Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/Kkq2CT2uZlOplfS9rn3NrPbu8eA.roa
File:                     Kkq2CT2uZlOplfS9rn3NrPbu8eA.roa (raw, json)
Hash identifier:          8v5J6og9AhPWyUmPqjok4k1BzobUmmQqgi60IWXEm5I=
Subject key identifier:   2A:4A:B6:09:3D:AE:66:53:A9:95:F4:BD:AE:7D:CD:AC:F6:EE:F1:E0
Certificate issuer:       /CN=5bea2b884c7067f58fff040a1f06e0df1e80ab3e
Certificate serial:       0185CEE09F35AC3F304E1D8AA97FD5D2DA61
Authority key identifier: 5B:EA:2B:88:4C:70:67:F5:8F:FF:04:0A:1F:06:E0:DF:1E:80:AB:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W-oriExwZ_WP_wQKHwbg3x6Aqz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/Kkq2CT2uZlOplfS9rn3NrPbu8eA.roa
Signing time:             Fri 20 Jan 2023 11:11:45 +0000
ROA not before:           Fri 20 Jan 2023 11:11:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     24745
IP address blocks:        109.99.158.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:ce:e0:9f:35:ac:3f:30:4e:1d:8a:a9:7f:d5:d2:da:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5bea2b884c7067f58fff040a1f06e0df1e80ab3e
        Validity
            Not Before: Jan 20 11:11:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2a4ab6093dae6653a995f4bdae7dcdacf6eef1e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:d4:86:b8:fb:05:96:ec:ec:41:19:2f:53:fc:
                    06:c4:66:b4:05:75:c8:a6:c8:c8:6a:06:40:7c:74:
                    68:b5:6f:00:45:fb:4b:46:67:59:ae:7a:da:07:3b:
                    72:87:8d:61:2e:38:fd:04:e4:93:62:cf:9f:cc:9d:
                    f2:0a:c4:a2:e5:85:14:f2:05:04:14:cd:32:45:0e:
                    40:12:03:fc:39:1d:70:40:a1:7e:dd:76:ad:33:59:
                    23:e9:fa:c6:86:78:44:1f:24:2f:60:24:3b:34:c4:
                    59:09:55:e1:d7:43:11:aa:fe:e8:99:a8:b8:38:4f:
                    71:54:dc:d7:1b:f9:1c:91:47:bc:3d:10:51:c4:44:
                    60:e8:fd:ac:ae:26:23:f7:22:b9:34:da:3a:a4:0a:
                    bb:f1:e6:57:af:f1:c8:3b:60:c5:fa:df:06:5b:8d:
                    67:94:15:9e:f4:27:06:7e:97:dc:05:6c:15:0d:d2:
                    60:81:de:b7:a5:b8:1c:4e:15:b7:2b:0f:79:f3:7d:
                    ea:bf:ce:ed:66:15:be:b1:ab:d2:f0:59:d0:c9:be:
                    70:2e:42:60:63:15:c2:62:d5:5f:ff:c7:c2:92:9d:
                    c5:d8:53:02:22:e5:c9:e0:e2:82:f8:bb:6e:12:b2:
                    61:79:6e:8b:c1:18:37:9a:c5:9b:df:f6:11:28:bf:
                    fb:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:4A:B6:09:3D:AE:66:53:A9:95:F4:BD:AE:7D:CD:AC:F6:EE:F1:E0
            X509v3 Authority Key Identifier:
                keyid:5B:EA:2B:88:4C:70:67:F5:8F:FF:04:0A:1F:06:E0:DF:1E:80:AB:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-oriExwZ_WP_wQKHwbg3x6Aqz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/Kkq2CT2uZlOplfS9rn3NrPbu8eA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/W-oriExwZ_WP_wQKHwbg3x6Aqz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.99.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:85:07:2d:57:0b:0e:7f:90:47:9c:6c:79:40:93:16:91:47:
         a7:b4:97:5c:ed:d0:eb:8a:5c:dc:36:a6:9b:f5:0c:2f:88:8b:
         c8:90:b0:65:bc:d2:68:74:a5:71:94:64:ac:f6:b9:17:7c:18:
         23:f2:64:fc:90:cf:02:24:47:c0:20:d3:9f:1e:b9:72:dc:15:
         d6:74:eb:5b:e8:d2:bf:c9:f7:30:7e:8e:61:48:ec:a3:e9:7e:
         d3:39:4b:d1:24:57:5b:2e:4c:ea:a8:41:b5:f1:2f:ee:a6:6f:
         1b:b7:ab:8b:b9:73:44:14:59:c5:7b:ed:55:9e:36:fe:23:d6:
         14:dd:15:32:a4:a5:46:88:1b:1f:6f:32:0e:c1:0b:ed:9e:b8:
         5d:5a:99:1a:12:4b:6c:65:19:05:9f:df:0e:e9:68:b1:f7:0e:
         b8:8f:47:b7:4c:8e:8a:c8:ca:87:ea:e5:e1:a9:f4:8c:b8:41:
         93:6e:8c:7f:ba:64:a8:51:69:64:c1:fa:b7:28:c1:e5:cd:c5:
         b9:37:85:5c:2b:3d:c7:6b:0c:77:c8:e6:c6:0e:66:6d:90:7c:
         56:a2:76:16:24:1f:5c:d2:c6:88:0e:65:a2:41:f1:f3:8b:1f:
         a4:d4:83:90:c6:5f:4e:65:7c:69:0c:74:e9:69:cb:6c:bf:d0:
         81:fa:fe:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXO4J81rD8wTh2KqX/V0tphMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZWEyYjg4NGM3MDY3ZjU4ZmZmMDQwYTFmMDZlMGRmMWU4
MGFiM2UwHhcNMjMwMTIwMTExMTQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTRhYjYwOTNkYWU2NjUzYTk5NWY0YmRhZTdkY2RhY2Y2ZWVmMWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNSGuPsFluzsQRkvU/wGxGa0BXXI
psjIagZAfHRotW8ARftLRmdZrnraBztyh41hLjj9BOSTYs+fzJ3yCsSi5YUU8gUE
FM0yRQ5AEgP8OR1wQKF+3XatM1kj6frGhnhEHyQvYCQ7NMRZCVXh10MRqv7omai4
OE9xVNzXG/kckUe8PRBRxERg6P2sriYj9yK5NNo6pAq78eZXr/HIO2DF+t8GW41n
lBWe9CcGfpfcBWwVDdJggd63pbgcThW3Kw95833qv87tZhW+savS8FnQyb5wLkJg
YxXCYtVf/8fCkp3F2FMCIuXJ4OKC+LtuErJheW6LwRg3msWb3/YRKL/7yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpKtgk9rmZTqZX0va59zaz27vHgMB8GA1UdIwQY
MBaAFFvqK4hMcGf1j/8ECh8G4N8egKs+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVy1vcmlFeHdaX1dQX3dRS0h3YmczeDZBcXo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMzM0ZjgtZGFjZS00OTdmLWE1YTMt
ODE0ZTgwOTA0YmU0LzEvS2txMkNUMnVabE9wbGZTOXJuM05yUGJ1OGVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMzM0ZjgtZGFjZS00OTdmLWE1YTMtODE0ZTgwOTA0YmU0
LzEvVy1vcmlFeHdaX1dQX3dRS0h3YmczeDZBcXo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWOeMA0G
CSqGSIb3DQEBCwUAA4IBAQAbhQctVwsOf5BHnGx5QJMWkUentJdc7dDrilzcNqab
9QwviIvIkLBlvNJodKVxlGSs9rkXfBgj8mT8kM8CJEfAINOfHrly3BXWdOtb6NK/
yfcwfo5hSOyj6X7TOUvRJFdbLkzqqEG18S/upm8bt6uLuXNEFFnFe+1Vnjb+I9YU
3RUypKVGiBsfbzIOwQvtnrhdWpkaEktsZRkFn98O6Wix9w64j0e3TI6KyMqH6uXh
qfSMuEGTbox/umSoUWlkwfq3KMHlzcW5N4VcKz3Hawx3yObGDmZtkHxWonYWJB9c
0saIDmWiQfHzix+k1IOQxl9OZXxpDHTpactsv9CB+v7D
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:38 2024 by rpki-client on console-fra.rpki-client.org