Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/KgBYn2idfRzcILVd0ST81Qcoqds.roa
File:                     KgBYn2idfRzcILVd0ST81Qcoqds.roa (raw, json)
Hash identifier:          9CeW7GbhX4qhq/wgkODmqMpNZxk9CPeMZL/en2gH4CM=
Subject key identifier:   2A:00:58:9F:68:9D:7D:1C:DC:20:B5:5D:D1:24:FC:D5:07:28:A9:DB
Certificate issuer:       /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial:       01877EB014A62148BE2CFAC40D1455E4CCF4
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/KgBYn2idfRzcILVd0ST81Qcoqds.roa
Signing time:             Fri 14 Apr 2023 07:34:41 +0000
ROA not before:           Fri 14 Apr 2023 07:34:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42846
IP address blocks:        104.247.162.0/24 maxlen: 24
                          104.247.161.0/24 maxlen: 24
                          104.247.160.0/24 maxlen: 24
                          104.247.165.0/24 maxlen: 24
                          104.247.164.0/24 maxlen: 24
                          104.247.163.0/24 maxlen: 24
                          104.247.166.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 28 Jun 2023 11:16:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:7e:b0:14:a6:21:48:be:2c:fa:c4:0d:14:55:e4:cc:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
        Validity
            Not Before: Apr 14 07:34:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2a00589f689d7d1cdc20b55dd124fcd50728a9db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:0b:6f:ea:79:a3:93:93:71:2b:4e:2f:b9:0c:
                    90:dd:a1:cb:c3:8b:52:55:b3:60:cb:8b:78:b9:37:
                    ee:af:e2:e8:b9:8e:fc:61:7a:60:65:04:33:e4:ad:
                    0a:f9:ff:22:31:33:d4:0a:3b:8a:2f:d5:6e:0f:f7:
                    83:eb:93:b6:0f:c7:df:97:b0:9e:ca:d6:26:c2:01:
                    b1:ea:c4:1e:32:c7:66:ba:ef:f2:a2:91:80:e6:9e:
                    be:da:cc:1e:19:e4:d3:56:d6:d3:32:75:18:48:39:
                    c4:5d:76:ac:5f:19:50:8d:ad:74:24:ee:9e:3e:5d:
                    e1:ba:85:1d:00:58:0c:41:07:05:19:94:0b:ab:2f:
                    03:a8:c9:cc:93:32:a3:29:7c:4f:bb:51:ad:1e:08:
                    5e:4c:d4:ac:ed:45:94:c1:a0:e0:09:35:66:96:0b:
                    f3:6c:72:cb:01:aa:97:54:ea:ba:71:cb:31:72:c0:
                    9d:fb:dd:98:57:0f:c7:d0:e7:c3:67:62:84:25:bc:
                    f5:eb:90:4c:37:d6:ad:01:85:e5:fc:19:72:05:1f:
                    44:16:e9:44:23:c1:10:88:61:47:af:28:e1:42:d3:
                    b4:6e:20:02:01:84:9e:ef:1b:3b:10:20:e3:d2:77:
                    b6:d1:61:20:e7:ac:f9:7b:72:12:ce:2b:c5:71:d9:
                    f9:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:00:58:9F:68:9D:7D:1C:DC:20:B5:5D:D1:24:FC:D5:07:28:A9:DB
