Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/546c7e-d840-4e54-9223-534ebeef3389/1/wd-5IE0uJdBj44D-JTgMWASllXk.roa
File:                     wd-5IE0uJdBj44D-JTgMWASllXk.roa (raw, json)
Hash identifier:          uPhzBM4lDWXlqCwjn/DzzjxvUlCMbi95tVtZq0WOzXA=
Subject key identifier:   C1:DF:B9:20:4D:2E:25:D0:63:E3:80:FE:25:38:0C:58:04:A5:95:79
Certificate issuer:       /CN=10eedc33aa442907189f0b3c563836951fb185bb
Certificate serial:       018637017BBDB29B741B67C0E7CB9BD4961B
Authority key identifier: 10:EE:DC:33:AA:44:29:07:18:9F:0B:3C:56:38:36:95:1F:B1:85:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EO7cM6pEKQcYnws8Vjg2lR-xhbs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/546c7e-d840-4e54-9223-534ebeef3389/1/wd-5IE0uJdBj44D-JTgMWASllXk.roa
Signing time:             Thu 09 Feb 2023 16:28:09 +0000
ROA not before:           Thu 09 Feb 2023 16:28:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59924
IP address blocks:        185.165.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 28 Sep 2023 10:41:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:37:01:7b:bd:b2:9b:74:1b:67:c0:e7:cb:9b:d4:96:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10eedc33aa442907189f0b3c563836951fb185bb
        Validity
            Not Before: Feb  9 16:28:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c1dfb9204d2e25d063e380fe25380c5804a59579
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:fa:43:08:05:41:00:1c:09:84:b7:26:c7:4e:
                    a8:af:f2:99:25:fe:50:fb:f2:59:d3:b4:09:87:3f:
                    b1:22:89:7a:4b:30:8b:44:80:5c:e1:dd:6e:ee:10:
                    f0:4d:85:d9:be:82:d5:15:21:ae:00:58:97:a9:55:
                    b3:49:1b:51:2f:44:7b:e4:94:94:db:e4:f3:8e:e1:
                    05:3d:94:aa:6a:c7:70:16:cc:ad:27:8b:76:a2:1e:
                    ab:1d:9f:12:f2:c6:b5:dd:cb:b9:f8:a6:3b:5f:28:
                    28:d7:3b:f2:1c:fe:33:f2:51:90:69:52:7a:62:04:
                    e2:77:4f:8e:cc:70:59:e3:44:0a:22:5c:04:96:a7:
                    98:fb:fc:9f:ad:cc:ab:36:01:70:c4:2e:74:00:c8:
                    07:0c:ef:eb:16:58:e0:46:c8:e1:11:78:24:79:67:
                    3f:0b:8d:19:7a:e7:05:40:26:65:dd:63:70:e0:ce:
                    1f:74:a2:97:80:ad:d5:e0:08:1d:6a:eb:42:a1:b8:
                    38:68:67:de:1f:b8:08:a2:40:32:4a:1e:f3:58:bc:
                    14:d1:e8:6f:9e:8e:29:1e:15:e4:38:21:b4:4f:03:
                    3a:75:2e:4d:a8:55:19:ff:d0:6f:6f:c6:6f:96:70:
                    c6:5d:23:a7:69:64:d0:be:10:43:4d:49:21:3e:2e:
                    9f:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:DF:B9:20:4D:2E:25:D0:63:E3:80:FE:25:38:0C:58:04:A5:95:79
            X509v3 Authority Key Identifier:
                keyid:10:EE:DC:33:AA:44:29:07:18:9F:0B:3C:56:38:36:95:1F:B1:85:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EO7cM6pEKQcYnws8Vjg2lR-xhbs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/546c7e-d840-4e54-9223-534ebeef3389/1/wd-5IE0uJdBj44D-JTgMWASllXk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/546c7e-d840-4e54-9223-534ebeef3389/1/EO7cM6pEKQcYnws8Vjg2lR-xhbs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.165.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:6a:82:24:92:0c:34:7e:c5:2f:b5:ae:83:6d:3a:4c:7d:e8:
         c6:a7:cf:e9:3e:57:0d:80:c9:ba:95:cf:1c:d4:3b:90:0e:74:
         bd:1b:6e:ee:8f:f8:c8:db:11:8b:89:66:0f:9f:e2:a7:cb:cf:
         84:35:d6:bd:52:df:56:a7:62:1e:53:ec:36:f6:fc:c4:fb:28:
         a7:5c:2f:3d:39:8f:4e:47:83:3c:39:d3:19:1b:4a:93:75:24:
         5b:77:43:0f:a0:4f:7f:e8:69:24:8b:4b:96:17:67:e9:25:2a:
         cb:dd:29:4f:ec:cd:e0:b5:dc:ed:f3:32:1f:63:03:46:5d:cc:
         ef:ba:d1:36:e7:78:57:08:a4:9b:86:d8:db:f2:1f:64:61:ca:
         63:13:65:1b:55:69:f9:d6:cb:e0:59:3b:e3:23:35:50:59:bb:
         32:87:e4:63:bc:45:1b:7f:1f:f7:99:00:03:f9:66:9c:62:b9:
         ae:38:fa:ff:f3:9f:48:3d:a8:76:6c:96:21:b7:26:60:fa:2c:
         1c:b8:f6:7a:bf:b4:cd:94:3d:1b:ab:95:e4:39:27:bd:40:35:
         06:c6:ba:50:e7:5f:67:73:e9:0a:7b:e4:33:14:fe:90:e8:0e:
         35:b5:f9:f3:f4:4a:b6:10:38:e3:83:66:73:44:eb:00:b5:d0:
         b7:57:12:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYY3AXu9spt0G2fA58ub1JYbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwZWVkYzMzYWE0NDI5MDcxODlmMGIzYzU2MzgzNjk1MWZi
MTg1YmIwHhcNMjMwMjA5MTYyODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWRmYjkyMDRkMmUyNWQwNjNlMzgwZmUyNTM4MGM1ODA0YTU5NTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfpDCAVBABwJhLcmx06or/KZJf5Q
+/JZ07QJhz+xIol6SzCLRIBc4d1u7hDwTYXZvoLVFSGuAFiXqVWzSRtRL0R75JSU
2+TzjuEFPZSqasdwFsytJ4t2oh6rHZ8S8sa13cu5+KY7Xygo1zvyHP4z8lGQaVJ6
YgTid0+OzHBZ40QKIlwElqeY+/yfrcyrNgFwxC50AMgHDO/rFljgRsjhEXgkeWc/
C40ZeucFQCZl3WNw4M4fdKKXgK3V4AgdautCobg4aGfeH7gIokAySh7zWLwU0ehv
no4pHhXkOCG0TwM6dS5NqFUZ/9Bvb8ZvlnDGXSOnaWTQvhBDTUkhPi6fewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMHfuSBNLiXQY+OA/iU4DFgEpZV5MB8GA1UdIwQY
MBaAFBDu3DOqRCkHGJ8LPFY4NpUfsYW7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRU83Y002cEVLUWNZbndzOFZqZzJsUi14aGJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy81NDZjN2UtZDg0MC00ZTU0LTkyMjMt
NTM0ZWJlZWYzMzg5LzEvd2QtNUlFMHVKZEJqNDRELUpUZ01XQVNsbFhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy81NDZjN2UtZDg0MC00ZTU0LTkyMjMtNTM0ZWJlZWYzMzg5
LzEvRU83Y002cEVLUWNZbndzOFZqZzJsUi14aGJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaXeMA0G
CSqGSIb3DQEBCwUAA4IBAQAkaoIkkgw0fsUvta6DbTpMfejGp8/pPlcNgMm6lc8c
1DuQDnS9G27uj/jI2xGLiWYPn+Kny8+ENda9Ut9Wp2IeU+w29vzE+yinXC89OY9O
R4M8OdMZG0qTdSRbd0MPoE9/6Gkki0uWF2fpJSrL3SlP7M3gtdzt8zIfYwNGXczv
utE253hXCKSbhtjb8h9kYcpjE2UbVWn51svgWTvjIzVQWbsyh+RjvEUbfx/3mQAD
+WacYrmuOPr/859IPah2bJYhtyZg+iwcuPZ6v7TNlD0bq5XkOSe9QDUGxrpQ519n
c+kKe+QzFP6Q6A41tfnz9Eq2EDjjg2ZzROsAtdC3VxIj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:08 2024 by rpki-client on console-fra.rpki-client.org