Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Wc6tO-y3Ptc6cgHI67x9Ozr3at8.roa
File:                     Wc6tO-y3Ptc6cgHI67x9Ozr3at8.roa (raw, json)
Hash identifier:          asMgXstKhFQMo/MZTrC1XDd3NoZeD3uuFIDd617m9Os=
Subject key identifier:   59:CE:AD:3B:EC:B7:3E:D7:3A:72:01:C8:EB:BC:7D:3B:3A:F7:6A:DF
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       0185710C24BBC5A246949C4C6B38B4EADDAB
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Wc6tO-y3Ptc6cgHI67x9Ozr3at8.roa
Signing time:             Mon 02 Jan 2023 05:54:59 +0000
ROA not before:           Mon 02 Jan 2023 05:54:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51765
IP address blocks:        185.204.1.0/24 maxlen: 24
                          185.103.110.0/24 maxlen: 24
                          185.112.82.0/24 maxlen: 24
                          185.212.149.0/24 maxlen: 24
                          185.117.118.0/24 maxlen: 24
                          185.217.196.0/23 maxlen: 23
                          82.115.220.0/24 maxlen: 24
                          185.221.163.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0c:24:bb:c5:a2:46:94:9c:4c:6b:38:b4:ea:dd:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jan  2 05:54:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=59cead3becb73ed73a7201c8ebbc7d3b3af76adf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:df:73:37:8e:78:42:83:ae:d1:e5:c7:72:af:
                    c8:23:ee:29:01:8d:27:ee:a5:f9:10:71:20:98:7d:
                    1a:fe:13:84:3a:17:29:97:2a:eb:ba:04:eb:50:1e:
                    2d:d3:36:90:46:a3:4c:da:d6:98:2f:15:0e:00:52:
                    f6:9b:0d:33:a0:47:8c:f6:fe:02:9a:f3:51:72:89:
                    77:2d:bd:c6:7e:8c:cd:33:9d:b9:64:be:7f:a0:bb:
                    5b:f2:e2:e8:03:4c:ca:24:60:c6:61:7a:d0:ed:bd:
                    af:68:1e:1b:d3:c4:20:fb:9c:da:af:52:e6:ce:38:
                    cd:ac:23:35:57:37:76:56:4a:f4:4a:57:d6:8a:99:
                    f1:44:82:07:ac:3d:2f:3d:82:d2:bc:98:ac:ea:f7:
                    3e:bb:89:f6:8a:47:36:5a:a0:28:37:75:2d:b9:65:
                    c7:a0:e3:dc:26:cb:dd:35:da:ae:5a:ce:3d:9f:cf:
                    6b:cc:d7:54:96:82:b8:6c:be:c8:99:52:37:59:96:
                    78:85:fd:02:5c:5e:c7:49:cf:b4:9f:6b:e2:06:e0:
                    7c:aa:e6:34:d1:f7:fc:e2:6c:06:34:a0:02:4b:70:
                    a7:8e:5f:f1:93:66:ec:24:10:71:54:f9:0d:4f:6f:
                    f4:a9:34:9e:d2:66:24:da:05:74:23:d1:3a:b9:cd:
                    d2:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:CE:AD:3B:EC:B7:3E:D7:3A:72:01:C8:EB:BC:7D:3B:3A:F7:6A:DF
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Wc6tO-y3Ptc6cgHI67x9Ozr3at8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.115.220.0/24
                  185.103.110.0/24
                  185.112.82.0/24
                  185.117.118.0/24
                  185.204.1.0/24
                  185.212.149.0/24
                  185.217.196.0/23
                  185.221.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:ed:27:47:79:0d:29:e6:93:eb:d1:08:55:09:84:56:7c:78:
         79:6f:65:58:25:49:cc:1d:4e:aa:90:cf:c3:60:50:cd:ea:74:
         c1:9c:93:33:33:47:cb:de:91:4c:7d:46:c5:8e:3f:91:2c:9c:
         e3:6a:9b:6f:95:11:f3:bd:87:14:5f:cd:5a:cb:2f:e3:ed:74:
         c4:34:7c:aa:55:a8:13:30:4d:8e:ce:2f:98:01:01:de:52:43:
         d8:d7:7e:a4:bf:87:20:e6:d2:00:8d:8c:3c:34:b1:15:5f:d4:
         bd:8d:ca:a1:84:1b:a5:7d:c9:19:39:5d:b3:d2:92:3b:1a:5c:
         4f:ed:c0:39:48:ab:4f:be:6f:b7:f5:55:44:b2:4f:1e:5f:61:
         1d:a5:d5:22:42:8d:7b:58:91:a8:34:19:fa:16:b3:49:00:1f:
         b8:50:a3:e2:1b:df:db:dd:e8:73:67:9a:50:58:3d:32:74:a6:
         49:5e:89:09:aa:f2:c1:a9:17:3b:9f:ef:89:2b:b9:e9:d8:3e:
         e8:6d:97:86:28:84:fa:e2:81:bd:cd:f7:fa:ff:36:32:d7:b3:
         cc:3a:90:bb:48:cf:b2:d3:d9:33:a7:69:8b:67:52:ae:d5:12:
         d7:56:73:1a:a7:2b:f6:f8:6d:8c:bd:39:83:36:08:36:08:00:
         4e:a4:2d:63
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVxDCS7xaJGlJxMazi06t2rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTAyMDU1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWNlYWQzYmVjYjczZWQ3M2E3MjAxYzhlYmJjN2QzYjNhZjc2YWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnN9zN454QoOu0eXHcq/II+4pAY0n
7qX5EHEgmH0a/hOEOhcplyrrugTrUB4t0zaQRqNM2taYLxUOAFL2mw0zoEeM9v4C
mvNRcol3Lb3GfozNM525ZL5/oLtb8uLoA0zKJGDGYXrQ7b2vaB4b08Qg+5zar1Lm
zjjNrCM1Vzd2Vkr0SlfWipnxRIIHrD0vPYLSvJis6vc+u4n2ikc2WqAoN3UtuWXH
oOPcJsvdNdquWs49n89rzNdUloK4bL7ImVI3WZZ4hf0CXF7HSc+0n2viBuB8quY0
0ff84mwGNKACS3Cnjl/xk2bsJBBxVPkNT2/0qTSe0mYk2gV0I9E6uc3SUQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFnOrTvstz7XOnIByOu8fTs692rfMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvV2M2dE8teTNQdGM2Y2dISTY3eDlPenIzYXQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUnPcAwQA
uWduAwQAuXBSAwQAuXV2AwQAucwBAwQAudSVAwQBudnEAwQAud2jMA0GCSqGSIb3
DQEBCwUAA4IBAQAp7SdHeQ0p5pPr0QhVCYRWfHh5b2VYJUnMHU6qkM/DYFDN6nTB
nJMzM0fL3pFMfUbFjj+RLJzjaptvlRHzvYcUX81ayy/j7XTENHyqVagTME2Ozi+Y
AQHeUkPY136kv4cg5tIAjYw8NLEVX9S9jcqhhBulfckZOV2z0pI7GlxP7cA5SKtP
vm+39VVEsk8eX2EdpdUiQo17WJGoNBn6FrNJAB+4UKPiG9/b3ehzZ5pQWD0ydKZJ
XokJqvLBqRc7n++JK7np2D7obZeGKIT64oG9zff6/zYy17PMOpC7SM+y09kzp2mL
Z1Ku1RLXVnMapyv2+G2MvTmDNgg2CABOpC1j
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org