Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/a01acd-a3de-4839-9d02-643c1fe38385/1/KB_8kF8-TLk-lxpDmjtfM9v0GNY.roa
File:                     KB_8kF8-TLk-lxpDmjtfM9v0GNY.roa (raw, json)
Hash identifier:          v0V/jHpa2NoUEhsWuec41hY33E43nvn08iXzjEBcVcs=
Subject key identifier:   28:1F:FC:90:5F:3E:4C:B9:3E:97:1A:43:9A:3B:5F:33:DB:F4:18:D6
Certificate issuer:       /CN=f0f636fec7b5b2d18de3797e6984c06955e716d7
Certificate serial:       018573E8768D58CFB5D33641E02E1451A9A6
Authority key identifier: F0:F6:36:FE:C7:B5:B2:D1:8D:E3:79:7E:69:84:C0:69:55:E7:16:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8PY2_se1stGN43l-aYTAaVXnFtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/a01acd-a3de-4839-9d02-643c1fe38385/1/KB_8kF8-TLk-lxpDmjtfM9v0GNY.roa
Signing time:             Mon 02 Jan 2023 19:14:52 +0000
ROA not before:           Mon 02 Jan 2023 19:14:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21159
IP address blocks:        185.182.80.0/22 maxlen: 22
                          2a0a:e680::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:e8:76:8d:58:cf:b5:d3:36:41:e0:2e:14:51:a9:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f0f636fec7b5b2d18de3797e6984c06955e716d7
        Validity
            Not Before: Jan  2 19:14:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=281ffc905f3e4cb93e971a439a3b5f33dbf418d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:f0:94:f0:85:01:f3:fb:de:60:45:b1:fd:f2:
                    e9:1a:92:b9:d8:29:28:ce:b5:12:34:01:45:3a:b6:
                    88:8e:62:48:69:29:5c:5b:10:60:81:6a:58:4d:a1:
                    0f:6e:f9:14:2e:82:bf:38:2e:ba:34:e6:29:db:b7:
                    f5:5b:a2:87:0f:ce:e1:5c:80:bf:af:8b:8d:c2:55:
                    16:d7:78:a0:a6:bf:00:d4:57:c2:b6:91:58:60:22:
                    6d:48:65:85:60:bb:ad:7a:a1:33:0b:38:45:15:be:
                    fc:76:d2:b5:86:d2:7d:17:74:bd:ac:b3:3f:f3:f3:
                    6f:52:93:ae:ef:a8:58:82:4c:dc:ca:4a:c1:65:2f:
                    94:a1:45:ab:40:89:f3:01:3d:8c:b1:fb:37:13:dd:
                    fd:8a:a6:b9:16:db:09:c0:99:cd:9d:20:5f:20:a7:
                    98:f6:df:8c:ea:f3:45:9f:fe:98:f2:80:5e:52:6d:
                    b6:94:88:8b:ed:cb:a8:fc:6e:0e:67:97:66:61:0e:
                    f7:26:7e:45:e1:39:ff:41:b9:18:b3:52:0d:88:c5:
                    d7:29:70:52:36:20:0c:46:0e:ed:c0:e3:0a:9e:f3:
                    43:2c:f4:46:d9:87:00:dd:c2:6b:d4:43:83:43:d4:
                    c8:cd:22:cf:d5:e1:2a:b0:11:a5:aa:61:2e:ab:1b:
                    05:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:1F:FC:90:5F:3E:4C:B9:3E:97:1A:43:9A:3B:5F:33:DB:F4:18:D6
            X509v3 Authority Key Identifier:
                keyid:F0:F6:36:FE:C7:B5:B2:D1:8D:E3:79:7E:69:84:C0:69:55:E7:16:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8PY2_se1stGN43l-aYTAaVXnFtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/a01acd-a3de-4839-9d02-643c1fe38385/1/KB_8kF8-TLk-lxpDmjtfM9v0GNY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/a01acd-a3de-4839-9d02-643c1fe38385/1/8PY2_se1stGN43l-aYTAaVXnFtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.182.80.0/22
