Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/KWCTh1u66UzPdBJi8AUEAuJ8Mrk.roa
File:                     KWCTh1u66UzPdBJi8AUEAuJ8Mrk.roa (raw, json)
Hash identifier:          wtG7IMrskP9BNM7vQmYD7CSMRYRWQPp/J8WiiL+ZVa0=
Subject key identifier:   29:60:93:87:5B:BA:E9:4C:CF:74:12:62:F0:05:04:02:E2:7C:32:B9
Certificate issuer:       /CN=cf4a717f8fa1bb0359274223acdae22b70e66bec
Certificate serial:       018770A1DC7A6DEE4C3F1CE2C1B6F0499E0E
Authority key identifier: CF:4A:71:7F:8F:A1:BB:03:59:27:42:23:AC:DA:E2:2B:70:E6:6B:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z0pxf4-huwNZJ0IjrNriK3Dma-w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/KWCTh1u66UzPdBJi8AUEAuJ8Mrk.roa
Signing time:             Tue 11 Apr 2023 14:04:28 +0000
ROA not before:           Tue 11 Apr 2023 14:04:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20485
IP address blocks:        188.168.184.0/23 maxlen: 23
                          188.168.186.0/24 maxlen: 24
                          188.168.208.0/22 maxlen: 22
                          188.168.138.0/23 maxlen: 23
                          188.168.136.0/22 maxlen: 22
                          188.168.60.0/22 maxlen: 22
                          188.168.68.0/23 maxlen: 23
                          188.168.80.0/21 maxlen: 21
                          188.168.88.0/22 maxlen: 22
                          188.168.100.0/22 maxlen: 22
                          188.244.192.0/20 maxlen: 20
                          188.168.248.0/21 maxlen: 21
                          188.168.34.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:70:a1:dc:7a:6d:ee:4c:3f:1c:e2:c1:b6:f0:49:9e:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf4a717f8fa1bb0359274223acdae22b70e66bec
        Validity
            Not Before: Apr 11 14:04:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=296093875bbae94ccf741262f0050402e27c32b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:48:1a:1a:63:57:fa:a7:aa:d6:da:d6:38:d3:
                    99:9e:0b:90:95:03:81:79:9c:6e:fc:e6:bf:2f:67:
                    95:14:00:df:39:9f:7e:a2:f8:4a:0b:a6:53:4f:46:
                    54:d1:8a:db:87:1b:a3:f5:2a:1f:65:ab:9c:6e:fb:
                    d5:69:55:b2:d6:0e:68:7f:35:e1:27:81:b9:b1:b4:
                    99:ab:c9:14:40:68:0c:39:b3:58:28:c5:e1:0e:9c:
                    5a:b9:07:d8:30:2e:d7:fb:fd:c8:e5:2c:db:f1:3d:
                    36:f8:73:00:59:3e:6e:0c:5e:4b:a5:f8:20:24:06:
                    0c:78:4c:03:8a:86:69:67:09:d8:99:ea:d8:94:60:
                    b6:e1:7f:26:cb:d1:e2:8d:96:5f:4e:dd:3c:83:10:
                    21:81:ac:0a:cf:c0:66:e7:a4:50:ed:9a:22:a3:1b:
                    df:1c:6d:b6:5a:27:48:5d:3b:a9:a9:18:fa:57:66:
                    c8:bf:d8:82:e5:f8:0c:5d:e8:b3:4d:a1:77:bf:b9:
                    81:59:15:41:c3:28:f7:5b:59:e2:c5:8f:ee:64:a1:
                    a9:e5:c3:5d:d6:21:65:2c:8b:4f:4e:11:c3:b3:4f:
                    32:0a:1a:f9:0c:c7:52:28:91:1a:a7:ac:58:e3:d4:
                    2b:82:73:10:3f:76:25:c6:92:ce:ab:a5:e3:d0:da:
                    38:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:60:93:87:5B:BA:E9:4C:CF:74:12:62:F0:05:04:02:E2:7C:32:B9
            X509v3 Authority Key Identifier:
