Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/732b26-3193-44a7-938e-af68467c3727/1/kXTOrLx2tz3d9tSCBDChNX4f6gI.roa
File:                     kXTOrLx2tz3d9tSCBDChNX4f6gI.roa (raw, json)
Hash identifier:          PS+C1zIqsFWgkz3NjE/ufz82HMB5KPXeditgt9F4MbA=
Subject key identifier:   91:74:CE:AC:BC:76:B7:3D:DD:F6:D4:82:04:30:A1:35:7E:1F:EA:02
Certificate issuer:       /CN=b869cc42415eac65c4baa1a3926302e88b5e1629
Certificate serial:       0185710BED428F52F547F500B37DD3A6A20B
Authority key identifier: B8:69:CC:42:41:5E:AC:65:C4:BA:A1:A3:92:63:02:E8:8B:5E:16:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uGnMQkFerGXEuqGjkmMC6IteFik.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/732b26-3193-44a7-938e-af68467c3727/1/kXTOrLx2tz3d9tSCBDChNX4f6gI.roa
Signing time:             Mon 02 Jan 2023 05:54:45 +0000
ROA not before:           Mon 02 Jan 2023 05:54:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     13126
IP address blocks:        62.145.64.0/18 maxlen: 32
                          2a0b:7f80::/29 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 14:35:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0b:ed:42:8f:52:f5:47:f5:00:b3:7d:d3:a6:a2:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b869cc42415eac65c4baa1a3926302e88b5e1629
        Validity
            Not Before: Jan  2 05:54:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9174ceacbc76b73dddf6d4820430a1357e1fea02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:6d:4c:2e:ea:45:18:8d:bd:0f:67:ae:ca:fb:
                    bb:b4:df:42:f8:e6:fa:22:5b:e6:89:97:69:07:96:
                    76:7c:34:de:bc:4d:23:e1:10:c2:2b:ac:e6:46:60:
                    04:3e:7f:d7:cc:42:ae:0c:a6:75:19:e3:2c:ef:38:
                    d4:ac:0d:72:c7:22:1a:9f:ab:5d:f8:a2:ee:65:62:
                    05:04:ff:24:04:b0:3d:fe:85:64:46:3c:fb:de:89:
                    f8:00:2d:a9:62:31:48:ed:1d:c8:a7:4c:ce:59:15:
                    44:1f:61:eb:fa:ec:75:6c:0d:db:2f:c6:63:66:38:
                    d3:e1:bc:2a:c6:6f:ee:d2:8b:b7:c1:af:9e:7a:7b:
                    06:b3:dd:0c:5e:89:09:6a:0a:30:70:1e:5a:25:95:
                    c8:da:ff:6a:89:8a:a4:82:5b:5a:17:8a:98:b3:ed:
                    06:d7:a8:98:67:26:0c:4c:94:ac:8c:72:66:48:e4:
                    5a:a0:bc:17:4a:3f:0c:34:37:60:43:0b:28:4e:66:
                    c7:68:93:12:c0:a2:7e:a7:e0:12:64:a8:77:9c:d1:
                    82:ee:88:3a:ac:d1:11:2d:81:c6:7a:ac:af:92:b9:
                    f0:a2:75:fa:64:09:c3:38:4b:5c:5f:66:31:0f:72:
                    40:f3:37:71:49:52:39:9b:98:17:16:46:2f:34:b0:
                    2b:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:74:CE:AC:BC:76:B7:3D:DD:F6:D4:82:04:30:A1:35:7E:1F:EA:02
            X509v3 Authority Key Identifier:
                keyid:B8:69:CC:42:41:5E:AC:65:C4:BA:A1:A3:92:63:02:E8:8B:5E:16:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uGnMQkFerGXEuqGjkmMC6IteFik.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/732b26-3193-44a7-938e-af68467c3727/1/kXTOrLx2tz3d9tSCBDChNX4f6gI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/732b26-3193-44a7-938e-af68467c3727/1/uGnMQkFerGXEuqGjkmMC6IteFik.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.145.64.0/18
