Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Km3YhvmAC80uHm2Oo1IPwJyYPA4.roa
File:                     Km3YhvmAC80uHm2Oo1IPwJyYPA4.roa (raw, json)
Hash identifier:          VbeIK0J96+lKo6y8oOEDCe5DE1kE934oTvJ3vKdsvbo=
Subject key identifier:   2A:6D:D8:86:F9:80:0B:CD:2E:1E:6D:8E:A3:52:0F:C0:9C:98:3C:0E
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       0189F40976843F6CC9EE2AFE5113C153C6BC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Km3YhvmAC80uHm2Oo1IPwJyYPA4.roa
Signing time:             Mon 14 Aug 2023 12:33:28 +0000
ROA not before:           Mon 14 Aug 2023 12:33:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208885
IP address blocks:        2.59.255.0/24 maxlen: 24
                          94.156.10.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 21 Sep 2023 18:58:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:f4:09:76:84:3f:6c:c9:ee:2a:fe:51:13:c1:53:c6:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Aug 14 12:33:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2a6dd886f9800bcd2e1e6d8ea3520fc09c983c0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:a4:e4:a7:39:68:16:0d:01:be:bc:df:8a:89:
                    26:a0:c2:65:26:05:dc:09:01:c8:73:b6:39:c5:4d:
                    bd:0f:96:01:18:38:ef:26:ca:c6:78:52:4b:e2:fe:
                    61:0d:f6:c5:e6:2d:d5:92:c9:9d:29:88:27:98:be:
                    46:f3:9c:f7:1a:79:e4:79:b3:93:a5:5e:b4:4c:20:
                    2b:1c:7c:6e:cc:96:8d:0b:61:00:00:f0:71:f8:c1:
                    2b:65:e9:bd:f5:8c:dc:53:95:53:31:97:a4:cc:c1:
                    c2:10:82:89:8a:80:ec:a0:59:af:17:11:e2:42:7d:
                    54:16:24:2b:cf:30:52:68:61:84:7c:62:0c:33:be:
                    68:be:3a:dc:8c:4d:50:f4:33:26:93:51:b5:92:4c:
                    f9:b8:14:fa:5a:fd:d3:d5:75:ea:3f:0d:e8:e1:51:
                    3a:72:17:79:a5:5d:db:e7:e1:d9:fd:d3:62:c3:0a:
                    e5:f1:7b:e1:11:ce:63:02:4b:75:ff:39:4c:e5:c4:
                    0f:0f:4b:2b:6f:b4:3f:7b:86:9b:98:cb:e2:a2:9b:
                    03:dc:b6:f9:67:45:b1:30:da:02:32:2c:92:d8:29:
                    75:2e:23:d6:dd:ae:3b:de:94:70:ce:d3:f8:a6:7c:
                    98:d1:df:68:74:68:d8:a0:4b:60:ae:a5:96:0f:2e:
                    10:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:6D:D8:86:F9:80:0B:CD:2E:1E:6D:8E:A3:52:0F:C0:9C:98:3C:0E
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Km3YhvmAC80uHm2Oo1IPwJyYPA4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.255.0/24
                  94.156.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:85:8b:23:8a:01:d2:35:62:94:99:42:6f:6e:c2:d3:8c:1d:
         74:37:13:4b:32:51:28:f1:1f:dd:cf:a6:1f:8d:87:3a:d7:87:
         e3:bf:98:b1:fe:2b:99:97:b9:e1:4c:f8:8a:ae:6a:6b:4e:27:
         53:b8:2b:81:16:ba:c2:42:7e:0d:e6:58:bf:af:f5:18:52:ba:
         b8:b8:13:1e:f1:04:64:23:7c:21:5d:f4:7f:a7:a4:f5:7d:8b:
         ba:e7:98:fc:c8:ce:de:80:2f:e6:64:e4:b7:97:f7:a1:b8:6f:
         ae:18:61:04:35:c6:9c:97:27:37:0c:e8:b0:5e:ec:52:e1:f9:
         9f:d8:20:99:51:0b:f7:43:e8:cc:c8:22:fc:d0:53:9a:e7:82:
         59:e8:8d:97:39:ba:54:7e:00:21:d5:0e:ce:bb:42:6e:38:6c:
         d6:a6:fb:5a:7c:dc:bb:83:9d:b1:ff:82:c4:73:1c:6f:35:cd:
         3c:56:87:aa:2f:ac:04:39:c9:6b:dc:10:8d:50:13:33:1b:04:
         11:ac:61:ab:ae:c5:38:3e:a0:97:0e:4a:53:36:e8:aa:fc:14:
         e5:e3:bc:20:21:0a:d8:15:3f:b9:61:47:a2:9f:2f:fc:c2:93:
         a8:d2:17:d4:8d:bf:58:40:82:35:f1:70:50:d0:18:56:5b:61:
         9a:3c:ed:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYn0CXaEP2zJ7ir+URPBU8a8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODE0MTIzMzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTZkZDg4NmY5ODAwYmNkMmUxZTZkOGVhMzUyMGZjMDljOTgzYzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2aTkpzloFg0BvrzfiokmoMJlJgXc
CQHIc7Y5xU29D5YBGDjvJsrGeFJL4v5hDfbF5i3VksmdKYgnmL5G85z3GnnkebOT
pV60TCArHHxuzJaNC2EAAPBx+MErZem99YzcU5VTMZekzMHCEIKJioDsoFmvFxHi
Qn1UFiQrzzBSaGGEfGIMM75ovjrcjE1Q9DMmk1G1kkz5uBT6Wv3T1XXqPw3o4VE6
chd5pV3b5+HZ/dNiwwrl8XvhEc5jAkt1/zlM5cQPD0srb7Q/e4abmMviopsD3Lb5
Z0WxMNoCMiyS2Cl1LiPW3a473pRwztP4pnyY0d9odGjYoEtgrqWWDy4QwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCpt2Ib5gAvNLh5tjqNSD8CcmDwOMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvS20zWWh2bUFDODB1SG0yT28xSVB3SnlZUEE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjv/AwQA
XpwKMA0GCSqGSIb3DQEBCwUAA4IBAQAMhYsjigHSNWKUmUJvbsLTjB10NxNLMlEo
8R/dz6YfjYc614fjv5ix/iuZl7nhTPiKrmprTidTuCuBFrrCQn4N5li/r/UYUrq4
uBMe8QRkI3whXfR/p6T1fYu655j8yM7egC/mZOS3l/ehuG+uGGEENcaclyc3DOiw
XuxS4fmf2CCZUQv3Q+jMyCL80FOa54JZ6I2XObpUfgAh1Q7Ou0JuOGzWpvtafNy7
g52x/4LEcxxvNc08VoeqL6wEOclr3BCNUBMzGwQRrGGrrsU4PqCXDkpTNuiq/BTl
47wgIQrYFT+5YUeiny/8wpOo0hfUjb9YQII18XBQ0BhWW2GaPO1m
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:30 2024 by rpki-client on console-ams.rpki-client.org