Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/KH0aVdpjxSEV7MPzNW-nx48ftDY.roa
File:                     KH0aVdpjxSEV7MPzNW-nx48ftDY.roa (raw, json)
Hash identifier:          FCMo6YNVfufviNL0soo2gmywtcY/74GL/r10a6dFGSs=
Subject key identifier:   28:7D:1A:55:DA:63:C5:21:15:EC:C3:F3:35:6F:A7:C7:8F:1F:B4:36
Certificate issuer:       /CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Certificate serial:       018D14939AC2C7CB1EDFC037DFC1AA364D70
Authority key identifier: 66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/KH0aVdpjxSEV7MPzNW-nx48ftDY.roa
Signing time:             Tue 16 Jan 2024 23:20:34 +0000
ROA not before:           Tue 16 Jan 2024 23:20:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215733
IP address blocks:        185.152.72.0/22 maxlen: 22
                          2a01:ac::/32 maxlen: 32
                          2a01:ad::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 18 Jan 2024 19:10:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:14:93:9a:c2:c7:cb:1e:df:c0:37:df:c1:aa:36:4d:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
        Validity
            Not Before: Jan 16 23:20:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=287d1a55da63c52115ecc3f3356fa7c78f1fb436
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:bd:c6:95:a6:62:22:82:31:78:07:d8:90:74:
                    fb:d4:c1:c6:44:45:f4:46:4d:bf:41:6c:05:0e:9e:
                    6f:b1:95:01:c9:08:a7:aa:81:bb:37:22:0d:38:37:
                    dc:60:b8:71:41:e2:3e:29:dd:7c:5e:c4:fb:ad:95:
                    7d:2a:b4:50:a8:db:5b:f6:b3:78:69:8d:1c:4c:63:
                    c4:f0:01:2a:fd:12:8f:f4:ba:cb:5c:29:f0:b9:a4:
                    d2:0b:06:6f:6f:07:78:bc:29:59:e6:55:4b:46:bd:
                    e5:2e:8c:30:38:c9:a4:d2:cb:04:ec:e1:4d:9e:d2:
                    2d:d0:75:24:48:ea:e5:de:ed:ce:ba:f5:db:1e:23:
                    06:8a:91:32:3b:3d:06:32:cf:9e:38:ec:02:5a:55:
                    a1:22:78:98:81:23:a6:d9:ce:f2:6f:5f:05:b1:20:
                    c6:1f:3b:3d:77:a8:b4:37:6b:2c:22:09:4b:7c:f1:
                    73:3c:2d:44:12:a8:51:01:b3:e6:b1:82:8f:1e:42:
                    d0:a9:7e:8f:b8:cb:f6:4d:7e:1f:67:52:6c:8a:54:
                    01:03:5d:be:8a:08:f2:f0:38:37:66:62:80:14:4c:
                    56:cd:1f:f3:cc:69:37:8d:9c:f2:fd:af:60:f1:88:
                    5e:8c:aa:3d:ea:34:13:fd:a0:6a:ba:a1:b2:3f:1e:
                    5d:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:7D:1A:55:DA:63:C5:21:15:EC:C3:F3:35:6F:A7:C7:8F:1F:B4:36
            X509v3 Authority Key Identifier:
                keyid:66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/KH0aVdpjxSEV7MPzNW-nx48ftDY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/Zpauprq3nEj13e5KRr9Ktk2GMWA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.152.72.0/22
