Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/6a5e8c-d831-41e3-84e5-f42176cd0445/1/KLzNyjkAJxVF0G3wzlv_H6tH7Z4.roa
File:                     KLzNyjkAJxVF0G3wzlv_H6tH7Z4.roa (raw, json)
Hash identifier:          pYUIbwG2e/FkXWggKhkz3TU8C3VWL1AgrNXAZj0LVJE=
Subject key identifier:   28:BC:CD:CA:39:00:27:15:45:D0:6D:F0:CE:5B:FF:1F:AB:47:ED:9E
Certificate issuer:       /CN=e378a94b9964ea5e9f8b05938702ba58316b500f
Certificate serial:       0186DF11D836F8D4A0DE543440B760EBD6A8
Authority key identifier: E3:78:A9:4B:99:64:EA:5E:9F:8B:05:93:87:02:BA:58:31:6B:50:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/43ipS5lk6l6fiwWThwK6WDFrUA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/6a5e8c-d831-41e3-84e5-f42176cd0445/1/KLzNyjkAJxVF0G3wzlv_H6tH7Z4.roa
Signing time:             Tue 14 Mar 2023 07:42:13 +0000
ROA not before:           Tue 14 Mar 2023 07:42:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50057
IP address blocks:        185.161.112.0/24 maxlen: 24
                          185.161.113.0/24 maxlen: 24
                          185.161.114.0/24 maxlen: 24
                          185.161.115.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:df:11:d8:36:f8:d4:a0:de:54:34:40:b7:60:eb:d6:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e378a94b9964ea5e9f8b05938702ba58316b500f
        Validity
            Not Before: Mar 14 07:42:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=28bccdca3900271545d06df0ce5bff1fab47ed9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:a0:59:44:2f:07:32:ae:b1:63:02:af:06:83:
                    8a:95:f2:0b:7e:16:96:17:e8:7e:29:da:16:05:0d:
                    9a:f6:2f:59:27:22:dc:d9:6c:1d:53:e4:26:93:dd:
                    21:c5:5f:dd:a7:74:38:50:3a:ad:c9:88:3d:c1:d4:
                    1d:68:40:9b:52:25:e9:97:e2:97:7f:f9:40:74:fd:
                    7b:2e:d0:fa:e6:62:8e:de:52:c0:09:46:f7:2a:4e:
                    72:b5:96:22:45:8b:5f:03:94:1f:32:5e:da:1b:ef:
                    fd:46:7b:83:05:c9:9b:b3:7d:ee:d9:38:2b:30:30:
                    ea:4d:89:a7:43:12:06:74:a0:ed:c6:28:3c:06:63:
                    23:ab:67:e3:f0:15:97:13:5d:5a:3e:cf:f9:12:a2:
                    48:3a:36:79:25:73:b5:e2:25:a0:69:ec:5c:b8:b8:
                    33:5e:b0:da:b1:7d:ca:77:00:31:41:a1:b1:85:f0:
                    53:72:fc:e1:44:1f:3e:13:80:9b:51:31:61:1d:dd:
                    ae:15:d3:86:a0:43:32:4b:63:22:16:cd:6c:72:02:
                    f4:97:7f:2d:35:81:98:3e:98:50:e5:50:33:74:cd:
                    b2:20:37:ea:cd:81:d9:c8:c7:5a:55:60:55:bd:45:
                    72:5e:53:d7:6d:a1:be:23:ea:5b:b0:ae:30:a7:42:
                    a8:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:BC:CD:CA:39:00:27:15:45:D0:6D:F0:CE:5B:FF:1F:AB:47:ED:9E
            X509v3 Authority Key Identifier:
