Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KmxzTqqxuCWOb4rRXL3-hfd0ZTE.roa
File:                     KmxzTqqxuCWOb4rRXL3-hfd0ZTE.roa (raw, json)
Hash identifier:          POp+FiB415M+slAMbH48FYahBXBJRZfTO3ySlybrBuw=
Subject key identifier:   2A:6C:73:4E:AA:B1:B8:25:8E:6F:8A:D1:5C:BD:FE:85:F7:74:65:31
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018776E0930959C806702CCF8E784D43E690
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KmxzTqqxuCWOb4rRXL3-hfd0ZTE.roa
Signing time:             Wed 12 Apr 2023 19:10:41 +0000
ROA not before:           Wed 12 Apr 2023 19:10:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201749
IP address blocks:        83.171.204.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sat 02 Sep 2023 19:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:76:e0:93:09:59:c8:06:70:2c:cf:8e:78:4d:43:e6:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Apr 12 19:10:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2a6c734eaab1b8258e6f8ad15cbdfe85f7746531
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:37:ce:c3:4e:2d:97:8c:16:78:71:e9:6a:94:
                    7e:d0:66:d3:c0:dd:d2:c1:42:0a:c9:7b:51:03:2c:
                    5b:9a:5c:b3:9a:5e:28:27:72:dc:29:b2:4f:d6:5d:
                    2c:b1:84:34:b8:63:dd:da:16:48:20:b0:b9:e3:40:
                    9a:af:5a:04:63:b8:37:5b:1d:51:e8:ab:5c:06:43:
                    6a:37:a9:f7:5a:24:f0:c5:51:77:5e:79:21:85:5e:
                    b4:08:b6:8b:70:72:c1:62:8a:c8:ed:4b:27:ff:71:
                    d5:74:54:4d:96:92:c9:1f:f7:da:b5:27:bd:66:f9:
                    9d:93:02:ea:76:0a:f1:b7:f1:51:a9:66:57:22:0e:
                    bf:27:9b:23:d0:13:de:5a:2b:46:f1:7b:7c:d1:31:
                    de:eb:6b:c8:ee:5d:b2:fc:e4:0f:da:25:87:a8:42:
                    8f:45:29:c7:cd:8c:3b:6a:10:74:9e:6b:49:3b:9f:
                    dc:b7:ff:02:eb:a0:c0:e5:13:dd:ac:97:e4:3c:ea:
                    7b:b4:f9:94:99:99:46:80:01:eb:76:48:c8:c5:16:
                    8b:1c:62:4b:19:62:a4:dc:40:b8:87:81:aa:21:d3:
                    6a:b1:51:3c:a2:51:f3:26:62:c0:16:00:36:53:1b:
                    88:a5:5a:3c:b1:a2:28:77:c0:ed:34:86:76:e6:9c:
                    11:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:6C:73:4E:AA:B1:B8:25:8E:6F:8A:D1:5C:BD:FE:85:F7:74:65:31
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KmxzTqqxuCWOb4rRXL3-hfd0ZTE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.171.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         48:16:b2:c2:d9:a6:05:98:5f:74:dd:02:d2:7f:df:30:2b:6e:
         ee:56:0e:0a:18:78:91:37:6f:f6:89:d1:3b:0b:06:22:43:4e:
         7c:ed:a0:8a:64:55:21:7c:b6:01:f9:42:13:8c:fa:4e:98:3d:
         f1:4e:17:de:13:a7:33:59:b8:d2:1b:2c:ea:e1:eb:8a:1f:0b:
         cf:49:14:53:cc:43:d9:d0:06:05:1e:f0:7d:b5:38:99:9e:b8:
         90:05:79:61:cf:f1:18:b7:38:75:1a:6a:14:5a:32:ef:ee:60:
         6a:84:22:43:e9:bb:34:b9:c2:63:57:a6:4a:9e:f4:55:87:dc:
         54:f9:66:26:30:24:d3:0c:26:45:6d:7e:fe:30:52:02:03:40:
         f3:f4:0c:71:0d:96:53:0c:87:01:d1:33:88:0e:80:39:b9:6c:
         11:29:75:d9:9b:1b:dd:22:fb:9b:8f:80:d9:17:2b:7d:e3:bd:
         84:16:b1:ef:d1:68:1d:b2:89:08:75:62:35:82:b2:ab:95:14:
         27:cb:67:1d:38:d0:a5:ea:c6:ef:d6:60:aa:cd:c8:57:5a:90:
         76:47:24:1d:39:6c:fe:b9:d8:d2:ac:4d:e1:7c:9c:99:e2:d7:
         95:cc:3a:4c:4d:73:4e:ee:5b:06:55:9c:69:37:ea:a6:75:0f:
         e8:ac:13:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd24JMJWcgGcCzPjnhNQ+aQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDEyMTkxMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTZjNzM0ZWFhYjFiODI1OGU2ZjhhZDE1Y2JkZmU4NWY3NzQ2NTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDfOw04tl4wWeHHpapR+0GbTwN3S
wUIKyXtRAyxbmlyzml4oJ3LcKbJP1l0ssYQ0uGPd2hZIILC540Car1oEY7g3Wx1R
6KtcBkNqN6n3WiTwxVF3XnkhhV60CLaLcHLBYorI7Usn/3HVdFRNlpLJH/fatSe9
ZvmdkwLqdgrxt/FRqWZXIg6/J5sj0BPeWitG8Xt80THe62vI7l2y/OQP2iWHqEKP
RSnHzYw7ahB0nmtJO5/ct/8C66DA5RPdrJfkPOp7tPmUmZlGgAHrdkjIxRaLHGJL
GWKk3EC4h4GqIdNqsVE8olHzJmLAFgA2UxuIpVo8saIod8DtNIZ25pwRoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpsc06qsbgljm+K0Vy9/oX3dGUxMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvS214elRxcXh1Q1dPYjRyUlhMMy1oZmQwWlRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCU6vMMA0G
CSqGSIb3DQEBCwUAA4IBAQBIFrLC2aYFmF903QLSf98wK27uVg4KGHiRN2/2idE7
CwYiQ0587aCKZFUhfLYB+UITjPpOmD3xThfeE6czWbjSGyzq4euKHwvPSRRTzEPZ
0AYFHvB9tTiZnriQBXlhz/EYtzh1GmoUWjLv7mBqhCJD6bs0ucJjV6ZKnvRVh9xU
+WYmMCTTDCZFbX7+MFICA0Dz9AxxDZZTDIcB0TOIDoA5uWwRKXXZmxvdIvubj4DZ
Fyt9472EFrHv0WgdsokIdWI1grKrlRQny2cdONCl6sbv1mCqzchXWpB2RyQdOWz+
udjSrE3hfJyZ4teVzDpMTXNO7lsGVZxpN+qmdQ/orBOa
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:30 2024 by rpki-client on console-ams.rpki-client.org