                IPv6:
                  2a01:ac::/31

    Signature Algorithm: sha256WithRSAEncryption
         7f:20:4c:cf:d4:87:6e:57:a9:73:52:a1:6d:25:11:56:0b:6f:
         fe:7e:b6:ba:a4:db:29:dc:a2:92:2a:27:a1:5d:e9:e6:ea:a1:
         66:4d:47:da:70:f2:e0:7c:9b:1e:6d:4d:30:e2:58:78:bb:3a:
         21:a7:8d:07:46:9e:2a:d8:44:ff:da:53:db:7d:c2:6a:fb:23:
         37:bf:5b:da:fd:8d:a4:ed:08:a8:de:79:54:eb:f7:c1:44:09:
         c4:34:78:6f:ef:88:4d:26:cd:ea:a5:27:4f:a8:51:56:64:23:
         22:58:37:b4:11:f0:76:d6:a7:dd:31:57:c5:a3:10:5a:2d:fb:
         5e:1a:a4:da:29:1b:48:53:ab:c9:2e:ed:cd:97:f7:10:7e:87:
         71:c8:c5:c6:d1:ae:12:61:2e:7f:61:9c:dd:d7:d3:8d:80:24:
         59:12:d1:d6:ac:b7:7d:6e:fe:e7:c8:ef:1a:da:c4:59:bd:7d:
         56:6d:ed:03:f7:6b:59:fe:a5:78:2c:de:e2:19:c5:7e:83:2b:
         7d:7b:85:a3:fd:b6:48:7b:a8:6b:0e:94:9e:94:a3:0b:49:7e:
         a5:3e:a1:0e:7b:f8:69:58:3d:96:8a:a9:26:ec:bd:c5:67:be:
         ca:c7:e2:85:b5:08:43:5c:47:32:78:60:83:51:d5:9c:82:80:
         c0:15:4d:91
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY0Uk5rCx8se38A338GqNk1wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OTZhZWE2YmFiNzljNDhmNWRkZWU0YTQ2YmY0YWI2NGQ4
NjMxNjAwHhcNMjQwMTE2MjMyMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODdkMWE1NWRhNjNjNTIxMTVlY2MzZjMzNTZmYTdjNzhmMWZiNDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq73GlaZiIoIxeAfYkHT71MHGREX0
Rk2/QWwFDp5vsZUByQinqoG7NyINODfcYLhxQeI+Kd18XsT7rZV9KrRQqNtb9rN4
aY0cTGPE8AEq/RKP9LrLXCnwuaTSCwZvbwd4vClZ5lVLRr3lLowwOMmk0ssE7OFN
ntIt0HUkSOrl3u3OuvXbHiMGipEyOz0GMs+eOOwCWlWhIniYgSOm2c7yb18FsSDG
Hzs9d6i0N2ssIglLfPFzPC1EEqhRAbPmsYKPHkLQqX6PuMv2TX4fZ1JsilQBA12+
igjy8Dg3ZmKAFExWzR/zzGk3jZzy/a9g8YhejKo96jQT/aBquqGyPx5dSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCh9GlXaY8UhFezD8zVvp8ePH7Q2MB8GA1UdIwQY
MBaAFGaWrqa6t5xI9d3uSka/SrZNhjFgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnBhdXBycTNuRWoxM2U1S1JyOUt0azJHTVdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My80NTJjMmItZjJjZi00YTkyLWExY2Qt
ZjAxOThjNmMyNDc0LzEvS0gwYVZkcGp4U0VWN01Qek5XLW54NDhmdERZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My80NTJjMmItZjJjZi00YTkyLWExY2QtZjAxOThjNmMyNDc0
LzEvWnBhdXBycTNuRWoxM2U1S1JyOUt0azJHTVdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZhIMA0E
AgACMAcDBQEqAQCsMA0GCSqGSIb3DQEBCwUAA4IBAQB/IEzP1IduV6lzUqFtJRFW
C2/+fra6pNsp3KKSKiehXenm6qFmTUfacPLgfJsebU0w4lh4uzohp40HRp4q2ET/
2lPbfcJq+yM3v1va/Y2k7Qio3nlU6/fBRAnENHhv74hNJs3qpSdPqFFWZCMiWDe0
EfB21qfdMVfFoxBaLfteGqTaKRtIU6vJLu3Nl/cQfodxyMXG0a4SYS5/YZzd19ON
gCRZEtHWrLd9bv7nyO8a2sRZvX1Wbe0D92tZ/qV4LN7iGcV+gyt9e4Wj/bZIe6hr
DpSelKMLSX6lPqEOe/hpWD2Wiqkm7L3FZ77Kx+KFtQhDXEcyeGCDUdWcgoDAFU2R
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:36 2024 by rpki-client on console-ams.rpki-client.org