Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/9f5b81-ae4d-46a4-bb82-7655c89f14d6/1/KVgSIFPwywVH-vl6NXBsbb2HJQs.roa
File:                     KVgSIFPwywVH-vl6NXBsbb2HJQs.roa (raw, json)
Hash identifier:          GJfQ5JyrPx8XFMy+mvgx8P5UDFo/0resqaIXAfgkr0s=
Subject key identifier:   29:58:12:20:53:F0:CB:05:47:FA:F9:7A:35:70:6C:6D:BD:87:25:0B
Certificate issuer:       /CN=c0cac8d524a5fec7fc83a23830fbf9226a7601ae
Certificate serial:       0188DE7E8FFEE30B3D23EE10714787C896FD
Authority key identifier: C0:CA:C8:D5:24:A5:FE:C7:FC:83:A2:38:30:FB:F9:22:6A:76:01:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wMrI1SSl_sf8g6I4MPv5Imp2Aa4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/9f5b81-ae4d-46a4-bb82-7655c89f14d6/1/KVgSIFPwywVH-vl6NXBsbb2HJQs.roa
Signing time:             Wed 21 Jun 2023 15:06:56 +0000
ROA not before:           Wed 21 Jun 2023 15:06:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35575
IP address blocks:        185.25.236.0/22 maxlen: 22
                          185.152.216.0/22 maxlen: 22
                          185.219.92.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 27 Jun 2023 13:54:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:de:7e:8f:fe:e3:0b:3d:23:ee:10:71:47:87:c8:96:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c0cac8d524a5fec7fc83a23830fbf9226a7601ae
        Validity
            Not Before: Jun 21 15:06:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2958122053f0cb0547faf97a35706c6dbd87250b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:d1:e0:58:d3:12:69:d9:eb:34:82:b9:b0:6e:
                    49:86:4b:db:f5:a9:af:a1:ff:fe:7c:68:5a:67:29:
                    11:95:9c:de:47:62:49:97:46:55:18:19:a2:be:bf:
                    ca:4e:ed:ae:d7:f1:60:01:d7:58:7b:d8:57:3e:09:
                    29:a7:39:18:59:76:af:a1:b6:d4:ce:c1:d9:be:dc:
                    1b:83:77:23:3f:d4:7f:86:2d:73:5b:dd:35:4e:be:
                    0c:17:90:8e:73:71:31:a9:15:99:c4:be:8b:47:7b:
                    ba:ad:cd:01:10:85:cd:ff:df:48:71:06:63:35:b1:
                    da:e5:b3:a3:a7:36:bc:5f:a0:7d:10:17:1b:f8:e0:
                    46:4e:88:71:87:68:35:91:d8:fd:bb:82:e0:99:bf:
                    13:19:dd:ff:8e:33:40:b2:60:a2:1b:8c:28:d6:64:
                    30:0e:64:b9:4f:95:c1:a5:a2:60:9c:90:4e:d9:91:
                    c1:9e:44:ad:55:de:7a:91:d1:67:a0:5a:b4:7c:c0:
                    ba:5d:bb:60:0d:aa:2c:61:3c:60:88:7d:c0:00:5f:
                    59:d1:96:25:c4:f8:b2:cc:fa:60:ad:8d:41:1e:71:
                    d6:e6:82:78:a1:1f:6f:7b:ae:ca:b8:0a:80:94:7c:
                    4e:c0:07:29:91:79:ed:c4:86:d2:26:90:70:5c:fe:
                    33:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:58:12:20:53:F0:CB:05:47:FA:F9:7A:35:70:6C:6D:BD:87:25:0B
            X509v3 Authority Key Identifier:
