Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/KVQu2-WtMaVDv08Hj3HliCxLOIw.roa
File:                     KVQu2-WtMaVDv08Hj3HliCxLOIw.roa (raw, json)
Hash identifier:          BixZ+eq52W72UGV0dRWSOCdIKS7u3qahmy5FNrr0BRA=
Subject key identifier:   29:54:2E:DB:E5:AD:31:A5:43:BF:4F:07:8F:71:E5:88:2C:4B:38:8C
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018EC94AD016EECBCA5CEC8D080277D5DEC8
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/KVQu2-WtMaVDv08Hj3HliCxLOIw.roa
Signing time:             Wed 10 Apr 2024 18:35:07 +0000
ROA not before:           Wed 10 Apr 2024 18:35:07 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215124
IP address blocks:        45.88.139.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 02 May 2024 11:48:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:c9:4a:d0:16:ee:cb:ca:5c:ec:8d:08:02:77:d5:de:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Apr 10 18:35:07 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=29542edbe5ad31a543bf4f078f71e5882c4b388c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:da:e7:00:2a:26:08:16:25:0d:7a:8f:66:07:
                    bc:1c:bb:cc:8a:6d:17:88:2c:af:33:dc:90:51:b7:
                    d9:f8:fe:16:a8:4a:15:18:4b:e6:a2:0a:f0:52:74:
                    cc:81:e7:7c:32:35:6d:09:1e:01:d4:4b:65:be:97:
                    f3:e9:4b:9a:df:da:b2:89:42:a6:9b:5a:e5:ae:e4:
                    50:7b:87:03:61:06:98:fa:3f:6a:f6:92:88:40:c1:
                    a0:18:67:2b:07:a8:e0:79:6b:46:3d:fe:34:76:0a:
                    eb:0a:fe:d3:35:f3:10:2d:03:12:26:19:6c:a0:a2:
                    f2:ea:0d:8c:8c:70:f3:f3:f7:25:f5:29:32:df:76:
                    95:fc:fc:88:5d:fb:79:ca:38:c6:a9:9a:bc:70:e9:
                    cf:11:7e:cc:52:8d:3d:b7:de:35:bb:18:76:87:b7:
                    68:6f:af:b9:1d:19:4e:01:99:6e:06:c3:1f:ae:1d:
                    27:1e:7f:4b:a8:5a:41:52:de:fe:0a:c2:87:c9:ee:
                    c2:26:1b:db:a6:a3:95:db:85:22:ae:d8:74:7a:76:
                    98:23:43:75:d3:ef:e3:d1:6e:34:df:96:8b:bd:38:
                    07:94:ed:f4:82:29:2c:8b:2b:ac:50:ba:64:b5:81:
                    c9:d8:80:da:ea:5f:44:df:ed:95:74:ae:4f:98:dd:
                    3e:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:54:2E:DB:E5:AD:31:A5:43:BF:4F:07:8F:71:E5:88:2C:4B:38:8C
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/KVQu2-WtMaVDv08Hj3HliCxLOIw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.88.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:5c:b1:2c:23:f9:e1:23:cc:9c:59:be:82:41:6f:ea:51:20:
         ac:32:8b:e8:32:a6:79:45:40:bd:5c:4e:51:c6:fe:ee:e4:3c:
         c7:74:8c:0f:2e:dd:93:04:5d:d8:64:cb:40:b4:e9:be:4b:70:
         68:8a:1e:45:9a:77:d1:66:52:89:9f:a9:94:eb:80:a7:77:98:
         12:04:4b:c7:9b:07:b9:ef:12:9f:5a:f4:0e:39:f3:93:ed:8a:
         35:a0:04:98:b1:7c:fa:84:dd:49:d2:3f:a2:de:1d:60:b3:fd:
         04:84:aa:ce:7f:e7:8e:e8:92:e3:d1:da:f5:0f:57:6f:6c:01:
         85:21:50:cb:c4:e5:28:14:89:a5:55:cf:45:a4:61:64:dd:f9:
         bb:8e:0e:ac:c5:61:b1:4b:ef:4a:f3:43:48:59:4a:a4:b7:11:
         72:b9:ca:93:c7:a9:3b:02:65:b8:57:b5:2f:11:68:6d:41:01:
         81:fb:7c:de:ba:10:35:70:b1:83:80:67:99:58:3e:49:57:cb:
         86:ca:f2:54:d5:25:78:43:73:d0:d6:68:f5:89:92:75:88:16:
         78:8c:92:b3:0d:28:39:a6:8a:d3:19:bc:b9:d3:a9:67:9b:da:
         bd:03:65:e5:ac:e5:a2:b1:27:9d:39:67:d4:33:cc:1d:80:51:
         f7:a1:b0:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7JStAW7svKXOyNCAJ31d7IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNDEwMTgzNTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTU0MmVkYmU1YWQzMWE1NDNiZjRmMDc4ZjcxZTU4ODJjNGIzODhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdrnAComCBYlDXqPZge8HLvMim0X
iCyvM9yQUbfZ+P4WqEoVGEvmogrwUnTMged8MjVtCR4B1Etlvpfz6Uua39qyiUKm
m1rlruRQe4cDYQaY+j9q9pKIQMGgGGcrB6jgeWtGPf40dgrrCv7TNfMQLQMSJhls
oKLy6g2MjHDz8/cl9Sky33aV/PyIXft5yjjGqZq8cOnPEX7MUo09t941uxh2h7do
b6+5HRlOAZluBsMfrh0nHn9LqFpBUt7+CsKHye7CJhvbpqOV24Uirth0enaYI0N1
0+/j0W4035aLvTgHlO30giksiyusULpktYHJ2IDa6l9E3+2VdK5PmN0+gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFClULtvlrTGlQ79PB49x5YgsSziMMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvS1ZRdTItV3RNYVZEdjA4SGozSGxpQ3hMT0l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALViLMA0G
CSqGSIb3DQEBCwUAA4IBAQAJXLEsI/nhI8ycWb6CQW/qUSCsMovoMqZ5RUC9XE5R
xv7u5DzHdIwPLt2TBF3YZMtAtOm+S3Boih5FmnfRZlKJn6mU64Cnd5gSBEvHmwe5
7xKfWvQOOfOT7Yo1oASYsXz6hN1J0j+i3h1gs/0EhKrOf+eO6JLj0dr1D1dvbAGF
IVDLxOUoFImlVc9FpGFk3fm7jg6sxWGxS+9K80NIWUqktxFyucqTx6k7AmW4V7Uv
EWhtQQGB+3zeuhA1cLGDgGeZWD5JV8uGyvJU1SV4Q3PQ1mj1iZJ1iBZ4jJKzDSg5
porTGby506lnm9q9A2XlrOWisSedOWfUM8wdgFH3obB+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org