Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/w1EmXUJR7K_ftAxz_VPXXeg69ic.roa
File:                     w1EmXUJR7K_ftAxz_VPXXeg69ic.roa (raw, json)
Hash identifier:          q3wB8rWIbxcoxbfK+WsQDoO6JqRLhEeJcjXNtO1k1do=
Subject key identifier:   C3:51:26:5D:42:51:EC:AF:DF:B4:0C:73:FD:53:D7:5D:E8:3A:F6:27
Certificate issuer:       /CN=a608db43964b6986ec740f0b5e33f627589ac560
Certificate serial:       01856E81F8D8ADE953BA59EF30F039AA89D4
Authority key identifier: A6:08:DB:43:96:4B:69:86:EC:74:0F:0B:5E:33:F6:27:58:9A:C5:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/w1EmXUJR7K_ftAxz_VPXXeg69ic.roa
Signing time:             Sun 01 Jan 2023 18:04:49 +0000
ROA not before:           Sun 01 Jan 2023 18:04:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60042
IP address blocks:        185.42.228.0/22 maxlen: 22
                          176.118.209.0/24 maxlen: 24
                          176.118.208.0/22 maxlen: 22
                          176.118.213.0/24 maxlen: 24
                          176.118.214.0/23 maxlen: 23
                          176.118.216.0/22 maxlen: 22
                          176.118.220.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:81:f8:d8:ad:e9:53:ba:59:ef:30:f0:39:aa:89:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a608db43964b6986ec740f0b5e33f627589ac560
        Validity
            Not Before: Jan  1 18:04:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c351265d4251ecafdfb40c73fd53d75de83af627
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:4b:9f:39:5e:8f:3f:50:e9:bf:4e:9c:3d:fb:
                    07:9d:65:f6:ee:fe:9c:66:5a:89:5e:54:6c:2b:63:
                    00:ba:23:75:95:10:96:06:db:88:56:21:ff:7d:20:
                    62:e7:b0:82:10:82:e7:0f:57:2e:5a:9e:78:98:0e:
                    6b:12:8e:d8:d5:6f:12:8c:8b:b6:97:70:72:a7:a6:
                    0d:9a:df:75:1f:3a:d6:86:b9:e0:34:8e:3b:3b:46:
                    08:49:83:d8:b8:f3:4f:f7:56:38:e0:8c:81:50:e9:
                    38:d0:c4:2b:7c:8a:66:21:32:9a:4a:d4:a3:2e:2a:
                    05:43:dc:64:57:e4:fd:45:4f:76:f6:7b:3b:7c:8d:
                    26:bf:f6:2c:21:ab:00:c5:22:92:8d:55:71:c6:dc:
                    a4:e9:e2:01:82:09:39:66:4f:a1:e3:a9:ac:d0:39:
                    9d:b6:d9:79:db:b3:79:88:3e:98:37:c7:a0:6c:78:
                    36:ba:55:28:66:71:c7:78:f7:67:d0:0c:48:71:57:
                    7c:aa:55:e9:8e:d9:ba:df:59:c5:57:0c:97:be:20:
                    90:43:ad:4b:a8:7b:c7:c2:bc:09:74:7b:3c:51:9a:
                    24:74:ac:c1:be:b4:74:ff:0c:99:47:78:54:b7:86:
                    8c:80:5a:97:82:36:a7:94:0a:c1:5b:39:b7:95:3f:
                    9d:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:51:26:5D:42:51:EC:AF:DF:B4:0C:73:FD:53:D7:5D:E8:3A:F6:27
            X509v3 Authority Key Identifier:
                keyid:A6:08:DB:43:96:4B:69:86:EC:74:0F:0B:5E:33:F6:27:58:9A:C5:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/w1EmXUJR7K_ftAxz_VPXXeg69ic.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.118.208.0/22
                  176.118.213.0-176.118.223.255
                  185.42.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         be:4c:0e:84:90:06:17:ea:45:81:aa:f2:92:93:2c:9f:03:55:
         e6:f2:2b:13:1c:9a:99:c3:73:b2:1b:14:1b:cd:1e:1b:65:a1:
         f1:aa:ff:55:d7:ce:60:48:4a:39:f3:f8:18:0a:f1:90:09:23:
         66:6a:99:3a:90:14:a6:cc:33:53:56:46:9b:e9:c8:a7:31:70:
         52:27:a9:b4:1f:29:2c:11:17:30:19:52:c1:bb:b3:2c:b1:2d:
         8e:7d:57:5d:bd:65:bf:1a:38:4c:f4:ee:57:8d:93:5a:59:f9:
         20:b8:d6:d7:e8:ee:6d:b7:88:41:dc:b2:65:05:84:93:e4:08:
         75:2b:4c:10:10:db:68:b5:85:ba:f7:48:31:53:fe:3b:ce:15:
         bb:df:69:37:07:fd:63:e8:13:80:42:0b:f6:68:7b:05:18:1a:
         1e:75:02:be:22:5d:0f:c7:ce:89:2a:6b:31:65:cd:e3:07:4d:
         d1:ab:ca:30:4b:bc:3f:57:71:ad:e2:59:28:c6:e6:bc:69:d6:
         c9:36:18:4d:e7:2a:6a:2a:84:59:e3:79:51:e0:ba:51:30:e9:
         62:88:f6:f6:b8:43:18:b2:12:98:44:42:35:28:6c:39:78:8d:
         47:66:05:b5:73:cf:85:ff:ce:86:45:b8:3d:1d:7e:86:eb:46:
         2b:61:99:a6
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVugfjYrelTulnvMPA5qonUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MDhkYjQzOTY0YjY5ODZlYzc0MGYwYjVlMzNmNjI3NTg5
YWM1NjAwHhcNMjMwMTAxMTgwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzUxMjY1ZDQyNTFlY2FmZGZiNDBjNzNmZDUzZDc1ZGU4M2FmNjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UufOV6PP1Dpv06cPfsHnWX27v6c
ZlqJXlRsK2MAuiN1lRCWBtuIViH/fSBi57CCEILnD1cuWp54mA5rEo7Y1W8SjIu2
l3Byp6YNmt91HzrWhrngNI47O0YISYPYuPNP91Y44IyBUOk40MQrfIpmITKaStSj
LioFQ9xkV+T9RU929ns7fI0mv/YsIasAxSKSjVVxxtyk6eIBggk5Zk+h46ms0Dmd
ttl527N5iD6YN8egbHg2ulUoZnHHePdn0AxIcVd8qlXpjtm631nFVwyXviCQQ61L
qHvHwrwJdHs8UZokdKzBvrR0/wyZR3hUt4aMgFqXgjanlArBWzm3lT+dMQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMNRJl1CUeyv37QMc/1T113oOvYnMB8GA1UdIwQY
MBaAFKYI20OWS2mG7HQPC14z9idYmsVgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGdqYlE1WkxhWWJzZEE4TFhqUDJKMWlheFdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81MDAxNTAtMTU1MS00N2RlLWI1MDQt
ZDY0NjgzY2VlMTZmLzEvdzFFbVhVSlI3S19mdEF4el9WUFhYZWc2OWljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81MDAxNTAtMTU1MS00N2RlLWI1MDQtZDY0NjgzY2VlMTZm
LzEvcGdqYlE1WkxhWWJzZEE4TFhqUDJKMWlheFdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCsHbQMAwD
BACwdtUDBAWwdsADBAK5KuQwDQYJKoZIhvcNAQELBQADggEBAL5MDoSQBhfqRYGq
8pKTLJ8DVebyKxMcmpnDc7IbFBvNHhtlofGq/1XXzmBISjnz+BgK8ZAJI2ZqmTqQ
FKbMM1NWRpvpyKcxcFInqbQfKSwRFzAZUsG7syyxLY59V129Zb8aOEz07leNk1pZ
+SC41tfo7m23iEHcsmUFhJPkCHUrTBAQ22i1hbr3SDFT/jvOFbvfaTcH/WPoE4BC
C/ZoewUYGh51Ar4iXQ/HzokqazFlzeMHTdGryjBLvD9Xca3iWSjG5rxp1sk2GE3n
KmoqhFnjeVHgulEw6WKI9va4QxiyEphEQjUobDl4jUdmBbVzz4X/zoZFuD0dfobr
RithmaY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:00 2024 by rpki-client on console-fra.rpki-client.org