Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/5ca48b-c966-4e63-868d-a85c1b2ec1ce/1/KvqkR09m9w7pgN_ZkHV99dlmwLo.roa
File:                     KvqkR09m9w7pgN_ZkHV99dlmwLo.roa (raw, json)
Hash identifier:          e6pP9o2M9Cf2Mq0YNDxsMwnzev1Su5zPYGSjlYxev5U=
Subject key identifier:   2A:FA:A4:47:4F:66:F7:0E:E9:80:DF:D9:90:75:7D:F5:D9:66:C0:BA
Certificate issuer:       /CN=a81558853febc79d813eb2c0ce5cb736fb73c0df
Certificate serial:       01856AF7DE2782C7301507CDA016A0B25839
Authority key identifier: A8:15:58:85:3F:EB:C7:9D:81:3E:B2:C0:CE:5C:B7:36:FB:73:C0:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qBVYhT_rx52BPrLAzly3NvtzwN8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/5ca48b-c966-4e63-868d-a85c1b2ec1ce/1/KvqkR09m9w7pgN_ZkHV99dlmwLo.roa
Signing time:             Sun 01 Jan 2023 01:35:07 +0000
ROA not before:           Sun 01 Jan 2023 01:35:07 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50599
IP address blocks:        185.221.110.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6a:f7:de:27:82:c7:30:15:07:cd:a0:16:a0:b2:58:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a81558853febc79d813eb2c0ce5cb736fb73c0df
        Validity
            Not Before: Jan  1 01:35:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2afaa4474f66f70ee980dfd990757df5d966c0ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:fa:14:b8:a4:2e:ca:3f:7a:45:e6:74:b8:65:
                    51:4f:4a:2f:8b:ee:77:81:ce:f4:1d:58:a1:06:ea:
                    76:ce:f4:94:77:c2:af:a8:b9:17:48:b2:7f:1b:89:
                    bd:c1:8b:b8:88:c8:e7:eb:a4:9c:6b:4a:cd:5d:a3:
                    86:93:13:3a:1c:fb:6a:04:8a:9e:7a:ca:31:59:9f:
                    a5:92:2d:15:4f:ac:a5:39:ff:92:ce:6b:d2:a5:c2:
                    03:43:e1:41:f2:33:11:b9:94:7b:93:ee:0f:92:7e:
                    1e:29:95:34:d3:fe:80:ee:ac:59:10:5c:33:19:94:
                    de:8b:6a:ae:b6:51:00:f4:89:87:c4:e0:20:44:27:
                    03:7b:b0:b5:e2:63:66:66:be:30:0a:cb:f3:9f:82:
                    bc:5c:5b:62:00:7b:0e:61:61:cc:93:55:0a:f6:eb:
                    9f:c0:81:54:f8:32:d0:f0:15:9c:d0:1a:5a:f2:1b:
                    82:47:e5:15:73:b4:e1:65:c2:30:9f:62:2b:10:01:
                    01:68:41:0c:8c:40:bb:d9:a8:d2:c4:9b:92:4f:f3:
                    d1:9b:1e:ce:82:3a:54:3e:d5:8b:08:03:24:3c:0f:
                    e6:d9:35:24:47:ea:ad:af:90:9a:88:fc:b7:55:63:
                    42:c7:dd:1c:fc:74:ae:65:fd:d8:18:fe:9e:f0:1a:
                    3b:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:FA:A4:47:4F:66:F7:0E:E9:80:DF:D9:90:75:7D:F5:D9:66:C0:BA
            X509v3 Authority Key Identifier:
