Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/WpQH16NqnRsnbN1IjW8d1USgQbo.roa
File:                     WpQH16NqnRsnbN1IjW8d1USgQbo.roa (raw, json)
Hash identifier:          FwR8iIdWR8oRkD/AYHH1nkfq2C7VcVcpbZe8FKLm/4E=
Subject key identifier:   5A:94:07:D7:A3:6A:9D:1B:27:6C:DD:48:8D:6F:1D:D5:44:A0:41:BA
Certificate issuer:       /CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Certificate serial:       01856CAEF0FBCFF4E8D09987DF1C8AD0CC52
Authority key identifier: 97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/WpQH16NqnRsnbN1IjW8d1USgQbo.roa
Signing time:             Sun 01 Jan 2023 09:34:42 +0000
ROA not before:           Sun 01 Jan 2023 09:34:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        147.189.216.0/22 maxlen: 32
                          147.189.220.0/22 maxlen: 32
                          193.5.16.0/23 maxlen: 32
                          193.5.18.0/23 maxlen: 32
                          2a0d:3dc0::/30 maxlen: 128
                          2a0d:3dc4::/30 maxlen: 128

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:29:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:ae:f0:fb:cf:f4:e8:d0:99:87:df:1c:8a:d0:cc:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
        Validity
            Not Before: Jan  1 09:34:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5a9407d7a36a9d1b276cdd488d6f1dd544a041ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:f1:27:2a:78:b2:f6:53:36:40:56:0f:fd:47:
                    66:48:6b:eb:21:f1:1a:39:39:3a:45:f1:05:b4:8d:
                    e6:4c:61:f0:4e:a7:35:9e:85:34:fd:dd:3c:16:00:
                    b7:3d:94:2e:34:ff:d7:06:cb:65:d1:31:34:e2:44:
                    ef:24:81:c6:78:6d:10:0b:65:9b:1d:c6:58:79:38:
                    a3:15:bd:45:1f:0c:ce:41:ce:43:3d:6d:82:3c:4f:
                    ca:51:1d:cd:74:03:23:04:6d:ae:1f:c1:3d:ef:f0:
                    65:82:56:65:da:0c:87:bd:1c:86:0a:c9:51:a5:11:
                    ee:eb:7d:cb:1a:de:24:06:8e:be:d1:c1:a7:59:ff:
                    24:75:de:48:9d:b6:b9:4a:08:08:97:33:e9:49:01:
                    27:20:53:42:d1:71:bb:58:6e:34:ad:61:59:c7:18:
                    98:52:d7:f7:80:3d:7f:f3:c7:ae:a2:28:0c:fe:ca:
                    15:0c:14:65:f5:17:4f:e0:55:c0:1e:cc:55:e0:76:
                    8c:9d:9d:d6:60:3f:7c:51:0a:4f:c9:03:c4:df:05:
                    59:85:71:7e:8a:dd:53:a7:fd:9b:2b:53:d2:aa:fd:
                    f6:31:ea:9f:06:fb:da:52:f5:38:b9:e8:97:ad:66:
                    00:a1:b4:6a:ca:b7:e8:9d:0e:e6:e6:d4:f7:b3:86:
                    00:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:94:07:D7:A3:6A:9D:1B:27:6C:DD:48:8D:6F:1D:D5:44:A0:41:BA
            X509v3 Authority Key Identifier:
                keyid:97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/WpQH16NqnRsnbN1IjW8d1USgQbo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/l4OlSHs1wdHh8VfBkTErPfS8F6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.189.216.0/21
                  193.5.16.0/22
                IPv6:
                  2a0d:3dc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         83:87:af:ac:f2:2e:c1:08:2a:d9:51:41:5e:30:28:75:03:f0:
         ac:28:0e:6e:22:9a:2c:cf:3d:4d:e7:ad:2e:c7:d9:81:33:ca:
         66:22:d7:62:bd:58:6b:1a:4a:da:39:68:fa:69:72:03:ba:b7:
         ea:8f:b9:3c:d3:87:56:f6:60:e0:61:2b:6f:3b:5a:28:b4:7f:
         89:b0:7b:91:cc:4f:af:ac:2e:e2:41:16:1b:b8:24:11:4f:10:
         e8:3c:f0:b2:d8:06:74:ae:a5:d3:11:ec:1d:40:68:a0:38:03:
         1d:f0:4b:d2:c9:fb:8e:cc:c7:2d:d5:07:01:24:61:01:ca:e7:
         21:e0:d1:76:23:d6:30:2b:71:fb:ad:19:2c:c2:0d:96:66:51:
         56:86:b7:da:08:66:8e:16:65:d2:cc:89:eb:9c:8b:88:32:57:
         44:c8:e4:da:29:a4:15:e2:b7:47:72:8a:e8:46:fd:f0:0b:71:
         5a:51:d8:73:59:ba:7b:32:31:ff:47:51:a1:af:76:80:ac:bb:
         12:8a:53:de:f8:d4:92:b4:ff:34:8b:6f:5e:1f:aa:a2:9b:d6:
         eb:0f:dd:fe:7e:9f:77:eb:4d:61:e8:a8:97:08:b1:71:ff:95:
         38:28:91:d7:6d:11:e3:28:01:ad:04:31:1a:f1:14:61:99:b6:
         02:3e:00:4d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsrvD7z/To0JmH3xyK0MxSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ODNhNTQ4N2IzNWMxZDFlMWYxNTdjMTkxMzEyYjNkZjRi
YzE3YWIwHhcNMjMwMTAxMDkzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTk0MDdkN2EzNmE5ZDFiMjc2Y2RkNDg4ZDZmMWRkNTQ0YTA0MWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPEnKniy9lM2QFYP/UdmSGvrIfEa
OTk6RfEFtI3mTGHwTqc1noU0/d08FgC3PZQuNP/XBstl0TE04kTvJIHGeG0QC2Wb
HcZYeTijFb1FHwzOQc5DPW2CPE/KUR3NdAMjBG2uH8E97/BlglZl2gyHvRyGCslR
pRHu633LGt4kBo6+0cGnWf8kdd5Inba5SggIlzPpSQEnIFNC0XG7WG40rWFZxxiY
Utf3gD1/88euoigM/soVDBRl9RdP4FXAHsxV4HaMnZ3WYD98UQpPyQPE3wVZhXF+
it1Tp/2bK1PSqv32MeqfBvvaUvU4ueiXrWYAobRqyrfonQ7m5tT3s4YAmQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFqUB9ejap0bJ2zdSI1vHdVEoEG6MB8GA1UdIwQY
MBaAFJeDpUh7NcHR4fFXwZExKz30vBerMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEt
NjkxNTJlOWEwOGMzLzEvV3BRSDE2TnFuUnNuYk4xSWpXOGQxVVNnUWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEtNjkxNTJlOWEwOGMz
LzEvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDk73YAwQC
wQUQMA0EAgACMAcDBQMqDT3AMA0GCSqGSIb3DQEBCwUAA4IBAQCDh6+s8i7BCCrZ
UUFeMCh1A/CsKA5uIposzz1N560ux9mBM8pmItdivVhrGkraOWj6aXIDurfqj7k8
04dW9mDgYStvO1ootH+JsHuRzE+vrC7iQRYbuCQRTxDoPPCy2AZ0rqXTEewdQGig
OAMd8EvSyfuOzMct1QcBJGEByuch4NF2I9YwK3H7rRkswg2WZlFWhrfaCGaOFmXS
zInrnIuIMldEyOTaKaQV4rdHcoroRv3wC3FaUdhzWbp7MjH/R1Ghr3aArLsSilPe
+NSStP80i29eH6qim9brD93+fp93601h6KiXCLFx/5U4KJHXbRHjKAGtBDEa8RRh
mbYCPgBN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:45 2024 by rpki-client on console-ams.rpki-client.org