Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/7eb409-7f13-486d-86a8-ae1b0acd28a8/1/kiMsaRqRK6ya7PgyqCWFdE-08SA.roa
File:                     kiMsaRqRK6ya7PgyqCWFdE-08SA.roa (raw, json)
Hash identifier:          PwUQvgyMN2KuuM/ZIXOD5uM2nzCgEk4cHxAaSYisUq0=
Subject key identifier:   92:23:2C:69:1A:91:2B:AC:9A:EC:F8:32:A8:25:85:74:4F:B4:F1:20
Certificate issuer:       /CN=ed8e8797ea068357ad6bb03a35c95bd7034e1541
Certificate serial:       018CC8016565F9DF2078C70ECCC393B7983F
Authority key identifier: ED:8E:87:97:EA:06:83:57:AD:6B:B0:3A:35:C9:5B:D7:03:4E:15:41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7Y6Hl-oGg1eta7A6Nclb1wNOFUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/7eb409-7f13-486d-86a8-ae1b0acd28a8/1/kiMsaRqRK6ya7PgyqCWFdE-08SA.roa
Signing time:             Tue 02 Jan 2024 02:29:43 +0000
ROA not before:           Tue 02 Jan 2024 02:29:43 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51840
IP address blocks:        185.27.58.0/24 maxlen: 24
                          185.27.59.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Nov 2024 14:43:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:65:65:f9:df:20:78:c7:0e:cc:c3:93:b7:98:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed8e8797ea068357ad6bb03a35c95bd7034e1541
        Validity
            Not Before: Jan  2 02:29:43 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=92232c691a912bac9aecf832a82585744fb4f120
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:6e:03:40:6c:71:70:d6:0c:6d:73:f4:f4:64:
                    8e:44:3b:3d:8c:c5:64:00:63:6f:c3:85:11:d6:39:
                    a8:f4:45:95:25:14:4a:fb:5e:6b:7b:ef:65:56:c9:
                    7b:5d:78:6d:d2:c5:45:8d:e8:0b:6c:26:eb:dd:0a:
                    f2:3c:ec:69:64:36:4d:3f:17:be:ec:22:ca:6c:0e:
                    52:27:4c:16:80:c4:5f:dd:a7:ef:16:5a:0b:83:e8:
                    18:6e:86:5b:96:cf:cb:42:ee:0d:0a:67:ad:10:f2:
                    a4:94:d5:3b:d1:be:e1:11:d4:dd:fb:4c:64:dc:7f:
                    66:87:e2:17:98:3e:c8:90:8d:f9:69:2f:bc:c4:58:
                    e8:85:d9:85:17:b3:2d:76:4b:9a:e2:02:19:f3:a8:
                    54:2f:7c:83:70:75:31:5d:9e:8b:95:12:f9:a9:55:
                    5e:3b:0e:4e:df:f2:bc:9e:53:c5:b4:75:ea:bd:47:
                    b6:bd:d8:28:ec:2b:02:33:d1:2e:91:aa:7e:69:97:
                    25:a2:c4:33:f8:a0:ca:ac:6c:47:aa:e4:c3:11:be:
                    d0:70:c8:73:40:55:46:bc:ac:f0:4f:9e:60:b3:a5:
                    6a:09:82:92:76:3a:69:28:01:23:1f:53:77:12:d8:
                    26:8a:67:d7:f9:02:e5:4c:d7:84:19:7d:73:1e:24:
                    d9:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:23:2C:69:1A:91:2B:AC:9A:EC:F8:32:A8:25:85:74:4F:B4:F1:20
            X509v3 Authority Key Identifier:
                keyid:ED:8E:87:97:EA:06:83:57:AD:6B:B0:3A:35:C9:5B:D7:03:4E:15:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Y6Hl-oGg1eta7A6Nclb1wNOFUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/7eb409-7f13-486d-86a8-ae1b0acd28a8/1/kiMsaRqRK6ya7PgyqCWFdE-08SA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/7eb409-7f13-486d-86a8-ae1b0acd28a8/1/7Y6Hl-oGg1eta7A6Nclb1wNOFUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.27.58.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4c:ac:45:b0:1f:3b:05:6a:e5:59:b5:ed:b2:4f:a4:21:1d:4a:
         f0:db:0e:ba:99:82:d3:80:05:ea:0f:0d:b3:16:ed:8e:a3:3d:
         b8:bd:a6:1e:e7:2f:c3:83:bc:71:1b:98:7e:0b:cf:e2:8e:dd:
         36:ef:a8:84:19:c2:b2:92:79:3c:11:b5:7c:9e:08:ad:52:09:
         45:23:f7:23:0f:5a:6d:f0:aa:fc:91:33:bb:2b:f1:9a:a7:01:
         85:2c:fa:c5:fb:b0:b2:51:3d:7b:63:5c:af:64:25:f2:fa:90:
         b2:69:82:6c:8b:1d:f8:08:fb:0e:9a:f5:c5:9e:e9:2a:45:0d:
         f2:61:fa:9c:54:8f:8d:77:be:f5:2e:8e:47:18:d5:f2:00:47:
         1b:8e:1d:15:d8:ff:48:33:d3:62:fa:6a:ce:28:7b:2a:18:7a:
         91:f0:2e:d8:47:ac:a7:95:ff:f1:b1:3a:6a:a6:42:80:fd:72:
         d2:f4:23:39:5f:88:c1:b8:eb:34:ec:b6:79:23:a7:aa:91:3e:
         0a:c2:40:ab:c9:ea:74:20:d2:ff:10:89:9a:1b:1c:30:97:2f:
         ce:a5:7b:9e:05:47:00:77:a9:02:88:8e:17:ae:9d:a1:81:03:
         13:c1:6a:a8:13:d5:3b:a2:7b:68:5e:09:35:23:ca:78:1a:0d:
         64:75:aa:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAWVl+d8geMcOzMOTt5g/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkOGU4Nzk3ZWEwNjgzNTdhZDZiYjAzYTM1Yzk1YmQ3MDM0
ZTE1NDEwHhcNMjQwMTAyMDIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjIzMmM2OTFhOTEyYmFjOWFlY2Y4MzJhODI1ODU3NDRmYjRmMTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApm4DQGxxcNYMbXP09GSORDs9jMVk
AGNvw4UR1jmo9EWVJRRK+15re+9lVsl7XXht0sVFjegLbCbr3QryPOxpZDZNPxe+
7CLKbA5SJ0wWgMRf3afvFloLg+gYboZbls/LQu4NCmetEPKklNU70b7hEdTd+0xk
3H9mh+IXmD7IkI35aS+8xFjohdmFF7Mtdkua4gIZ86hUL3yDcHUxXZ6LlRL5qVVe
Ow5O3/K8nlPFtHXqvUe2vdgo7CsCM9Eukap+aZclosQz+KDKrGxHquTDEb7QcMhz
QFVGvKzwT55gs6VqCYKSdjppKAEjH1N3EtgmimfX+QLlTNeEGX1zHiTZeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJIjLGkakSusmuz4MqglhXRPtPEgMB8GA1UdIwQY
MBaAFO2Oh5fqBoNXrWuwOjXJW9cDThVBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1k2SGwtb0dnMWV0YTdBNk5jbGIxd05PRlVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS83ZWI0MDktN2YxMy00ODZkLTg2YTgt
YWUxYjBhY2QyOGE4LzEva2lNc2FScVJLNnlhN1BneXFDV0ZkRS0wOFNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS83ZWI0MDktN2YxMy00ODZkLTg2YTgtYWUxYjBhY2QyOGE4
LzEvN1k2SGwtb0dnMWV0YTdBNk5jbGIxd05PRlVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuRs6MA0G
CSqGSIb3DQEBCwUAA4IBAQBMrEWwHzsFauVZte2yT6QhHUrw2w66mYLTgAXqDw2z
Fu2Ooz24vaYe5y/Dg7xxG5h+C8/ijt0276iEGcKyknk8EbV8ngitUglFI/cjD1pt
8Kr8kTO7K/GapwGFLPrF+7CyUT17Y1yvZCXy+pCyaYJsix34CPsOmvXFnukqRQ3y
YfqcVI+Nd771Lo5HGNXyAEcbjh0V2P9IM9Ni+mrOKHsqGHqR8C7YR6ynlf/xsTpq
pkKA/XLS9CM5X4jBuOs07LZ5I6eqkT4KwkCryep0INL/EImaGxwwly/OpXueBUcA
d6kCiI4Xrp2hgQMTwWqoE9U7ontoXgk1I8p4Gg1kdaqU
-----END CERTIFICATE-----
Generated at Wed Nov 6 19:54:07 2024 by rpki-client on console-ams.rpki-client.org