                keyid:C0:CA:C8:D5:24:A5:FE:C7:FC:83:A2:38:30:FB:F9:22:6A:76:01:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wMrI1SSl_sf8g6I4MPv5Imp2Aa4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9f5b81-ae4d-46a4-bb82-7655c89f14d6/1/KVgSIFPwywVH-vl6NXBsbb2HJQs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9f5b81-ae4d-46a4-bb82-7655c89f14d6/1/wMrI1SSl_sf8g6I4MPv5Imp2Aa4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.25.236.0/22
                  185.152.216.0/22
                  185.219.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b1:34:3f:29:65:24:88:26:f6:31:f0:e1:12:c2:03:41:49:e2:
         9f:22:35:97:5a:74:76:09:55:47:95:50:75:5c:4d:be:d3:60:
         33:a2:f3:94:7f:ea:ab:58:a6:d2:08:54:a8:f2:cf:24:f2:c7:
         a1:18:e9:ab:3f:7e:04:38:0a:95:73:d8:c2:2b:14:72:62:63:
         a6:fa:7f:31:af:a4:86:7e:c6:d0:ba:27:58:70:ee:49:c3:27:
         66:61:63:b6:17:37:1d:07:3e:f9:be:b6:48:0f:4c:3b:71:5a:
         4b:fd:68:41:d0:6c:9e:67:02:89:f1:74:7a:5f:34:8a:82:92:
         a6:07:a9:97:fa:e8:a4:b7:82:c4:5e:0a:52:70:3c:7e:ca:bb:
         2a:fb:1f:8a:a1:3a:dc:af:2a:e5:4e:4f:71:2e:ce:42:3b:70:
         7b:ff:66:d0:cb:15:56:3e:a3:41:b8:29:86:93:78:8b:73:bb:
         0b:e7:1d:64:18:52:e6:d5:7f:3e:13:89:85:1e:9e:2b:1d:7b:
         cd:3e:fa:0c:db:c5:de:d1:f4:b2:2a:be:fe:b1:b0:43:a8:f5:
         55:91:b4:11:58:a8:cf:ce:50:69:3b:38:8d:ce:df:69:bc:3a:
         4c:18:8a:89:53:2b:a7:96:8e:cc:ee:ff:90:ce:5b:6a:12:42:
         e0:0c:b4:06
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYjefo/+4ws9I+4QcUeHyJb9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwY2FjOGQ1MjRhNWZlYzdmYzgzYTIzODMwZmJmOTIyNmE3
NjAxYWUwHhcNMjMwNjIxMTUwNjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTU4MTIyMDUzZjBjYjA1NDdmYWY5N2EzNTcwNmM2ZGJkODcyNTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdHgWNMSadnrNIK5sG5Jhkvb9amv
of/+fGhaZykRlZzeR2JJl0ZVGBmivr/KTu2u1/FgAddYe9hXPgkppzkYWXavobbU
zsHZvtwbg3cjP9R/hi1zW901Tr4MF5COc3ExqRWZxL6LR3u6rc0BEIXN/99IcQZj
NbHa5bOjpza8X6B9EBcb+OBGTohxh2g1kdj9u4Lgmb8TGd3/jjNAsmCiG4wo1mQw
DmS5T5XBpaJgnJBO2ZHBnkStVd56kdFnoFq0fMC6XbtgDaosYTxgiH3AAF9Z0ZYl
xPiyzPpgrY1BHnHW5oJ4oR9ve67KuAqAlHxOwAcpkXntxIbSJpBwXP4zGwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFClYEiBT8MsFR/r5ejVwbG29hyULMB8GA1UdIwQY
MBaAFMDKyNUkpf7H/IOiODD7+SJqdgGuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd01ySTFTU2xfc2Y4ZzZJNE1QdjVJbXAyQWE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85ZjViODEtYWU0ZC00NmE0LWJiODIt
NzY1NWM4OWYxNGQ2LzEvS1ZnU0lGUHd5d1ZILXZsNk5YQnNiYjJISlFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85ZjViODEtYWU0ZC00NmE0LWJiODItNzY1NWM4OWYxNGQ2
LzEvd01ySTFTU2xfc2Y4ZzZJNE1QdjVJbXAyQWE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuRnsAwQC
uZjYAwQCudtcMA0GCSqGSIb3DQEBCwUAA4IBAQCxND8pZSSIJvYx8OESwgNBSeKf
IjWXWnR2CVVHlVB1XE2+02AzovOUf+qrWKbSCFSo8s8k8sehGOmrP34EOAqVc9jC
KxRyYmOm+n8xr6SGfsbQuidYcO5JwydmYWO2FzcdBz75vrZID0w7cVpL/WhB0Gye
ZwKJ8XR6XzSKgpKmB6mX+uikt4LEXgpScDx+yrsq+x+KoTrcryrlTk9xLs5CO3B7
/2bQyxVWPqNBuCmGk3iLc7sL5x1kGFLm1X8+E4mFHp4rHXvNPvoM28Xe0fSyKr7+
sbBDqPVVkbQRWKjPzlBpOziNzt9pvDpMGIqJUyunlo7M7v+QzltqEkLgDLQG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:34 2024 by rpki-client on console-fra.rpki-client.org