Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/daf212-f009-4bd4-874d-624c3e788cdf/1/kkPEjSHF5PxE8NkfypKgZAY9j-E.roa
File:                     kkPEjSHF5PxE8NkfypKgZAY9j-E.roa (raw, json)
Hash identifier:          eTbs9CkMLyaK7tA8iTgAXARmtlbcMlOm0ztXcxFD4VI=
Subject key identifier:   92:43:C4:8D:21:C5:E4:FC:44:F0:D9:1F:CA:92:A0:64:06:3D:8F:E1
Certificate issuer:       /CN=b660d78320860d5efe729e208b5eb4b2abebe078
Certificate serial:       0187DDCCDC9D125FB8B6EA2A39BABBBEC480
Authority key identifier: B6:60:D7:83:20:86:0D:5E:FE:72:9E:20:8B:5E:B4:B2:AB:EB:E0:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tmDXgyCGDV7-cp4gi160sqvr4Hg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/daf212-f009-4bd4-874d-624c3e788cdf/1/kkPEjSHF5PxE8NkfypKgZAY9j-E.roa
Signing time:             Tue 02 May 2023 18:50:03 +0000
ROA not before:           Tue 02 May 2023 18:50:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51198
IP address blocks:        45.132.9.0/24 maxlen: 24
                          45.132.11.0/24 maxlen: 24
                          45.132.8.0/24 maxlen: 24
                          45.132.10.0/24 maxlen: 24
                          2a0e:6540::/29 maxlen: 29
                          2a13:7d00::/29 maxlen: 48

Validation:               Failed, certificate revoked on Fri 19 May 2023 13:41:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:dd:cc:dc:9d:12:5f:b8:b6:ea:2a:39:ba:bb:be:c4:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b660d78320860d5efe729e208b5eb4b2abebe078
        Validity
            Not Before: May  2 18:50:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9243c48d21c5e4fc44f0d91fca92a064063d8fe1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:be:c4:dc:d9:89:09:32:d4:de:41:f2:0d:fc:
                    5b:cc:e0:8d:0d:1e:99:c3:a5:dd:1e:6e:47:2b:73:
                    b9:d4:4f:85:c9:27:ee:87:8e:71:72:cf:2b:18:30:
                    2d:5f:9c:13:a8:a4:29:ac:f3:6e:e3:4c:a8:e7:fc:
                    65:69:7d:55:c9:45:90:28:a1:3a:9f:31:23:a8:7c:
                    ab:e5:d7:62:df:02:a3:36:e8:dc:56:b8:ec:90:e6:
                    18:fc:59:b5:13:b4:b3:de:56:6e:75:99:9e:7e:c6:
                    df:2c:d5:6a:6a:ba:82:85:ed:74:42:9a:c2:98:4b:
                    36:4d:59:46:2c:64:b5:17:94:cc:d7:b7:98:8e:ed:
                    ae:21:86:76:a7:19:41:e3:ae:73:cf:c0:a6:de:79:
                    91:cb:ca:b6:bd:fd:53:92:71:34:92:a3:4f:90:1d:
                    3d:72:96:3e:ae:01:71:52:8f:eb:cf:3f:d1:76:c2:
                    a4:80:95:db:34:5a:5f:58:ea:cb:1a:1c:c1:e0:ac:
                    6c:3a:93:9f:60:da:b5:4d:03:98:3b:49:fe:a4:62:
                    a0:21:a9:c2:5c:2e:fb:17:1c:07:46:e4:34:9f:7d:
                    f2:cb:27:be:68:94:dd:d1:b8:44:75:a0:49:9b:f1:
                    e0:3e:51:77:83:d5:c9:06:8f:b3:db:56:8c:02:77:
                    91:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:43:C4:8D:21:C5:E4:FC:44:F0:D9:1F:CA:92:A0:64:06:3D:8F:E1
            X509v3 Authority Key Identifier:
                keyid:B6:60:D7:83:20:86:0D:5E:FE:72:9E:20:8B:5E:B4:B2:AB:EB:E0:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tmDXgyCGDV7-cp4gi160sqvr4Hg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/daf212-f009-4bd4-874d-624c3e788cdf/1/kkPEjSHF5PxE8NkfypKgZAY9j-E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/daf212-f009-4bd4-874d-624c3e788cdf/1/tmDXgyCGDV7-cp4gi160sqvr4Hg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.132.8.0/22
                IPv6:
                  2a0e:6540::/29
                  2a13:7d00::/29

    Signature Algorithm: sha256WithRSAEncryption
         35:f3:0d:2a:cc:9f:0b:23:af:26:f2:65:cd:b1:ab:b1:37:c0:
         4b:f6:c0:be:4c:8b:1c:78:1b:63:ab:f7:62:f3:32:97:8a:01:
         92:9d:e6:5e:85:29:7c:f6:e8:ab:4d:13:93:60:b9:b1:d0:87:
         61:fe:00:70:d0:5a:7a:ca:df:29:f6:4a:be:b9:d7:e6:11:b8:
         88:4f:e4:e3:8f:3f:31:22:f6:b3:88:27:5f:66:4b:fc:33:e6:
         d9:0c:2e:ad:82:33:9f:99:11:27:60:41:0d:10:15:e1:3c:44:
         af:53:d0:b5:a3:c4:33:70:aa:74:a0:b3:85:a9:6b:6e:74:b4:
         03:d3:88:ff:0b:6f:73:56:58:cf:b3:0a:b0:25:82:4f:26:ae:
         61:79:92:e5:c4:9c:05:99:3c:ee:85:69:99:98:2b:d8:f6:e9:
         97:86:81:7a:38:0a:df:60:30:77:2a:d3:c8:a7:62:be:46:f3:
         77:22:7f:32:04:50:18:5e:74:ba:5d:ae:02:84:c8:84:fb:80:
         e7:5c:ce:8f:06:bf:14:f9:ce:a6:85:5f:45:48:fd:a2:88:30:
         ae:f6:99:a7:20:a4:33:2d:b2:fc:bd:0a:1d:20:6b:0f:47:7c:
         52:96:25:65:7b:31:13:e8:32:89:9d:ba:42:13:e6:4c:a5:1d:
         42:27:d7:69
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYfdzNydEl+4tuoqObq7vsSAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NjBkNzgzMjA4NjBkNWVmZTcyOWUyMDhiNWViNGIyYWJl
YmUwNzgwHhcNMjMwNTAyMTg1MDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjQzYzQ4ZDIxYzVlNGZjNDRmMGQ5MWZjYTkyYTA2NDA2M2Q4ZmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkb7E3NmJCTLU3kHyDfxbzOCNDR6Z
w6XdHm5HK3O51E+FySfuh45xcs8rGDAtX5wTqKQprPNu40yo5/xlaX1VyUWQKKE6
nzEjqHyr5ddi3wKjNujcVrjskOYY/Fm1E7Sz3lZudZmefsbfLNVqarqChe10QprC
mEs2TVlGLGS1F5TM17eYju2uIYZ2pxlB465zz8Cm3nmRy8q2vf1TknE0kqNPkB09
cpY+rgFxUo/rzz/RdsKkgJXbNFpfWOrLGhzB4KxsOpOfYNq1TQOYO0n+pGKgIanC
XC77FxwHRuQ0n33yyye+aJTd0bhEdaBJm/HgPlF3g9XJBo+z21aMAneRGQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJJDxI0hxeT8RPDZH8qSoGQGPY/hMB8GA1UdIwQY
MBaAFLZg14Mghg1e/nKeIItetLKr6+B4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG1EWGd5Q0dEVjctY3A0Z2kxNjBzcXZyNEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9kYWYyMTItZjAwOS00YmQ0LTg3NGQt
NjI0YzNlNzg4Y2RmLzEva2tQRWpTSEY1UHhFOE5rZnlwS2daQVk5ai1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9kYWYyMTItZjAwOS00YmQ0LTg3NGQtNjI0YzNlNzg4Y2Rm
LzEvdG1EWGd5Q0dEVjctY3A0Z2kxNjBzcXZyNEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYQIMBQE
AgACMA4DBQMqDmVAAwUDKhN9ADANBgkqhkiG9w0BAQsFAAOCAQEANfMNKsyfCyOv
JvJlzbGrsTfAS/bAvkyLHHgbY6v3YvMyl4oBkp3mXoUpfPboq00Tk2C5sdCHYf4A
cNBaesrfKfZKvrnX5hG4iE/k448/MSL2s4gnX2ZL/DPm2QwurYIzn5kRJ2BBDRAV
4TxEr1PQtaPEM3CqdKCzhalrbnS0A9OI/wtvc1ZYz7MKsCWCTyauYXmS5cScBZk8
7oVpmZgr2Pbpl4aBejgK32AwdyrTyKdivkbzdyJ/MgRQGF50ul2uAoTIhPuA51zO
jwa/FPnOpoVfRUj9oogwrvaZpyCkMy2y/L0KHSBrD0d8UpYlZXsxE+gyiZ26QhPm
TKUdQifXaQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:18 2024 by rpki-client on console-ams.rpki-client.org