Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/kekE--ELhprzRLKm0uzzgEcKLRk.roa
File:                     kekE--ELhprzRLKm0uzzgEcKLRk.roa (raw, json)
Hash identifier:          MFe3pHmnQjllRFUlzac46zyybgQ58G8zpDvwBFcsRTQ=
Subject key identifier:   91:E9:04:FB:E1:0B:86:9A:F3:44:B2:A6:D2:EC:F3:80:47:0A:2D:19
Certificate issuer:       /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial:       01857F25F43A2016044696E0C84317159C6A
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/kekE--ELhprzRLKm0uzzgEcKLRk.roa
Signing time:             Wed 04 Jan 2023 23:37:51 +0000
ROA not before:           Wed 04 Jan 2023 23:37:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205026
IP address blocks:        188.130.140.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:7f:25:f4:3a:20:16:04:46:96:e0:c8:43:17:15:9c:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
        Validity
            Not Before: Jan  4 23:37:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=91e904fbe10b869af344b2a6d2ecf380470a2d19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:3b:b3:d8:19:93:d4:0c:13:9c:c1:ec:9f:7f:
                    7d:db:49:94:ba:c9:88:93:86:d0:9f:1b:d7:df:6c:
                    2b:db:ba:6b:b2:ac:f6:d0:32:8b:fd:55:11:7b:ab:
                    df:8f:1f:18:0f:48:9c:3c:80:d0:06:f3:56:f6:dd:
                    8d:0d:70:b6:ca:7d:aa:25:a0:82:4c:fa:54:6f:06:
                    62:8c:d7:87:4a:c0:50:2a:61:c8:18:39:15:38:ea:
                    54:09:47:b8:bc:02:ae:f5:f5:45:e9:dc:d2:b6:66:
                    90:f6:15:16:4f:b8:88:76:4b:48:94:2d:6d:66:60:
                    a8:c2:f6:f0:59:b0:11:b4:bb:a1:8c:bf:7c:49:f5:
                    19:99:3d:b4:76:c5:70:fd:75:f0:aa:4d:48:9f:9f:
                    bd:5e:73:61:55:ed:45:32:68:db:ae:42:b2:53:8e:
                    61:24:81:90:48:f4:5d:49:8e:b9:7d:c5:6a:bf:91:
                    81:a1:d4:35:67:3d:54:27:ff:50:55:11:12:b2:2b:
                    b3:ae:9c:9b:c6:bc:ad:67:17:45:c4:2c:60:01:0e:
                    7d:28:a8:8c:8c:6e:52:01:29:78:74:9f:f0:12:c8:
                    ad:cb:27:55:72:87:1f:43:51:4a:ba:c8:d1:25:6e:
                    38:8d:d1:41:05:8e:24:1c:03:60:e4:35:c5:d0:cc:
                    da:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:E9:04:FB:E1:0B:86:9A:F3:44:B2:A6:D2:EC:F3:80:47:0A:2D:19
            X509v3 Authority Key Identifier:
                keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/kekE--ELhprzRLKm0uzzgEcKLRk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.130.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:b6:e9:c2:ff:c2:cc:80:8d:61:82:cf:f1:4a:33:ae:e1:bb:
         13:19:d9:36:f2:1c:cb:4a:4c:22:ff:80:f6:51:bb:a3:51:ed:
         3b:15:e6:2e:d8:bd:fb:b2:d7:fb:9e:0e:c5:f8:c3:9b:52:da:
         4d:f8:75:96:9d:db:58:d9:e8:d2:54:c8:58:d8:7a:c9:33:8d:
         16:c4:b7:9d:c0:dc:c7:93:d5:fe:97:35:73:63:e3:4e:84:bd:
         bb:ee:d1:8d:89:70:66:3e:9d:99:21:0d:e5:2b:da:8e:2f:cf:
         33:ca:2b:28:42:57:d5:1b:ac:10:a6:f8:37:62:35:c2:f5:ba:
         81:66:44:4e:dc:f7:bf:b6:a1:56:76:ec:c0:a2:f9:61:a1:f4:
         ec:cf:10:fe:c7:6b:b1:6b:a0:3b:a5:d8:d4:42:92:11:8b:7e:
         86:e8:33:1b:26:f6:53:73:96:f4:e1:c1:e3:60:1f:90:fc:14:
         33:0b:3a:e0:dc:e6:a9:0a:af:d7:58:bd:26:92:1d:37:d8:b5:
         e2:6a:25:cb:1f:53:b1:3a:0b:76:e0:3a:4b:48:0e:c7:12:04:
         74:d3:a6:c1:7e:b9:42:bb:02:8c:75:8a:1a:d7:18:9b:f9:e1:
         81:01:0a:53:b9:61:1b:c1:d3:7c:cf:5e:58:fd:2f:a1:37:83:
         ac:9e:69:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYV/JfQ6IBYERpbgyEMXFZxqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjMwMTA0MjMzNzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWU5MDRmYmUxMGI4NjlhZjM0NGIyYTZkMmVjZjM4MDQ3MGEyZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDuz2BmT1AwTnMHsn39920mUusmI
k4bQnxvX32wr27prsqz20DKL/VURe6vfjx8YD0icPIDQBvNW9t2NDXC2yn2qJaCC
TPpUbwZijNeHSsBQKmHIGDkVOOpUCUe4vAKu9fVF6dzStmaQ9hUWT7iIdktIlC1t
ZmCowvbwWbARtLuhjL98SfUZmT20dsVw/XXwqk1In5+9XnNhVe1FMmjbrkKyU45h
JIGQSPRdSY65fcVqv5GBodQ1Zz1UJ/9QVRESsiuzrpybxrytZxdFxCxgAQ59KKiM
jG5SASl4dJ/wEsityydVcocfQ1FKusjRJW44jdFBBY4kHANg5DXF0MzaBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJHpBPvhC4aa80SyptLs84BHCi0ZMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEva2VrRS0tRUxocHJ6UkxLbTB1enpnRWNLTFJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvIKMMA0G
CSqGSIb3DQEBCwUAA4IBAQCqtunC/8LMgI1hgs/xSjOu4bsTGdk28hzLSkwi/4D2
UbujUe07FeYu2L37stf7ng7F+MObUtpN+HWWndtY2ejSVMhY2HrJM40WxLedwNzH
k9X+lzVzY+NOhL277tGNiXBmPp2ZIQ3lK9qOL88zyisoQlfVG6wQpvg3YjXC9bqB
ZkRO3Pe/tqFWduzAovlhofTszxD+x2uxa6A7pdjUQpIRi36G6DMbJvZTc5b04cHj
YB+Q/BQzCzrg3OapCq/XWL0mkh032LXiaiXLH1OxOgt24DpLSA7HEgR006bBfrlC
uwKMdYoa1xib+eGBAQpTuWEbwdN8z15Y/S+hN4Osnml/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:00 2024 by rpki-client on console-ams.rpki-client.org