Route Origin Authorization

$ rpki-client -vvf krill.rg.net/repo/rpki-beacons-ca/0/34352e3133322e3138382e302f32342d3234203d3e2033393730.roa
File:                     34352e3133322e3138382e302f32342d3234203d3e2033393730.roa (raw, json)
Hash identifier:          Vk/6mKwbvkxZXJqo4MiNI6c4drpgVeXWJEzA1GE2Je0=
Subject key identifier:   28:66:22:32:89:D8:E9:A0:31:3E:53:A1:70:15:05:24:1B:CF:FC:50
Certificate issuer:       /CN=656E4422ABF129649200EB019A815F2B12236E92
Certificate serial:       074FCF0C47A252CB84416DA46B2F025655CFAC56
Authority key identifier: 65:6E:44:22:AB:F1:29:64:92:00:EB:01:9A:81:5F:2B:12:23:6E:92
Authority info access:    rsync://ca.rg.net/rpki/RGnet-OU/ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer
Subject info access:      rsync://krill.rg.net/repo/rpki-beacons-ca/0/34352e3133322e3138382e302f32342d3234203d3e2033393730.roa
Signing time:             Fri 06 Jun 2025 13:24:07 +0000
ROA not before:           Fri 06 Jun 2025 13:19:07 +0000
ROA not after:            Fri 05 Jun 2026 13:24:07 +0000
asID:                     3970
IP address blocks:        45.132.188.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Sat 07 Jun 2025 13:51:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:4f:cf:0c:47:a2:52:cb:84:41:6d:a4:6b:2f:02:56:55:cf:ac:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=656E4422ABF129649200EB019A815F2B12236E92
        Validity
            Not Before: Jun  6 13:19:07 2025 GMT
            Not After : Jun  5 13:24:07 2026 GMT
        Subject: CN=2866223289D8E9A0313E53A1701505241BCFFC50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:c8:d8:e3:b5:cb:b2:bf:84:01:75:3f:14:e8:
                    2b:fe:fc:95:1e:f1:35:5c:89:fa:2d:52:37:97:5a:
                    47:c5:4a:c1:5b:0f:dc:9d:61:2e:c2:1e:5e:02:07:
                    20:64:9a:af:47:3f:68:59:5f:53:85:3d:fc:0b:90:
                    03:84:d3:69:59:9e:d2:02:96:2f:71:ab:15:93:5f:
                    e5:99:63:85:eb:10:0e:a6:07:ab:41:fc:35:7c:3e:
                    9e:3e:f1:e2:aa:ae:9c:6e:a2:ae:28:73:20:53:fa:
                    49:12:c7:11:2e:c1:df:5f:e2:f7:7e:87:fb:58:77:
                    7f:2d:14:71:41:1a:4e:92:b5:61:ff:b9:8c:3c:35:
                    70:ee:62:7b:fb:7c:1b:d4:e1:a0:ac:03:c1:d8:e3:
                    42:f3:e7:de:33:46:cf:63:9e:1c:d4:40:b0:df:52:
                    f0:1e:f9:c1:fd:6a:21:a1:42:77:26:32:f3:03:d0:
                    56:88:3d:7f:03:49:0e:f0:05:40:89:42:93:9e:5b:
                    4a:ca:ab:c7:cd:f2:3c:a1:8c:43:90:6a:94:1e:77:
                    1e:2a:0a:0d:32:25:0c:ed:38:5c:ff:f5:51:67:ba:
                    18:a3:18:4d:16:e2:95:3e:07:0f:25:50:a7:99:f2:
                    91:28:c4:0a:4c:cf:09:85:75:08:e0:7d:62:34:dd:
                    63:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:66:22:32:89:D8:E9:A0:31:3E:53:A1:70:15:05:24:1B:CF:FC:50
            X509v3 Authority Key Identifier:
                keyid:65:6E:44:22:AB:F1:29:64:92:00:EB:01:9A:81:5F:2B:12:23:6E:92

