Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/KITFiRzO4DUbBLVgxSHOrb43i5E.roa
File:                     KITFiRzO4DUbBLVgxSHOrb43i5E.roa (raw, json)
Hash identifier:          2lrZ/h66M8GUxQdqxHxGDSB9Bwfq9vSi2CJJUjbkm5Y=
Subject key identifier:   28:84:C5:89:1C:CE:E0:35:1B:04:B5:60:C5:21:CE:AD:BE:37:8B:91
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       01881FD1D299204FD5EA3BB42D1CF6B09897
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/KITFiRzO4DUbBLVgxSHOrb43i5E.roa
Signing time:             Mon 15 May 2023 14:30:24 +0000
ROA not before:           Mon 15 May 2023 14:30:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        77.105.22.0/24 maxlen: 24
                          109.121.40.0/24 maxlen: 24
                          188.255.135.0/24 maxlen: 24
                          188.255.134.0/24 maxlen: 24
                          212.69.13.0/24 maxlen: 24
                          178.219.14.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 18 May 2023 09:51:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:1f:d1:d2:99:20:4f:d5:ea:3b:b4:2d:1c:f6:b0:98:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: May 15 14:30:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2884c5891ccee0351b04b560c521ceadbe378b91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:34:b8:e7:ce:65:08:63:03:40:2a:76:d8:e7:
                    7e:5b:1d:c5:00:e1:3a:55:be:16:0b:da:29:a3:4f:
                    39:7b:c9:ff:39:ee:a9:02:18:57:26:55:85:35:78:
                    0b:da:36:0b:06:3a:93:1e:9f:7f:29:2f:4f:70:58:
                    dc:46:18:e1:86:e5:63:3a:82:1d:fa:0c:54:ee:54:
                    c0:d0:ac:51:2e:0d:bf:0e:65:42:ce:fa:22:a6:e9:
                    e6:52:89:44:a7:7b:67:07:3a:b6:b9:91:a0:38:68:
                    33:bc:4c:0c:c8:a9:d5:75:b0:53:f6:4b:8b:8f:3d:
                    cd:0a:83:6c:de:b6:ba:b4:20:a6:f5:e8:5c:cb:dd:
                    90:f3:5f:7e:aa:f3:c1:d4:66:5f:64:3d:f8:af:23:
                    ec:71:88:f3:f6:f7:41:60:f0:56:83:66:37:60:60:
                    41:a7:9f:a1:93:63:07:d7:6c:27:74:91:1a:a3:3c:
                    5e:ba:98:f6:ce:18:10:e5:a9:be:89:a8:84:88:61:
                    68:15:eb:c4:b2:94:79:2e:d4:86:c6:75:0e:0b:bc:
                    c0:98:e8:76:c0:14:82:24:04:89:f5:02:c2:be:e6:
                    72:ba:f6:4e:1a:f6:c6:47:7b:18:94:cf:c6:89:8d:
                    66:e8:4a:6d:2c:8b:c6:4c:2a:9d:e9:7a:06:b0:92:
                    b6:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:84:C5:89:1C:CE:E0:35:1B:04:B5:60:C5:21:CE:AD:BE:37:8B:91
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/KITFiRzO4DUbBLVgxSHOrb43i5E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.105.22.0/24
                  109.121.40.0/24
                  178.219.14.0/24
                  188.255.134.0/23
                  212.69.13.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:b5:fb:c1:30:5a:40:40:2d:38:3a:67:e5:f8:9c:02:f4:8c:
         26:8a:35:d9:b9:0e:e5:e5:af:d3:18:ee:a1:cf:ba:57:2a:8c:
         1e:95:4a:25:ab:09:66:c3:0f:62:a2:bc:13:db:ea:3f:0a:72:
         21:c2:2d:96:16:46:54:6c:6a:ce:dd:16:ac:27:90:b8:2d:ba:
         bb:e2:7f:80:a2:02:a9:35:ab:26:e2:bb:c8:71:8e:09:8b:a0:
         b2:49:20:2a:7d:0c:8e:10:f1:12:b1:fa:59:eb:c6:16:7a:d4:
         ec:5e:42:e0:7a:b3:ef:63:24:72:03:ce:45:c3:09:3b:a7:79:
         55:28:e4:fb:48:7a:c0:f1:db:34:24:22:2f:1a:2c:fa:5e:8d:
         16:0e:cc:7c:b2:6f:29:c2:c0:67:29:fb:f0:15:ec:9e:34:8a:
         a1:0f:cc:b9:c0:e2:05:ae:0a:f1:0f:39:e6:01:dd:b2:b9:6e:
         93:c2:d0:7c:e0:62:7a:83:0a:f6:2c:82:4b:6a:0c:48:e6:c3:
         76:31:da:3c:67:f0:05:5f:2d:19:f6:37:f6:a8:bd:84:f0:67:
         b0:df:dc:78:51:ee:e5:6e:35:61:06:6d:33:d3:1a:66:b2:95:
         a3:d1:a6:6d:87:7c:c4:f0:07:95:69:73:0a:2b:d1:6e:bd:e6:
         16:2b:27:2d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYgf0dKZIE/V6ju0LRz2sJiXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNTE1MTQzMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODg0YzU4OTFjY2VlMDM1MWIwNGI1NjBjNTIxY2VhZGJlMzc4YjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jS4585lCGMDQCp22Od+Wx3FAOE6
Vb4WC9opo085e8n/Oe6pAhhXJlWFNXgL2jYLBjqTHp9/KS9PcFjcRhjhhuVjOoId
+gxU7lTA0KxRLg2/DmVCzvoipunmUolEp3tnBzq2uZGgOGgzvEwMyKnVdbBT9kuL
jz3NCoNs3ra6tCCm9ehcy92Q819+qvPB1GZfZD34ryPscYjz9vdBYPBWg2Y3YGBB
p5+hk2MH12wndJEaozxeupj2zhgQ5am+iaiEiGFoFevEspR5LtSGxnUOC7zAmOh2
wBSCJASJ9QLCvuZyuvZOGvbGR3sYlM/GiY1m6EptLIvGTCqd6XoGsJK2OQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCiExYkczuA1GwS1YMUhzq2+N4uRMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvS0lURmlSek80RFViQkxWZ3hTSE9yYjQzaTVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATWkWAwQA
bXkoAwQAstsOAwQBvP+GAwQA1EUNMA0GCSqGSIb3DQEBCwUAA4IBAQBktfvBMFpA
QC04Omfl+JwC9IwmijXZuQ7l5a/TGO6hz7pXKowelUolqwlmww9iorwT2+o/CnIh
wi2WFkZUbGrO3RasJ5C4Lbq74n+AogKpNasm4rvIcY4Ji6CySSAqfQyOEPESsfpZ
68YWetTsXkLgerPvYyRyA85Fwwk7p3lVKOT7SHrA8ds0JCIvGiz6Xo0WDsx8sm8p
wsBnKfvwFeyeNIqhD8y5wOIFrgrxDznmAd2yuW6TwtB84GJ6gwr2LIJLagxI5sN2
Mdo8Z/AFXy0Z9jf2qL2E8Gew39x4Ue7lbjVhBm0z0xpmspWj0aZth3zE8AeVaXMK
K9FuveYWKyct
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:26 2024 by rpki-client on console-fra.rpki-client.org