Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/d8c4ba-1c48-480b-bb59-d2310bba0e11/1/K-KdXUhtvBQsyLvoBkxgC9LIzZo.roa
File:                     K-KdXUhtvBQsyLvoBkxgC9LIzZo.roa (raw, json)
Hash identifier:          LTDZ4NRCchZ+AjqgIijKl8R7lwMJQSQeDLHWE6ZCaqI=
Subject key identifier:   2B:E2:9D:5D:48:6D:BC:14:2C:C8:BB:E8:06:4C:60:0B:D2:C8:CD:9A
Certificate issuer:       /CN=e0ebdb69a33e8f3af363ae144f853538e8031b63
Certificate serial:       018784A5598F8F573C9D055EA041A3A9B104
Authority key identifier: E0:EB:DB:69:A3:3E:8F:3A:F3:63:AE:14:4F:85:35:38:E8:03:1B:63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4OvbaaM-jzrzY64UT4U1OOgDG2M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/d8c4ba-1c48-480b-bb59-d2310bba0e11/1/K-KdXUhtvBQsyLvoBkxgC9LIzZo.roa
Signing time:             Sat 15 Apr 2023 11:20:41 +0000
ROA not before:           Sat 15 Apr 2023 11:20:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31055
IP address blocks:        62.168.192.0/24 maxlen: 24
                          62.168.194.0/24 maxlen: 24
                          62.168.193.0/24 maxlen: 24
                          62.168.199.0/24 maxlen: 24
                          62.168.198.0/24 maxlen: 24
                          62.168.197.0/24 maxlen: 24
                          62.168.196.0/24 maxlen: 24
                          62.168.195.0/24 maxlen: 24
                          62.168.206.0/24 maxlen: 24
                          62.168.205.0/24 maxlen: 24
                          62.168.204.0/24 maxlen: 24
                          62.168.203.0/24 maxlen: 24
                          62.168.202.0/24 maxlen: 24
                          62.168.201.0/24 maxlen: 24
                          62.168.200.0/24 maxlen: 24
                          62.168.207.0/24 maxlen: 24
                          62.168.213.0/24 maxlen: 24
                          62.168.212.0/24 maxlen: 24
                          62.168.211.0/24 maxlen: 24
                          62.168.210.0/24 maxlen: 24
                          62.168.209.0/24 maxlen: 24
                          62.168.208.0/24 maxlen: 24
                          62.168.219.0/24 maxlen: 24
                          62.168.218.0/24 maxlen: 24
                          62.168.217.0/24 maxlen: 24
                          62.168.216.0/24 maxlen: 24
                          62.168.215.0/24 maxlen: 24
                          62.168.214.0/24 maxlen: 24
                          62.168.221.0/24 maxlen: 24
                          62.168.220.0/24 maxlen: 24
                          62.168.223.0/24 maxlen: 24
                          62.168.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:84:a5:59:8f:8f:57:3c:9d:05:5e:a0:41:a3:a9:b1:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0ebdb69a33e8f3af363ae144f853538e8031b63
        Validity
            Not Before: Apr 15 11:20:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2be29d5d486dbc142cc8bbe8064c600bd2c8cd9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:ae:f7:f5:cf:c0:6c:63:98:77:62:b5:24:8b:
                    bd:c7:24:06:65:64:6a:d3:a0:3e:f4:d0:c6:eb:23:
                    ec:aa:2b:ff:e9:e7:f1:93:69:c6:6c:50:8c:59:3d:
                    f4:b5:66:ef:cb:df:27:6d:29:5c:fa:26:50:76:93:
                    63:2f:2d:4f:4d:07:15:e8:76:d1:10:f1:a5:f3:18:
                    da:1c:cf:cf:eb:9a:5e:29:dd:0c:22:01:9f:2d:eb:
                    c1:50:e9:6c:11:ee:9f:d6:20:83:87:0c:80:0f:f5:
                    61:68:dc:d9:cb:00:6b:7e:39:a9:42:03:12:e5:b9:
                    f0:54:cf:b6:01:cd:b3:9b:c2:bd:5f:75:e6:eb:ae:
                    74:96:13:c8:72:72:1c:b7:47:2b:d4:88:3a:81:70:
                    15:33:d0:f9:6c:22:79:0f:b6:41:2b:2e:ff:bf:2f:
                    f4:af:d1:85:bb:22:56:83:26:ca:38:50:ee:b5:5a:
                    c9:b5:f0:d3:4a:9e:5f:2c:3c:f4:6d:44:bd:6d:7c:
                    e4:f0:11:f7:28:4d:85:9a:34:43:ed:ca:2c:88:70:
                    69:40:39:3b:cd:b9:9e:bb:19:56:b3:93:07:31:ed:
                    a3:c2:12:9f:71:ce:cb:2e:38:63:8e:c4:b9:7b:3c:
                    cd:46:b7:fb:51:f9:38:c8:67:5e:79:9b:1d:dd:ec:
                    68:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:E2:9D:5D:48:6D:BC:14:2C:C8:BB:E8:06:4C:60:0B:D2:C8:CD:9A
            X509v3 Authority Key Identifier:
                keyid:E0:EB:DB:69:A3:3E:8F:3A:F3:63:AE:14:4F:85:35:38:E8:03:1B:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4OvbaaM-jzrzY64UT4U1OOgDG2M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/d8c4ba-1c48-480b-bb59-d2310bba0e11/1/K-KdXUhtvBQsyLvoBkxgC9LIzZo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/d8c4ba-1c48-480b-bb59-d2310bba0e11/1/4OvbaaM-jzrzY64UT4U1OOgDG2M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.168.192.0/19

    Signature Algorithm: sha256WithRSAEncryption
         2e:88:70:69:9f:08:e0:26:89:75:f7:6d:d5:e5:67:ea:3b:54:
         24:0b:d8:1a:36:45:b7:34:28:3b:e7:a7:04:88:15:68:93:e5:
         10:95:73:77:96:1c:0b:6c:59:1f:9f:04:80:ae:52:36:aa:3d:
         8f:94:fe:cc:7f:a8:14:f0:1b:ba:cd:15:4b:f7:39:0b:9b:dc:
         1b:ac:10:50:24:f6:65:9e:04:7b:35:7d:42:24:8b:46:1f:f9:
         2b:c5:1c:20:a7:1e:4f:38:cb:0e:60:a8:df:d3:df:ee:f4:78:
         15:e3:73:34:64:f6:b5:90:cd:fb:2a:b8:31:ee:f3:d4:8f:70:
         2b:77:19:39:ae:09:7f:1d:86:2b:dc:e6:d9:01:e5:9e:0c:c2:
         53:81:e6:44:ff:ff:c2:e3:34:49:30:0a:88:e9:5c:cb:83:e3:
         2f:ef:74:05:59:e7:92:be:00:c7:2e:c4:62:2d:33:7a:e8:03:
         73:59:7c:a4:2f:2a:bf:ac:bb:1d:e7:8c:39:5b:0c:7e:c7:f7:
         41:41:fe:c7:7f:ec:03:0c:36:2f:0c:43:82:f5:d6:7a:e7:39:
         79:24:2d:c6:bb:af:da:df:00:6f:1c:de:a9:2f:7b:34:2f:d2:
         88:a2:71:07:80:b4:cf:e5:40:17:a5:d2:8d:39:da:9a:2b:16:
         74:49:70:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeEpVmPj1c8nQVeoEGjqbEEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZWJkYjY5YTMzZThmM2FmMzYzYWUxNDRmODUzNTM4ZTgw
MzFiNjMwHhcNMjMwNDE1MTEyMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmUyOWQ1ZDQ4NmRiYzE0MmNjOGJiZTgwNjRjNjAwYmQyYzhjZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiq739c/AbGOYd2K1JIu9xyQGZWRq
06A+9NDG6yPsqiv/6efxk2nGbFCMWT30tWbvy98nbSlc+iZQdpNjLy1PTQcV6HbR
EPGl8xjaHM/P65peKd0MIgGfLevBUOlsEe6f1iCDhwyAD/VhaNzZywBrfjmpQgMS
5bnwVM+2Ac2zm8K9X3Xm6650lhPIcnIct0cr1Ig6gXAVM9D5bCJ5D7ZBKy7/vy/0
r9GFuyJWgybKOFDutVrJtfDTSp5fLDz0bUS9bXzk8BH3KE2FmjRD7cosiHBpQDk7
zbmeuxlWs5MHMe2jwhKfcc7LLjhjjsS5ezzNRrf7Ufk4yGdeeZsd3exotwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCvinV1IbbwULMi76AZMYAvSyM2aMB8GA1UdIwQY
MBaAFODr22mjPo8682OuFE+FNTjoAxtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE92YmFhTS1qenJ6WTY0VVQ0VTFPT2dERzJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9kOGM0YmEtMWM0OC00ODBiLWJiNTkt
ZDIzMTBiYmEwZTExLzEvSy1LZFhVaHR2QlFzeUx2b0JreGdDOUxJelpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9kOGM0YmEtMWM0OC00ODBiLWJiNTktZDIzMTBiYmEwZTEx
LzEvNE92YmFhTS1qenJ6WTY0VVQ0VTFPT2dERzJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFPqjAMA0G
CSqGSIb3DQEBCwUAA4IBAQAuiHBpnwjgJol1923V5WfqO1QkC9gaNkW3NCg756cE
iBVok+UQlXN3lhwLbFkfnwSArlI2qj2PlP7Mf6gU8Bu6zRVL9zkLm9wbrBBQJPZl
ngR7NX1CJItGH/krxRwgpx5POMsOYKjf09/u9HgV43M0ZPa1kM37Krgx7vPUj3Ar
dxk5rgl/HYYr3ObZAeWeDMJTgeZE///C4zRJMAqI6VzLg+Mv73QFWeeSvgDHLsRi
LTN66ANzWXykLyq/rLsd54w5Wwx+x/dBQf7Hf+wDDDYvDEOC9dZ65zl5JC3Gu6/a
3wBvHN6pL3s0L9KIonEHgLTP5UAXpdKNOdqaKxZ0SXBU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:42 2024 by rpki-client on console-fra.rpki-client.org