Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/WGpbVtRMCFeY0kXG1iMGHvGnAzg.roa
File:                     WGpbVtRMCFeY0kXG1iMGHvGnAzg.roa (raw, json)
Hash identifier:          RQsxcvOVFJkbUQag6cXjNtdflKlTMxHv6l8IASfcOEs=
Subject key identifier:   58:6A:5B:56:D4:4C:08:57:98:D2:45:C6:D6:23:06:1E:F1:A7:03:38
Certificate issuer:       /CN=e1b9a3ce0f593910819c3271e1e8d0bd1371a6be
Certificate serial:       018CC56E42B450A62F922753066979E57064
Authority key identifier: E1:B9:A3:CE:0F:59:39:10:81:9C:32:71:E1:E8:D0:BD:13:71:A6:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4bmjzg9ZORCBnDJx4ejQvRNxpr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/WGpbVtRMCFeY0kXG1iMGHvGnAzg.roa
Signing time:             Mon 01 Jan 2024 14:29:46 +0000
ROA not before:           Mon 01 Jan 2024 14:29:46 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197706
IP address blocks:        2a0d:4941::/32 maxlen: 48
                          2a0d:4943::/32 maxlen: 48
                          2a0d:4947::/32 maxlen: 48
                          2a0d:4940::/29 maxlen: 48
                          2a0d:4944::/32 maxlen: 48
                          2a0e:abc0::/29 maxlen: 48
                          2a0d:1dc0::/29 maxlen: 48
                          2a0f:4780::/29 maxlen: 48
                          2a0d:4946::/32 maxlen: 48
                          2a0d:4945::/32 maxlen: 48
                          2a0d:4942::/32 maxlen: 48

Validation:               Failed, certificate revoked on Wed 30 Oct 2024 09:24:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:42:b4:50:a6:2f:92:27:53:06:69:79:e5:70:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1b9a3ce0f593910819c3271e1e8d0bd1371a6be
        Validity
            Not Before: Jan  1 14:29:46 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=586a5b56d44c085798d245c6d623061ef1a70338
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:2c:85:a2:eb:bc:9d:e2:b5:62:67:bb:14:58:
                    b3:37:aa:3f:e3:29:05:73:4c:81:ac:f9:5a:5e:e6:
                    b3:34:8f:3c:a5:10:6e:55:bb:b1:a1:d2:14:83:ec:
                    70:65:7d:88:6a:d6:e1:a7:c1:fe:a9:1c:3e:10:79:
                    b3:af:53:60:1b:38:d0:02:43:8d:2e:c9:27:d5:0a:
                    36:85:9a:82:5c:99:64:63:76:35:a4:07:97:5d:96:
                    8b:88:47:5f:e7:24:96:91:c6:6d:13:a7:4c:2a:42:
                    20:e9:31:b0:50:15:9d:c1:e3:4c:9a:ca:7d:46:76:
                    9b:7a:d3:05:f1:9d:4c:a9:dc:55:7a:3d:9c:d7:89:
                    1e:d2:8d:d1:52:87:93:13:66:5b:70:fc:55:b1:df:
                    40:2f:44:12:cb:19:9f:3e:6a:e1:b1:fc:c0:e6:cb:
                    bd:a3:b0:d5:7b:df:0b:62:79:9c:5c:3d:c0:7c:2f:
                    c5:e6:b7:f0:06:2b:5c:51:ee:51:26:c4:fa:0f:40:
                    cf:7b:71:89:bc:d0:39:d8:8c:86:45:01:91:39:fa:
                    33:66:21:aa:e5:21:e6:5e:2c:a7:1e:4f:4d:c2:f3:
                    cf:72:a2:3e:87:c6:3e:6b:14:e7:0f:64:fe:48:64:
                    9e:56:07:47:77:44:af:fb:8c:9d:e3:af:2f:ba:1f:
                    f4:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:6A:5B:56:D4:4C:08:57:98:D2:45:C6:D6:23:06:1E:F1:A7:03:38
            X509v3 Authority Key Identifier:
                keyid:E1:B9:A3:CE:0F:59:39:10:81:9C:32:71:E1:E8:D0:BD:13:71:A6:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4bmjzg9ZORCBnDJx4ejQvRNxpr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/WGpbVtRMCFeY0kXG1iMGHvGnAzg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/4bmjzg9ZORCBnDJx4ejQvRNxpr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:1dc0::/29
                  2a0d:4940::/29
                  2a0e:abc0::/29
                  2a0f:4780::/29

    Signature Algorithm: sha256WithRSAEncryption
         61:21:8f:3c:a6:2c:f5:e0:f4:7c:ff:14:7d:9b:cc:f4:ab:d4:
         5e:26:c8:6d:26:1d:e7:52:7b:f4:f6:89:2a:1e:10:d7:88:94:
         d1:e3:3a:43:fa:ad:9e:2a:32:7f:a8:3d:8f:a2:db:f0:6f:7c:
         9a:bd:c7:08:6d:19:96:5a:34:83:ba:21:31:c1:e6:10:09:e1:
         a2:c5:0f:0d:32:5d:f6:df:fb:0a:c0:60:54:69:f1:63:3f:8e:
         bd:89:04:89:4e:7c:37:80:c7:49:a3:06:72:03:04:52:d8:8b:
         2b:c2:be:c9:44:18:05:ed:6e:fb:a2:5c:f2:31:59:ee:f8:15:
         15:48:2a:48:e6:1e:14:71:84:0b:9a:3b:df:0e:1c:3e:73:00:
         ba:65:fe:ed:22:d2:35:20:2e:6b:9d:93:ce:3a:aa:f8:12:49:
         21:4f:e3:c5:66:9d:ec:31:85:78:61:c2:d1:60:8a:2d:b1:87:
         38:4f:5c:14:f3:ad:9f:ae:e8:cc:9f:2b:34:6e:1e:06:90:33:
         ae:10:f7:63:7b:c9:fd:4e:68:b2:fe:3c:1d:f2:d3:b9:29:24:
         19:1f:8b:f9:53:15:65:18:12:6b:47:01:02:63:5b:6f:00:af:
         f3:07:e5:1b:7a:42:ed:bc:8f:17:4e:a3:df:df:3f:bc:5c:10:
         10:cf:6f:c0
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzFbkK0UKYvkidTBml55XBkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxYjlhM2NlMGY1OTM5MTA4MTljMzI3MWUxZThkMGJkMTM3
MWE2YmUwHhcNMjQwMTAxMTQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODZhNWI1NmQ0NGMwODU3OThkMjQ1YzZkNjIzMDYxZWYxYTcwMzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyyFouu8neK1Yme7FFizN6o/4ykF
c0yBrPlaXuazNI88pRBuVbuxodIUg+xwZX2Iatbhp8H+qRw+EHmzr1NgGzjQAkON
Lskn1Qo2hZqCXJlkY3Y1pAeXXZaLiEdf5ySWkcZtE6dMKkIg6TGwUBWdweNMmsp9
RnabetMF8Z1MqdxVej2c14ke0o3RUoeTE2ZbcPxVsd9AL0QSyxmfPmrhsfzA5su9
o7DVe98LYnmcXD3AfC/F5rfwBitcUe5RJsT6D0DPe3GJvNA52IyGRQGROfozZiGq
5SHmXiynHk9NwvPPcqI+h8Y+axTnD2T+SGSeVgdHd0Sv+4yd468vuh/0iwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFFhqW1bUTAhXmNJFxtYjBh7xpwM4MB8GA1UdIwQY
MBaAFOG5o84PWTkQgZwyceHo0L0Tcaa+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGJtanpnOVpPUkNCbkRKeDRlalF2Uk54cHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8wZDhiZTgtYjRiNC00MzZlLTg2ZTIt
YmE0YzU2ZDhjMGNlLzEvV0dwYlZ0Uk1DRmVZMGtYRzFpTUdIdkduQXpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8wZDhiZTgtYjRiNC00MzZlLTg2ZTItYmE0YzU2ZDhjMGNl
LzEvNGJtanpnOVpPUkNCbkRKeDRlalF2Uk54cHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg0dwAMF
AyoNSUADBQMqDqvAAwUDKg9HgDANBgkqhkiG9w0BAQsFAAOCAQEAYSGPPKYs9eD0
fP8UfZvM9KvUXibIbSYd51J79PaJKh4Q14iU0eM6Q/qtnioyf6g9j6Lb8G98mr3H
CG0Zllo0g7ohMcHmEAnhosUPDTJd9t/7CsBgVGnxYz+OvYkEiU58N4DHSaMGcgME
UtiLK8K+yUQYBe1u+6Jc8jFZ7vgVFUgqSOYeFHGEC5o73w4cPnMAumX+7SLSNSAu
a52Tzjqq+BJJIU/jxWad7DGFeGHC0WCKLbGHOE9cFPOtn67ozJ8rNG4eBpAzrhD3
Y3vJ/U5osv48HfLTuSkkGR+L+VMVZRgSa0cBAmNbbwCv8wflG3pC7byPF06j398/
vFwQEM9vwA==
-----END CERTIFICATE-----
Generated at Wed Oct 30 12:04:29 2024 by rpki-client on console-fra.rpki-client.org