                IPv6:
                  2a0a:e680::/29

    Signature Algorithm: sha256WithRSAEncryption
         1a:c7:cd:ea:3f:db:41:66:62:35:40:f4:47:f4:95:82:20:3c:
         7b:e9:78:c7:d2:16:85:c8:63:f1:c5:22:82:c3:fd:fb:3b:63:
         2a:d1:e4:64:bb:32:a0:50:4d:02:4f:e2:fb:31:a1:18:23:69:
         d1:89:52:da:6f:b0:ef:ae:79:9f:d3:89:bf:d7:ba:f2:ac:d8:
         be:56:4a:63:e8:c8:48:a9:c0:a4:f4:4f:9b:81:5e:ca:63:37:
         dc:41:7b:df:70:2b:23:e8:b2:cb:94:5f:d2:27:f4:54:25:00:
         95:b8:27:35:24:54:31:95:48:65:f5:fd:17:e9:13:3a:e3:0b:
         f8:d0:7c:95:5c:72:ce:8c:c2:e6:28:d7:d9:2f:ca:91:4b:e6:
         c2:f4:74:de:a4:60:04:5f:68:af:ee:1f:ad:7d:81:22:1a:c1:
         9d:19:64:7b:e2:4f:e0:44:f0:2e:e1:78:70:88:d1:f5:be:66:
         0d:5d:78:30:09:ff:78:74:cc:55:4d:75:3d:72:7b:c3:86:e3:
         e4:35:a2:9d:6c:73:ff:91:cc:2c:09:26:a8:cf:19:09:b5:34:
         d3:6b:f4:96:80:01:fa:d4:7f:71:19:71:42:6b:4c:d8:cc:f2:
         e4:f7:ca:d5:d3:8a:2b:01:09:58:a7:a4:a8:c7:70:6a:a6:4a:
         f6:89:07:a8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVz6HaNWM+10zZB4C4UUammMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZjYzNmZlYzdiNWIyZDE4ZGUzNzk3ZTY5ODRjMDY5NTVl
NzE2ZDcwHhcNMjMwMTAyMTkxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODFmZmM5MDVmM2U0Y2I5M2U5NzFhNDM5YTNiNWYzM2RiZjQxOGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvCU8IUB8/veYEWx/fLpGpK52Cko
zrUSNAFFOraIjmJIaSlcWxBggWpYTaEPbvkULoK/OC66NOYp27f1W6KHD87hXIC/
r4uNwlUW13igpr8A1FfCtpFYYCJtSGWFYLuteqEzCzhFFb78dtK1htJ9F3S9rLM/
8/NvUpOu76hYgkzcykrBZS+UoUWrQInzAT2Msfs3E939iqa5FtsJwJnNnSBfIKeY
9t+M6vNFn/6Y8oBeUm22lIiL7cuo/G4OZ5dmYQ73Jn5F4Tn/QbkYs1INiMXXKXBS
NiAMRg7twOMKnvNDLPRG2YcA3cJr1EODQ9TIzSLP1eEqsBGlqmEuqxsFGwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCgf/JBfPky5PpcaQ5o7XzPb9BjWMB8GA1UdIwQY
MBaAFPD2Nv7HtbLRjeN5fmmEwGlV5xbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFBZMl9zZTFzdEdONDNsLWFZVEFhVlhuRnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9hMDFhY2QtYTNkZS00ODM5LTlkMDIt
NjQzYzFmZTM4Mzg1LzEvS0JfOGtGOC1UTGstbHhwRG1qdGZNOXYwR05ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9hMDFhY2QtYTNkZS00ODM5LTlkMDItNjQzYzFmZTM4Mzg1
LzEvOFBZMl9zZTFzdEdONDNsLWFZVEFhVlhuRnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubZQMA0E
AgACMAcDBQMqCuaAMA0GCSqGSIb3DQEBCwUAA4IBAQAax83qP9tBZmI1QPRH9JWC
IDx76XjH0haFyGPxxSKCw/37O2Mq0eRkuzKgUE0CT+L7MaEYI2nRiVLab7Dvrnmf
04m/17ryrNi+Vkpj6MhIqcCk9E+bgV7KYzfcQXvfcCsj6LLLlF/SJ/RUJQCVuCc1
JFQxlUhl9f0X6RM64wv40HyVXHLOjMLmKNfZL8qRS+bC9HTepGAEX2iv7h+tfYEi
GsGdGWR74k/gRPAu4XhwiNH1vmYNXXgwCf94dMxVTXU9cnvDhuPkNaKdbHP/kcws
CSaozxkJtTTTa/SWgAH61H9xGXFCa0zYzPLk98rV04orAQlYp6Sox3Bqpkr2iQeo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:49 2024 by rpki-client on console-ams.rpki-client.org