Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/KlLcmbfWoj2xqeDveOl-23cUvvo.roa
File:                     KlLcmbfWoj2xqeDveOl-23cUvvo.roa (raw, json)
Hash identifier:          KdnR3KfcYWR5668B+f4Ow64YO/uXRhCFqY1sh8mooAc=
Subject key identifier:   2A:52:DC:99:B7:D6:A2:3D:B1:A9:E0:EF:78:E9:7E:DB:77:14:BE:FA
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       018BAE704D7A8CC5CFB32CED49F7E37EFDF2
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/KlLcmbfWoj2xqeDveOl-23cUvvo.roa
Signing time:             Wed 08 Nov 2023 10:17:57 +0000
ROA not before:           Wed 08 Nov 2023 10:17:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49217
IP address blocks:        188.215.73.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Dec 2023 16:10:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:ae:70:4d:7a:8c:c5:cf:b3:2c:ed:49:f7:e3:7e:fd:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Nov  8 10:17:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2a52dc99b7d6a23db1a9e0ef78e97edb7714befa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:50:19:39:09:ef:92:9e:13:0f:95:c5:5e:8e:
                    2e:89:e1:10:0e:e7:99:05:6a:77:0d:41:11:a0:f1:
                    a4:cc:13:e5:91:ee:e5:6d:f4:da:7b:7f:ab:52:4e:
                    83:1f:14:a5:98:ab:4a:ef:a8:d7:f9:e9:8d:08:fe:
                    08:8b:92:2f:52:79:c4:de:d4:0c:60:b3:f2:2e:85:
                    9a:8a:72:e3:46:10:cd:e3:c5:88:0f:b0:08:9e:09:
                    bc:0d:fe:06:20:26:7f:f1:cf:dc:b4:eb:4c:8c:14:
                    98:8f:a0:29:ae:cb:ee:db:1a:07:55:a7:4b:f0:ca:
                    70:b0:d7:c5:76:17:f6:3d:d2:ee:e7:85:b3:cc:2f:
                    f6:7c:b6:d7:88:a3:cb:f9:aa:13:80:50:9d:ae:58:
                    bf:39:66:19:0e:22:18:1c:81:59:1d:40:a5:a7:05:
                    3f:53:61:0a:c8:64:55:cd:fd:6c:d7:ba:b6:56:a3:
                    e7:94:5b:ec:43:e6:5b:91:f0:bc:03:fd:6b:41:c9:
                    a1:32:ff:fa:3c:4a:b0:2c:ad:56:e2:fd:15:7b:1c:
                    68:91:77:74:50:86:cc:d9:bc:42:a7:64:7e:12:8e:
                    62:46:25:9e:ba:d6:1c:3b:e9:8d:7a:a9:36:f1:ff:
                    0f:23:aa:26:cd:fd:c8:d3:ed:55:ba:95:58:3d:08:
                    e8:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:52:DC:99:B7:D6:A2:3D:B1:A9:E0:EF:78:E9:7E:DB:77:14:BE:FA
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/KlLcmbfWoj2xqeDveOl-23cUvvo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.215.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:72:18:4a:9b:88:a4:de:31:f8:45:90:1a:dd:9c:a0:fa:0f:
         7f:53:eb:e4:45:29:c2:e5:8a:bb:58:22:ac:b4:bc:f0:1c:11:
         e1:4b:61:94:eb:f9:5b:c3:2f:c8:a8:ce:d5:cd:67:1d:7f:62:
         fe:e2:c1:05:c7:46:2c:53:4c:9b:b0:b3:8e:59:ea:3f:7e:8e:
         d7:9f:e9:99:b9:9e:be:3c:86:31:0f:9d:5c:39:96:43:31:21:
         a8:c7:2a:71:23:8b:36:9f:d8:ec:78:30:69:4a:93:75:51:fb:
         27:a4:66:99:c8:ef:3e:03:ff:4b:a2:6c:b5:84:05:d4:27:87:
         e1:ce:c0:4f:56:f4:aa:9f:d2:e3:a3:00:c0:fd:52:f3:b7:5b:
         dd:f2:b0:0d:13:36:06:e3:7c:f2:1a:60:ef:85:1b:a4:eb:b1:
         63:5c:87:ea:23:ca:57:83:41:ad:f1:23:9c:8d:96:f6:1b:5a:
         0c:37:13:f3:6f:e4:af:cf:2d:08:1e:4d:cf:95:7c:ef:62:7d:
         84:15:dc:a0:82:81:d2:01:db:f4:85:77:35:fd:70:7d:b3:26:
         22:86:b7:93:43:62:f4:04:74:ae:cd:f3:a4:c5:79:54:d4:6d:
         fd:07:aa:b9:28:25:1b:bf:15:f6:57:88:ff:07:56:d5:eb:d4:
         5c:dc:d5:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuucE16jMXPsyztSffjfv3yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMxMTA4MTAxNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTUyZGM5OWI3ZDZhMjNkYjFhOWUwZWY3OGU5N2VkYjc3MTRiZWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1AZOQnvkp4TD5XFXo4uieEQDueZ
BWp3DUERoPGkzBPlke7lbfTae3+rUk6DHxSlmKtK76jX+emNCP4Ii5IvUnnE3tQM
YLPyLoWainLjRhDN48WID7AIngm8Df4GICZ/8c/ctOtMjBSYj6Aprsvu2xoHVadL
8MpwsNfFdhf2PdLu54WzzC/2fLbXiKPL+aoTgFCdrli/OWYZDiIYHIFZHUClpwU/
U2EKyGRVzf1s17q2VqPnlFvsQ+ZbkfC8A/1rQcmhMv/6PEqwLK1W4v0VexxokXd0
UIbM2bxCp2R+Eo5iRiWeutYcO+mNeqk28f8PI6omzf3I0+1VupVYPQjo/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpS3Jm31qI9sang73jpftt3FL76MB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvS2xMY21iZldvajJ4cWVEdmVPbC0yM2NVdnZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNdJMA0G
CSqGSIb3DQEBCwUAA4IBAQAzchhKm4ik3jH4RZAa3Zyg+g9/U+vkRSnC5Yq7WCKs
tLzwHBHhS2GU6/lbwy/IqM7VzWcdf2L+4sEFx0YsU0ybsLOOWeo/fo7Xn+mZuZ6+
PIYxD51cOZZDMSGoxypxI4s2n9jseDBpSpN1UfsnpGaZyO8+A/9Lomy1hAXUJ4fh
zsBPVvSqn9LjowDA/VLzt1vd8rANEzYG43zyGmDvhRuk67FjXIfqI8pXg0Gt8SOc
jZb2G1oMNxPzb+Svzy0IHk3PlXzvYn2EFdyggoHSAdv0hXc1/XB9syYihreTQ2L0
BHSuzfOkxXlU1G39B6q5KCUbvxX2V4j/B1bV69Rc3NVt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:29 2024 by rpki-client on console-fra.rpki-client.org