Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/02aa3b-e3a8-4c69-82ce-d957264653e2/1/KC2tQOZWS-Z-cx4cj-cDSriqmGA.roa
File:                     KC2tQOZWS-Z-cx4cj-cDSriqmGA.roa (raw, json)
Hash identifier:          hf/JMPL3+g1BJ1YsN/pHerBjWw5IDaw+dE4OV6fQx/s=
Subject key identifier:   28:2D:AD:40:E6:56:4B:E6:7E:73:1E:1C:8F:E7:03:4A:B8:AA:98:60
Certificate issuer:       /CN=6b5e8b0701e35d66a97876d8055012a89682fdc3
Certificate serial:       01856FE716C3FD7996B4E910177290456D59
Authority key identifier: 6B:5E:8B:07:01:E3:5D:66:A9:78:76:D8:05:50:12:A8:96:82:FD:C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a16LBwHjXWapeHbYBVASqJaC_cM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/02aa3b-e3a8-4c69-82ce-d957264653e2/1/KC2tQOZWS-Z-cx4cj-cDSriqmGA.roa
Signing time:             Mon 02 Jan 2023 00:34:53 +0000
ROA not before:           Mon 02 Jan 2023 00:34:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60017
IP address blocks:        185.156.232.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:e7:16:c3:fd:79:96:b4:e9:10:17:72:90:45:6d:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b5e8b0701e35d66a97876d8055012a89682fdc3
        Validity
            Not Before: Jan  2 00:34:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=282dad40e6564be67e731e1c8fe7034ab8aa9860
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:7b:18:2d:3b:b2:b9:20:40:b3:f4:43:5b:40:
                    df:ae:a0:40:e4:80:3f:5c:0a:e3:d7:7a:17:48:67:
                    0e:69:ee:7e:53:d7:28:d7:cf:a8:0c:e0:41:8b:6b:
                    87:e7:b5:e0:0f:30:df:3a:27:1c:cd:49:b3:4e:37:
                    0f:5a:41:40:3d:08:c4:f2:60:6e:3a:5f:fc:bb:2b:
                    9e:94:26:6c:de:2b:92:25:23:09:11:bf:9f:62:a0:
                    cf:67:de:49:7d:03:49:a9:f1:b9:e1:e3:51:d3:85:
                    55:ff:f2:cc:57:8d:61:7e:fa:47:4a:13:84:c4:3e:
                    23:8c:79:f4:ce:9a:c8:24:1e:e7:48:68:4f:0f:6a:
                    e0:c6:6d:80:7e:a0:d7:9f:75:9e:64:95:33:33:b3:
                    b1:02:35:85:ee:ea:20:5c:65:57:f8:ce:6e:2e:04:
                    a5:4a:b2:e3:51:13:0c:df:a9:6f:ea:37:90:93:10:
                    8c:01:07:3c:12:32:dd:4d:de:74:e6:8d:4c:fb:d5:
                    5d:bb:c0:cc:e5:2c:e3:79:6f:87:31:51:57:fc:ed:
                    8d:09:c6:1b:3c:d5:5e:3f:23:ab:12:dd:34:b6:f2:
                    d2:c5:25:64:71:33:cc:23:b1:8f:79:5a:31:7e:2d:
                    8b:1e:db:92:36:43:1b:91:62:c6:f7:34:72:18:2a:
                    45:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:2D:AD:40:E6:56:4B:E6:7E:73:1E:1C:8F:E7:03:4A:B8:AA:98:60
            X509v3 Authority Key Identifier:
                keyid:6B:5E:8B:07:01:E3:5D:66:A9:78:76:D8:05:50:12:A8:96:82:FD:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a16LBwHjXWapeHbYBVASqJaC_cM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/02aa3b-e3a8-4c69-82ce-d957264653e2/1/KC2tQOZWS-Z-cx4cj-cDSriqmGA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/02aa3b-e3a8-4c69-82ce-d957264653e2/1/a16LBwHjXWapeHbYBVASqJaC_cM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.156.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1d:24:11:53:54:f4:04:ca:be:12:5d:c8:28:ed:39:47:0f:b9:
         48:98:c3:1a:ab:b4:d0:3a:b4:32:41:cc:0b:24:9a:e2:92:81:
         01:f4:f7:31:a7:47:21:6b:bd:1f:15:59:07:b8:7d:8e:c9:fc:
         6b:d3:fb:3f:08:8a:dd:b0:d1:78:8d:1a:f9:0e:a5:16:f3:30:
         7a:d4:a5:14:35:3e:6b:20:8f:ca:40:5f:3a:f3:56:4f:7e:5b:
         ce:00:49:73:cb:af:07:58:32:48:71:93:69:6d:2f:44:ab:b0:
         b4:de:f6:48:55:87:6c:7d:fe:45:dd:08:bf:ae:9d:7c:63:8c:
         77:0c:ab:17:83:b1:57:8b:d7:a7:7f:10:dd:8b:68:b8:1f:7a:
         21:75:14:8a:d3:a1:a7:61:1b:13:7f:c4:f4:dc:20:99:02:40:
         fe:3a:7c:83:44:54:c9:07:5e:dc:0c:7e:9e:3a:04:53:19:11:
         bb:e7:1a:86:39:c8:cf:b1:52:7a:07:60:41:02:c9:58:eb:cb:
         af:80:81:39:e7:fa:04:9f:79:6a:fc:cc:cb:a7:5c:47:6d:93:
         a7:c1:63:14:9d:70:55:ab:83:cc:47:eb:3a:4d:e0:07:a5:bf:
         2b:58:79:34:02:55:db:91:68:93:0a:07:6b:5d:ba:12:99:6d:
         44:c5:cf:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5xbD/XmWtOkQF3KQRW1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWU4YjA3MDFlMzVkNjZhOTc4NzZkODA1NTAxMmE4OTY4
MmZkYzMwHhcNMjMwMTAyMDAzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODJkYWQ0MGU2NTY0YmU2N2U3MzFlMWM4ZmU3MDM0YWI4YWE5ODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnsYLTuyuSBAs/RDW0DfrqBA5IA/
XArj13oXSGcOae5+U9co18+oDOBBi2uH57XgDzDfOicczUmzTjcPWkFAPQjE8mBu
Ol/8uyuelCZs3iuSJSMJEb+fYqDPZ95JfQNJqfG54eNR04VV//LMV41hfvpHShOE
xD4jjHn0zprIJB7nSGhPD2rgxm2AfqDXn3WeZJUzM7OxAjWF7uogXGVX+M5uLgSl
SrLjURMM36lv6jeQkxCMAQc8EjLdTd505o1M+9Vdu8DM5SzjeW+HMVFX/O2NCcYb
PNVePyOrEt00tvLSxSVkcTPMI7GPeVoxfi2LHtuSNkMbkWLG9zRyGCpF7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCgtrUDmVkvmfnMeHI/nA0q4qphgMB8GA1UdIwQY
MBaAFGteiwcB411mqXh22AVQEqiWgv3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTE2TEJ3SGpYV2FwZUhiWUJWQVNxSmFDX2NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8wMmFhM2ItZTNhOC00YzY5LTgyY2Ut
ZDk1NzI2NDY1M2UyLzEvS0MydFFPWldTLVotY3g0Y2otY0RTcmlxbUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8wMmFhM2ItZTNhOC00YzY5LTgyY2UtZDk1NzI2NDY1M2Uy
LzEvYTE2TEJ3SGpYV2FwZUhiWUJWQVNxSmFDX2NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZzoMA0G
CSqGSIb3DQEBCwUAA4IBAQAdJBFTVPQEyr4SXcgo7TlHD7lImMMaq7TQOrQyQcwL
JJrikoEB9Pcxp0cha70fFVkHuH2Oyfxr0/s/CIrdsNF4jRr5DqUW8zB61KUUNT5r
II/KQF8681ZPflvOAElzy68HWDJIcZNpbS9Eq7C03vZIVYdsff5F3Qi/rp18Y4x3
DKsXg7FXi9enfxDdi2i4H3ohdRSK06GnYRsTf8T03CCZAkD+OnyDRFTJB17cDH6e
OgRTGRG75xqGOcjPsVJ6B2BBAslY68uvgIE55/oEn3lq/MzLp1xHbZOnwWMUnXBV
q4PMR+s6TeAHpb8rWHk0AlXbkWiTCgdrXboSmW1Exc92
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:58 2024 by rpki-client on console-ams.rpki-client.org