                keyid:A8:15:58:85:3F:EB:C7:9D:81:3E:B2:C0:CE:5C:B7:36:FB:73:C0:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBVYhT_rx52BPrLAzly3NvtzwN8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/5ca48b-c966-4e63-868d-a85c1b2ec1ce/1/KvqkR09m9w7pgN_ZkHV99dlmwLo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/5ca48b-c966-4e63-868d-a85c1b2ec1ce/1/qBVYhT_rx52BPrLAzly3NvtzwN8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.221.110.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:b3:36:53:eb:28:25:4e:b5:90:aa:c4:a6:de:b4:9f:3a:f2:
         84:b2:63:72:0a:52:ad:b6:a8:6f:93:be:9d:29:a7:c1:7f:0b:
         9a:0f:16:09:b1:c0:f8:a3:f7:db:b7:2f:bc:32:de:7c:f8:c3:
         52:7f:2f:51:f1:fe:b6:9b:1d:09:20:17:05:a5:8a:10:91:f2:
         4a:e1:fd:ad:67:d3:bb:8f:dd:db:36:4a:4f:db:28:b5:8a:9a:
         fc:7b:73:67:88:46:61:05:0d:d1:45:70:26:c8:0b:71:bc:b8:
         43:13:8a:72:c4:35:27:b9:31:c1:aa:88:4a:84:a2:47:ae:41:
         cf:1c:a5:f3:91:dd:e1:d5:49:e7:97:b1:f9:9e:b1:e3:e8:f5:
         f2:25:8c:a9:ee:34:39:9c:df:e8:8f:f0:a2:cc:e1:f6:63:78:
         01:11:9d:7d:59:71:7d:f8:16:da:83:70:32:06:5d:06:db:14:
         8c:6a:33:8f:f7:ac:3a:99:21:86:e1:6b:50:08:62:7a:03:7c:
         78:50:04:d1:0c:b5:40:06:7f:c7:af:36:2e:cf:e1:c5:22:16:
         01:69:1c:9f:24:19:a3:db:e3:3b:a4:5b:1a:31:ab:a6:f9:95:
         80:61:8d:fb:dd:28:93:9f:48:88:b2:80:e9:58:23:17:ea:16:
         68:48:70:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVq994ngscwFQfNoBagslg5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MTU1ODg1M2ZlYmM3OWQ4MTNlYjJjMGNlNWNiNzM2ZmI3
M2MwZGYwHhcNMjMwMTAxMDEzNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWZhYTQ0NzRmNjZmNzBlZTk4MGRmZDk5MDc1N2RmNWQ5NjZjMGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/oUuKQuyj96ReZ0uGVRT0ovi+53
gc70HVihBup2zvSUd8KvqLkXSLJ/G4m9wYu4iMjn66Sca0rNXaOGkxM6HPtqBIqe
esoxWZ+lki0VT6ylOf+SzmvSpcIDQ+FB8jMRuZR7k+4Pkn4eKZU00/6A7qxZEFwz
GZTei2qutlEA9ImHxOAgRCcDe7C14mNmZr4wCsvzn4K8XFtiAHsOYWHMk1UK9uuf
wIFU+DLQ8BWc0Bpa8huCR+UVc7ThZcIwn2IrEAEBaEEMjEC72ajSxJuST/PRmx7O
gjpUPtWLCAMkPA/m2TUkR+qtr5CaiPy3VWNCx90c/HSuZf3YGP6e8Bo7BwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCr6pEdPZvcO6YDf2ZB1ffXZZsC6MB8GA1UdIwQY
MBaAFKgVWIU/68edgT6ywM5ctzb7c8DfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUJWWWhUX3J4NTJCUHJMQXpseTNOdnR6d044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS81Y2E0OGItYzk2Ni00ZTYzLTg2OGQt
YTg1YzFiMmVjMWNlLzEvS3Zxa1IwOW05dzdwZ05fWmtIVjk5ZGxtd0xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS81Y2E0OGItYzk2Ni00ZTYzLTg2OGQtYTg1YzFiMmVjMWNl
LzEvcUJWWWhUX3J4NTJCUHJMQXpseTNOdnR6d044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud1uMA0G
CSqGSIb3DQEBCwUAA4IBAQBzszZT6yglTrWQqsSm3rSfOvKEsmNyClKttqhvk76d
KafBfwuaDxYJscD4o/fbty+8Mt58+MNSfy9R8f62mx0JIBcFpYoQkfJK4f2tZ9O7
j93bNkpP2yi1ipr8e3NniEZhBQ3RRXAmyAtxvLhDE4pyxDUnuTHBqohKhKJHrkHP
HKXzkd3h1Unnl7H5nrHj6PXyJYyp7jQ5nN/oj/CizOH2Y3gBEZ19WXF9+Bbag3Ay
Bl0G2xSMajOP96w6mSGG4WtQCGJ6A3x4UATRDLVABn/HrzYuz+HFIhYBaRyfJBmj
2+M7pFsaMaum+ZWAYY373SiTn0iIsoDpWCMX6hZoSHB/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:13 2024 by rpki-client on console-ams.rpki-client.org