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.crl

            Authority Information Access:
                CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.rg.net/repo/rpki-beacons-ca/0/34352e3133322e3138382e302f32342d3234203d3e2033393730.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.132.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:c6:74:8c:02:c3:50:ed:5c:38:0a:ba:41:b4:d4:a0:f2:3d:
         3a:50:0d:35:17:c4:dd:5d:34:78:f7:c7:82:de:40:0e:84:e6:
         1d:f7:35:41:ce:68:01:6f:5c:12:1d:8c:67:dd:20:7b:0c:ae:
         75:e6:02:0c:80:16:cb:cc:40:50:1d:ef:70:03:67:06:41:53:
         a4:38:5b:53:f2:db:fc:14:ef:fe:3a:8c:ca:28:0c:cb:88:d7:
         5b:9f:5a:2d:81:af:36:6c:34:0c:8f:23:fe:70:74:3c:78:ef:
         80:ca:a7:78:f4:ef:34:1a:62:3c:81:fa:a6:b6:22:44:84:60:
         23:e7:d3:14:18:51:42:bf:e3:83:5a:49:3b:40:50:06:3a:ac:
         11:91:4a:8e:c3:54:6a:0d:9f:a9:72:3b:a0:7e:fa:83:0a:98:
         8e:aa:18:5b:c3:c8:ba:2f:19:fc:6b:94:47:a1:08:6d:62:86:
         87:c8:40:a7:3c:17:ce:47:fc:f5:9f:bf:b2:48:c0:7e:97:e6:
         44:22:d3:08:1b:c9:87:04:f9:1e:c1:62:c8:b2:8f:4f:43:09:
         ed:76:12:8e:0a:6d:db:e3:62:08:c5:3e:47:5f:bf:cb:06:6e:
         d2:d0:dd:a0:de:25:48:c7:b8:a2:3e:f3:0b:15:85:61:55:0d:
         65:21:14:9c
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgIUB0/PDEeiUsuEQW2kay8CVlXPrFYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjU2RTQ0MjJBQkYxMjk2NDkyMDBFQjAxOUE4MTVGMkIx
MjIzNkU5MjAeFw0yNTA2MDYxMzE5MDdaFw0yNjA2MDUxMzI0MDdaMDMxMTAvBgNV
BAMTKDI4NjYyMjMyODlEOEU5QTAzMTNFNTNBMTcwMTUwNTI0MUJDRkZDNTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/yNjjtcuyv4QBdT8U6Cv+/JUe
8TVcifotUjeXWkfFSsFbD9ydYS7CHl4CByBkmq9HP2hZX1OFPfwLkAOE02lZntIC
li9xqxWTX+WZY4XrEA6mB6tB/DV8Pp4+8eKqrpxuoq4ocyBT+kkSxxEuwd9f4vd+
h/tYd38tFHFBGk6StWH/uYw8NXDuYnv7fBvU4aCsA8HY40Lz594zRs9jnhzUQLDf
UvAe+cH9aiGhQncmMvMD0FaIPX8DSQ7wBUCJQpOeW0rKq8fN8jyhjEOQapQedx4q
Cg0yJQztOFz/9VFnuhijGE0W4pU+Bw8lUKeZ8pEoxApMzwmFdQjgfWI03WP7AgMB
AAGjggHaMIIB1jAdBgNVHQ4EFgQUKGYiMonY6aAxPlOhcBUFJBvP/FAwHwYDVR0j
BBgwFoAUZW5EIqvxKWSSAOsBmoFfKxIjbpIwDgYDVR0PAQH/BAQDAgeAMGkGA1Ud
HwRiMGAwXqBcoFqGWHJzeW5jOi8va3JpbGwucmcubmV0L3JlcG8vcnBraS1iZWFj
b25zLWNhLzAvNjU2RTQ0MjJBQkYxMjk2NDkyMDBFQjAxOUE4MTVGMkIxMjIzNkU5
Mi5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsGAQUFBzAChj9yc3luYzovL2NhLnJn
Lm5ldC9ycGtpL1JHbmV0LU9VL1pXNUVJcXZ4S1dTU0FPc0Jtb0ZmS3hJamJwSS5j
ZXIwgYAGCCsGAQUFBwELBHQwcjBwBggrBgEFBQcwC4ZkcnN5bmM6Ly9rcmlsbC5y
Zy5uZXQvcmVwby9ycGtpLWJlYWNvbnMtY2EvMC8zNDM1MmUzMTMzMzIyZTMxMzgz
ODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzNzMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYS8
MA0GCSqGSIb3DQEBCwUAA4IBAQA5xnSMAsNQ7Vw4CrpBtNSg8j06UA01F8TdXTR4
98eC3kAOhOYd9zVBzmgBb1wSHYxn3SB7DK515gIMgBbLzEBQHe9wA2cGQVOkOFtT
8tv8FO/+OozKKAzLiNdbn1otga82bDQMjyP+cHQ8eO+Ayqd49O80GmI8gfqmtiJE
hGAj59MUGFFCv+ODWkk7QFAGOqwRkUqOw1RqDZ+pcjugfvqDCpiOqhhbw8i6Lxn8
a5RHoQhtYoaHyECnPBfOR/z1n7+ySMB+l+ZEItMIG8mHBPkewWLIso9PQwntdhKO
Cm3b42IIxT5HX7/LBm7S0N2g3iVIx7iiPvMLFYVhVQ1lIRSc
-----END CERTIFICATE-----
Generated at Tue Jun 10 08:48:23 2025 by rpki-client