            X509v3 Authority Key Identifier:
                keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/KgBYn2idfRzcILVd0ST81Qcoqds.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.247.160.0-104.247.166.255

    Signature Algorithm: sha256WithRSAEncryption
         2e:a8:e3:db:b0:7b:24:0c:8e:1f:18:a4:b5:1e:ad:7c:a3:7c:
         04:a2:e0:1c:8e:cf:3b:eb:fc:cf:ef:29:14:a6:43:76:db:e6:
         59:c0:94:e3:67:21:13:4b:53:df:34:ff:50:01:a0:88:76:1d:
         99:22:4f:a8:5d:60:43:9d:33:39:da:7b:0d:f6:a5:76:6c:28:
         9d:58:5c:4f:b3:a8:0a:0d:63:f7:1a:a4:4f:94:ae:3d:b2:72:
         fb:f9:0a:6f:b0:0f:16:0a:53:04:43:f4:c1:cb:1b:c2:5a:ff:
         15:14:f4:25:82:b6:ee:95:22:1d:7b:d4:73:a7:5c:8e:a9:c9:
         01:11:5e:e9:c4:85:54:b9:36:ab:f9:c0:7b:e0:40:c4:53:6e:
         de:fd:0f:bc:d9:8a:e4:b9:52:d5:9a:12:67:1a:93:cd:80:61:
         a6:b0:6d:2a:20:9a:a1:25:16:c1:0b:cb:6e:5a:f4:f7:fa:5c:
         cd:b3:81:be:3e:68:dd:25:4e:1d:bf:89:83:28:36:ea:f9:50:
         ae:4d:6a:c7:82:5e:ed:b0:43:ca:89:49:68:af:da:90:6f:61:
         b7:1d:63:67:c2:4c:b2:90:99:09:a4:22:6c:dd:56:4d:6e:ac:
         9f:73:fb:45:cb:d8:6e:fa:e2:c4:7c:5e:ae:80:c1:b2:69:c2:
         b2:9c:ed:34
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYd+sBSmIUi+LPrEDRRV5Mz0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYTAyYjE5N2RiYWY3ZGViNzRlMGEyN2Q5ZDRlY2QzZmFl
MWU4ZWQwHhcNMjMwNDE0MDczNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTAwNTg5ZjY4OWQ3ZDFjZGMyMGI1NWRkMTI0ZmNkNTA3MjhhOWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQtv6nmjk5NxK04vuQyQ3aHLw4tS
VbNgy4t4uTfur+LouY78YXpgZQQz5K0K+f8iMTPUCjuKL9VuD/eD65O2D8ffl7Ce
ytYmwgGx6sQeMsdmuu/yopGA5p6+2sweGeTTVtbTMnUYSDnEXXasXxlQja10JO6e
Pl3huoUdAFgMQQcFGZQLqy8DqMnMkzKjKXxPu1GtHgheTNSs7UWUwaDgCTVmlgvz
bHLLAaqXVOq6ccsxcsCd+92YVw/H0OfDZ2KEJbz165BMN9atAYXl/BlyBR9EFulE
I8EQiGFHryjhQtO0biACAYSe7xs7ECDj0ne20WEg56z5e3ISzivFcdn5nwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCoAWJ9onX0c3CC1XdEk/NUHKKnbMB8GA1UdIwQY
MBaAFO6gKxl9uvfet04KJ9nU7NP64ejtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMt
YmJjY2FiOTEzYjVkLzEvS2dCWW4yaWRmUnpjSUxWZDBTVDgxUWNvcWRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMtYmJjY2FiOTEzYjVk
LzEvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAVo96AD
BABo96YwDQYJKoZIhvcNAQELBQADggEBAC6o49uweyQMjh8YpLUerXyjfASi4ByO
zzvr/M/vKRSmQ3bb5lnAlONnIRNLU980/1ABoIh2HZkiT6hdYEOdMznaew32pXZs
KJ1YXE+zqAoNY/capE+Urj2ycvv5Cm+wDxYKUwRD9MHLG8Ja/xUU9CWCtu6VIh17
1HOnXI6pyQERXunEhVS5Nqv5wHvgQMRTbt79D7zZiuS5UtWaEmcak82AYaawbSog
mqElFsELy25a9Pf6XM2zgb4+aN0lTh2/iYMoNur5UK5NaseCXu2wQ8qJSWiv2pBv
YbcdY2fCTLKQmQmkImzdVk1urJ9z+0XL2G764sR8Xq6AwbJpwrKc7TQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:55 2024 by rpki-client on console-ams.rpki-client.org