Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/11c1ec-ab64-4979-afb9-6a61394f6269/1/KcKkP2tXVYdGFqJzGXiY2xDZZNU.roa
File:                     KcKkP2tXVYdGFqJzGXiY2xDZZNU.roa (raw, json)
Hash identifier:          aOFnPnrRvjZ166l3VgmYU/YzhHOV3cU/bdOEyimdwig=
Subject key identifier:   29:C2:A4:3F:6B:57:55:87:46:16:A2:73:19:78:98:DB:10:D9:64:D5
Certificate issuer:       /CN=1a60b96670893fc3d6371f6c5746c5f26b6a203d
Certificate serial:       01856F39352B8BEAC6F1EB4F97311D7AAB33
Authority key identifier: 1A:60:B9:66:70:89:3F:C3:D6:37:1F:6C:57:46:C5:F2:6B:6A:20:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GmC5ZnCJP8PWNx9sV0bF8mtqID0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/11c1ec-ab64-4979-afb9-6a61394f6269/1/KcKkP2tXVYdGFqJzGXiY2xDZZNU.roa
Signing time:             Sun 01 Jan 2023 21:24:58 +0000
ROA not before:           Sun 01 Jan 2023 21:24:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57530
IP address blocks:        91.232.113.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:39:35:2b:8b:ea:c6:f1:eb:4f:97:31:1d:7a:ab:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a60b96670893fc3d6371f6c5746c5f26b6a203d
        Validity
            Not Before: Jan  1 21:24:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=29c2a43f6b5755874616a273197898db10d964d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:65:3e:a4:9b:09:60:fb:62:db:0b:e6:5a:08:
                    eb:c7:47:b6:c2:9f:c3:3d:a9:c1:4b:59:b9:aa:17:
                    cb:ab:2c:3a:44:8e:63:f7:1d:c5:98:60:9d:b8:0f:
                    dd:ab:05:d9:08:58:35:e8:9f:92:6f:e6:a0:e0:8a:
                    b0:28:cf:1e:02:51:03:b6:4c:f9:9c:6c:91:a8:15:
                    f4:04:01:c3:0f:47:5d:9b:1b:a7:72:cd:b2:0a:e7:
                    a6:56:1a:de:76:45:5a:13:e3:f8:b9:af:64:2b:fc:
                    1e:a7:bd:c2:ec:01:62:6a:13:74:dd:54:94:3d:48:
                    c6:f3:8f:fe:f1:25:d7:9a:51:8c:cc:6f:42:3a:f9:
                    22:18:64:56:6d:ae:a4:81:02:cd:45:1c:90:68:c2:
                    cb:6d:73:d8:d1:a0:74:6e:43:d0:97:ef:13:73:08:
                    d3:09:db:94:30:2e:e2:57:0b:91:58:87:90:18:81:
                    6e:75:d7:b8:ee:89:9f:e3:2a:de:78:6f:dc:f8:28:
                    85:da:1a:bf:08:f9:db:ab:2d:1c:fd:1c:a5:3b:d1:
                    c9:d4:11:b1:96:1f:d6:9a:50:24:1d:24:dc:61:27:
                    9e:37:8a:42:6c:30:06:82:8f:fc:74:72:d5:24:28:
                    bc:91:db:8e:af:88:3a:d0:28:77:45:84:a7:e6:23:
                    da:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:C2:A4:3F:6B:57:55:87:46:16:A2:73:19:78:98:DB:10:D9:64:D5
            X509v3 Authority Key Identifier:
