Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/WL05TB9Kc1D__l5nJ_KyEQGcnzU.roa
File:                     WL05TB9Kc1D__l5nJ_KyEQGcnzU.roa (raw, json)
Hash identifier:          UFLs4jPAc187or3BxlwG5FBieQEIwN/kSDYpnJP1Aog=
Subject key identifier:   58:BD:39:4C:1F:4A:73:50:FF:FE:5E:67:27:F2:B2:11:01:9C:9F:35
Certificate issuer:       /CN=af2b0e217a35168392206bda73ce619535a02f35
Certificate serial:       018CCA96C46A96D23AA02A265053303534ED
Authority key identifier: AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/WL05TB9Kc1D__l5nJ_KyEQGcnzU.roa
Signing time:             Tue 02 Jan 2024 14:32:07 +0000
ROA not before:           Tue 02 Jan 2024 14:32:07 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209369
IP address blocks:        185.22.96.0/22 maxlen: 22
                          2a13:5280::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 09 Jan 2024 16:18:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:96:c4:6a:96:d2:3a:a0:2a:26:50:53:30:35:34:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af2b0e217a35168392206bda73ce619535a02f35
        Validity
            Not Before: Jan  2 14:32:07 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=58bd394c1f4a7350fffe5e6727f2b211019c9f35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:48:bc:f8:18:dc:c8:3d:5f:fd:ac:8d:6c:a7:
                    7b:b0:4c:ae:9a:c5:59:77:1a:67:d8:c8:fd:1f:73:
                    65:67:e2:c0:dd:59:13:69:5c:cd:94:cf:e8:43:24:
                    d8:0b:74:47:07:25:fc:dc:ea:b0:e3:de:a8:42:e0:
                    a9:50:5c:92:fa:1a:32:ee:a7:b5:ba:49:2a:c9:bd:
                    be:6f:cd:29:d9:dc:54:63:29:95:a9:94:a1:29:e3:
                    f1:8d:2b:7f:02:08:3f:6a:e1:7c:a5:72:6e:59:98:
                    ff:49:6f:44:b3:e5:93:44:75:ae:f9:cb:38:d3:eb:
                    04:a6:8c:00:07:14:f9:11:f5:f2:13:5b:1a:51:50:
                    f5:14:28:4a:1d:94:42:ed:88:5c:18:62:7e:66:18:
                    a8:2b:91:44:66:b5:3c:bf:f4:9f:17:a8:f1:e0:39:
                    0b:17:99:c4:35:3c:24:67:d3:79:e3:bf:ac:12:3d:
                    ce:e7:df:d5:81:5d:74:19:25:9d:46:a6:9d:90:15:
                    24:5d:4a:95:9f:17:38:44:70:8d:a9:84:1a:33:0a:
                    68:b4:bf:aa:6e:f5:61:73:d7:87:93:a8:92:59:17:
                    52:da:52:bf:b2:fb:97:f7:51:94:23:db:a6:36:c5:
                    15:fb:be:85:29:a0:cb:1b:e1:36:3c:cc:6b:80:ca:
                    ee:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:BD:39:4C:1F:4A:73:50:FF:FE:5E:67:27:F2:B2:11:01:9C:9F:35
            X509v3 Authority Key Identifier:
                keyid:AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/WL05TB9Kc1D__l5nJ_KyEQGcnzU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.22.96.0/22
