Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/KuC-hbOb-8KA6nv7snfkT0Htyos.roa
File:                     KuC-hbOb-8KA6nv7snfkT0Htyos.roa (raw, json)
Hash identifier:          GdUJ8KkPC86OQG6xVH+0dhTpc6KefDlKiN6bxn4b0Gk=
Subject key identifier:   2A:E0:BE:85:B3:9B:FB:C2:80:EA:7B:FB:B2:77:E4:4F:41:ED:CA:8B
Certificate issuer:       /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial:       018AAD7B8E1803029C77E380F0F835B26CA6
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/KuC-hbOb-8KA6nv7snfkT0Htyos.roa
Signing time:             Tue 19 Sep 2023 12:47:50 +0000
ROA not before:           Tue 19 Sep 2023 12:47:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197100
IP address blocks:        46.34.36.0/24 maxlen: 24
                          46.34.32.0/22 maxlen: 22
                          46.34.40.0/24 maxlen: 24
                          46.34.58.0/24 maxlen: 24
                          46.34.63.0/24 maxlen: 24
                          46.34.59.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 22 Sep 2023 00:15:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:ad:7b:8e:18:03:02:9c:77:e3:80:f0:f8:35:b2:6c:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
        Validity
            Not Before: Sep 19 12:47:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2ae0be85b39bfbc280ea7bfbb277e44f41edca8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:da:df:78:07:18:c6:97:46:da:b4:02:73:ad:
                    96:e1:a7:81:1e:57:d9:f8:c5:5e:ba:27:b9:c9:55:
                    12:bb:b8:a4:94:f6:10:84:31:da:d4:7b:51:2e:4c:
                    d4:a9:f6:aa:d4:7e:d9:da:df:b7:a8:bb:89:ac:9b:
                    ad:e1:15:43:f3:8e:34:d2:0c:db:2a:02:97:d2:02:
                    3f:32:83:5b:bf:ea:30:43:df:61:7f:3f:79:25:df:
                    d4:f6:8f:b2:22:8b:9e:eb:c3:cc:b6:ab:1e:b0:9a:
                    f6:a2:9c:3d:b1:55:dd:29:45:2f:02:d9:3d:fd:29:
                    a2:42:e3:bc:b4:ac:e9:40:24:c5:8c:92:19:b4:85:
                    ba:dc:ba:b8:38:8a:40:6f:36:38:d9:c6:38:91:03:
                    0d:a4:72:c0:0f:88:54:04:62:c1:e3:37:a8:e5:4e:
                    6f:a4:93:cb:95:73:a2:92:f2:e7:d5:3b:fc:ea:33:
                    90:0c:7b:3f:0e:08:35:26:fd:a4:8d:6f:7b:d5:e9:
                    f2:0f:42:c2:e4:66:76:f8:5d:ac:0a:17:95:ca:cc:
                    1a:63:55:86:f7:32:c7:2d:6d:f6:ef:37:f7:61:5a:
                    6a:6e:8b:e5:15:f0:30:c6:58:38:6b:b8:d1:68:b5:
                    46:da:8b:c2:9a:56:31:f7:ed:a6:23:1f:2f:33:18:
                    2b:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:E0:BE:85:B3:9B:FB:C2:80:EA:7B:FB:B2:77:E4:4F:41:ED:CA:8B
            X509v3 Authority Key Identifier:
                keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/KuC-hbOb-8KA6nv7snfkT0Htyos.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.34.32.0-46.34.36.255
                  46.34.40.0/24
                  46.34.58.0/23
                  46.34.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:03:45:1a:54:0e:63:1d:6c:2c:a9:da:0b:55:41:f3:38:c7:
         e6:c2:f2:ce:9c:e6:1c:b1:51:bf:d6:87:3c:cd:fb:85:27:d8:
         37:7f:1d:ea:03:e4:a0:c8:61:50:98:c3:63:23:e0:9d:65:d1:
         16:40:43:3f:d9:07:04:7a:25:0c:e4:37:db:66:93:b0:c7:a0:
         81:e4:16:db:d1:a3:cb:c0:c3:41:65:0a:ea:aa:b1:60:83:fb:
         c9:d1:88:de:79:ed:02:cb:04:1b:fb:fe:bb:1d:5e:5c:a8:ce:
         1e:40:71:e8:d5:77:f0:ef:ab:31:30:d3:62:c0:9f:67:5f:5e:
         71:aa:af:b9:d3:75:15:ee:da:07:1f:d8:9c:85:f5:79:76:3e:
         3e:84:7c:77:d0:78:75:2a:45:92:b6:e2:4b:7a:14:97:f2:12:
         c4:4e:1e:61:ba:b5:46:8f:9a:d8:82:de:ff:59:0c:ac:38:d5:
         bb:73:d6:05:99:a7:3d:fe:ba:e3:bb:cd:d4:f8:21:5f:4e:12:
         13:ae:ef:58:66:cd:02:85:70:cc:0e:cd:8d:2a:ba:f3:80:b4:
         71:5f:e1:2e:36:0b:e1:75:88:d9:22:a0:46:da:87:4e:4e:76:
         6a:12:49:84:31:bc:c0:ff:69:17:bf:82:91:58:83:b5:b9:95:
         f5:ff:8f:7a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYqte44YAwKcd+OA8Pg1smymMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwOTE5MTI0NzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWUwYmU4NWIzOWJmYmMyODBlYTdiZmJiMjc3ZTQ0ZjQxZWRjYThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtrfeAcYxpdG2rQCc62W4aeBHlfZ
+MVeuie5yVUSu7iklPYQhDHa1HtRLkzUqfaq1H7Z2t+3qLuJrJut4RVD84400gzb
KgKX0gI/MoNbv+owQ99hfz95Jd/U9o+yIoue68PMtqsesJr2opw9sVXdKUUvAtk9
/SmiQuO8tKzpQCTFjJIZtIW63Lq4OIpAbzY42cY4kQMNpHLAD4hUBGLB4zeo5U5v
pJPLlXOikvLn1Tv86jOQDHs/Dgg1Jv2kjW971enyD0LC5GZ2+F2sCheVyswaY1WG
9zLHLW327zf3YVpqbovlFfAwxlg4a7jRaLVG2ovCmlYx9+2mIx8vMxgrXwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCrgvoWzm/vCgOp7+7J35E9B7cqLMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvS3VDLWhiT2ItOEtBNm52N3NuZmtUMEh0eW9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAUuIiAD
BAAuIiQDBAAuIigDBAEuIjoDBAAuIj8wDQYJKoZIhvcNAQELBQADggEBACgDRRpU
DmMdbCyp2gtVQfM4x+bC8s6c5hyxUb/WhzzN+4Un2Dd/HeoD5KDIYVCYw2Mj4J1l
0RZAQz/ZBwR6JQzkN9tmk7DHoIHkFtvRo8vAw0FlCuqqsWCD+8nRiN557QLLBBv7
/rsdXlyozh5AcejVd/DvqzEw02LAn2dfXnGqr7nTdRXu2gcf2JyF9Xl2Pj6EfHfQ
eHUqRZK24kt6FJfyEsROHmG6tUaPmtiC3v9ZDKw41btz1gWZpz3+uuO7zdT4IV9O
EhOu71hmzQKFcMwOzY0quvOAtHFf4S42C+F1iNkioEbah05OdmoSSYQxvMD/aRe/
gpFYg7W5lfX/j3o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:26 2024 by rpki-client on console-ams.rpki-client.org