Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/KgLQU5O5ZQGz1e2YxlkBxfl8HHI.roa
File:                     KgLQU5O5ZQGz1e2YxlkBxfl8HHI.roa (raw, json)
Hash identifier:          kEoetx4Yu+ucE04F6gVVlAKoAhVax2T4oHpsT3UCt4U=
Subject key identifier:   2A:02:D0:53:93:B9:65:01:B3:D5:ED:98:C6:59:01:C5:F9:7C:1C:72
Certificate issuer:       /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial:       018572BA4A25D975BA18A79C242A0B5DD0B2
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/KgLQU5O5ZQGz1e2YxlkBxfl8HHI.roa
Signing time:             Mon 02 Jan 2023 13:44:49 +0000
ROA not before:           Mon 02 Jan 2023 13:44:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25227
IP address blocks:        188.130.140.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 04 Jan 2023 23:37:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:ba:4a:25:d9:75:ba:18:a7:9c:24:2a:0b:5d:d0:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
        Validity
            Not Before: Jan  2 13:44:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2a02d05393b96501b3d5ed98c65901c5f97c1c72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:f3:6a:1d:d3:18:ea:70:c0:90:c2:53:c3:ed:
                    9d:a6:cf:bc:5a:81:68:9a:01:76:b9:ea:ed:f3:70:
                    34:38:97:ac:6a:26:62:13:29:10:93:ab:1c:46:3a:
                    2d:f1:f5:01:a1:e5:69:b9:0c:fd:15:fc:e2:5f:9f:
                    a4:91:22:84:0f:90:c7:9d:87:6e:9f:c4:65:13:8a:
                    f4:da:dc:3b:d7:45:17:59:97:66:4b:58:e6:f6:2a:
                    91:b7:8d:78:7e:91:59:ec:2d:16:70:d6:42:d0:a3:
                    54:9c:4c:30:dc:e9:dd:c6:02:ae:b3:bc:c2:d8:95:
                    f9:60:fa:24:cf:3c:67:5d:34:6f:71:42:8f:95:0a:
                    97:32:ae:46:bb:66:11:f8:d3:9c:db:6b:09:db:7c:
                    c8:69:88:69:f5:b0:57:fd:6f:6b:f1:c8:9b:00:ec:
                    cf:77:64:ce:8d:43:ee:ef:a7:01:3e:12:9d:2b:e5:
                    d1:28:5c:b1:53:08:07:40:38:32:a8:9c:1a:63:2b:
                    59:42:4b:cd:0b:93:18:34:ff:b9:cf:51:30:2c:9a:
                    78:c0:42:d8:05:d9:2b:54:e8:a5:63:a8:4e:34:e7:
                    9d:d3:ac:41:ec:34:71:21:8a:ab:44:f9:57:62:74:
                    73:95:11:b0:16:5a:c9:fa:e7:96:ab:35:b7:bf:0d:
                    c3:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:02:D0:53:93:B9:65:01:B3:D5:ED:98:C6:59:01:C5:F9:7C:1C:72
            X509v3 Authority Key Identifier:
                keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/KgLQU5O5ZQGz1e2YxlkBxfl8HHI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.130.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:e3:8f:ec:bd:93:36:c8:09:45:e4:74:71:a2:4a:3b:ac:98:
         fd:0f:80:91:aa:b0:25:bd:93:6e:5a:5e:00:ac:9b:02:23:eb:
         4f:f5:34:35:07:56:9b:f0:62:ae:c2:a4:f2:e5:01:18:fe:f3:
         78:93:9e:d5:e3:e2:4a:73:80:58:05:36:4d:c5:13:e9:bd:23:
         11:ce:46:f2:d7:22:31:f1:3c:eb:ae:8c:4b:45:11:3a:24:7a:
         2e:7e:08:61:85:41:7e:e0:98:99:2e:81:5c:83:a6:03:20:1f:
         5e:17:60:ba:41:b3:d3:83:b0:45:51:83:0e:ec:c6:1b:4f:2a:
         d4:5a:f7:95:58:49:8c:50:a3:33:6f:54:c8:fc:68:b7:bc:e4:
         b2:4d:42:3b:42:4b:b8:5b:8e:60:27:a4:3a:42:87:2d:df:4f:
         9b:f5:34:34:a6:cc:0c:fc:d3:91:a9:82:02:ca:9d:11:7b:32:
         2a:67:e4:80:60:6a:87:0a:8d:5d:e1:9f:2e:01:c0:da:f7:59:
         87:fe:20:36:df:67:12:d4:1d:05:7d:5b:96:1a:b8:1a:1b:ff:
         f3:f1:d0:78:7d:7a:40:b4:4c:99:41:f9:4f:f2:03:a2:5a:8c:
         9b:e2:d3:c6:b2:3c:e1:b5:f8:0c:df:7f:74:d2:ea:27:42:f5:
         ae:81:14:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyukol2XW6GKecJCoLXdCyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjMwMTAyMTM0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTAyZDA1MzkzYjk2NTAxYjNkNWVkOThjNjU5MDFjNWY5N2MxYzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfNqHdMY6nDAkMJTw+2dps+8WoFo
mgF2uert83A0OJesaiZiEykQk6scRjot8fUBoeVpuQz9FfziX5+kkSKED5DHnYdu
n8RlE4r02tw710UXWZdmS1jm9iqRt414fpFZ7C0WcNZC0KNUnEww3OndxgKus7zC
2JX5YPokzzxnXTRvcUKPlQqXMq5Gu2YR+NOc22sJ23zIaYhp9bBX/W9r8cibAOzP
d2TOjUPu76cBPhKdK+XRKFyxUwgHQDgyqJwaYytZQkvNC5MYNP+5z1EwLJp4wELY
BdkrVOilY6hONOed06xB7DRxIYqrRPlXYnRzlRGwFlrJ+ueWqzW3vw3DXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCoC0FOTuWUBs9XtmMZZAcX5fBxyMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvS2dMUVU1TzVaUUd6MWUyWXhsa0J4Zmw4SEhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvIKMMA0G
CSqGSIb3DQEBCwUAA4IBAQBA44/svZM2yAlF5HRxoko7rJj9D4CRqrAlvZNuWl4A
rJsCI+tP9TQ1B1ab8GKuwqTy5QEY/vN4k57V4+JKc4BYBTZNxRPpvSMRzkby1yIx
8TzrroxLRRE6JHoufghhhUF+4JiZLoFcg6YDIB9eF2C6QbPTg7BFUYMO7MYbTyrU
WveVWEmMUKMzb1TI/Gi3vOSyTUI7Qku4W45gJ6Q6Qoct30+b9TQ0pswM/NORqYIC
yp0RezIqZ+SAYGqHCo1d4Z8uAcDa91mH/iA232cS1B0FfVuWGrgaG//z8dB4fXpA
tEyZQflP8gOiWoyb4tPGsjzhtfgM33900uonQvWugRQt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:57 2024 by rpki-client on console-fra.rpki-client.org