                keyid:CF:4A:71:7F:8F:A1:BB:03:59:27:42:23:AC:DA:E2:2B:70:E6:6B:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z0pxf4-huwNZJ0IjrNriK3Dma-w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/KWCTh1u66UzPdBJi8AUEAuJ8Mrk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/z0pxf4-huwNZJ0IjrNriK3Dma-w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.168.34.0/23
                  188.168.60.0/22
                  188.168.68.0/23
                  188.168.80.0-188.168.91.255
                  188.168.100.0/22
                  188.168.136.0/22
                  188.168.184.0-188.168.186.255
                  188.168.208.0/22
                  188.168.248.0/21
                  188.244.192.0/20

    Signature Algorithm: sha256WithRSAEncryption
         43:f1:97:ca:1b:50:71:fd:21:24:32:c0:00:f4:b1:f3:41:05:
         96:f3:00:0b:27:b7:30:18:0b:44:02:06:87:68:36:ce:59:c3:
         d8:ef:59:8c:29:e5:7a:64:c2:48:32:c7:0a:ae:f5:56:ed:9f:
         ce:82:f3:c0:11:73:47:c7:2d:2a:ab:25:e3:f0:59:a3:42:72:
         b6:40:41:1b:c8:81:bf:02:d9:1a:6b:87:4f:c6:49:ef:10:59:
         ed:25:9c:17:49:28:b8:8b:7b:ff:19:02:2e:e6:b9:5c:0b:23:
         c0:f3:04:87:2c:dd:6a:eb:fd:1c:2a:32:40:c8:77:b3:4d:8e:
         14:91:ea:62:ec:13:e7:5c:47:2c:7a:35:1c:82:26:fb:9d:42:
         3f:0d:9e:16:50:00:f8:13:80:08:29:89:88:33:c7:1c:ce:7f:
         e6:5a:1a:ed:96:90:38:42:e0:58:6d:ad:7c:0c:70:33:9c:20:
         56:35:0d:14:9a:7e:96:c4:98:9a:d1:7d:85:50:90:76:2f:aa:
         e2:2d:bc:5d:2e:29:df:53:f3:50:3c:0e:97:9d:e4:1f:5c:89:
         7a:b2:e0:39:d3:a0:fe:fa:e3:a2:17:8f:34:b5:9f:3a:26:ce:
         82:aa:7d:46:34:5c:bd:a5:8c:5e:95:dc:91:de:1f:a2:72:9a:
         4a:bf:b2:42
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYdwodx6be5MPxziwbbwSZ4OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNGE3MTdmOGZhMWJiMDM1OTI3NDIyM2FjZGFlMjJiNzBl
NjZiZWMwHhcNMjMwNDExMTQwNDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTYwOTM4NzViYmFlOTRjY2Y3NDEyNjJmMDA1MDQwMmUyN2MzMmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0gaGmNX+qeq1trWONOZnguQlQOB
eZxu/Oa/L2eVFADfOZ9+ovhKC6ZTT0ZU0Yrbhxuj9SofZaucbvvVaVWy1g5ofzXh
J4G5sbSZq8kUQGgMObNYKMXhDpxauQfYMC7X+/3I5Szb8T02+HMAWT5uDF5Lpfgg
JAYMeEwDioZpZwnYmerYlGC24X8my9HijZZfTt08gxAhgawKz8Bm56RQ7Zoioxvf
HG22WidIXTupqRj6V2bIv9iC5fgMXeizTaF3v7mBWRVBwyj3W1nixY/uZKGp5cNd
1iFlLItPThHDs08yChr5DMdSKJEap6xY49QrgnMQP3YlxpLOq6Xj0No4hQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFClgk4dbuulMz3QSYvAFBALifDK5MB8GA1UdIwQY
MBaAFM9KcX+PobsDWSdCI6za4itw5mvsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejBweGY0LWh1d05aSjBJanJOcmlLM0RtYS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9lNTBmNTQtNmZkZC00ZmU5LTlmZTkt
NmFhYTZiMDIxNjBkLzEvS1dDVGgxdTY2VXpQZEJKaThBVUVBdUo4TXJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9lNTBmNTQtNmZkZC00ZmU5LTlmZTktNmFhYTZiMDIxNjBk
LzEvejBweGY0LWh1d05aSjBJanJOcmlLM0RtYS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQBvKgiAwQC
vKg8AwQBvKhEMAwDBAS8qFADBAK8qFgDBAK8qGQDBAK8qIgwDAMEA7youAMEALyo
ugMEAryo0AMEA7yo+AMEBLz0wDANBgkqhkiG9w0BAQsFAAOCAQEAQ/GXyhtQcf0h
JDLAAPSx80EFlvMACye3MBgLRAIGh2g2zlnD2O9ZjCnlemTCSDLHCq71Vu2fzoLz
wBFzR8ctKqsl4/BZo0JytkBBG8iBvwLZGmuHT8ZJ7xBZ7SWcF0kouIt7/xkCLua5
XAsjwPMEhyzdauv9HCoyQMh3s02OFJHqYuwT51xHLHo1HIIm+51CPw2eFlAA+BOA
CCmJiDPHHM5/5loa7ZaQOELgWG2tfAxwM5wgVjUNFJp+lsSYmtF9hVCQdi+q4i28
XS4p31PzUDwOl53kH1yJerLgOdOg/vrjohePNLWfOibOgqp9RjRcvaWMXpXckd4f
onKaSr+yQg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:27 2024 by rpki-client on console-fra.rpki-client.org