Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/WJ8og2Wb5iwIWYnvR6DwXsQdFzE.roa
File:                     WJ8og2Wb5iwIWYnvR6DwXsQdFzE.roa (raw, json)
Hash identifier:          OOuOpMFNtP7kJDwuqkHVENJwG3g4df8xBgfTTFU06f8=
Subject key identifier:   58:9F:28:83:65:9B:E6:2C:08:59:89:EF:47:A0:F0:5E:C4:1D:17:31
Certificate issuer:       /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial:       018D77D04CAFD3FCDAD6878B848C04DD06BB
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/WJ8og2Wb5iwIWYnvR6DwXsQdFzE.roa
Signing time:             Mon 05 Feb 2024 05:49:16 +0000
ROA not before:           Mon 05 Feb 2024 05:49:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     29555
IP address blocks:        85.117.96.0/24 maxlen: 24
                          85.117.97.0/24 maxlen: 24
                          85.117.98.0/24 maxlen: 24
                          85.117.99.0/24 maxlen: 24
                          85.117.100.0/24 maxlen: 24
                          85.117.101.0/24 maxlen: 24
                          85.117.102.0/24 maxlen: 24
                          85.117.103.0/24 maxlen: 24
                          85.117.104.0/24 maxlen: 24
                          85.117.105.0/24 maxlen: 24
                          85.117.106.0/24 maxlen: 24
                          85.117.107.0/24 maxlen: 24
                          85.117.108.0/24 maxlen: 24
                          85.117.109.0/24 maxlen: 24
                          85.117.110.0/24 maxlen: 24
                          85.117.111.0/24 maxlen: 24
                          85.117.112.0/24 maxlen: 24
                          85.117.113.0/24 maxlen: 24
                          85.117.114.0/24 maxlen: 24
                          85.117.115.0/24 maxlen: 24
                          85.117.116.0/24 maxlen: 24
                          85.117.117.0/24 maxlen: 24
                          85.117.118.0/24 maxlen: 24
                          85.117.119.0/24 maxlen: 24
                          85.117.120.0/24 maxlen: 24
                          85.117.121.0/24 maxlen: 24
                          85.117.122.0/24 maxlen: 24
                          85.117.123.0/24 maxlen: 24
                          85.117.124.0/24 maxlen: 24
                          85.117.125.0/24 maxlen: 24
                          85.117.126.0/24 maxlen: 24
                          85.117.127.0/24 maxlen: 24
                          185.57.72.0/24 maxlen: 24
                          185.57.73.0/24 maxlen: 24
                          185.57.74.0/24 maxlen: 24
                          185.57.75.0/24 maxlen: 24
                          217.76.64.0/24 maxlen: 24
                          217.76.65.0/24 maxlen: 24
                          217.76.68.0/24 maxlen: 24
                          217.76.71.0/24 maxlen: 24
                          217.76.72.0/24 maxlen: 24
                          217.76.74.0/24 maxlen: 24
                          217.76.75.0/24 maxlen: 24
                          217.76.76.0/24 maxlen: 24
                          217.76.77.0/24 maxlen: 24
                          217.76.78.0/24 maxlen: 24
                          217.76.79.0/24 maxlen: 24
                          2a03:32c0:a::/48 maxlen: 48
                          2a03:32c0:b::/48 maxlen: 48
                          2a03:32c0:c::/48 maxlen: 48
                          2a03:32c0:d::/48 maxlen: 48
                          2a03:32c0:16::/48 maxlen: 48
                          2a03:32c0:17::/48 maxlen: 48
                          2a03:32c0:18::/48 maxlen: 48
                          2a03:32c0:300a::/48 maxlen: 48
                          2a03:32c0:300b::/48 maxlen: 48
                          2a03:32c0:300e::/48 maxlen: 48
                          2a03:32c0:300f::/48 maxlen: 48
                          2a03:32c0:3010::/48 maxlen: 48
                          2a03:32c0:3011::/48 maxlen: 48

Validation:               Failed, certificate revoked on Fri 15 Mar 2024 12:16:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:77:d0:4c:af:d3:fc:da:d6:87:8b:84:8c:04:dd:06:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
        Validity
            Not Before: Feb  5 05:49:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=589f2883659be62c085989ef47a0f05ec41d1731
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:54:5d:f8:ae:00:e0:dc:e7:09:52:da:11:e5:
                    1a:1b:69:ae:95:0d:ad:ea:4f:a8:03:d7:3e:e1:f5:
                    76:f4:b0:f9:42:c5:eb:32:b5:3d:76:89:41:27:9f:
                    60:66:26:ed:b4:e4:35:bc:65:81:ed:5c:a8:d2:39:
                    3f:21:80:1b:02:b9:3b:2e:3c:b1:92:1c:1e:43:27:
                    e7:a0:a8:d0:4a:52:3a:8d:f7:84:06:4e:86:64:6b:
                    44:a5:5f:71:61:5f:3f:af:af:a7:0c:7b:f6:f8:07:
                    54:33:a2:bf:49:1a:e3:07:e5:eb:8c:3d:73:77:d0:
                    2c:da:21:ab:ee:d4:7c:e5:34:f3:8f:4f:03:b7:4b:
                    af:72:4d:50:20:38:49:8f:db:59:12:ef:b4:6c:60:
                    48:b1:70:bb:fb:5f:1d:d1:cd:aa:3d:b9:e5:58:62:
                    05:4d:27:6b:83:0f:eb:c6:d9:50:ac:8e:0d:f0:67:
                    02:3c:48:39:49:62:02:90:c1:b1:88:27:cd:7b:a2:
                    01:d5:d7:a4:81:cc:5c:54:9d:91:c1:4d:3f:44:a0:
                    9b:99:c6:8c:35:c7:e6:07:a0:ff:af:fb:82:31:58:
                    4a:e4:43:de:81:a1:7b:8c:32:6d:69:24:79:5f:06:
                    91:7c:66:1c:18:37:a8:db:0e:4a:92:19:31:21:88:
                    25:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:9F:28:83:65:9B:E6:2C:08:59:89:EF:47:A0:F0:5E:C4:1D:17:31
            X509v3 Authority Key Identifier:
                keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/WJ8og2Wb5iwIWYnvR6DwXsQdFzE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.117.96.0/19
                  185.57.72.0/22
                  217.76.64.0/23
                  217.76.68.0/24
                  217.76.71.0-217.76.72.255
                  217.76.74.0-217.76.79.255
                IPv6:
                  2a03:32c0:a::-2a03:32c0:d:ffff:ffff:ffff:ffff:ffff
                  2a03:32c0:16::-2a03:32c0:18:ffff:ffff:ffff:ffff:ffff
                  2a03:32c0:300a::/47
                  2a03:32c0:300e::-2a03:32c0:3011:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         cf:e1:28:1b:a8:30:ef:dc:a1:5d:37:c7:fa:01:8e:a8:6d:32:
         f3:ac:44:f5:b3:65:18:97:45:ee:45:10:44:53:cf:6d:7d:7f:
         3c:1a:12:2a:27:03:21:4f:36:e9:58:d7:29:85:88:7b:73:e3:
         48:2b:1b:6f:ba:40:1d:04:d7:84:97:06:1f:53:ec:90:5f:94:
         ac:0c:88:c0:5f:f7:16:e8:99:99:1d:76:12:f8:de:fc:64:ae:
         8c:be:63:0e:10:22:39:51:fa:8b:fa:21:79:2f:2e:6a:e9:18:
         86:6e:e5:a8:2b:66:05:f3:8a:fa:f7:75:3b:4b:14:97:74:58:
         2a:28:25:28:46:8f:43:4a:10:1b:65:66:da:e6:3b:33:99:8e:
         35:69:84:5e:7c:24:fc:50:2b:cf:43:a9:d1:cd:41:1e:12:43:
         32:a4:cf:f2:39:77:78:db:28:4b:c3:de:a6:29:09:7a:a7:ed:
         d1:1a:62:b5:ce:c1:b1:c2:0c:41:54:69:21:19:37:48:19:fd:
         e1:dc:55:56:ea:73:11:9e:99:c3:f4:e2:de:47:f5:68:2b:76:
         5a:16:11:85:13:53:8c:43:87:0e:db:e4:b1:12:4a:d8:90:24:
         c2:97:2f:46:91:18:fc:17:e2:79:e1:94:b3:c9:5b:f6:d0:c0:
         12:42:9c:73
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAY130Eyv0/za1oeLhIwE3Qa7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjQwMjA1MDU0OTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODlmMjg4MzY1OWJlNjJjMDg1OTg5ZWY0N2EwZjA1ZWM0MWQxNzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1Rd+K4A4NznCVLaEeUaG2mulQ2t
6k+oA9c+4fV29LD5QsXrMrU9dolBJ59gZibttOQ1vGWB7Vyo0jk/IYAbArk7Ljyx
khweQyfnoKjQSlI6jfeEBk6GZGtEpV9xYV8/r6+nDHv2+AdUM6K/SRrjB+XrjD1z
d9As2iGr7tR85TTzj08Dt0uvck1QIDhJj9tZEu+0bGBIsXC7+18d0c2qPbnlWGIF
TSdrgw/rxtlQrI4N8GcCPEg5SWICkMGxiCfNe6IB1dekgcxcVJ2RwU0/RKCbmcaM
NcfmB6D/r/uCMVhK5EPegaF7jDJtaSR5XwaRfGYcGDeo2w5KkhkxIYglhQIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFFifKINlm+YsCFmJ70eg8F7EHRcxMB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvV0o4b2cyV2I1aXdJV1ludlI2RHdYc1FkRnpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTA6BAIAATA0AwQFVXVg
AwQCuTlIAwQB2UxAAwQA2UxEMAwDBADZTEcDBADZTEgwDAMEAdlMSgMEBNlMQDBL
BAIAAjBFMBIDBwEqAzLAAAoDBwEqAzLAAAwwEgMHASoDMsAAFgMHACoDMsAAGAMH
ASoDMsAwCjASAwcBKgMywDAOAwcBKgMywDAQMA0GCSqGSIb3DQEBCwUAA4IBAQDP
4SgbqDDv3KFdN8f6AY6obTLzrET1s2UYl0XuRRBEU89tfX88GhIqJwMhTzbpWNcp
hYh7c+NIKxtvukAdBNeElwYfU+yQX5SsDIjAX/cW6JmZHXYS+N78ZK6MvmMOECI5
UfqL+iF5Ly5q6RiGbuWoK2YF84r693U7SxSXdFgqKCUoRo9DShAbZWba5jszmY41
aYRefCT8UCvPQ6nRzUEeEkMypM/yOXd42yhLw96mKQl6p+3RGmK1zsGxwgxBVGkh
GTdIGf3h3FVW6nMRnpnD9OLeR/VoK3ZaFhGFE1OMQ4cO2+SxEkrYkCTCly9GkRj8
F+J54ZSzyVv20MASQpxz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:08 2024 by rpki-client on console-fra.rpki-client.org