Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/VKKPMxC8F7ycIxenXz8ROlJvttY.roa
File:                     VKKPMxC8F7ycIxenXz8ROlJvttY.roa (raw, json)
Hash identifier:          z8i9V3zAcxjfxL8Bt2jsTJSSe1cosUFOsCb81MCNEmc=
Subject key identifier:   54:A2:8F:33:10:BC:17:BC:9C:23:17:A7:5F:3F:11:3A:52:6F:B6:D6
Certificate issuer:       /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial:       0191328779559B4468BEF8B70C5FB08F7CDF
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/VKKPMxC8F7ycIxenXz8ROlJvttY.roa
Signing time:             Thu 08 Aug 2024 15:07:04 +0000
ROA not before:           Thu 08 Aug 2024 15:07:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61135
IP address blocks:        78.135.73.0/24 maxlen: 24
                          78.135.97.0/24 maxlen: 24
                          78.135.100.0/24 maxlen: 24
                          78.135.104.0/24 maxlen: 24
                          185.17.136.0/24 maxlen: 24
                          188.132.189.0/24 maxlen: 24
                          188.132.190.0/24 maxlen: 24
                          188.132.191.0/24 maxlen: 24
                          188.132.236.0/24 maxlen: 24
                          188.132.249.0/24 maxlen: 24
                          212.68.35.0/24 maxlen: 24
                          212.68.59.0/24 maxlen: 24
                          212.68.60.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 11 Oct 2024 18:59:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:32:87:79:55:9b:44:68:be:f8:b7:0c:5f:b0:8f:7c:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
        Validity
            Not Before: Aug  8 15:07:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=54a28f3310bc17bc9c2317a75f3f113a526fb6d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:e2:c6:47:9b:88:92:bf:f5:77:c3:94:c6:68:
                    d0:88:e4:2d:b2:6f:08:15:15:08:38:2c:17:38:d3:
                    52:3b:70:e2:7d:92:56:16:2b:80:90:fc:74:45:d0:
                    f7:da:e8:ff:1c:5a:76:62:df:06:50:53:a0:65:a5:
                    b5:20:dc:ba:7f:61:ef:71:f7:2d:06:98:2f:6b:bb:
                    8c:22:f9:ca:e7:4b:35:c8:ed:af:d1:d3:00:ac:b8:
                    2b:03:e0:38:3f:e7:03:9b:84:c1:ae:9f:2b:fa:98:
                    09:62:8a:88:ef:8c:1a:84:ff:8e:a8:e8:17:a7:ca:
                    ee:14:60:bc:2d:ac:4d:32:29:79:6d:57:9b:9f:40:
                    2d:27:21:20:a9:10:9f:31:55:e5:c5:fa:76:79:89:
                    26:58:0e:d7:bf:87:27:ce:5a:15:a3:59:46:c8:b7:
                    ef:65:85:02:01:2b:85:27:de:c5:71:7e:0c:02:ee:
                    9c:ae:7c:9c:26:85:42:bd:3f:df:f9:53:70:72:24:
                    c5:3f:4a:c2:f6:a6:b4:37:bb:1f:04:18:0d:0e:53:
                    f2:02:2d:a3:06:7c:65:1b:bb:44:66:8a:fb:b0:fb:
                    cb:7e:a9:db:05:f3:03:4e:91:46:c0:71:3f:9b:c0:
                    57:8c:59:6e:08:d9:ab:76:0f:32:01:a4:57:58:5f:
                    54:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:A2:8F:33:10:BC:17:BC:9C:23:17:A7:5F:3F:11:3A:52:6F:B6:D6
            X509v3 Authority Key Identifier:
                keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/VKKPMxC8F7ycIxenXz8ROlJvttY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.135.73.0/24
                  78.135.97.0/24
                  78.135.100.0/24
                  78.135.104.0/24
                  185.17.136.0/24
                  188.132.189.0-188.132.191.255
                  188.132.236.0/24
                  188.132.249.0/24
                  212.68.35.0/24
                  212.68.59.0-212.68.60.255

    Signature Algorithm: sha256WithRSAEncryption
         a7:29:36:8e:fd:97:76:26:8e:c1:47:a2:70:02:e2:f9:2e:24:
         44:32:d9:78:5d:43:2e:1a:e5:3a:b7:e8:d2:78:49:de:42:d7:
         eb:6d:da:15:9a:86:34:1b:98:c1:c9:32:47:45:a1:34:89:12:
         e9:12:27:7e:d5:a2:83:80:5a:ef:f5:8c:4b:97:7b:ee:31:55:
         45:a8:1c:8a:e1:16:00:fc:b6:a2:60:05:01:72:a1:9c:ff:cd:
         ff:ee:c4:e4:d1:dc:f1:21:89:b3:01:c1:76:4c:e0:1c:74:e0:
         0d:fc:e3:33:5e:bd:19:0b:58:02:2a:33:bb:8a:54:13:18:9f:
         bb:c8:55:e8:ef:45:0a:01:f7:56:a0:94:a3:8a:03:c5:b7:14:
         b5:88:ef:8f:8c:27:99:ae:a0:3f:38:75:9e:bd:49:1e:b4:b9:
         50:db:21:55:21:42:6b:3e:76:74:cd:7b:04:09:19:4c:1e:69:
         2f:79:61:0d:4a:f1:ca:38:32:5d:af:b4:a2:4d:16:3f:ac:52:
         2b:41:e9:83:80:45:bf:6e:36:33:16:f8:d9:ac:c2:fc:9d:a8:
         a8:b4:49:d6:54:c0:e3:e0:3b:fb:87:c0:04:86:30:c0:af:c0:
         05:8b:2b:a6:a3:0d:53:6f:bf:7d:8d:03:22:b3:a2:19:06:cb:
         7d:af:b4:31
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZEyh3lVm0Rovvi3DF+wj3zfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQwODA4MTUwNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGEyOGYzMzEwYmMxN2JjOWMyMzE3YTc1ZjNmMTEzYTUyNmZiNmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuLGR5uIkr/1d8OUxmjQiOQtsm8I
FRUIOCwXONNSO3DifZJWFiuAkPx0RdD32uj/HFp2Yt8GUFOgZaW1INy6f2Hvcfct
Bpgva7uMIvnK50s1yO2v0dMArLgrA+A4P+cDm4TBrp8r+pgJYoqI74wahP+OqOgX
p8ruFGC8LaxNMil5bVebn0AtJyEgqRCfMVXlxfp2eYkmWA7Xv4cnzloVo1lGyLfv
ZYUCASuFJ97FcX4MAu6crnycJoVCvT/f+VNwciTFP0rC9qa0N7sfBBgNDlPyAi2j
BnxlG7tEZor7sPvLfqnbBfMDTpFGwHE/m8BXjFluCNmrdg8yAaRXWF9USQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFFSijzMQvBe8nCMXp18/ETpSb7bWMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvVktLUE14QzhGN3ljSXhlblh6OFJPbEp2dHRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQATodJAwQA
TodhAwQATodkAwQATodoAwQAuRGIMAwDBAC8hL0DBAa8hIADBAC8hOwDBAC8hPkD
BADURCMwDAMEANREOwMEANREPDANBgkqhkiG9w0BAQsFAAOCAQEApyk2jv2XdiaO
wUeicALi+S4kRDLZeF1DLhrlOrfo0nhJ3kLX623aFZqGNBuYwckyR0WhNIkS6RIn
ftWig4Ba7/WMS5d77jFVRagciuEWAPy2omAFAXKhnP/N/+7E5NHc8SGJswHBdkzg
HHTgDfzjM169GQtYAiozu4pUExifu8hV6O9FCgH3VqCUo4oDxbcUtYjvj4wnma6g
Pzh1nr1JHrS5UNshVSFCaz52dM17BAkZTB5pL3lhDUrxyjgyXa+0ok0WP6xSK0Hp
g4BFv242Mxb42azC/J2oqLRJ1lTA4+A7+4fABIYwwK/ABYsrpqMNU2+/fY0DIrOi
GQbLfa+0MQ==
-----END CERTIFICATE-----