Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/WbFenPAnas_GQb5YJRvx-hCnK0o.roa
File:                     WbFenPAnas_GQb5YJRvx-hCnK0o.roa (raw, json)
Hash identifier:          g5C+ODi2Rqk6leqQwV9fnNcnRR71WUnSScvZJQ0nq3M=
Subject key identifier:   59:B1:5E:9C:F0:27:6A:CF:C6:41:BE:58:25:1B:F1:FA:10:A7:2B:4A
Certificate issuer:       /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial:       018877365FFF752ADCF7BA147E3F55005C7A
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/WbFenPAnas_GQb5YJRvx-hCnK0o.roa
Signing time:             Thu 01 Jun 2023 13:47:12 +0000
ROA not before:           Thu 01 Jun 2023 13:47:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        88.209.245.0/24 maxlen: 24
                          88.209.248.0/24 maxlen: 24
                          88.209.211.0/24 maxlen: 24
                          88.209.224.0/24 maxlen: 24
                          88.209.225.0/24 maxlen: 24
                          88.209.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 02 Jun 2023 10:37:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:77:36:5f:ff:75:2a:dc:f7:ba:14:7e:3f:55:00:5c:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
        Validity
            Not Before: Jun  1 13:47:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=59b15e9cf0276acfc641be58251bf1fa10a72b4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:63:ee:55:92:69:a5:fb:07:a0:29:60:1a:0e:
                    ac:3e:8e:35:8b:d0:4c:16:32:5d:64:1c:a6:67:22:
                    71:ba:c4:b4:c5:30:33:8b:ea:57:2f:bf:ad:55:ab:
                    5e:6d:96:b0:2c:9f:5f:a5:44:5d:3e:6f:c5:22:eb:
                    9f:e1:b0:1b:07:24:34:fc:0a:0d:a8:a9:bd:86:75:
                    19:f0:3b:c8:ff:aa:44:52:b8:25:a1:e1:9d:4a:45:
                    82:17:69:8b:f8:ba:15:4a:60:4a:9e:61:97:06:a3:
                    a5:6e:a9:1d:cc:c1:8d:d4:1c:3f:8c:10:29:d2:09:
                    d9:53:21:9a:a8:ce:37:85:60:91:28:54:ee:20:17:
                    24:9f:c0:63:52:e0:dd:a5:c2:79:da:de:4e:b5:68:
                    20:7a:af:dc:57:6f:61:4d:9a:fd:18:7d:a2:7c:8c:
                    1e:f9:9d:dc:13:35:e7:58:d6:0a:aa:9c:77:03:f6:
                    ce:5a:02:50:8a:f8:d2:9b:dd:93:98:56:9f:39:af:
                    77:d3:df:9f:f0:7f:17:1f:21:ba:e4:5f:68:e6:86:
                    1a:aa:d9:a7:19:60:19:1e:b6:34:23:37:32:9b:14:
                    2f:6c:b9:86:75:e4:df:ec:93:f6:2c:86:77:e4:98:
                    ff:a8:fc:ed:55:c7:8a:77:5a:53:9e:b8:8f:ab:cf:
                    65:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:B1:5E:9C:F0:27:6A:CF:C6:41:BE:58:25:1B:F1:FA:10:A7:2B:4A
            X509v3 Authority Key Identifier:
                keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/WbFenPAnas_GQb5YJRvx-hCnK0o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.209.211.0/24
                  88.209.222.0/24
                  88.209.224.0/23
                  88.209.245.0/24
                  88.209.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:54:7b:4e:08:40:cb:fe:53:f3:ab:53:3e:42:44:e6:80:35:
         33:23:70:ba:43:ef:aa:0d:0c:db:26:56:18:77:0a:cb:4f:f9:
         ae:03:a6:65:41:63:78:7f:0e:90:4a:e4:86:50:1a:b9:e3:6e:
         cd:88:90:6b:48:6a:fb:9d:d6:98:50:ce:9b:20:3e:82:37:93:
         10:60:84:6a:cb:34:68:6f:83:a6:25:9b:96:c7:f3:10:f2:5c:
         de:8e:9c:06:34:48:fe:62:f5:fa:d7:fa:67:d5:ed:f3:72:36:
         a4:77:0f:98:61:97:f2:72:63:5f:1a:25:21:c9:46:4b:60:59:
         a4:33:83:f5:52:73:c9:74:4e:80:2e:2e:ed:fb:c8:a7:24:e7:
         87:37:3c:a0:ee:77:8c:6a:48:38:ce:b4:d6:0d:df:98:fc:78:
         03:cb:0a:79:cd:9e:a4:af:b2:9b:81:68:83:57:92:dc:89:c3:
         60:65:af:9d:70:a6:e9:f2:9d:ad:c3:2d:09:ae:c7:fa:87:ab:
         0c:d9:ef:04:e5:a4:c9:d6:b0:3d:4f:6e:78:af:55:20:de:a1:
         fd:21:42:5b:ea:69:39:ef:0e:3b:08:be:0a:a2:27:e9:7c:96:
         2f:93:bb:34:cc:f8:71:59:8e:95:05:6a:53:4d:43:39:b8:be:
         ab:3d:47:11
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYh3Nl//dSrc97oUfj9VAFx6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNjAxMTM0NzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWIxNWU5Y2YwMjc2YWNmYzY0MWJlNTgyNTFiZjFmYTEwYTcyYjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmPuVZJppfsHoClgGg6sPo41i9BM
FjJdZBymZyJxusS0xTAzi+pXL7+tVatebZawLJ9fpURdPm/FIuuf4bAbByQ0/AoN
qKm9hnUZ8DvI/6pEUrgloeGdSkWCF2mL+LoVSmBKnmGXBqOlbqkdzMGN1Bw/jBAp
0gnZUyGaqM43hWCRKFTuIBckn8BjUuDdpcJ52t5OtWggeq/cV29hTZr9GH2ifIwe
+Z3cEzXnWNYKqpx3A/bOWgJQivjSm92TmFafOa9309+f8H8XHyG65F9o5oYaqtmn
GWAZHrY0IzcymxQvbLmGdeTf7JP2LIZ35Jj/qPztVceKd1pTnriPq89l1wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFmxXpzwJ2rPxkG+WCUb8foQpytKMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvV2JGZW5QQW5hc19HUWI1WUpSdngtaENuSzBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWNHTAwQA
WNHeAwQBWNHgAwQAWNH1AwQAWNH4MA0GCSqGSIb3DQEBCwUAA4IBAQACVHtOCEDL
/lPzq1M+QkTmgDUzI3C6Q++qDQzbJlYYdwrLT/muA6ZlQWN4fw6QSuSGUBq5427N
iJBrSGr7ndaYUM6bID6CN5MQYIRqyzRob4OmJZuWx/MQ8lzejpwGNEj+YvX61/pn
1e3zcjakdw+YYZfycmNfGiUhyUZLYFmkM4P1UnPJdE6ALi7t+8inJOeHNzyg7neM
akg4zrTWDd+Y/HgDywp5zZ6kr7KbgWiDV5LcicNgZa+dcKbp8p2twy0Jrsf6h6sM
2e8E5aTJ1rA9T254r1Ug3qH9IUJb6mk57w47CL4KoifpfJYvk7s0zPhxWY6VBWpT
TUM5uL6rPUcR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org