Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/kAE1z77FpNNMD9PO6-KFq391KOE.roa
File:                     kAE1z77FpNNMD9PO6-KFq391KOE.roa (raw, json)
Hash identifier:          BqaCq7oI47/NbACRkzFa5fkKl5o9eRXwhBoPAC79EA8=
Subject key identifier:   90:01:35:CF:BE:C5:A4:D3:4C:0F:D3:CE:EB:E2:85:AB:7F:75:28:E1
Certificate issuer:       /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial:       018570E75819A7F5BD1846937E9FC2568756
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/kAE1z77FpNNMD9PO6-KFq391KOE.roa
Signing time:             Mon 02 Jan 2023 05:14:47 +0000
ROA not before:           Mon 02 Jan 2023 05:14:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205686
IP address blocks:        213.190.34.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:58:19:a7:f5:bd:18:46:93:7e:9f:c2:56:87:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
        Validity
            Not Before: Jan  2 05:14:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=900135cfbec5a4d34c0fd3ceebe285ab7f7528e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:43:4d:74:b5:48:e9:94:60:2f:f1:05:57:a7:
                    45:28:b2:3f:39:d8:81:a7:d7:50:d0:50:78:de:5c:
                    4f:88:2e:90:d9:10:27:6d:90:77:52:4d:48:c7:ad:
                    8a:1f:17:2b:e3:f0:fa:f3:65:78:46:27:d7:e5:a7:
                    31:a8:ca:41:df:cb:be:65:df:c6:6f:a5:77:ba:4a:
                    cc:ec:a6:84:0f:5c:52:c9:65:ad:db:56:31:05:c3:
                    e4:2e:56:d4:99:d6:52:80:d3:f4:a1:ce:0b:90:12:
                    d0:44:47:e5:d7:3d:ab:4c:f7:57:a4:72:1f:85:87:
                    fa:99:78:03:1d:38:81:fb:27:62:dd:bb:57:12:38:
                    2a:de:b1:5c:9f:63:4f:0c:5a:0b:26:58:39:33:d6:
                    eb:c4:e3:cd:57:17:c4:5b:44:bf:b9:27:af:af:9a:
                    68:a4:9a:7b:a5:ee:c8:61:0a:6c:23:ae:8c:a8:eb:
                    57:a3:45:26:a3:60:4a:68:cc:2f:1e:4e:bf:7a:47:
                    9b:4e:1d:fc:8f:73:e4:b0:35:20:39:0c:88:14:57:
                    c3:f5:6c:f3:20:23:db:ed:f6:77:e5:b4:58:8e:7d:
                    cb:b9:43:33:56:57:26:59:44:9c:94:26:f0:7f:6d:
                    5f:f3:1a:62:52:24:41:ee:42:ff:73:45:48:dd:c1:
                    31:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:01:35:CF:BE:C5:A4:D3:4C:0F:D3:CE:EB:E2:85:AB:7F:75:28:E1
            X509v3 Authority Key Identifier:
                keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/kAE1z77FpNNMD9PO6-KFq391KOE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.190.34.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:f1:e8:22:46:85:c2:55:fc:83:a1:3d:7e:29:ce:bd:0d:3b:
         2f:2b:1e:80:f0:29:01:e5:93:4b:f9:c7:70:2e:04:cc:54:1e:
         0f:e6:84:a7:1c:2a:e9:98:ca:dd:a1:ba:15:11:74:f8:79:56:
         ce:2b:6f:3c:11:fc:3a:4a:e3:f7:c5:fb:de:ee:67:7f:a2:c5:
         95:3d:6f:99:0c:45:de:d9:e7:b5:eb:92:72:0a:6d:5c:21:f3:
         be:c5:49:50:2b:dd:77:d1:ef:0e:22:36:42:47:5e:d1:96:64:
         c9:3c:c9:e8:e5:92:ae:71:95:0e:17:26:5f:41:cd:60:79:0c:
         e4:f1:02:9d:b3:9b:58:d0:d4:5c:3a:2e:54:d0:e1:39:d3:dc:
         20:3e:a5:16:82:16:8f:94:6e:06:3a:68:fd:2a:08:60:3e:71:
         7e:cf:f3:41:69:9a:2f:7d:fe:1a:e5:34:2d:e8:f6:2a:b5:65:
         e9:0d:20:3f:e2:9e:1e:04:c9:81:88:2d:64:fd:8a:9f:9a:5a:
         40:56:3e:a8:8d:8f:6f:7a:46:d1:70:09:60:09:7b:eb:81:61:
         c6:be:8f:9b:0f:68:0d:a0:6d:45:2d:b5:de:1d:05:4e:a6:99:
         b8:78:2d:50:cd:5f:ff:72:7b:e0:c2:cc:1e:ff:a3:26:84:2d:
         bf:66:a0:1d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVw51gZp/W9GEaTfp/CVodWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiOTg3MjQ0NjExYjUyMzA1MzY3NDRiNmE4OWYwNDRmMzJm
NDYyZWEwHhcNMjMwMTAyMDUxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDAxMzVjZmJlYzVhNGQzNGMwZmQzY2VlYmUyODVhYjdmNzUyOGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0NNdLVI6ZRgL/EFV6dFKLI/OdiB
p9dQ0FB43lxPiC6Q2RAnbZB3Uk1Ix62KHxcr4/D682V4RifX5acxqMpB38u+Zd/G
b6V3ukrM7KaED1xSyWWt21YxBcPkLlbUmdZSgNP0oc4LkBLQREfl1z2rTPdXpHIf
hYf6mXgDHTiB+ydi3btXEjgq3rFcn2NPDFoLJlg5M9brxOPNVxfEW0S/uSevr5po
pJp7pe7IYQpsI66MqOtXo0Umo2BKaMwvHk6/ekebTh38j3PksDUgOQyIFFfD9Wzz
ICPb7fZ35bRYjn3LuUMzVlcmWUSclCbwf21f8xpiUiRB7kL/c0VI3cEx/QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJABNc++xaTTTA/Tzuvihat/dSjhMB8GA1UdIwQY
MBaAFPuYckRhG1IwU2dEtqifBE8y9GLqMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS01aHlSR0ViVWpCVFowUzJxSjhFVHpMMFl1by5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAw
LWJlNTgzMmQ1ZjdhYS8xL2tBRTF6NzdGcE5OTUQ5UE82LUtGcTM5MUtPRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAwLWJlNTgzMmQ1Zjdh
YS8xLzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADVviIw
DQYJKoZIhvcNAQELBQADggEBAG7x6CJGhcJV/IOhPX4pzr0NOy8rHoDwKQHlk0v5
x3AuBMxUHg/mhKccKumYyt2huhURdPh5Vs4rbzwR/DpK4/fF+97uZ3+ixZU9b5kM
Rd7Z57XrknIKbVwh877FSVAr3XfR7w4iNkJHXtGWZMk8yejlkq5xlQ4XJl9BzWB5
DOTxAp2zm1jQ1Fw6LlTQ4TnT3CA+pRaCFo+UbgY6aP0qCGA+cX7P80Fpmi99/hrl
NC3o9iq1ZekNID/inh4EyYGILWT9ip+aWkBWPqiNj296RtFwCWAJe+uBYca+j5sP
aA2gbUUttd4dBU6mmbh4LVDNX/9ye+DCzB7/oyaELb9moB0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:18 2024 by rpki-client on console-fra.rpki-client.org