                IPv6:
                  2a0b:7f80::/29

    Signature Algorithm: sha256WithRSAEncryption
         b6:3e:4e:b7:46:ff:2d:8f:4f:ee:85:c1:ea:f9:99:e1:e8:0d:
         d7:b8:1b:81:ae:f2:a8:9d:9c:d6:90:7f:b6:21:02:e4:8e:47:
         81:84:be:36:a3:a7:79:07:3b:09:44:25:73:cc:7c:4a:06:5f:
         7d:58:f1:c5:9f:b8:33:95:21:c1:f2:99:cc:83:13:70:0a:a8:
         27:4f:6a:c8:db:6e:a4:95:83:6e:ce:fe:a5:a1:0a:bf:81:03:
         89:fd:49:ca:00:18:a0:11:ea:07:0d:1a:91:29:69:de:0c:42:
         15:4f:78:1e:f1:1a:a9:60:34:30:84:d0:e3:d9:df:d7:a8:24:
         cb:d9:08:59:9c:d3:cb:bc:11:ca:90:9f:73:95:e7:ff:7c:fd:
         02:9f:ed:09:03:9c:90:a9:f2:ed:c9:6a:47:84:02:4d:58:d2:
         45:0d:ca:aa:8e:b3:5e:80:dd:cc:bb:b4:b0:e9:14:6f:8a:e3:
         d5:36:76:b7:10:df:79:81:c8:3c:b0:64:3e:c5:73:28:dc:26:
         6b:79:0c:a3:d1:a1:ef:bf:e4:c3:f8:0d:fb:d7:e7:15:d0:8e:
         eb:ff:d9:66:83:b4:88:e9:8f:15:e2:76:64:69:9b:22:11:53:
         be:c3:51:d4:75:9b:a5:03:35:a5:2a:82:73:17:fe:2a:09:d0:
         24:ec:3b:93
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxC+1Cj1L1R/UAs33TpqILMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NjljYzQyNDE1ZWFjNjVjNGJhYTFhMzkyNjMwMmU4OGI1
ZTE2MjkwHhcNMjMwMTAyMDU1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTc0Y2VhY2JjNzZiNzNkZGRmNmQ0ODIwNDMwYTEzNTdlMWZlYTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAim1MLupFGI29D2euyvu7tN9C+Ob6
IlvmiZdpB5Z2fDTevE0j4RDCK6zmRmAEPn/XzEKuDKZ1GeMs7zjUrA1yxyIan6td
+KLuZWIFBP8kBLA9/oVkRjz73on4AC2pYjFI7R3Ip0zOWRVEH2Hr+ux1bA3bL8Zj
ZjjT4bwqxm/u0ou3wa+eensGs90MXokJagowcB5aJZXI2v9qiYqkgltaF4qYs+0G
16iYZyYMTJSsjHJmSORaoLwXSj8MNDdgQwsoTmbHaJMSwKJ+p+ASZKh3nNGC7og6
rNERLYHGeqyvkrnwonX6ZAnDOEtcX2YxD3JA8zdxSVI5m5gXFkYvNLArhQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJF0zqy8drc93fbUggQwoTV+H+oCMB8GA1UdIwQY
MBaAFLhpzEJBXqxlxLqho5JjAuiLXhYpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUduTVFrRmVyR1hFdXFHamttTUM2SXRlRmlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83MzJiMjYtMzE5My00NGE3LTkzOGUt
YWY2ODQ2N2MzNzI3LzEva1hUT3JMeDJ0ejNkOXRTQ0JEQ2hOWDRmNmdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83MzJiMjYtMzE5My00NGE3LTkzOGUtYWY2ODQ2N2MzNzI3
LzEvdUduTVFrRmVyR1hFdXFHamttTUM2SXRlRmlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQGPpFAMA0E
AgACMAcDBQMqC3+AMA0GCSqGSIb3DQEBCwUAA4IBAQC2Pk63Rv8tj0/uhcHq+Znh
6A3XuBuBrvKonZzWkH+2IQLkjkeBhL42o6d5BzsJRCVzzHxKBl99WPHFn7gzlSHB
8pnMgxNwCqgnT2rI226klYNuzv6loQq/gQOJ/UnKABigEeoHDRqRKWneDEIVT3ge
8RqpYDQwhNDj2d/XqCTL2QhZnNPLvBHKkJ9zlef/fP0Cn+0JA5yQqfLtyWpHhAJN
WNJFDcqqjrNegN3Mu7Sw6RRviuPVNna3EN95gcg8sGQ+xXMo3CZreQyj0aHvv+TD
+A371+cV0I7r/9lmg7SI6Y8V4nZkaZsiEVO+w1HUdZulAzWlKoJzF/4qCdAk7DuT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:25 2024 by rpki-client on console-ams.rpki-client.org