Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/KrWDixvTqkBBUbcVD7ONi6R5vmY.roa
File:                     KrWDixvTqkBBUbcVD7ONi6R5vmY.roa (raw, json)
Hash identifier:          eanCkiSS6bcpLes804mXOyk9DziHGuzYhZjcM37GTFw=
Subject key identifier:   2A:B5:83:8B:1B:D3:AA:40:41:51:B7:15:0F:B3:8D:8B:A4:79:BE:66
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       018B8603794650D1A7D9B86E008674727E75
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/KrWDixvTqkBBUbcVD7ONi6R5vmY.roa
Signing time:             Tue 31 Oct 2023 13:54:16 +0000
ROA not before:           Tue 31 Oct 2023 13:54:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29802
IP address blocks:        84.32.39.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:86:03:79:46:50:d1:a7:d9:b8:6e:00:86:74:72:7e:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Oct 31 13:54:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2ab5838b1bd3aa404151b7150fb38d8ba479be66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:6f:e1:9c:e1:8d:59:32:20:09:a9:ef:24:41:
                    63:b7:4b:54:c7:f4:7c:e2:75:54:3f:ec:7c:a3:4c:
                    a6:18:30:5d:83:b7:d8:ba:be:eb:3c:7d:1a:02:f2:
                    72:da:cc:ac:bf:bc:f5:94:37:f8:d0:eb:0c:61:2e:
                    8b:59:46:99:45:a8:8a:3b:32:31:93:18:b2:c3:d8:
                    27:04:da:c5:4b:91:61:26:a6:15:cf:d9:cd:56:ff:
                    37:8a:eb:8d:4f:db:01:e2:4a:61:23:2d:97:2d:22:
                    45:8b:5c:4d:be:71:ff:1e:52:25:e0:4f:92:13:41:
                    7a:df:e5:8b:8b:36:48:e6:8b:0e:ee:27:5c:f8:ea:
                    2e:0c:79:c6:00:93:f4:d5:ad:22:33:b7:55:62:e2:
                    d1:ac:8c:bc:77:c7:8a:62:75:92:70:cc:ef:a3:9b:
                    9f:c0:5d:da:2a:ea:33:c9:30:1f:58:80:a2:54:64:
                    b6:21:d0:df:0b:a5:2c:78:65:f8:d5:92:23:bd:8e:
                    99:9a:db:81:82:1b:08:a0:6d:5c:6a:bd:b6:77:2a:
                    66:a2:86:56:ec:16:e2:6f:13:d9:95:6e:be:33:18:
                    f0:bd:7a:3e:f5:ca:14:93:a3:db:31:cd:d6:6d:a8:
                    18:32:d3:fa:74:5f:07:1b:13:dc:b1:81:dd:ae:15:
                    29:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:B5:83:8B:1B:D3:AA:40:41:51:B7:15:0F:B3:8D:8B:A4:79:BE:66
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/KrWDixvTqkBBUbcVD7ONi6R5vmY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.39.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:39:d0:e8:98:d8:88:cd:80:4a:8f:f0:cf:57:4a:3a:81:35:
         11:3d:db:8e:03:c4:1d:42:00:73:2c:e0:58:d0:8f:0a:95:fe:
         25:4d:f3:3a:ee:fd:b4:a2:e0:be:b9:07:37:6a:2a:c4:67:3d:
         5f:3d:03:10:8f:c2:ce:0a:31:3b:e4:b5:ac:6d:b0:be:98:d1:
         52:bc:c4:8f:78:92:f9:71:f9:95:1f:48:91:2f:fe:58:ca:56:
         26:e7:f7:ef:a8:41:37:e0:d2:2c:7c:c6:8a:e7:6f:a9:38:de:
         72:0f:e7:a1:46:bf:66:08:0a:3f:df:42:19:d5:ac:e8:87:16:
         1f:ab:f7:c8:af:35:49:21:5b:d4:2b:b6:43:a1:6e:86:32:22:
         f1:fa:3a:dd:35:a5:d8:3c:37:7c:dc:e4:a4:1a:bc:06:bd:4b:
         06:29:80:9a:26:98:a0:86:9d:58:88:84:6c:8d:53:13:13:98:
         04:3f:1e:07:98:e0:56:d3:36:f6:dd:2e:7e:b3:ef:60:15:61:
         0f:1d:b7:70:e4:3e:e3:62:31:42:fb:df:d7:ef:4a:4e:f0:b9:
         89:c0:eb:05:0a:2c:2e:ab:7a:59:29:b2:30:81:63:a2:5f:a5:
         07:67:a4:95:a0:7b:f3:78:48:f2:57:cf:eb:68:13:ed:04:b5:
         58:fc:5c:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuGA3lGUNGn2bhuAIZ0cn51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMDMxMTM1NDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWI1ODM4YjFiZDNhYTQwNDE1MWI3MTUwZmIzOGQ4YmE0NzliZTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuW/hnOGNWTIgCanvJEFjt0tUx/R8
4nVUP+x8o0ymGDBdg7fYur7rPH0aAvJy2sysv7z1lDf40OsMYS6LWUaZRaiKOzIx
kxiyw9gnBNrFS5FhJqYVz9nNVv83iuuNT9sB4kphIy2XLSJFi1xNvnH/HlIl4E+S
E0F63+WLizZI5osO7idc+OouDHnGAJP01a0iM7dVYuLRrIy8d8eKYnWScMzvo5uf
wF3aKuozyTAfWICiVGS2IdDfC6UseGX41ZIjvY6ZmtuBghsIoG1car22dypmooZW
7BbibxPZlW6+MxjwvXo+9coUk6PbMc3WbagYMtP6dF8HGxPcsYHdrhUp+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCq1g4sb06pAQVG3FQ+zjYukeb5mMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvS3JXRGl4dlRxa0JCVWJjVkQ3T05pNlI1dm1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCAnMA0G
CSqGSIb3DQEBCwUAA4IBAQAvOdDomNiIzYBKj/DPV0o6gTURPduOA8QdQgBzLOBY
0I8Klf4lTfM67v20ouC+uQc3airEZz1fPQMQj8LOCjE75LWsbbC+mNFSvMSPeJL5
cfmVH0iRL/5YylYm5/fvqEE34NIsfMaK52+pON5yD+ehRr9mCAo/30IZ1azohxYf
q/fIrzVJIVvUK7ZDoW6GMiLx+jrdNaXYPDd83OSkGrwGvUsGKYCaJpighp1YiIRs
jVMTE5gEPx4HmOBW0zb23S5+s+9gFWEPHbdw5D7jYjFC+9/X70pO8LmJwOsFCiwu
q3pZKbIwgWOiX6UHZ6SVoHvzeEjyV8/raBPtBLVY/Fw0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:26 2024 by rpki-client on console-ams.rpki-client.org