Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/KrEDGewaZodwt3C6mlU0iV_561U.roa
File:                     KrEDGewaZodwt3C6mlU0iV_561U.roa (raw, json)
Hash identifier:          +KQ6EDdb3Vwv/ZwuisE26IO7vXfD+p1G7AkiQuZ3cdQ=
Subject key identifier:   2A:B1:03:19:EC:1A:66:87:70:B7:70:BA:9A:55:34:89:5F:F9:EB:55
Certificate issuer:       /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial:       018E19F26AE2C3B9C30052EB07886930FDDE
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/KrEDGewaZodwt3C6mlU0iV_561U.roa
Signing time:             Thu 07 Mar 2024 17:25:01 +0000
ROA not before:           Thu 07 Mar 2024 17:25:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     203
IP address blocks:        195.26.32.0/19 maxlen: 24

Validation:               Failed, certificate revoked on Mon 11 Mar 2024 16:20:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:19:f2:6a:e2:c3:b9:c3:00:52:eb:07:88:69:30:fd:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66df7742890173927935206a28efbf48123e787c
        Validity
            Not Before: Mar  7 17:25:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2ab10319ec1a668770b770ba9a5534895ff9eb55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:58:7d:99:6b:93:ab:37:4b:de:38:48:84:fd:
                    f4:83:b0:f4:9e:48:9b:f4:84:54:b5:e2:4f:31:4a:
                    6c:8f:8f:f7:8b:a5:59:89:7e:54:0e:ef:de:ab:f2:
                    24:e3:c8:db:03:8f:e5:68:33:22:2a:b7:91:e3:97:
                    85:72:52:a3:45:39:ea:df:b7:1a:50:b0:d8:c2:5e:
                    ef:2d:48:0a:85:ac:11:dd:92:72:22:db:3f:14:dc:
                    10:65:1b:21:b5:4f:4b:2b:03:b6:07:b3:d8:85:88:
                    38:80:01:44:e4:d2:4e:e4:d7:f6:ff:3b:ac:ee:74:
                    8d:95:61:c3:53:d5:19:2c:46:16:6d:0a:49:99:95:
                    f0:5d:3a:4f:2d:14:76:bb:91:84:db:46:04:da:35:
                    7a:52:af:a4:bc:03:a4:cf:27:c0:58:3a:df:c6:11:
                    b5:b5:2d:ad:58:e7:e4:de:0a:ee:79:46:78:43:2f:
                    df:96:d5:32:01:c4:29:a7:f9:16:fc:35:48:42:0b:
                    3b:25:0a:eb:de:e4:66:0c:b8:d6:4a:dd:64:fd:8d:
                    ca:97:d7:1f:60:fc:96:92:9c:91:7e:d9:fd:fd:bd:
                    e6:28:39:f5:8c:02:90:6f:5e:19:2e:0d:fa:5b:46:
                    86:d7:af:2a:86:8d:41:fd:f0:60:46:5d:14:b2:a3:
                    cf:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:B1:03:19:EC:1A:66:87:70:B7:70:BA:9A:55:34:89:5F:F9:EB:55
            X509v3 Authority Key Identifier:
                keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/KrEDGewaZodwt3C6mlU0iV_561U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.26.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         76:8b:0f:d2:94:af:4d:97:a9:b6:c1:b3:68:0b:41:66:0a:1e:
         61:a1:1b:88:27:31:ad:39:04:08:42:d7:02:c1:21:41:b2:a5:
         47:8a:2e:8d:93:bb:c2:03:bb:58:f8:61:51:fd:74:c8:9a:42:
         ee:d2:1a:e9:fb:32:d6:41:4c:43:33:58:7e:51:24:6f:29:54:
         62:ab:c8:83:51:08:d9:c4:23:b6:a6:97:42:19:15:5d:57:5b:
         e7:a2:bf:39:46:fb:53:09:83:3f:9e:88:8b:8a:98:ed:94:1f:
         8c:5c:5f:42:b2:8d:dd:b9:6a:37:d5:c5:9b:2d:40:08:6c:83:
         15:37:6c:7c:5e:a1:9b:e2:6f:b1:e6:f0:d9:c2:6f:0b:91:41:
         03:47:c9:2e:2b:02:97:5d:68:b8:9e:99:38:8a:c7:2c:f6:63:
         11:d0:de:32:7d:cd:6d:55:56:f4:c5:8d:9b:54:5c:ad:19:a0:
         ba:6f:96:2f:89:12:01:33:6c:14:5e:e0:7d:fd:a5:ca:1d:7b:
         b9:61:98:69:dd:a5:5c:86:81:03:6d:2c:96:75:a6:c7:71:26:
         14:ef:54:97:d9:87:fd:6d:9c:bb:c1:60:10:f4:b1:98:3b:02:
         9c:ec:88:60:9b:17:fb:39:c6:5e:68:5a:87:62:d5:4a:fd:17:
         91:18:89:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4Z8mriw7nDAFLrB4hpMP3eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwMzA3MTcyNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWIxMDMxOWVjMWE2Njg3NzBiNzcwYmE5YTU1MzQ4OTVmZjllYjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFh9mWuTqzdL3jhIhP30g7D0nkib
9IRUteJPMUpsj4/3i6VZiX5UDu/eq/Ik48jbA4/laDMiKreR45eFclKjRTnq37ca
ULDYwl7vLUgKhawR3ZJyIts/FNwQZRshtU9LKwO2B7PYhYg4gAFE5NJO5Nf2/zus
7nSNlWHDU9UZLEYWbQpJmZXwXTpPLRR2u5GE20YE2jV6Uq+kvAOkzyfAWDrfxhG1
tS2tWOfk3grueUZ4Qy/fltUyAcQpp/kW/DVIQgs7JQrr3uRmDLjWSt1k/Y3Kl9cf
YPyWkpyRftn9/b3mKDn1jAKQb14ZLg36W0aG168qho1B/fBgRl0UsqPP1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCqxAxnsGmaHcLdwuppVNIlf+etVMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvS3JFREdld2Fab2R3dDNDNm1sVTBpVl81NjFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFwxogMA0G
CSqGSIb3DQEBCwUAA4IBAQB2iw/SlK9Nl6m2wbNoC0FmCh5hoRuIJzGtOQQIQtcC
wSFBsqVHii6Nk7vCA7tY+GFR/XTImkLu0hrp+zLWQUxDM1h+USRvKVRiq8iDUQjZ
xCO2ppdCGRVdV1vnor85RvtTCYM/noiLipjtlB+MXF9Cso3duWo31cWbLUAIbIMV
N2x8XqGb4m+x5vDZwm8LkUEDR8kuKwKXXWi4npk4iscs9mMR0N4yfc1tVVb0xY2b
VFytGaC6b5YviRIBM2wUXuB9/aXKHXu5YZhp3aVchoEDbSyWdabHcSYU71SX2Yf9
bZy7wWAQ9LGYOwKc7Ihgmxf7OcZeaFqHYtVK/ReRGImq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:14 2024 by rpki-client on console-fra.rpki-client.org