Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/9068a5-7979-4f8c-bf82-cfe2a9657c26/1/w-ehG4w2Qlno_wWSOawpQd37TqQ.roa
File:                     w-ehG4w2Qlno_wWSOawpQd37TqQ.roa (raw, json)
Hash identifier:          6vEoZnr2x6s3VhEG/YB2n8qnpsZent+z487DNWT7Ww8=
Subject key identifier:   C3:E7:A1:1B:8C:36:42:59:E8:FF:05:92:39:AC:29:41:DD:FB:4E:A4
Certificate issuer:       /CN=f5daf0ba21e90202597ee47e09f6877fe23c2a9f
Certificate serial:       018CC349110D23DC53695DA061A85C78A979
Authority key identifier: F5:DA:F0:BA:21:E9:02:02:59:7E:E4:7E:09:F6:87:7F:E2:3C:2A:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9drwuiHpAgJZfuR-CfaHf-I8Kp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/9068a5-7979-4f8c-bf82-cfe2a9657c26/1/w-ehG4w2Qlno_wWSOawpQd37TqQ.roa
Signing time:             Mon 01 Jan 2024 04:29:54 +0000
ROA not before:           Mon 01 Jan 2024 04:29:54 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     206262
IP address blocks:        185.171.60.0/24 maxlen: 24
                          185.171.60.0/22 maxlen: 22
                          185.171.62.0/24 maxlen: 24
                          185.171.61.0/24 maxlen: 24
                          185.171.63.0/24 maxlen: 24
                          37.26.64.0/24 maxlen: 24
                          37.26.64.0/21 maxlen: 21
                          37.26.71.0/24 maxlen: 24
                          37.26.70.0/24 maxlen: 24
                          37.26.66.0/24 maxlen: 24
                          37.26.65.0/24 maxlen: 24
                          37.26.67.0/24 maxlen: 24
                          37.26.69.0/24 maxlen: 24
                          37.26.68.0/24 maxlen: 24
                          185.191.164.0/24 maxlen: 24
                          185.191.164.0/22 maxlen: 22
                          185.191.166.0/24 maxlen: 24
                          185.191.165.0/24 maxlen: 24
                          87.238.208.0/24 maxlen: 24
                          185.174.208.0/24 maxlen: 24
                          87.238.208.0/21 maxlen: 21
                          185.174.208.0/22 maxlen: 22
                          185.191.167.0/24 maxlen: 24
                          87.238.210.0/24 maxlen: 24
                          185.174.210.0/24 maxlen: 24
                          185.174.211.0/24 maxlen: 24
                          87.238.209.0/24 maxlen: 24
                          185.174.209.0/24 maxlen: 24
                          87.238.212.0/24 maxlen: 24
                          87.238.213.0/24 maxlen: 24
                          87.238.211.0/24 maxlen: 24
                          87.238.215.0/24 maxlen: 24
                          87.238.214.0/24 maxlen: 24
                          95.86.41.0/24 maxlen: 24
                          95.86.40.0/22 maxlen: 22
                          95.86.40.0/24 maxlen: 24
                          95.86.43.0/24 maxlen: 24
                          95.86.42.0/24 maxlen: 24
                          95.86.57.0/24 maxlen: 24
                          95.86.56.0/24 maxlen: 24
                          95.86.56.0/22 maxlen: 24
                          95.86.58.0/24 maxlen: 24
                          95.86.59.0/24 maxlen: 24
                          185.186.81.0/24 maxlen: 24
                          185.186.80.0/22 maxlen: 22
