Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/3e775d-b117-40dd-ae6a-2d502e956c04/1/KKZnF8-Y7EVLkS1kUixgV2Mwu2E.roa
File:                     KKZnF8-Y7EVLkS1kUixgV2Mwu2E.roa (raw, json)
Hash identifier:          UHRkT81DgUPXtJrgY2WtVcwdNmzXasOOjMy17tlrTDA=
Subject key identifier:   28:A6:67:17:CF:98:EC:45:4B:91:2D:64:52:2C:60:57:63:30:BB:61
Certificate issuer:       /CN=4c9d6c55be1be8a84ad2dfd5a7ffa5848f54d409
Certificate serial:       01856F8B7146C1BAECA14FDDFD661E2419A6
Authority key identifier: 4C:9D:6C:55:BE:1B:E8:A8:4A:D2:DF:D5:A7:FF:A5:84:8F:54:D4:09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TJ1sVb4b6KhK0t_Vp_-lhI9U1Ak.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/3e775d-b117-40dd-ae6a-2d502e956c04/1/KKZnF8-Y7EVLkS1kUixgV2Mwu2E.roa
Signing time:             Sun 01 Jan 2023 22:54:47 +0000
ROA not before:           Sun 01 Jan 2023 22:54:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207332
IP address blocks:        91.212.0.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:8b:71:46:c1:ba:ec:a1:4f:dd:fd:66:1e:24:19:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c9d6c55be1be8a84ad2dfd5a7ffa5848f54d409
        Validity
            Not Before: Jan  1 22:54:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=28a66717cf98ec454b912d64522c60576330bb61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:b4:ce:2f:26:00:cd:a9:f8:9a:c1:14:1b:bd:
                    1f:64:b2:61:a7:cc:ca:2f:39:80:b5:28:06:44:ed:
                    ed:c9:11:a3:d6:26:d6:99:3f:82:a1:23:aa:39:d2:
                    67:88:74:49:cf:31:3c:40:69:a1:4d:03:3d:72:91:
                    48:8e:f8:22:e3:58:b0:e9:38:0e:d4:ad:74:77:eb:
                    16:06:db:b5:36:f2:39:61:da:b8:75:73:51:f5:b4:
                    7e:64:db:e8:06:d1:25:e6:f8:44:2a:6a:6f:9a:08:
                    21:c1:ce:44:ca:a0:50:2d:b7:00:ba:e9:72:2c:b4:
                    e2:40:42:76:86:85:97:06:37:b9:d2:73:8f:c2:aa:
                    27:97:b9:01:ab:33:ea:1c:a7:31:b0:d4:76:72:b7:
                    7f:2f:58:0c:66:d4:5e:69:ad:8e:98:f0:b6:2a:b5:
                    aa:2a:4a:bd:4d:51:5e:7e:49:ce:48:1f:5e:58:a0:
                    cb:12:20:a5:3d:96:21:cf:3b:04:eb:40:2e:d1:e4:
                    8e:45:9e:cd:24:c9:f3:c7:1b:93:15:7a:62:0a:71:
                    21:10:de:e5:54:11:e2:49:a4:af:90:9f:35:09:61:
                    03:77:a2:a4:26:7d:8f:0e:e4:33:73:bc:ad:ba:10:
                    18:8a:38:64:31:c5:2f:4e:2d:45:14:a1:d0:57:a8:
                    8f:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:A6:67:17:CF:98:EC:45:4B:91:2D:64:52:2C:60:57:63:30:BB:61
            X509v3 Authority Key Identifier:
                keyid:4C:9D:6C:55:BE:1B:E8:A8:4A:D2:DF:D5:A7:FF:A5:84:8F:54:D4:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJ1sVb4b6KhK0t_Vp_-lhI9U1Ak.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/3e775d-b117-40dd-ae6a-2d502e956c04/1/KKZnF8-Y7EVLkS1kUixgV2Mwu2E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/3e775d-b117-40dd-ae6a-2d502e956c04/1/TJ1sVb4b6KhK0t_Vp_-lhI9U1Ak.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.212.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:34:5a:91:4d:ca:87:98:0d:1d:81:c6:da:da:2c:64:45:de:
         df:e6:71:31:b0:68:c9:5c:b5:e9:2e:99:b1:1f:51:31:f0:e4:
         d4:3d:e0:60:8e:ee:c3:4e:6c:c4:10:41:d9:50:81:fb:31:fc:
         31:14:74:6b:c9:45:27:80:26:a2:7c:64:ac:07:f7:0f:ff:00:
         0d:a6:42:5a:10:2e:76:11:52:dc:05:0a:b6:60:68:2a:f9:66:
         e4:97:c6:7a:a1:80:b9:69:b5:90:78:51:72:e5:68:82:de:ab:
         3c:aa:ad:2d:f7:60:99:ac:8a:d4:ca:9d:20:51:ad:d5:94:f4:
         d3:39:c9:57:f2:34:0d:b7:52:c4:d0:a5:fd:ba:5c:85:94:23:
         ba:52:b1:20:24:e0:a2:a7:d1:37:bb:6f:3f:28:db:b9:5b:58:
         2f:3d:d2:43:b2:68:9d:72:8e:d5:23:ce:71:35:da:56:85:98:
         cd:9d:a0:c5:4e:ce:ad:61:88:70:b2:06:db:9e:fc:7a:2b:14:
         5d:c1:86:a9:03:97:ff:f3:f9:62:38:07:28:02:15:96:9e:86:
         eb:4a:0e:db:c0:e9:75:a0:2b:98:fb:3d:2e:2e:05:97:3f:b9:
         2b:0a:0d:28:55:7b:29:d6:50:4f:82:0d:36:a7:d7:8f:3b:45:
         e4:2d:bc:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvi3FGwbrsoU/d/WYeJBmmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOWQ2YzU1YmUxYmU4YTg0YWQyZGZkNWE3ZmZhNTg0OGY1
NGQ0MDkwHhcNMjMwMTAxMjI1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGE2NjcxN2NmOThlYzQ1NGI5MTJkNjQ1MjJjNjA1NzYzMzBiYjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7TOLyYAzan4msEUG70fZLJhp8zK
LzmAtSgGRO3tyRGj1ibWmT+CoSOqOdJniHRJzzE8QGmhTQM9cpFIjvgi41iw6TgO
1K10d+sWBtu1NvI5Ydq4dXNR9bR+ZNvoBtEl5vhEKmpvmgghwc5EyqBQLbcAuuly
LLTiQEJ2hoWXBje50nOPwqonl7kBqzPqHKcxsNR2crd/L1gMZtReaa2OmPC2KrWq
Kkq9TVFefknOSB9eWKDLEiClPZYhzzsE60Au0eSORZ7NJMnzxxuTFXpiCnEhEN7l
VBHiSaSvkJ81CWEDd6KkJn2PDuQzc7ytuhAYijhkMcUvTi1FFKHQV6iPXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCimZxfPmOxFS5EtZFIsYFdjMLthMB8GA1UdIwQY
MBaAFEydbFW+G+ioStLf1af/pYSPVNQJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEoxc1ZiNGI2S2hLMHRfVnBfLWxoSTlVMUFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8zZTc3NWQtYjExNy00MGRkLWFlNmEt
MmQ1MDJlOTU2YzA0LzEvS0tabkY4LVk3RVZMa1Mxa1VpeGdWMk13dTJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8zZTc3NWQtYjExNy00MGRkLWFlNmEtMmQ1MDJlOTU2YzA0
LzEvVEoxc1ZiNGI2S2hLMHRfVnBfLWxoSTlVMUFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9QAMA0G
CSqGSIb3DQEBCwUAA4IBAQBbNFqRTcqHmA0dgcba2ixkRd7f5nExsGjJXLXpLpmx
H1Ex8OTUPeBgju7DTmzEEEHZUIH7MfwxFHRryUUngCaifGSsB/cP/wANpkJaEC52
EVLcBQq2YGgq+Wbkl8Z6oYC5abWQeFFy5WiC3qs8qq0t92CZrIrUyp0gUa3VlPTT
OclX8jQNt1LE0KX9ulyFlCO6UrEgJOCip9E3u28/KNu5W1gvPdJDsmidco7VI85x
NdpWhZjNnaDFTs6tYYhwsgbbnvx6KxRdwYapA5f/8/liOAcoAhWWnobrSg7bwOl1
oCuY+z0uLgWXP7krCg0oVXsp1lBPgg02p9ePO0XkLbzc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:34 2024 by rpki-client on console-ams.rpki-client.org