                IPv6:
                  2a13:5280::/29

    Signature Algorithm: sha256WithRSAEncryption
         8d:14:a7:66:34:74:09:e5:74:de:8c:ab:0e:7d:6a:c1:5b:9d:
         c8:b8:db:9b:ab:12:86:7e:f5:65:a2:6b:45:04:64:8a:90:c7:
         1b:88:fb:b1:9b:a1:53:48:36:2b:b2:28:f6:97:e1:66:c0:2e:
         61:4f:0e:50:b9:db:eb:12:ff:67:9c:b3:61:bf:46:c5:e0:4e:
         95:00:66:ef:56:59:3b:c5:e2:d0:dc:5b:82:43:fa:09:4d:c1:
         41:5a:1b:95:8a:db:21:66:8e:49:04:7a:c0:af:56:d7:d4:2f:
         c1:29:34:f1:51:19:f7:f9:49:3a:9c:a7:54:b9:aa:4e:d2:68:
         d0:04:13:31:bc:4b:92:5d:25:1a:7a:9c:73:0a:ed:fe:d8:e1:
         d9:e5:6b:dd:6a:67:c6:9d:ae:cc:cb:c4:f8:62:b5:1b:91:61:
         fe:ad:9b:81:0e:03:08:5e:bd:2d:53:79:46:59:27:f5:a4:04:
         b5:d1:e4:57:f6:d3:bb:58:e5:26:4f:30:9b:cb:68:eb:2c:d6:
         da:32:ab:f9:27:4d:91:51:cf:7b:f5:cd:02:56:d0:f3:b7:9f:
         8f:d4:50:97:12:62:ba:8f:12:2c:2f:96:fd:28:07:ad:39:24:
         8e:20:51:f9:ac:21:f1:89:ab:ee:77:af:ee:3f:f0:0a:26:56:
         94:f4:44:91
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKlsRqltI6oComUFMwNTTtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmIwZTIxN2EzNTE2ODM5MjIwNmJkYTczY2U2MTk1MzVh
MDJmMzUwHhcNMjQwMTAyMTQzMjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGJkMzk0YzFmNGE3MzUwZmZmZTVlNjcyN2YyYjIxMTAxOWM5ZjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjki8+BjcyD1f/ayNbKd7sEyumsVZ
dxpn2Mj9H3NlZ+LA3VkTaVzNlM/oQyTYC3RHByX83Oqw496oQuCpUFyS+hoy7qe1
ukkqyb2+b80p2dxUYymVqZShKePxjSt/Agg/auF8pXJuWZj/SW9Es+WTRHWu+cs4
0+sEpowABxT5EfXyE1saUVD1FChKHZRC7YhcGGJ+ZhioK5FEZrU8v/SfF6jx4DkL
F5nENTwkZ9N547+sEj3O59/VgV10GSWdRqadkBUkXUqVnxc4RHCNqYQaMwpotL+q
bvVhc9eHk6iSWRdS2lK/svuX91GUI9umNsUV+76FKaDLG+E2PMxrgMrunwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFi9OUwfSnNQ//5eZyfyshEBnJ81MB8GA1UdIwQY
MBaAFK8rDiF6NRaDkiBr2nPOYZU1oC81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDct
ZjBkMTk4MDk4NzRhLzEvV0wwNVRCOUtjMURfX2w1bkpfS3lFUUdjbnpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDctZjBkMTk4MDk4NzRh
LzEvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRZgMA0E
AgACMAcDBQMqE1KAMA0GCSqGSIb3DQEBCwUAA4IBAQCNFKdmNHQJ5XTejKsOfWrB
W53IuNubqxKGfvVlomtFBGSKkMcbiPuxm6FTSDYrsij2l+FmwC5hTw5QudvrEv9n
nLNhv0bF4E6VAGbvVlk7xeLQ3FuCQ/oJTcFBWhuVitshZo5JBHrAr1bX1C/BKTTx
URn3+Uk6nKdUuapO0mjQBBMxvEuSXSUaepxzCu3+2OHZ5WvdamfGna7My8T4YrUb
kWH+rZuBDgMIXr0tU3lGWSf1pAS10eRX9tO7WOUmTzCby2jrLNbaMqv5J02RUc97
9c0CVtDzt5+P1FCXEmK6jxIsL5b9KAetOSSOIFH5rCHxiavud6/uP/AKJlaU9ESR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:59 2024 by rpki-client on console-ams.rpki-client.org