                          185.186.80.0/24 maxlen: 24
                          185.186.83.0/24 maxlen: 24
                          185.186.82.0/24 maxlen: 24
                          5.206.232.0/21 maxlen: 21
                          5.206.232.0/24 maxlen: 24
                          5.206.233.0/24 maxlen: 24
                          5.206.234.0/24 maxlen: 24
                          5.206.236.0/24 maxlen: 24
                          5.206.235.0/24 maxlen: 24
                          5.206.238.0/24 maxlen: 24
                          5.206.237.0/24 maxlen: 24
                          5.206.239.0/24 maxlen: 24
                          185.179.28.0/22 maxlen: 22
                          185.179.29.0/24 maxlen: 24
                          185.179.28.0/24 maxlen: 24
                          185.179.30.0/24 maxlen: 24
                          185.179.31.0/24 maxlen: 24
                          2a0c:b340::/32 maxlen: 32
                          2a0c:b342::/32 maxlen: 32
                          2a0c:b343::/32 maxlen: 32
                          2a0c:b344::/32 maxlen: 32
                          2a0c:b340::/29 maxlen: 29
                          2a0c:b341::/32 maxlen: 32
                          2a0c:b340::/48 maxlen: 48
                          2a0c:b340:1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 09:22:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:11:0d:23:dc:53:69:5d:a0:61:a8:5c:78:a9:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5daf0ba21e90202597ee47e09f6877fe23c2a9f
        Validity
            Not Before: Jan  1 04:29:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c3e7a11b8c364259e8ff059239ac2941ddfb4ea4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:fa:61:61:35:5d:70:4f:b6:f0:47:2c:94:f9:
                    e3:98:42:52:47:5c:b6:06:b0:51:e5:64:65:82:6b:
                    96:24:c4:dd:db:fe:26:c2:33:c5:7e:30:40:a6:0b:
                    39:30:5f:b4:a6:d1:ee:0d:92:33:35:38:ee:2b:5e:
                    80:ab:b9:d0:85:95:f9:ae:4f:58:23:cc:90:8e:b0:
                    37:92:d1:da:0b:61:02:b6:dd:cc:e8:f8:ea:d0:6c:
                    ca:b1:61:62:ad:f3:f0:db:ab:af:28:e2:60:62:9a:
                    2e:8c:ce:b1:d6:51:ae:ba:86:75:db:d5:3b:a7:d6:
                    44:ea:e2:ad:0e:69:03:9e:6e:69:8d:bb:1d:92:92:
                    73:07:a3:bb:3e:0c:20:84:26:3d:bf:e7:5f:6b:a1:
                    f4:64:96:dc:e2:d1:ac:29:83:f0:bb:54:69:ec:8e:
                    c0:43:81:ca:f6:db:5f:b4:1f:45:c7:fc:80:55:b5:
                    1e:9d:74:a8:bb:97:9b:dc:c8:0d:e8:c7:fd:c7:be:
                    3d:13:e4:8e:49:73:2f:66:54:78:08:9b:22:db:92:
                    dd:8b:09:5c:82:bf:86:d7:e1:f8:4a:c7:f6:9b:05:
                    49:ea:73:90:13:b0:8b:eb:2b:78:7e:02:05:a8:88:
                    8a:25:a3:a8:27:6c:e7:5a:1a:a3:0e:be:71:82:82:
                    70:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:E7:A1:1B:8C:36:42:59:E8:FF:05:92:39:AC:29:41:DD:FB:4E:A4
            X509v3 Authority Key Identifier:
                keyid:F5:DA:F0:BA:21:E9:02:02:59:7E:E4:7E:09:F6:87:7F:E2:3C:2A:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9drwuiHpAgJZfuR-CfaHf-I8Kp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9068a5-7979-4f8c-bf82-cfe2a9657c26/1/w-ehG4w2Qlno_wWSOawpQd37TqQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9068a5-7979-4f8c-bf82-cfe2a9657c26/1/9drwuiHpAgJZfuR-CfaHf-I8Kp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.206.232.0/21
