Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KmTb_w4aoq8mS659KqJL59VmjKw.roa
File:                     KmTb_w4aoq8mS659KqJL59VmjKw.roa (raw, json)
Hash identifier:          /eo6jb/zW5npTYatwZCFHjf/XLzMCNDUvDGFPyrttKE=
Subject key identifier:   2A:64:DB:FF:0E:1A:A2:AF:26:4B:AE:7D:2A:A2:4B:E7:D5:66:8C:AC
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018BB47AA112CBBB5059D278A655403F33B9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KmTb_w4aoq8mS659KqJL59VmjKw.roa
Signing time:             Thu 09 Nov 2023 14:26:57 +0000
ROA not before:           Thu 09 Nov 2023 14:26:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199654
IP address blocks:        195.58.58.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:19:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:b4:7a:a1:12:cb:bb:50:59:d2:78:a6:55:40:3f:33:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Nov  9 14:26:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2a64dbff0e1aa2af264bae7d2aa24be7d5668cac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:7f:a7:43:62:70:f3:bb:d4:45:ec:6b:d1:0d:
                    cb:e4:07:5b:18:f2:ad:7f:ef:de:7a:bb:51:11:15:
                    54:e8:98:01:4a:e2:d7:98:1f:8e:c4:6f:60:0e:52:
                    10:5c:d0:9e:a7:71:cc:5e:68:1f:7e:aa:2b:54:49:
                    cd:31:38:d2:ce:13:03:1d:ba:47:7a:8c:7d:6d:9c:
                    05:bd:af:a8:77:c8:50:af:e7:ec:60:58:1c:ef:34:
                    64:19:1b:4e:5a:ba:49:f0:10:c2:c3:a5:31:0d:f1:
                    5d:a8:82:82:71:9f:a2:c2:51:c4:33:7a:45:93:2b:
                    74:68:46:35:5d:05:9a:ca:43:68:78:22:fe:84:35:
                    00:51:13:78:0c:08:82:12:4c:c6:2a:26:c0:27:a0:
                    6c:45:82:c4:73:a0:31:4a:f6:69:04:e5:21:f2:72:
                    57:f8:a9:f5:48:e5:12:13:f5:91:1b:87:96:36:7f:
                    b5:2a:a5:6c:91:c9:d5:c9:a2:0a:e5:2f:01:e7:18:
                    9c:7e:91:53:6f:cb:12:d3:1f:e6:91:c9:49:eb:c7:
                    c9:d0:5d:80:9c:f4:3a:a0:67:68:15:6b:04:e9:37:
                    c8:d9:9b:8b:af:d3:5c:8b:2a:3b:52:1e:cc:39:0b:
                    89:7e:02:f2:66:3e:fb:46:8e:9a:fc:22:a2:60:2d:
                    3c:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:64:DB:FF:0E:1A:A2:AF:26:4B:AE:7D:2A:A2:4B:E7:D5:66:8C:AC
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KmTb_w4aoq8mS659KqJL59VmjKw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.58.58.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:6e:1b:d4:10:90:bd:c1:dd:1c:85:cf:01:0a:c0:48:8c:03:
         ad:c0:62:25:9a:31:04:0c:e5:5e:db:8f:6f:e7:e6:33:17:f7:
         60:e2:8b:3d:2b:e6:e8:5f:30:a9:25:4c:cf:36:98:c4:b9:de:
         d4:f8:dd:4c:1a:f0:cf:a7:d4:0e:97:65:ca:55:9f:9d:5a:cc:
         be:71:01:14:26:97:8a:d2:ce:d8:72:1d:b6:a9:49:0e:56:ac:
         55:32:a5:67:7d:ff:bd:c2:79:29:5c:69:82:67:9d:bd:27:96:
         55:f5:b8:76:21:8d:5b:ce:26:73:b0:5e:99:8b:1d:ae:19:78:
         8e:90:32:8d:6e:75:a0:ad:05:db:a3:f1:84:21:bf:9d:75:f7:
         b3:78:b1:d5:0a:e2:ab:f1:b2:4a:d1:b0:37:4f:1e:10:a0:0d:
         f9:5c:46:34:0e:e3:22:da:9c:39:c0:dd:63:a4:69:b7:2b:8d:
         a3:de:ca:fd:d8:57:5a:fa:4e:e9:e7:14:31:c4:97:0d:a2:12:
         d8:90:e0:e0:e0:ae:9e:43:14:ae:a6:12:61:13:ec:e4:55:fe:
         ce:77:db:f9:cb:f2:19:97:6b:54:b1:66:8e:26:da:62:a2:42:
         c9:87:26:0e:ad:d6:bb:77:0e:8b:7d:9a:64:21:97:b3:84:88:
         b9:16:c9:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYu0eqESy7tQWdJ4plVAPzO5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTA5MTQyNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTY0ZGJmZjBlMWFhMmFmMjY0YmFlN2QyYWEyNGJlN2Q1NjY4Y2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3+nQ2Jw87vURexr0Q3L5AdbGPKt
f+/eertRERVU6JgBSuLXmB+OxG9gDlIQXNCep3HMXmgffqorVEnNMTjSzhMDHbpH
eox9bZwFva+od8hQr+fsYFgc7zRkGRtOWrpJ8BDCw6UxDfFdqIKCcZ+iwlHEM3pF
kyt0aEY1XQWaykNoeCL+hDUAURN4DAiCEkzGKibAJ6BsRYLEc6AxSvZpBOUh8nJX
+Kn1SOUSE/WRG4eWNn+1KqVskcnVyaIK5S8B5xicfpFTb8sS0x/mkclJ68fJ0F2A
nPQ6oGdoFWsE6TfI2ZuLr9Nciyo7Uh7MOQuJfgLyZj77Ro6a/CKiYC08rwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpk2/8OGqKvJkuufSqiS+fVZoysMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvS21UYl93NGFvcThtUzY1OUtxSkw1OVZtakt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzo6MA0G
CSqGSIb3DQEBCwUAA4IBAQBcbhvUEJC9wd0chc8BCsBIjAOtwGIlmjEEDOVe249v
5+YzF/dg4os9K+boXzCpJUzPNpjEud7U+N1MGvDPp9QOl2XKVZ+dWsy+cQEUJpeK
0s7Ych22qUkOVqxVMqVnff+9wnkpXGmCZ529J5ZV9bh2IY1bziZzsF6Zix2uGXiO
kDKNbnWgrQXbo/GEIb+ddfezeLHVCuKr8bJK0bA3Tx4QoA35XEY0DuMi2pw5wN1j
pGm3K42j3sr92Fda+k7p5xQxxJcNohLYkODg4K6eQxSuphJhE+zkVf7Od9v5y/IZ
l2tUsWaOJtpiokLJhyYOrda7dw6LfZpkIZezhIi5Fsky
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:13 2024 by rpki-client on console-fra.rpki-client.org