Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/KnReNLbsUT1Do2piPsjFTXEww54.roa
File:                     KnReNLbsUT1Do2piPsjFTXEww54.roa (raw, json)
Hash identifier:          ZmYsyLsZTeyfrbH4liD9ipPBKN0ylkV2eMAm9vPVaS8=
Subject key identifier:   2A:74:5E:34:B6:EC:51:3D:43:A3:6A:62:3E:C8:C5:4D:71:30:C3:9E
Certificate issuer:       /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial:       01857246D23FFF7EA7512588932E9A7C00CD
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/KnReNLbsUT1Do2piPsjFTXEww54.roa
Signing time:             Mon 02 Jan 2023 11:38:42 +0000
ROA not before:           Mon 02 Jan 2023 11:38:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204914
IP address blocks:        2a0c:9a40:8350::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:46:d2:3f:ff:7e:a7:51:25:88:93:2e:9a:7c:00:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
        Validity
            Not Before: Jan  2 11:38:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2a745e34b6ec513d43a36a623ec8c54d7130c39e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:89:80:9f:18:10:12:06:51:56:83:8a:73:05:
                    32:cb:f7:33:16:33:ab:2c:6a:36:ab:a6:d0:3a:88:
                    64:92:09:84:a6:2c:30:6a:4a:51:35:16:c7:02:92:
                    9a:22:f5:20:bc:6f:a9:3f:4f:31:da:2d:49:a4:0b:
                    b9:93:6c:0c:15:fb:52:b1:d8:66:d1:e1:db:68:ef:
                    87:64:22:4b:23:7e:c5:96:98:5a:69:d4:5e:c6:61:
                    54:af:89:9f:79:3d:97:f2:00:70:3b:ae:25:dd:e3:
                    34:21:a8:92:62:71:08:1b:c0:3c:74:59:a9:db:58:
                    71:6f:5d:e8:15:65:5c:6e:a5:78:a4:ac:e3:42:b2:
                    76:26:0e:42:00:d3:04:63:cc:a4:0d:27:69:d0:b7:
                    91:cb:2e:fa:a9:c8:ac:81:dc:ec:db:5a:fa:6c:9a:
                    36:2c:d5:38:5e:a0:94:e2:c2:ff:92:52:d5:97:52:
                    04:8a:f5:4a:a9:42:0e:be:22:a3:85:16:86:f5:9a:
                    93:cb:a8:8c:36:f9:96:61:f6:a2:db:92:a4:42:24:
                    4c:82:9e:3f:6d:3d:28:7b:df:68:22:f5:68:a3:b8:
                    d3:be:86:f1:c1:8b:76:de:f1:7b:d6:f9:50:6e:af:
                    de:ac:e5:57:31:41:88:26:6a:da:99:0b:07:a4:ff:
                    a5:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:74:5E:34:B6:EC:51:3D:43:A3:6A:62:3E:C8:C5:4D:71:30:C3:9E
            X509v3 Authority Key Identifier:
                keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/KnReNLbsUT1Do2piPsjFTXEww54.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:9a40:8350::/48

    Signature Algorithm: sha256WithRSAEncryption
         ab:12:9d:7a:68:a8:d3:a0:d3:64:07:5f:c2:ca:d1:32:94:aa:
         b3:f8:e1:8c:64:cc:00:92:27:f6:25:f0:e0:e3:56:53:f2:2f:
         f2:40:2e:2a:a8:79:e6:e2:11:c0:c6:9c:96:a8:bd:4f:ab:ef:
         01:9d:ef:93:40:d0:bb:c0:e8:12:63:27:56:f0:5e:63:d7:2d:
         98:00:16:8a:84:78:c8:a3:74:7e:04:8e:f5:d6:b7:58:99:ac:
         f8:fc:2e:10:f1:82:0b:ce:8e:f5:78:4e:7d:f5:06:55:b8:81:
         10:3c:27:fa:92:e7:2c:7b:ef:87:bb:ed:f5:a2:21:2f:41:e1:
         ab:c9:26:f0:f0:29:48:65:1b:13:51:14:26:4c:72:14:90:f7:
         74:d1:f2:94:39:37:2d:8b:97:ae:49:2f:09:5f:bf:14:ef:d9:
         f3:15:4e:1a:b3:1d:1f:a3:0c:17:0e:4e:35:b6:d6:ac:b8:52:
         6d:a5:34:43:ca:54:e9:3a:35:64:ef:4b:07:b0:94:e6:99:6f:
         60:b1:99:89:97:a9:e5:9d:5b:7a:ea:7b:08:44:8f:e6:42:5f:
         28:ec:08:f5:ab:e0:52:1f:02:5e:0f:40:d8:aa:31:69:16:69:
         af:e7:b8:f3:e6:62:87:16:53:ad:65:05:aa:cd:b5:15:f8:2e:
         bc:c2:e3:53
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyRtI//36nUSWIky6afADNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwMTAyMTEzODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTc0NWUzNGI2ZWM1MTNkNDNhMzZhNjIzZWM4YzU0ZDcxMzBjMzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmImAnxgQEgZRVoOKcwUyy/czFjOr
LGo2q6bQOohkkgmEpiwwakpRNRbHApKaIvUgvG+pP08x2i1JpAu5k2wMFftSsdhm
0eHbaO+HZCJLI37FlphaadRexmFUr4mfeT2X8gBwO64l3eM0IaiSYnEIG8A8dFmp
21hxb13oFWVcbqV4pKzjQrJ2Jg5CANMEY8ykDSdp0LeRyy76qcisgdzs21r6bJo2
LNU4XqCU4sL/klLVl1IEivVKqUIOviKjhRaG9ZqTy6iMNvmWYfai25KkQiRMgp4/
bT0oe99oIvVoo7jTvobxwYt23vF71vlQbq/erOVXMUGIJmramQsHpP+lNwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCp0XjS27FE9Q6NqYj7IxU1xMMOeMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvS25SZU5MYnNVVDFEbzJwaVBzakZUWEV3dzU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQINQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCrEp16aKjToNNkB1/CytEylKqz+OGMZMwAkif2
JfDg41ZT8i/yQC4qqHnm4hHAxpyWqL1Pq+8Bne+TQNC7wOgSYydW8F5j1y2YABaK
hHjIo3R+BI711rdYmaz4/C4Q8YILzo71eE599QZVuIEQPCf6kucse++Hu+31oiEv
QeGrySbw8ClIZRsTURQmTHIUkPd00fKUOTcti5euSS8JX78U79nzFU4asx0fowwX
Dk41ttasuFJtpTRDylTpOjVk70sHsJTmmW9gsZmJl6nlnVt66nsIRI/mQl8o7Aj1
q+BSHwJeD0DYqjFpFmmv57jz5mKHFlOtZQWqzbUV+C68wuNT
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:15 2024 by rpki-client on console-ams.rpki-client.org