Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/KvZuVmACTg06G718_oHQpKoOP0Y.roa
File:                     KvZuVmACTg06G718_oHQpKoOP0Y.roa (raw, json)
Hash identifier:          t8MF9nBZ/Ik/JpsKZQYyWaY0FGsCF1opnyP+AOX9VlE=
Subject key identifier:   2A:F6:6E:56:60:02:4E:0D:3A:1B:BD:7C:FE:81:D0:A4:AA:0E:3F:46
Certificate issuer:       /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial:       01856FF96ED8FB2720EBACA96E5D437B6DAE
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/KvZuVmACTg06G718_oHQpKoOP0Y.roa
Signing time:             Mon 02 Jan 2023 00:54:55 +0000
ROA not before:           Mon 02 Jan 2023 00:54:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41782
IP address blocks:        85.196.169.0/24 maxlen: 24
                          85.196.168.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f9:6e:d8:fb:27:20:eb:ac:a9:6e:5d:43:7b:6d:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
        Validity
            Not Before: Jan  2 00:54:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2af66e5660024e0d3a1bbd7cfe81d0a4aa0e3f46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:a7:be:aa:58:29:46:b1:bf:f1:a7:98:8c:f9:
                    fc:7f:38:ce:85:4c:9f:21:3f:fc:c6:6b:a0:f5:82:
                    11:da:40:6c:12:28:d6:c9:1e:18:5e:cc:19:5a:38:
                    43:e3:dc:3b:e3:38:a3:88:73:92:81:34:c5:d4:86:
                    e9:c3:49:a3:6f:b0:b7:45:a8:7d:b8:92:2f:35:fb:
                    3e:2f:39:e0:3b:7f:4b:7e:3b:6b:51:bb:bc:da:e8:
                    1a:13:20:41:85:15:2d:00:ad:a6:e9:2f:fd:17:56:
                    13:93:8d:e7:a0:77:e2:8a:11:d9:52:87:90:39:a2:
                    a2:8c:7e:7c:fa:e3:23:c1:34:d5:2e:01:61:ad:a2:
                    ba:a8:22:4d:af:45:25:66:ca:82:22:a0:7b:bf:d1:
                    53:12:ab:67:f9:05:7a:79:85:1a:46:d3:1f:a9:2b:
                    2a:e4:24:64:81:a1:10:6f:54:54:c1:12:78:88:bc:
                    9b:22:8e:85:8a:d1:25:19:f3:8e:b5:dd:48:16:49:
                    8d:fa:a4:c2:d1:d2:cb:b9:d7:c1:78:29:8b:d4:d1:
                    cb:a3:56:b2:9e:24:49:80:fd:8c:87:cc:d5:12:85:
                    6a:7c:bf:67:d0:90:63:25:06:81:3d:be:06:3b:62:
                    7a:da:f0:92:3f:78:df:28:5e:0b:20:50:c0:85:48:
                    4a:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:F6:6E:56:60:02:4E:0D:3A:1B:BD:7C:FE:81:D0:A4:AA:0E:3F:46
            X509v3 Authority Key Identifier:
                keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/KvZuVmACTg06G718_oHQpKoOP0Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.196.168.0/23

    Signature Algorithm: sha256WithRSAEncryption
         98:d4:11:37:75:58:d6:e6:c5:f5:46:71:6f:67:fe:e8:34:48:
         7e:ad:8b:92:f7:fb:ff:b2:e3:0b:de:57:cb:10:53:36:a2:dc:
         17:9a:d8:be:c8:ca:0d:98:59:e5:13:60:30:53:2d:44:6b:db:
         97:2f:a1:b5:f4:2c:3e:91:53:18:cd:42:34:e2:6b:21:7a:58:
         a9:61:7f:74:e4:ee:e0:1f:1f:5c:32:6c:b1:08:a8:67:f0:8e:
         79:02:0b:d0:1b:ae:8a:36:f3:46:06:81:3a:89:d4:0c:41:6b:
         da:5e:3e:53:bc:ec:71:78:5c:0c:f5:69:99:c1:f7:2e:fd:95:
         00:f3:44:67:dd:06:d4:52:56:5f:c5:b1:95:5d:c6:8f:54:f8:
         47:4e:f5:cf:31:6a:2d:79:eb:37:ff:d5:dd:00:0d:a4:27:fb:
         8a:38:6a:19:79:a9:05:c3:52:fa:04:c6:64:e8:7e:2c:b4:f0:
         ae:f9:d5:39:39:5a:e1:53:fe:52:a5:f8:1e:6e:90:80:d8:02:
         83:1d:a5:81:8e:7b:94:80:96:00:92:7a:c8:00:90:2b:0b:45:
         30:f2:7a:cd:14:04:50:05:3b:b5:24:c9:9a:ba:d9:5e:7e:69:
         ee:d6:ed:9f:75:c3:13:b7:6a:a1:10:32:6d:c0:a2:15:03:8e:
         10:b3:c1:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+W7Y+ycg66ypbl1De22uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjMwMTAyMDA1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWY2NmU1NjYwMDI0ZTBkM2ExYmJkN2NmZTgxZDBhNGFhMGUzZjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6e+qlgpRrG/8aeYjPn8fzjOhUyf
IT/8xmug9YIR2kBsEijWyR4YXswZWjhD49w74zijiHOSgTTF1Ibpw0mjb7C3Rah9
uJIvNfs+LzngO39LfjtrUbu82ugaEyBBhRUtAK2m6S/9F1YTk43noHfiihHZUoeQ
OaKijH58+uMjwTTVLgFhraK6qCJNr0UlZsqCIqB7v9FTEqtn+QV6eYUaRtMfqSsq
5CRkgaEQb1RUwRJ4iLybIo6FitElGfOOtd1IFkmN+qTC0dLLudfBeCmL1NHLo1ay
niRJgP2Mh8zVEoVqfL9n0JBjJQaBPb4GO2J62vCSP3jfKF4LIFDAhUhKbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCr2blZgAk4NOhu9fP6B0KSqDj9GMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvS3ZadVZtQUNUZzA2RzcxOF9vSFFwS29PUDBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVcSoMA0G
CSqGSIb3DQEBCwUAA4IBAQCY1BE3dVjW5sX1RnFvZ/7oNEh+rYuS9/v/suML3lfL
EFM2otwXmti+yMoNmFnlE2AwUy1Ea9uXL6G19Cw+kVMYzUI04mshelipYX905O7g
Hx9cMmyxCKhn8I55AgvQG66KNvNGBoE6idQMQWvaXj5TvOxxeFwM9WmZwfcu/ZUA
80Rn3QbUUlZfxbGVXcaPVPhHTvXPMWotees3/9XdAA2kJ/uKOGoZeakFw1L6BMZk
6H4stPCu+dU5OVrhU/5SpfgebpCA2AKDHaWBjnuUgJYAknrIAJArC0Uw8nrNFARQ
BTu1JMmautlefmnu1u2fdcMTt2qhEDJtwKIVA44Qs8H0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:06 2024 by rpki-client on console-fra.rpki-client.org