk9Ik0nsBZV1TFBw/XP//luCcKr/dPtRTMDFo9SvgALj5Vg+N/xPQL
ytM7//cDQr98IgzrouczNgDWlsl2iDOn//DyQufwVet2Xo7JvsKqgQHreayv65b/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:58 2024 by rpki-client on console-fra.rpki-client.org