Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/kMwYroS_8o7QhPSaTIPUS-fahpA.roa
File:                     kMwYroS_8o7QhPSaTIPUS-fahpA.roa (raw, json)
Hash identifier:          a8nD07KRiaOiXIwTyR+BkBey9BPg2ztSCYZ+LVyi2nE=
Subject key identifier:   90:CC:18:AE:84:BF:F2:8E:D0:84:F4:9A:4C:83:D4:4B:E7:DA:86:90
Certificate issuer:       /CN=c9d6b59a93e324083fbca4237e47e9f5ebf371ab
Certificate serial:       018CC8016B21E7430752890883895373573F
Authority key identifier: C9:D6:B5:9A:93:E3:24:08:3F:BC:A4:23:7E:47:E9:F5:EB:F3:71:AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yda1mpPjJAg_vKQjfkfp9evzcas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/kMwYroS_8o7QhPSaTIPUS-fahpA.roa
Signing time:             Tue 02 Jan 2024 02:29:45 +0000
ROA not before:           Tue 02 Jan 2024 02:29:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61317
IP address blocks:        185.193.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 11 Mar 2024 13:48:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:6b:21:e7:43:07:52:89:08:83:89:53:73:57:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d6b59a93e324083fbca4237e47e9f5ebf371ab
        Validity
            Not Before: Jan  2 02:29:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=90cc18ae84bff28ed084f49a4c83d44be7da8690
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:76:a9:14:6a:67:ad:9a:1b:3c:dd:2d:d1:c3:
                    e6:96:36:d3:e0:67:14:54:cc:02:1e:b4:43:e1:cf:
                    75:83:18:09:1f:ba:6f:ad:71:ed:dd:29:fe:de:96:
                    d0:58:c9:69:8a:a3:92:ea:4d:91:88:40:60:65:89:
                    57:21:4a:a7:4d:57:8d:45:da:13:78:24:c3:bb:c7:
                    7f:38:73:dd:83:1b:80:31:22:18:5a:4f:46:ea:33:
                    b6:75:f3:e5:1a:79:1c:0e:16:f0:39:5e:c2:c2:cc:
                    99:9a:69:8d:d9:c1:7e:bc:61:b3:cf:92:17:0c:05:
                    8f:2f:e6:16:19:e3:dd:b9:48:9b:97:7b:ce:1a:28:
                    8d:70:69:15:57:2d:c2:2e:3a:47:7d:2d:02:84:b8:
                    5f:e7:94:a7:15:24:b1:30:40:0f:f3:12:dd:0d:34:
                    ef:3b:a3:ce:9a:73:f9:5c:a5:f7:6e:01:92:5f:b4:
                    e4:66:03:e2:40:f7:e2:60:53:22:15:96:fa:46:ad:
                    56:a4:de:4d:bb:2e:ae:41:19:2c:f7:9e:e3:4f:28:
                    fa:0a:11:af:0c:27:19:ea:b3:42:fa:b0:a2:b2:c4:
                    97:a9:4e:9d:ee:2d:14:17:7d:80:2f:7f:eb:44:6f:
                    0e:63:be:91:d7:53:d5:6d:61:75:2a:86:ee:2f:ce:
                    72:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:CC:18:AE:84:BF:F2:8E:D0:84:F4:9A:4C:83:D4:4B:E7:DA:86:90
            X509v3 Authority Key Identifier:
                keyid:C9:D6:B5:9A:93:E3:24:08:3F:BC:A4:23:7E:47:E9:F5:EB:F3:71:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yda1mpPjJAg_vKQjfkfp9evzcas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/kMwYroS_8o7QhPSaTIPUS-fahpA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/yda1mpPjJAg_vKQjfkfp9evzcas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.193.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:9c:0d:95:5e:be:bc:70:20:dd:21:0d:11:f2:03:b7:9e:cc:
         28:16:4a:08:97:60:4a:a4:c7:7c:9e:c7:9a:a0:27:94:76:01:
         35:60:66:cf:23:d2:d6:b0:ee:a1:34:54:4d:dd:1a:58:8c:34:
         aa:e5:47:18:ee:5a:30:b4:b1:40:bb:2a:dc:45:d8:36:18:b9:
         29:24:50:d5:76:11:66:41:90:28:0f:42:78:de:07:4a:7b:fc:
         49:7c:a2:50:0b:26:12:59:d9:5f:45:48:bc:75:98:3a:49:ec:
         99:a7:98:1c:2d:b6:24:9a:1e:49:71:d6:b3:32:e5:f5:f3:4f:
         dd:2e:15:e7:56:2e:f5:8f:c7:24:0f:97:01:83:f6:fa:48:1a:
         78:3e:7a:d4:7b:87:c8:98:94:ce:86:fd:bb:ee:c2:f5:75:ee:
         ef:e7:23:94:78:66:7d:6a:24:7d:2b:13:a2:41:5a:b3:cb:dd:
         4d:6c:46:15:0f:2a:3e:23:05:1d:00:27:5c:cd:8f:3f:d9:9e:
         cd:b1:d7:aa:10:a0:24:a9:1a:42:d4:a4:6a:6b:1c:a4:6e:af:
         74:44:b2:a1:11:dd:b1:04:6f:e8:7e:9e:d8:67:5f:10:1e:b5:
         e9:d0:df:07:25:46:fd:68:72:1a:e6:8d:9c:60:d1:24:e6:52:
         30:3b:c3:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAWsh50MHUokIg4lTc1c/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDZiNTlhOTNlMzI0MDgzZmJjYTQyMzdlNDdlOWY1ZWJm
MzcxYWIwHhcNMjQwMTAyMDIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGNjMThhZTg0YmZmMjhlZDA4NGY0OWE0YzgzZDQ0YmU3ZGE4NjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHapFGpnrZobPN0t0cPmljbT4GcU
VMwCHrRD4c91gxgJH7pvrXHt3Sn+3pbQWMlpiqOS6k2RiEBgZYlXIUqnTVeNRdoT
eCTDu8d/OHPdgxuAMSIYWk9G6jO2dfPlGnkcDhbwOV7CwsyZmmmN2cF+vGGzz5IX
DAWPL+YWGePduUibl3vOGiiNcGkVVy3CLjpHfS0ChLhf55SnFSSxMEAP8xLdDTTv
O6POmnP5XKX3bgGSX7TkZgPiQPfiYFMiFZb6Rq1WpN5Nuy6uQRks957jTyj6ChGv
DCcZ6rNC+rCissSXqU6d7i0UF32AL3/rRG8OY76R11PVbWF1KobuL85ylQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJDMGK6Ev/KO0IT0mkyD1Evn2oaQMB8GA1UdIwQY
MBaAFMnWtZqT4yQIP7ykI35H6fXr83GrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRhMW1wUGpKQWdfdktRamZrZnA5ZXZ6Y2FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny82ODJiMDctNzczZi00NmZkLTgyZTIt
YjkyMTFlMWZjMWFjLzEva013WXJvU184bzdRaFBTYVRJUFVTLWZhaHBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny82ODJiMDctNzczZi00NmZkLTgyZTItYjkyMTFlMWZjMWFj
LzEveWRhMW1wUGpKQWdfdktRamZrZnA5ZXZ6Y2FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucGnMA0G
CSqGSIb3DQEBCwUAA4IBAQApnA2VXr68cCDdIQ0R8gO3nswoFkoIl2BKpMd8nsea
oCeUdgE1YGbPI9LWsO6hNFRN3RpYjDSq5UcY7lowtLFAuyrcRdg2GLkpJFDVdhFm
QZAoD0J43gdKe/xJfKJQCyYSWdlfRUi8dZg6SeyZp5gcLbYkmh5JcdazMuX180/d
LhXnVi71j8ckD5cBg/b6SBp4PnrUe4fImJTOhv277sL1de7v5yOUeGZ9aiR9KxOi
QVqzy91NbEYVDyo+IwUdACdczY8/2Z7NsdeqEKAkqRpC1KRqaxykbq90RLKhEd2x
BG/ofp7YZ18QHrXp0N8HJUb9aHIa5o2cYNEk5lIwO8Ok
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:30 2024 by rpki-client on console-fra.rpki-client.org