Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KkCOKUNl30ZQyIPKkRw6vXXMIJU.roa
File:                     KkCOKUNl30ZQyIPKkRw6vXXMIJU.roa (raw, json)
Hash identifier:          uKrcagZz4TBFceStK9Pe7I27gjIwxT/u6AOjmQ+DgZ8=
Subject key identifier:   2A:40:8E:29:43:65:DF:46:50:C8:83:CA:91:1C:3A:BD:75:CC:20:95
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0189D56C9CB85E1E00EABA87AFF4FD3FE4AD
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KkCOKUNl30ZQyIPKkRw6vXXMIJU.roa
Signing time:             Tue 08 Aug 2023 13:53:32 +0000
ROA not before:           Tue 08 Aug 2023 13:53:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15731
IP address blocks:        194.87.1.0/24 maxlen: 24
                          193.124.16.0/24 maxlen: 24
                          194.87.11.0/24 maxlen: 24
                          194.87.12.0/24 maxlen: 24
                          194.87.24.0/22 maxlen: 24
                          194.87.26.0/23 maxlen: 23
                          195.58.36.0/24 maxlen: 24
                          194.58.47.0/24 maxlen: 24
                          212.192.241.0/24 maxlen: 24
                          195.58.54.0/24 maxlen: 24
                          195.58.58.0/23 maxlen: 23
                          195.58.62.0/23 maxlen: 23
                          194.87.108.0/24 maxlen: 24
                          194.87.114.0/23 maxlen: 23
                          194.87.122.0/24 maxlen: 24
                          194.87.124.0/24 maxlen: 24
                          193.124.133.0/24 maxlen: 24
                          194.87.130.0/24 maxlen: 24
                          194.87.131.0/24 maxlen: 24
                          195.133.0.0/24 maxlen: 24
                          194.87.134.0/23 maxlen: 23
                          195.133.6.0/24 maxlen: 24
                          195.133.7.0/24 maxlen: 24
                          194.87.40.0/24 maxlen: 24
                          194.87.56.0/24 maxlen: 24
                          194.58.154.0/24 maxlen: 24
                          193.124.80.0/24 maxlen: 24
                          194.87.73.0/24 maxlen: 24
                          194.87.83.0/24 maxlen: 24
                          194.87.200.0/24 maxlen: 24
                          195.133.73.0/24 maxlen: 24
                          195.133.85.0/24 maxlen: 24
                          195.133.84.0/23 maxlen: 23
                          194.87.222.0/24 maxlen: 24
                          194.87.151.0/24 maxlen: 24
                          192.124.178.0/24 maxlen: 24
                          195.133.30.0/24 maxlen: 24
                          192.124.182.0/24 maxlen: 24
                          194.87.168.0/24 maxlen: 24
                          194.87.179.0/24 maxlen: 24
                          192.124.191.0/24 maxlen: 24
                          194.87.190.0/24 maxlen: 24
                          193.124.200.0/24 maxlen: 24
                          195.133.194.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 09 Aug 2023 13:20:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:d5:6c:9c:b8:5e:1e:00:ea:ba:87:af:f4:fd:3f:e4:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Aug  8 13:53:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2a408e294365df4650c883ca911c3abd75cc2095
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:21:43:9a:33:7e:3d:e0:16:e3:1a:7d:0b:7e:
                    e1:85:e6:67:45:3a:00:bf:63:17:8d:69:0d:06:ac:
                    b7:af:60:47:ac:0f:42:b4:df:d8:5a:89:22:2c:6c:
                    26:a0:8b:27:93:96:b7:29:d2:76:38:f0:98:cf:2a:
                    00:1f:1e:b9:0a:af:1d:40:81:2c:d6:48:5b:43:59:
                    12:2c:39:38:93:32:77:9b:5c:5b:b0:8f:de:9b:ef:
                    68:3c:da:20:e3:c6:a8:39:f0:27:dd:51:4e:e5:4d:
                    b7:11:c3:9d:24:53:1b:a6:d5:ee:2f:1a:cc:33:4a:
                    55:cf:da:a4:b2:ae:24:fd:47:6a:2d:2a:8a:05:e5:
                    09:ea:8b:bc:7e:6b:a6:bb:a3:a4:10:af:c8:49:a8:
                    c7:e9:14:a1:58:c7:7f:8a:67:97:03:41:d0:29:20:
                    66:8d:cc:3c:ce:e1:f7:2a:f2:64:81:61:87:01:8e:
                    ec:c7:0a:5c:7a:03:d1:62:7e:cf:c7:a5:a9:a1:9d:
                    53:7c:30:8f:d7:c8:53:ff:57:63:27:18:c4:ab:79:
                    72:50:85:15:e6:0b:c1:7c:df:7d:d2:a6:60:18:3a:
                    9c:7f:5a:02:54:6b:8b:18:39:c3:95:7f:a3:d6:ef:
                    13:2c:3a:f6:ea:b5:43:5b:8a:2d:6e:7e:6d:88:3c:
                    de:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:40:8E:29:43:65:DF:46:50:C8:83:CA:91:1C:3A:BD:75:CC:20:95
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KkCOKUNl30ZQyIPKkRw6vXXMIJU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.124.178.0/24
                  192.124.182.0/24
                  192.124.191.0/24
                  193.124.16.0/24
                  193.124.80.0/24
                  193.124.133.0/24
                  193.124.200.0/24
                  194.58.47.0/24
                  194.58.154.0/24
                  194.87.1.0/24
                  194.87.11.0-194.87.12.255
                  194.87.24.0/22
                  194.87.40.0/24
                  194.87.56.0/24
                  194.87.73.0/24
                  194.87.83.0/24
                  194.87.108.0/24
                  194.87.114.0/23
                  194.87.122.0/24
                  194.87.124.0/24
                  194.87.130.0/23
                  194.87.134.0/23
                  194.87.151.0/24
                  194.87.168.0/24
                  194.87.179.0/24
                  194.87.190.0/24
                  194.87.200.0/24
                  194.87.222.0/24
                  195.58.36.0/24
                  195.58.54.0/24
                  195.58.58.0/23
                  195.58.62.0/23
                  195.133.0.0/24
                  195.133.6.0/23
                  195.133.30.0/24
                  195.133.73.0/24
                  195.133.84.0/23
                  195.133.194.0/24
                  212.192.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:8f:24:b6:7d:42:a0:e5:9e:92:b0:52:64:d9:b3:a8:a8:53:
         ae:79:41:77:98:7c:b2:e8:25:5d:aa:fe:ae:6b:42:76:3a:55:
         c8:c0:ff:4f:ae:7b:7f:bf:3f:d9:45:4a:33:fd:ad:64:2b:a3:
         d5:92:14:b2:10:19:c6:ec:da:3b:76:ed:f6:0b:e1:3f:a4:b6:
         a4:bf:56:0f:5b:f0:82:25:54:b6:c6:16:e7:d0:b2:e0:4e:e2:
         1e:58:80:82:f0:49:5d:c9:1b:e0:08:ad:21:52:be:c2:48:d5:
         12:be:de:78:c4:0b:dd:a0:78:a8:67:76:95:ec:08:b5:1c:71:
         ae:ce:93:93:41:fc:ba:19:fe:f8:58:d2:a3:a2:7a:31:b6:19:
         8f:70:cc:f5:b5:d3:cc:9d:a6:f2:ab:40:e4:b4:18:14:16:6f:
         59:67:d3:9d:52:af:00:40:54:39:03:93:d0:9c:e3:c0:4e:f2:
         08:98:f3:08:11:1d:0b:17:aa:63:4a:96:ea:07:04:af:be:b3:
         c0:e7:69:f8:43:92:c6:53:be:9c:3c:02:b4:0d:6c:c7:59:95:
         ba:ab:ac:f0:d1:c5:1a:0c:3b:4f:84:d1:05:bc:e7:55:da:e2:
         5c:89:fd:16:ee:ba:b5:a9:b3:db:89:b0:f7:bf:9b:37:31:f0:
         d1:94:f5:88
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgISAYnVbJy4Xh4A6rqHr/T9P+StMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODA4MTM1MzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTQwOGUyOTQzNjVkZjQ2NTBjODgzY2E5MTFjM2FiZDc1Y2MyMDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiFDmjN+PeAW4xp9C37hheZnRToA
v2MXjWkNBqy3r2BHrA9CtN/YWokiLGwmoIsnk5a3KdJ2OPCYzyoAHx65Cq8dQIEs
1khbQ1kSLDk4kzJ3m1xbsI/em+9oPNog48aoOfAn3VFO5U23EcOdJFMbptXuLxrM
M0pVz9qksq4k/UdqLSqKBeUJ6ou8fmumu6OkEK/ISajH6RShWMd/imeXA0HQKSBm
jcw8zuH3KvJkgWGHAY7sxwpcegPRYn7Px6WpoZ1TfDCP18hT/1djJxjEq3lyUIUV
5gvBfN990qZgGDqcf1oCVGuLGDnDlX+j1u8TLDr26rVDW4otbn5tiDze1QIDAQAB
o4IC+zCCAvcwHQYDVR0OBBYEFCpAjilDZd9GUMiDypEcOr11zCCVMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvS2tDT0tVTmwzMFpReUlQS2tSdzZ2WFhNSUpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDwYIKwYBBQUHAQcBAf8Egf8wgfwwgfkEAgABMIHyAwQA
wHyyAwQAwHy2AwQAwHy/AwQAwXwQAwQAwXxQAwQAwXyFAwQAwXzIAwQAwjovAwQA
wjqaAwQAwlcBMAwDBADCVwsDBADCVwwDBALCVxgDBADCVygDBADCVzgDBADCV0kD
BADCV1MDBADCV2wDBAHCV3IDBADCV3oDBADCV3wDBAHCV4IDBAHCV4YDBADCV5cD
BADCV6gDBADCV7MDBADCV74DBADCV8gDBADCV94DBADDOiQDBADDOjYDBAHDOjoD
BAHDOj4DBADDhQADBAHDhQYDBADDhR4DBADDhUkDBAHDhVQDBADDhcIDBADUwPEw
DQYJKoZIhvcNAQELBQADggEBAESPJLZ9QqDlnpKwUmTZs6ioU655QXeYfLLoJV2q
/q5rQnY6VcjA/0+ue3+/P9lFSjP9rWQro9WSFLIQGcbs2jt27fYL4T+ktqS/Vg9b
8IIlVLbGFufQsuBO4h5YgILwSV3JG+AIrSFSvsJI1RK+3njEC92geKhndpXsCLUc
ca7Ok5NB/LoZ/vhY0qOiejG2GY9wzPW108ydpvKrQOS0GBQWb1ln051SrwBAVDkD
k9Cc48BO8giY8wgRHQsXqmNKluoHBK++s8DnafhDksZTvpw8ArQNbMdZlbqrrPDR
xRoMO0+E0QW851Xa4lyJ/RbuurWps9uJsPe/mzcx8NGU9Yg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:13 2024 by rpki-client on console-fra.rpki-client.org