                keyid:1A:60:B9:66:70:89:3F:C3:D6:37:1F:6C:57:46:C5:F2:6B:6A:20:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GmC5ZnCJP8PWNx9sV0bF8mtqID0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/11c1ec-ab64-4979-afb9-6a61394f6269/1/KcKkP2tXVYdGFqJzGXiY2xDZZNU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/11c1ec-ab64-4979-afb9-6a61394f6269/1/GmC5ZnCJP8PWNx9sV0bF8mtqID0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.232.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:2a:9c:b2:39:6d:ee:4a:e1:22:89:b9:42:7a:d4:f1:07:8e:
         7e:7e:5b:9e:c9:3d:2b:0a:50:bb:83:cb:17:be:4b:a6:a6:2d:
         96:f2:2f:62:1a:f0:54:14:f1:0e:08:ae:23:45:a8:1b:a6:66:
         75:5d:95:d0:b3:ff:67:69:ac:5c:1b:2a:17:54:5b:cf:b1:e7:
         e7:5e:f2:98:76:d6:51:d4:34:a2:38:74:25:55:46:f8:36:36:
         9d:a1:20:d7:5c:d5:0b:bd:c3:51:54:24:90:3e:0b:08:a0:44:
         59:30:42:85:c9:ed:d7:31:64:22:90:0b:bd:f6:09:b0:98:7b:
         32:67:e8:ed:d9:1e:e8:6b:a9:31:c2:f6:6b:0e:e1:d7:9c:43:
         d8:97:e1:09:b5:d6:b6:9b:b9:59:84:d6:83:51:4a:2d:00:8b:
         f5:82:0f:a3:7c:86:0c:3f:d5:76:93:8f:91:5a:22:74:36:33:
         b0:f2:6b:10:a0:35:72:f8:7e:20:24:69:ad:45:cc:3d:77:b9:
         59:4b:25:76:a7:e3:71:b5:f1:3b:3d:3e:cb:e2:2f:be:7d:71:
         b1:0d:85:5d:9c:d3:1d:00:f7:76:eb:3f:12:11:76:4d:81:8f:
         6b:56:7f:d6:fb:aa:ab:f5:bf:99:f6:a8:d2:2e:9e:29:69:df:
         4e:f2:bd:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvOTUri+rG8etPlzEdeqszMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNjBiOTY2NzA4OTNmYzNkNjM3MWY2YzU3NDZjNWYyNmI2
YTIwM2QwHhcNMjMwMTAxMjEyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWMyYTQzZjZiNTc1NTg3NDYxNmEyNzMxOTc4OThkYjEwZDk2NGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGU+pJsJYPti2wvmWgjrx0e2wp/D
PanBS1m5qhfLqyw6RI5j9x3FmGCduA/dqwXZCFg16J+Sb+ag4IqwKM8eAlEDtkz5
nGyRqBX0BAHDD0ddmxuncs2yCuemVhredkVaE+P4ua9kK/wep73C7AFiahN03VSU
PUjG84/+8SXXmlGMzG9COvkiGGRWba6kgQLNRRyQaMLLbXPY0aB0bkPQl+8TcwjT
CduUMC7iVwuRWIeQGIFudde47omf4yreeG/c+CiF2hq/CPnbqy0c/RylO9HJ1BGx
lh/WmlAkHSTcYSeeN4pCbDAGgo/8dHLVJCi8kduOr4g60Ch3RYSn5iPabQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCnCpD9rV1WHRhaicxl4mNsQ2WTVMB8GA1UdIwQY
MBaAFBpguWZwiT/D1jcfbFdGxfJraiA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR21DNVpuQ0pQOFBXTng5c1YwYkY4bXRxSUQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8xMWMxZWMtYWI2NC00OTc5LWFmYjkt
NmE2MTM5NGY2MjY5LzEvS2NLa1AydFhWWWRHRnFKekdYaVkyeERaWk5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8xMWMxZWMtYWI2NC00OTc5LWFmYjktNmE2MTM5NGY2MjY5
LzEvR21DNVpuQ0pQOFBXTng5c1YwYkY4bXRxSUQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+hxMA0G
CSqGSIb3DQEBCwUAA4IBAQAnKpyyOW3uSuEiiblCetTxB45+flueyT0rClC7g8sX
vkumpi2W8i9iGvBUFPEOCK4jRagbpmZ1XZXQs/9naaxcGyoXVFvPsefnXvKYdtZR
1DSiOHQlVUb4NjadoSDXXNULvcNRVCSQPgsIoERZMEKFye3XMWQikAu99gmwmHsy
Z+jt2R7oa6kxwvZrDuHXnEPYl+EJtda2m7lZhNaDUUotAIv1gg+jfIYMP9V2k4+R
WiJ0NjOw8msQoDVy+H4gJGmtRcw9d7lZSyV2p+NxtfE7PT7L4i++fXGxDYVdnNMd
APd26z8SEXZNgY9rVn/W+6qr9b+Z9qjSLp4pad9O8r0S
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:44 2024 by rpki-client on console-ams.rpki-client.org