Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/9e4f21-f9e6-4942-9601-adf43f04ec9c/1/WurA2j87YlA6Pniibzs4rlvPWeQ.roa
File:                     WurA2j87YlA6Pniibzs4rlvPWeQ.roa (raw, json)
Hash identifier:          30b4/6b73fMLBsUsXh97/O+xdzPtf6wtMzfg0w7Ef4Q=
Subject key identifier:   5A:EA:C0:DA:3F:3B:62:50:3A:3E:78:A2:6F:3B:38:AE:5B:CF:59:E4
Certificate issuer:       /CN=694a2ed9a412747fcd644749de57d9ff780393aa
Certificate serial:       01856E2FAB404C5889A3A72132DDC14AA098
Authority key identifier: 69:4A:2E:D9:A4:12:74:7F:CD:64:47:49:DE:57:D9:FF:78:03:93:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aUou2aQSdH_NZEdJ3lfZ_3gDk6o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/9e4f21-f9e6-4942-9601-adf43f04ec9c/1/WurA2j87YlA6Pniibzs4rlvPWeQ.roa
Signing time:             Sun 01 Jan 2023 16:34:55 +0000
ROA not before:           Sun 01 Jan 2023 16:34:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62336
IP address blocks:        45.148.112.0/22 maxlen: 22
                          45.130.92.0/22 maxlen: 22
                          45.81.44.0/22 maxlen: 22
                          45.93.104.0/22 maxlen: 22
                          91.212.40.0/23 maxlen: 23
                          194.99.82.0/24 maxlen: 24
                          194.99.85.0/24 maxlen: 24
                          194.99.91.0/24 maxlen: 24
                          91.212.54.0/23 maxlen: 23
                          45.138.40.0/22 maxlen: 22
                          194.99.110.0/24 maxlen: 24
                          45.89.92.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:2f:ab:40:4c:58:89:a3:a7:21:32:dd:c1:4a:a0:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=694a2ed9a412747fcd644749de57d9ff780393aa
        Validity
            Not Before: Jan  1 16:34:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5aeac0da3f3b62503a3e78a26f3b38ae5bcf59e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:67:fc:b0:f9:cb:c0:79:af:36:93:46:40:ab:
                    a4:57:5f:3c:4e:8d:04:20:ef:58:f9:55:86:6d:5d:
                    77:ff:40:cc:a2:6b:26:e2:a3:95:5b:74:81:8d:bc:
                    05:a4:88:db:18:15:3d:1d:4a:cf:ab:14:49:c9:b8:
                    eb:e0:47:87:99:76:0d:cd:75:8e:2a:81:a0:95:f8:
                    fa:ce:5e:bf:c5:eb:d4:98:f3:af:30:eb:51:bf:35:
                    89:dc:9b:77:0e:19:91:2f:3d:d0:0f:92:cb:3b:c0:
                    bb:86:34:97:4f:49:e0:e6:f2:a6:38:d1:70:ab:67:
                    fc:9c:72:da:8c:f0:ae:65:d7:e8:0b:04:75:42:c6:
                    6a:61:3c:8b:1e:e9:64:c1:f7:47:cd:3a:a6:bf:a3:
                    4d:0e:88:17:3f:f6:6f:6f:73:3f:00:81:06:74:b4:
                    43:25:61:af:30:df:68:b9:92:a3:28:cc:74:62:28:
                    bc:3e:8e:b5:c7:04:c3:92:66:c1:1f:6b:88:b1:f2:
                    be:a7:7f:31:71:57:d2:1b:2f:5d:d6:0b:df:d8:39:
                    30:44:a6:cc:12:64:9f:76:17:71:ce:e7:7e:d3:d1:
                    dc:d5:57:71:a3:b2:20:75:4f:c5:99:2d:7f:37:a4:
                    84:3d:f5:73:e5:99:9f:96:ef:f2:2c:b8:bf:4e:61:
                    b6:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:EA:C0:DA:3F:3B:62:50:3A:3E:78:A2:6F:3B:38:AE:5B:CF:59:E4
            X509v3 Authority Key Identifier:
                keyid:69:4A:2E:D9:A4:12:74:7F:CD:64:47:49:DE:57:D9:FF:78:03:93:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aUou2aQSdH_NZEdJ3lfZ_3gDk6o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9e4f21-f9e6-4942-9601-adf43f04ec9c/1/WurA2j87YlA6Pniibzs4rlvPWeQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9e4f21-f9e6-4942-9601-adf43f04ec9c/1/aUou2aQSdH_NZEdJ3lfZ_3gDk6o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.81.44.0/22
                  45.89.92.0/22
                  45.93.104.0/22
                  45.130.92.0/22
                  45.138.40.0/22
                  45.148.112.0/22
                  91.212.40.0/23
                  91.212.54.0/23
                  194.99.82.0/24
                  194.99.85.0/24
                  194.99.91.0/24
                  194.99.110.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c7:73:f9:97:b2:70:6d:3d:4c:4d:c1:3b:3f:4f:e3:20:05:29:
         01:9c:ac:6d:0b:94:dc:36:c5:bc:6d:be:e4:f7:ac:51:b4:7d:
         a9:a1:88:1a:27:d0:62:05:24:1b:70:f8:50:ce:25:0d:82:9e:
         ce:84:8b:13:52:15:4c:2a:e1:92:e4:1d:b3:fd:d2:10:23:28:
         28:64:66:7c:6b:b6:f7:0c:a4:0d:2b:37:4e:96:3c:84:c6:35:
         9a:0c:92:7a:b6:ae:42:f4:67:26:fa:50:b3:fc:fb:64:4c:0c:
         c0:d9:86:7a:60:6a:7a:5d:39:c3:1c:24:86:68:cb:92:31:14:
         35:35:08:37:a1:78:b4:7b:e4:a2:b4:93:ad:2c:7a:70:70:94:
         ec:6c:1c:2e:ab:80:2f:9b:5e:3c:7f:c2:05:ab:b8:92:e7:09:
         f1:89:51:47:85:26:0a:de:76:75:0a:4f:86:55:10:01:af:3e:
         aa:2d:9b:79:f6:51:94:ec:7f:7c:19:b8:b4:cb:98:71:0f:99:
         9f:78:67:1a:a0:05:dd:e0:43:3f:d3:a4:88:40:9d:30:af:80:
         1c:5a:ef:26:fc:97:45:de:cd:35:70:c4:73:67:f3:5a:35:11:
         77:e4:19:49:51:de:4a:a3:6f:4f:9a:7f:12:c1:f0:55:2c:03:
         4f:61:d6:ff
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYVuL6tATFiJo6chMt3BSqCYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NGEyZWQ5YTQxMjc0N2ZjZDY0NDc0OWRlNTdkOWZmNzgw
MzkzYWEwHhcNMjMwMTAxMTYzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWVhYzBkYTNmM2I2MjUwM2EzZTc4YTI2ZjNiMzhhZTViY2Y1OWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2f8sPnLwHmvNpNGQKukV188To0E
IO9Y+VWGbV13/0DMomsm4qOVW3SBjbwFpIjbGBU9HUrPqxRJybjr4EeHmXYNzXWO
KoGglfj6zl6/xevUmPOvMOtRvzWJ3Jt3DhmRLz3QD5LLO8C7hjSXT0ng5vKmONFw
q2f8nHLajPCuZdfoCwR1QsZqYTyLHulkwfdHzTqmv6NNDogXP/Zvb3M/AIEGdLRD
JWGvMN9ouZKjKMx0Yii8Po61xwTDkmbBH2uIsfK+p38xcVfSGy9d1gvf2DkwRKbM
EmSfdhdxzud+09Hc1Vdxo7IgdU/FmS1/N6SEPfVz5Zmflu/yLLi/TmG2mQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFFrqwNo/O2JQOj54om87OK5bz1nkMB8GA1UdIwQY
MBaAFGlKLtmkEnR/zWRHSd5X2f94A5OqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVVvdTJhUVNkSF9OWkVkSjNsZlpfM2dEazZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS85ZTRmMjEtZjllNi00OTQyLTk2MDEt
YWRmNDNmMDRlYzljLzEvV3VyQTJqODdZbEE2UG5paWJ6czRybHZQV2VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS85ZTRmMjEtZjllNi00OTQyLTk2MDEtYWRmNDNmMDRlYzlj
LzEvYVVvdTJhUVNkSF9OWkVkSjNsZlpfM2dEazZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQCLVEsAwQC
LVlcAwQCLV1oAwQCLYJcAwQCLYooAwQCLZRwAwQBW9QoAwQBW9Q2AwQAwmNSAwQA
wmNVAwQAwmNbAwQAwmNuMA0GCSqGSIb3DQEBCwUAA4IBAQDHc/mXsnBtPUxNwTs/
T+MgBSkBnKxtC5TcNsW8bb7k96xRtH2poYgaJ9BiBSQbcPhQziUNgp7OhIsTUhVM
KuGS5B2z/dIQIygoZGZ8a7b3DKQNKzdOljyExjWaDJJ6tq5C9Gcm+lCz/PtkTAzA
2YZ6YGp6XTnDHCSGaMuSMRQ1NQg3oXi0e+SitJOtLHpwcJTsbBwuq4Avm148f8IF
q7iS5wnxiVFHhSYK3nZ1Ck+GVRABrz6qLZt59lGU7H98Gbi0y5hxD5mfeGcaoAXd
4EM/06SIQJ0wr4AcWu8m/JdF3s01cMRzZ/NaNRF35BlJUd5Ko29Pmn8SwfBVLANP
Ydb/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:36 2024 by rpki-client on console-fra.rpki-client.org