                  37.26.64.0/21
                  87.238.208.0/21
                  95.86.40.0/22
                  95.86.56.0/22
                  185.171.60.0/22
                  185.174.208.0/22
                  185.179.28.0/22
                  185.186.80.0/22
                  185.191.164.0/22
                IPv6:
                  2a0c:b340::/29

    Signature Algorithm: sha256WithRSAEncryption
         9b:ae:9f:f0:b7:f3:af:2a:1b:c4:a4:c7:90:ae:2d:74:d4:da:
         e8:35:8b:1d:92:a8:55:b2:ff:f1:dc:0b:09:53:f6:26:0f:c8:
         c0:80:11:d8:87:d1:f8:b7:e1:4c:f4:db:6f:82:9e:05:df:0d:
         bd:75:3e:f7:16:e1:2a:97:98:e6:32:d6:71:27:46:3b:c6:30:
         39:cf:98:dd:20:93:3d:8c:68:cf:19:9a:31:f6:d4:e4:e6:8c:
         36:bf:fe:ab:b1:e1:07:21:eb:94:e5:6d:6b:11:0a:da:e4:8d:
         02:d6:d4:05:eb:90:b8:9e:f1:32:9e:8a:97:4b:cd:54:8c:22:
         fa:74:69:77:69:99:52:9c:8a:bc:65:7e:e3:2e:2e:14:47:ef:
         34:ce:e0:c3:ec:79:32:c4:62:35:76:fe:db:2b:89:c7:f2:d0:
         bf:86:ab:46:d5:94:aa:f9:a0:06:68:98:de:89:2a:00:db:61:
         5d:27:d3:25:de:ea:4c:54:69:3f:23:a4:91:39:7e:8d:ff:55:
         1b:2d:95:16:fe:b8:b4:f0:29:ed:82:1e:19:39:5f:60:80:8b:
         72:be:4e:20:93:fa:05:40:31:c7:37:43:e8:50:74:29:e3:3d:
         67:cc:03:2f:30:d2:c4:1c:45:b3:c2:0a:07:7a:19:4a:48:4f:
         8f:38:6e:44
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYzDSRENI9xTaV2gYahceKl5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZGFmMGJhMjFlOTAyMDI1OTdlZTQ3ZTA5ZjY4NzdmZTIz
YzJhOWYwHhcNMjQwMTAxMDQyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2U3YTExYjhjMzY0MjU5ZThmZjA1OTIzOWFjMjk0MWRkZmI0ZWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPphYTVdcE+28EcslPnjmEJSR1y2
BrBR5WRlgmuWJMTd2/4mwjPFfjBApgs5MF+0ptHuDZIzNTjuK16Aq7nQhZX5rk9Y
I8yQjrA3ktHaC2ECtt3M6Pjq0GzKsWFirfPw26uvKOJgYpoujM6x1lGuuoZ129U7
p9ZE6uKtDmkDnm5pjbsdkpJzB6O7PgwghCY9v+dfa6H0ZJbc4tGsKYPwu1Rp7I7A
Q4HK9ttftB9Fx/yAVbUenXSou5eb3MgN6Mf9x749E+SOSXMvZlR4CJsi25Ldiwlc
gr+G1+H4Ssf2mwVJ6nOQE7CL6yt4fgIFqIiKJaOoJ2znWhqjDr5xgoJwfQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFMPnoRuMNkJZ6P8FkjmsKUHd+06kMB8GA1UdIwQY
MBaAFPXa8Loh6QICWX7kfgn2h3/iPCqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWRyd3VpSHBBZ0paZnVSLUNmYUhmLUk4S3A4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS85MDY4YTUtNzk3OS00ZjhjLWJmODIt
Y2ZlMmE5NjU3YzI2LzEvdy1laEc0dzJRbG5vX3dXU09hd3BRZDM3VHFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS85MDY4YTUtNzk3OS00ZjhjLWJmODItY2ZlMmE5NjU3YzI2
LzEvOWRyd3VpSHBBZ0paZnVSLUNmYUhmLUk4S3A4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQDBc7oAwQD
JRpAAwQDV+7QAwQCX1YoAwQCX1Y4AwQCuas8AwQCua7QAwQCubMcAwQCubpQAwQC
ub+kMA0EAgACMAcDBQMqDLNAMA0GCSqGSIb3DQEBCwUAA4IBAQCbrp/wt/OvKhvE
pMeQri101NroNYsdkqhVsv/x3AsJU/YmD8jAgBHYh9H4t+FM9Ntvgp4F3w29dT73
FuEql5jmMtZxJ0Y7xjA5z5jdIJM9jGjPGZox9tTk5ow2v/6rseEHIeuU5W1rEQra
5I0C1tQF65C4nvEynoqXS81UjCL6dGl3aZlSnIq8ZX7jLi4UR+80zuDD7HkyxGI1
dv7bK4nH8tC/hqtG1ZSq+aAGaJjeiSoA22FdJ9Ml3upMVGk/I6SROX6N/1UbLZUW
/ri08Cntgh4ZOV9ggItyvk4gk/oFQDHHN0PoUHQp4z1nzAMvMNLEHEWzwgoHehlK
SE+POG5E
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:07 2024 by rpki-client on console-ams.rpki-client.org