Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/KZQs-rpi04JAnLZAHKbaQOwLreI.roa
File:                     KZQs-rpi04JAnLZAHKbaQOwLreI.roa (raw, json)
Hash identifier:          7GeyNa0yVP1JTdau23b/LwOjbDsVCuts8V8Xvv6nPH8=
Subject key identifier:   29:94:2C:FA:BA:62:D3:82:40:9C:B6:40:1C:A6:DA:40:EC:0B:AD:E2
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       018F0564460A9D3EA1F16D3D4C9722841ACA
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/KZQs-rpi04JAnLZAHKbaQOwLreI.roa
Signing time:             Mon 22 Apr 2024 10:40:08 +0000
ROA not before:           Mon 22 Apr 2024 10:40:08 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     6762
IP address blocks:        85.204.127.0/24 maxlen: 24
                          89.33.163.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 21 May 2024 14:15:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:05:64:46:0a:9d:3e:a1:f1:6d:3d:4c:97:22:84:1a:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Apr 22 10:40:08 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=29942cfaba62d382409cb6401ca6da40ec0bade2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:48:10:2e:5b:9f:28:ae:6a:e8:e4:fc:97:71:
                    dd:f0:bc:fd:8f:9b:b1:63:5e:5d:e3:10:b8:d4:53:
                    a9:7e:c6:7d:cc:b6:d4:f6:06:95:ca:71:63:89:74:
                    f8:bb:0f:32:f4:95:d0:a2:9d:2b:ba:9b:56:f3:2b:
                    a9:eb:d9:e4:a7:52:e0:e0:26:fb:3e:7d:5a:e2:d8:
                    30:98:3c:58:b9:cd:90:05:69:06:24:e0:d7:4c:ca:
                    8c:4a:e5:8b:88:45:09:d9:06:47:05:23:4f:6f:81:
                    90:98:8f:21:e8:cd:76:c2:40:ab:43:4a:e8:cc:74:
                    c3:8a:1d:4f:40:52:a2:9f:1b:ef:67:16:ef:80:e3:
                    52:a1:b3:bd:74:a5:34:83:8a:13:83:a3:1c:57:8f:
                    49:7c:5d:76:aa:80:c9:fe:a5:e4:de:f5:cb:da:34:
                    47:20:4a:a8:df:ec:7c:50:df:82:6c:3e:2f:90:3f:
                    bf:84:dc:f4:e5:72:6c:73:84:d4:0d:a7:85:39:77:
                    84:3c:f8:b8:89:23:c9:cd:73:2c:c7:b3:1e:8f:a1:
                    c7:97:40:37:fa:5d:00:54:45:b2:50:b2:d0:68:31:
                    25:23:36:ad:16:72:c4:e1:a6:f8:6b:7f:b3:db:62:
                    f4:1e:a7:3b:fa:9d:9f:3b:da:40:6f:ba:c9:60:72:
                    78:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:94:2C:FA:BA:62:D3:82:40:9C:B6:40:1C:A6:DA:40:EC:0B:AD:E2
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/KZQs-rpi04JAnLZAHKbaQOwLreI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.204.127.0/24
                  89.33.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:5e:1e:77:cf:8d:0e:26:32:cb:75:d8:24:55:9d:28:fa:95:
         27:77:a4:87:0c:41:be:9a:03:83:96:51:1a:cc:96:5d:da:07:
         db:d5:ae:db:df:eb:65:b7:d6:d3:a0:bb:ad:f2:e4:42:35:f1:
         71:cf:32:dc:06:48:92:6f:ff:c2:23:cf:6c:88:20:2b:9b:9c:
         bf:6f:7c:80:93:62:1e:3d:4b:78:b3:5a:2c:3e:a1:13:81:89:
         61:07:d3:4b:e1:40:4f:5e:df:90:1a:54:41:eb:d3:9b:00:06:
         6a:1b:34:cd:7e:5f:a4:e8:8f:d4:dd:2b:97:8e:04:a9:2b:71:
         17:b8:96:54:40:f4:9a:21:20:08:3b:f2:00:93:70:b0:35:51:
         45:c4:c6:1c:48:ae:d1:98:63:94:ba:c1:7f:f3:5b:fd:09:25:
         79:e9:4d:6a:0d:1d:29:3e:b4:f0:8d:a2:f2:73:d9:ed:51:f0:
         97:29:a3:bb:40:8e:cc:7e:05:3c:74:bc:c5:04:71:f1:a5:89:
         04:95:6f:a9:99:ef:1b:b7:70:39:95:f8:24:b0:e3:a4:40:d5:
         d9:3d:48:8e:ae:11:eb:ee:8d:7f:32:9f:ef:e6:0e:ec:9e:ea:
         42:61:24:ec:9e:e0:3a:61:ea:3a:19:75:2e:60:47:f7:a2:1e:
         ec:2e:7d:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8FZEYKnT6h8W09TJcihBrKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjQwNDIyMTA0MDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTk0MmNmYWJhNjJkMzgyNDA5Y2I2NDAxY2E2ZGE0MGVjMGJhZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUgQLlufKK5q6OT8l3Hd8Lz9j5ux
Y15d4xC41FOpfsZ9zLbU9gaVynFjiXT4uw8y9JXQop0ruptW8yup69nkp1Lg4Cb7
Pn1a4tgwmDxYuc2QBWkGJODXTMqMSuWLiEUJ2QZHBSNPb4GQmI8h6M12wkCrQ0ro
zHTDih1PQFKinxvvZxbvgONSobO9dKU0g4oTg6McV49JfF12qoDJ/qXk3vXL2jRH
IEqo3+x8UN+CbD4vkD+/hNz05XJsc4TUDaeFOXeEPPi4iSPJzXMsx7Mej6HHl0A3
+l0AVEWyULLQaDElIzatFnLE4ab4a3+z22L0Hqc7+p2fO9pAb7rJYHJ4LQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCmULPq6YtOCQJy2QBym2kDsC63iMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvS1pRcy1ycGkwNEpBbkxaQUhLYmFRT3dMcmVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVcx/AwQA
WSGjMA0GCSqGSIb3DQEBCwUAA4IBAQCnXh53z40OJjLLddgkVZ0o+pUnd6SHDEG+
mgODllEazJZd2gfb1a7b3+tlt9bToLut8uRCNfFxzzLcBkiSb//CI89siCArm5y/
b3yAk2IePUt4s1osPqETgYlhB9NL4UBPXt+QGlRB69ObAAZqGzTNfl+k6I/U3SuX
jgSpK3EXuJZUQPSaISAIO/IAk3CwNVFFxMYcSK7RmGOUusF/81v9CSV56U1qDR0p
PrTwjaLyc9ntUfCXKaO7QI7MfgU8dLzFBHHxpYkElW+pme8bt3A5lfgksOOkQNXZ
PUiOrhHr7o1/Mp/v5g7snupCYSTsnuA6Yeo6GXUuYEf3oh7sLn1u
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:29 2024 by rpki-client on console-fra.rpki-client.org