Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kiopvrp00CoP8seT88ZOGV9XHpA.roa
File:                     kiopvrp00CoP8seT88ZOGV9XHpA.roa (raw, json)
Hash identifier:          2QYCMTQXlbn3R6TmWOwDVkS21oM9imZ1CkQmm1Uz3LA=
Subject key identifier:   92:2A:29:BE:BA:74:D0:2A:0F:F2:C7:93:F3:C6:4E:19:5F:57:1E:90
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018B46339232E5986BC6F215D2596BF832D9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kiopvrp00CoP8seT88ZOGV9XHpA.roa
Signing time:             Thu 19 Oct 2023 04:31:06 +0000
ROA not before:           Thu 19 Oct 2023 04:31:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61138
IP address blocks:        192.124.191.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 21 Nov 2023 16:17:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:46:33:92:32:e5:98:6b:c6:f2:15:d2:59:6b:f8:32:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Oct 19 04:31:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=922a29beba74d02a0ff2c793f3c64e195f571e90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:4b:09:8b:e5:f7:08:00:7f:03:25:5f:4b:dd:
                    b3:d6:ed:f2:38:a9:c8:82:09:7b:f1:a2:01:a5:f5:
                    ad:e8:93:97:ea:5a:ab:45:af:cb:ce:77:0d:80:ca:
                    9b:1d:1f:41:97:e0:12:63:2d:47:10:67:a2:b1:94:
                    c3:18:86:07:1e:6f:08:4f:e4:42:07:c4:9a:52:04:
                    af:cc:4a:e1:08:ed:f0:d9:b5:13:cc:21:41:da:fc:
                    b0:fb:9a:05:77:18:4d:90:0d:88:ec:ce:4e:23:e1:
                    1a:36:07:53:45:9d:70:7d:25:73:10:20:38:73:94:
                    1e:7b:89:14:f8:3a:36:1b:dd:93:97:97:75:51:4d:
                    94:be:88:9b:f8:d6:82:26:ca:5d:f1:49:59:30:ec:
                    f9:a7:d5:b4:b2:29:b5:03:82:4b:12:27:86:69:16:
                    83:e3:2b:e8:71:6d:db:98:12:5e:69:65:d9:74:e2:
                    0f:e0:73:e1:4c:49:ad:f8:4c:4c:fe:bb:44:61:98:
                    a3:c8:69:7b:59:f6:1e:fe:73:54:9c:76:5b:63:2b:
                    3c:4a:87:6e:70:31:70:f5:d3:bc:92:28:28:44:0a:
                    2c:6b:fc:01:a7:3f:84:2f:eb:4b:1e:a5:ba:c2:d2:
                    14:8a:e2:b9:fa:2f:f3:35:57:80:da:81:05:5e:73:
                    a8:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:2A:29:BE:BA:74:D0:2A:0F:F2:C7:93:F3:C6:4E:19:5F:57:1E:90
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kiopvrp00CoP8seT88ZOGV9XHpA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.124.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:60:60:3f:82:97:6c:7f:78:cf:d8:27:e5:2d:e6:68:6a:e4:
         9d:03:cb:3c:58:e4:c2:c0:08:1d:11:80:61:1d:ca:33:34:1b:
         ef:71:9c:0f:db:5b:93:06:3a:b2:5d:81:9a:21:8d:c7:b6:c1:
         fc:6c:eb:ac:4d:80:70:30:3b:32:c0:92:99:bd:8c:7a:50:3e:
         16:a4:7f:9c:6a:4c:53:5a:bb:a8:2a:6e:bf:0b:7b:20:a1:eb:
         13:23:f5:7d:4d:d1:d3:13:8b:02:96:d4:fe:36:8d:01:e2:3a:
         31:24:a9:9e:b5:38:9c:14:54:66:8a:cf:16:83:3c:5f:20:b1:
         65:0b:f3:84:f8:0c:bd:00:49:91:e4:65:d0:ff:71:64:e3:8f:
         9a:c7:d0:c0:57:ce:a7:b1:33:29:0e:f1:e7:7d:7d:0d:c5:db:
         80:41:69:94:46:ef:06:78:9f:47:b3:18:5b:fa:3f:c4:18:97:
         8e:67:c6:08:45:4b:84:9b:15:97:5d:64:f8:d4:3d:19:c6:ba:
         7c:54:66:cb:dc:ae:4e:b9:2f:77:18:b6:72:00:87:1d:15:fe:
         70:59:bb:7e:1f:7d:ab:51:8a:e0:74:b3:b3:fb:df:c7:6c:5d:
         76:ec:93:61:63:76:94:51:c0:3e:13:62:10:66:c9:ec:48:3c:
         b3:55:c3:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtGM5Iy5ZhrxvIV0llr+DLZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDE5MDQzMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjJhMjliZWJhNzRkMDJhMGZmMmM3OTNmM2M2NGUxOTVmNTcxZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ksJi+X3CAB/AyVfS92z1u3yOKnI
ggl78aIBpfWt6JOX6lqrRa/LzncNgMqbHR9Bl+ASYy1HEGeisZTDGIYHHm8IT+RC
B8SaUgSvzErhCO3w2bUTzCFB2vyw+5oFdxhNkA2I7M5OI+EaNgdTRZ1wfSVzECA4
c5Qee4kU+Do2G92Tl5d1UU2Uvoib+NaCJspd8UlZMOz5p9W0sim1A4JLEieGaRaD
4yvocW3bmBJeaWXZdOIP4HPhTEmt+ExM/rtEYZijyGl7WfYe/nNUnHZbYys8Sodu
cDFw9dO8kigoRAosa/wBpz+EL+tLHqW6wtIUiuK5+i/zNVeA2oEFXnOoRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJIqKb66dNAqD/LHk/PGThlfVx6QMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEva2lvcHZycDAwQ29QOHNlVDg4Wk9HVjlYSHBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwHy/MA0G
CSqGSIb3DQEBCwUAA4IBAQBmYGA/gpdsf3jP2CflLeZoauSdA8s8WOTCwAgdEYBh
HcozNBvvcZwP21uTBjqyXYGaIY3HtsH8bOusTYBwMDsywJKZvYx6UD4WpH+cakxT
WruoKm6/C3sgoesTI/V9TdHTE4sCltT+No0B4joxJKmetTicFFRmis8WgzxfILFl
C/OE+Ay9AEmR5GXQ/3Fk44+ax9DAV86nsTMpDvHnfX0NxduAQWmURu8GeJ9Hsxhb
+j/EGJeOZ8YIRUuEmxWXXWT41D0Zxrp8VGbL3K5OuS93GLZyAIcdFf5wWbt+H32r
UYrgdLOz+9/HbF127JNhY3aUUcA+E2IQZsnsSDyzVcNM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:25 2024 by rpki-client on console-fra.rpki-client.org