                keyid:E3:78:A9:4B:99:64:EA:5E:9F:8B:05:93:87:02:BA:58:31:6B:50:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/43ipS5lk6l6fiwWThwK6WDFrUA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/6a5e8c-d831-41e3-84e5-f42176cd0445/1/KLzNyjkAJxVF0G3wzlv_H6tH7Z4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/6a5e8c-d831-41e3-84e5-f42176cd0445/1/43ipS5lk6l6fiwWThwK6WDFrUA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.161.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5d:dc:b8:b3:5c:71:f7:e2:b6:cf:9d:3e:12:37:0d:b4:08:51:
         0b:91:6d:92:c0:67:a1:5b:c7:00:77:6e:e7:22:ba:10:06:77:
         69:8f:da:68:b8:20:d4:a5:d7:48:80:2f:64:8d:20:4f:0a:aa:
         9f:b8:12:15:1e:03:44:ad:77:5a:f7:b4:89:a4:29:4c:74:9e:
         91:f5:76:f9:fd:39:99:0f:a6:b6:57:4a:0d:7b:55:9b:ca:c1:
         3f:a0:22:9d:cc:4e:a4:67:2d:34:14:6f:23:22:d6:4f:14:f8:
         40:a5:ae:73:c3:78:93:2f:1f:be:0c:03:ec:fc:b7:3e:6a:c9:
         c4:01:7e:f2:47:d0:a8:aa:ee:bf:99:0f:f0:d6:d2:49:9e:20:
         f2:01:e0:80:0a:56:dc:10:5c:f6:35:f1:2f:fd:6b:d9:56:12:
         79:b3:8a:5f:ea:b1:83:cf:00:8a:13:0e:e8:6a:a0:02:01:b6:
         08:49:34:7c:78:aa:f5:7e:77:fa:bd:33:5b:d1:87:06:cf:d7:
         10:cf:e0:93:c0:7f:aa:b9:3a:86:16:6b:1e:2d:7b:ca:34:2b:
         fa:c1:ff:a4:00:fc:8f:bb:ae:64:ff:9c:8c:85:39:82:f7:91:
         11:e9:8c:45:51:41:65:a6:13:d7:d2:6d:a6:48:d2:9e:f4:b6:
         cd:c2:b0:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbfEdg2+NSg3lQ0QLdg69aoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzNzhhOTRiOTk2NGVhNWU5ZjhiMDU5Mzg3MDJiYTU4MzE2
YjUwMGYwHhcNMjMwMzE0MDc0MjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGJjY2RjYTM5MDAyNzE1NDVkMDZkZjBjZTViZmYxZmFiNDdlZDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaBZRC8HMq6xYwKvBoOKlfILfhaW
F+h+KdoWBQ2a9i9ZJyLc2WwdU+Qmk90hxV/dp3Q4UDqtyYg9wdQdaECbUiXpl+KX
f/lAdP17LtD65mKO3lLACUb3Kk5ytZYiRYtfA5QfMl7aG+/9RnuDBcmbs33u2Tgr
MDDqTYmnQxIGdKDtxig8BmMjq2fj8BWXE11aPs/5EqJIOjZ5JXO14iWgaexcuLgz
XrDasX3KdwAxQaGxhfBTcvzhRB8+E4CbUTFhHd2uFdOGoEMyS2MiFs1scgL0l38t
NYGYPphQ5VAzdM2yIDfqzYHZyMdaVWBVvUVyXlPXbaG+I+pbsK4wp0Ko0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCi8zco5ACcVRdBt8M5b/x+rR+2eMB8GA1UdIwQY
MBaAFON4qUuZZOpen4sFk4cCulgxa1APMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDNpcFM1bGs2bDZmaXdXVGh3SzZXREZyVUE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy82YTVlOGMtZDgzMS00MWUzLTg0ZTUt
ZjQyMTc2Y2QwNDQ1LzEvS0x6Tnlqa0FKeFZGMEczd3psdl9INnRIN1o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy82YTVlOGMtZDgzMS00MWUzLTg0ZTUtZjQyMTc2Y2QwNDQ1
LzEvNDNpcFM1bGs2bDZmaXdXVGh3SzZXREZyVUE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaFwMA0G
CSqGSIb3DQEBCwUAA4IBAQBd3LizXHH34rbPnT4SNw20CFELkW2SwGehW8cAd27n
IroQBndpj9pouCDUpddIgC9kjSBPCqqfuBIVHgNErXda97SJpClMdJ6R9Xb5/TmZ
D6a2V0oNe1WbysE/oCKdzE6kZy00FG8jItZPFPhApa5zw3iTLx++DAPs/Lc+asnE
AX7yR9Coqu6/mQ/w1tJJniDyAeCAClbcEFz2NfEv/WvZVhJ5s4pf6rGDzwCKEw7o
aqACAbYISTR8eKr1fnf6vTNb0YcGz9cQz+CTwH+quTqGFmseLXvKNCv6wf+kAPyP
u65k/5yMhTmC95ER6YxFUUFlphPX0m2mSNKe9LbNwrBp
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:12 2024 by rpki-client on console-ams.rpki-client.org