Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/KSK4M-VMZfL9j4lVRI-nhAJDt4I.roa
File:                     KSK4M-VMZfL9j4lVRI-nhAJDt4I.roa (raw, json)
Hash identifier:          WAbtMs6a11Ijy5ZqjwAGPCWEbkVxZBDVno6zpP7YC74=
Subject key identifier:   29:22:B8:33:E5:4C:65:F2:FD:8F:89:55:44:8F:A7:84:02:43:B7:82
Certificate issuer:       /CN=304e59a223f4bcb823492fb1096c3a82310c03da
Certificate serial:       018572B41046CBD6785002D518C1A42539E3
Authority key identifier: 30:4E:59:A2:23:F4:BC:B8:23:49:2F:B1:09:6C:3A:82:31:0C:03:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/KSK4M-VMZfL9j4lVRI-nhAJDt4I.roa
Signing time:             Mon 02 Jan 2023 13:38:01 +0000
ROA not before:           Mon 02 Jan 2023 13:38:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204418
IP address blocks:        185.119.105.0/24 maxlen: 24
                          2a06:8a01::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:b4:10:46:cb:d6:78:50:02:d5:18:c1:a4:25:39:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=304e59a223f4bcb823492fb1096c3a82310c03da
        Validity
            Not Before: Jan  2 13:38:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2922b833e54c65f2fd8f8955448fa7840243b782
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:e5:80:7d:18:8e:34:66:88:ef:0e:19:3a:8a:
                    f4:29:84:a4:e6:39:b4:62:fd:af:ea:1f:be:c0:34:
                    4c:06:7f:72:31:fb:fd:00:2c:9a:44:f9:51:1f:fe:
                    10:7c:37:4d:22:1d:26:48:83:f8:24:d1:28:5b:b9:
                    cc:b3:27:78:1e:8f:67:9e:ec:bc:0c:43:8d:c9:59:
                    5b:e8:2a:dc:ed:93:3d:3a:32:03:0a:66:c0:cf:74:
                    71:fe:12:29:aa:0f:d1:58:8b:25:c6:a5:02:22:af:
                    cc:ec:7b:84:21:8b:57:be:4e:81:a5:9f:b5:36:83:
                    f6:47:b3:e6:8b:8d:37:67:da:7c:60:2d:09:cc:80:
                    d7:17:be:69:02:2d:b6:4d:9b:61:5a:eb:bc:c7:70:
                    03:a7:24:99:e7:13:c0:ca:c3:0c:ff:36:0e:3a:0a:
                    68:48:f9:f4:a5:ab:8b:15:fb:0e:55:b8:d1:a0:a3:
                    e0:ac:21:fb:82:a8:7c:1c:f4:4f:05:05:7b:4f:8e:
                    ed:9e:f5:52:17:36:d2:76:af:a9:75:f0:66:9d:97:
                    0d:19:78:20:fe:91:ec:2c:85:ae:cb:10:4d:6d:ab:
                    32:06:53:eb:b0:ee:c7:15:f1:f1:7b:36:e5:03:e6:
                    5c:f3:6a:f5:e3:6b:87:0d:66:fe:89:93:f6:e6:7c:
                    3c:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:22:B8:33:E5:4C:65:F2:FD:8F:89:55:44:8F:A7:84:02:43:B7:82
            X509v3 Authority Key Identifier:
                keyid:30:4E:59:A2:23:F4:BC:B8:23:49:2F:B1:09:6C:3A:82:31:0C:03:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/KSK4M-VMZfL9j4lVRI-nhAJDt4I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.119.105.0/24
                IPv6:
                  2a06:8a01::/32

    Signature Algorithm: sha256WithRSAEncryption
         5c:f3:b8:5a:f7:c6:72:04:13:0f:95:d3:bf:50:41:68:d6:a5:
         df:04:b3:c0:95:28:08:7c:00:9b:f0:72:f4:15:3d:b3:dd:80:
         18:e9:92:78:23:2a:f8:d6:2e:74:0f:29:96:f3:cf:6c:8e:69:
         e3:70:73:2d:15:63:26:b4:3d:38:45:2d:79:5d:bd:9c:e4:28:
         07:71:a1:e7:7a:9f:4e:a1:a7:40:d1:11:9f:1f:21:67:51:ff:
         c1:2f:e3:97:7b:65:79:a3:62:c9:eb:79:98:52:27:17:0f:d8:
         15:5d:b8:11:cb:eb:13:e8:48:c5:ca:97:ea:bd:4e:c1:7e:48:
         53:03:19:89:5a:37:e4:64:36:c1:ff:ba:b5:05:15:b0:3c:6d:
         76:08:c9:cc:df:a2:3e:72:26:cc:68:47:61:c6:e1:59:c3:a4:
         86:1e:61:00:94:4b:3d:07:6c:61:c9:62:8f:e4:b1:41:6c:0f:
         40:4f:7a:1b:a6:66:83:49:9c:4e:93:10:71:8b:01:d1:22:71:
         57:9f:82:2e:12:86:59:2d:65:c8:f1:5b:8f:86:81:b9:88:f5:
         b4:fd:af:17:be:3f:db:0b:7c:1b:8e:df:c6:76:01:8c:89:e7:
         5c:5a:76:60:0b:93:44:21:cd:10:62:ed:06:c5:3b:19:6e:eb:
         b7:90:14:79
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVytBBGy9Z4UALVGMGkJTnjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNGU1OWEyMjNmNGJjYjgyMzQ5MmZiMTA5NmMzYTgyMzEw
YzAzZGEwHhcNMjMwMTAyMTMzODAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTIyYjgzM2U1NGM2NWYyZmQ4Zjg5NTU0NDhmYTc4NDAyNDNiNzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquWAfRiONGaI7w4ZOor0KYSk5jm0
Yv2v6h++wDRMBn9yMfv9ACyaRPlRH/4QfDdNIh0mSIP4JNEoW7nMsyd4Ho9nnuy8
DEONyVlb6Crc7ZM9OjIDCmbAz3Rx/hIpqg/RWIslxqUCIq/M7HuEIYtXvk6BpZ+1
NoP2R7Pmi403Z9p8YC0JzIDXF75pAi22TZthWuu8x3ADpySZ5xPAysMM/zYOOgpo
SPn0pauLFfsOVbjRoKPgrCH7gqh8HPRPBQV7T47tnvVSFzbSdq+pdfBmnZcNGXgg
/pHsLIWuyxBNbasyBlPrsO7HFfHxezblA+Zc82r142uHDWb+iZP25nw8GQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCkiuDPlTGXy/Y+JVUSPp4QCQ7eCMB8GA1UdIwQY
MBaAFDBOWaIj9Ly4I0kvsQlsOoIxDAPaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUU1Wm9pUDB2TGdqU1MteENXdzZnakVNQTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9mNTM2Y2QtOTQzZi00NTU0LTlmMTct
MzQ0Y2M1MDJmMWJkLzEvS1NLNE0tVk1aZkw5ajRsVlJJLW5oQUpEdDRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9mNTM2Y2QtOTQzZi00NTU0LTlmMTctMzQ0Y2M1MDJmMWJk
LzEvTUU1Wm9pUDB2TGdqU1MteENXdzZnakVNQTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuXdpMA0E
AgACMAcDBQAqBooBMA0GCSqGSIb3DQEBCwUAA4IBAQBc87ha98ZyBBMPldO/UEFo
1qXfBLPAlSgIfACb8HL0FT2z3YAY6ZJ4Iyr41i50DymW889sjmnjcHMtFWMmtD04
RS15Xb2c5CgHcaHnep9OoadA0RGfHyFnUf/BL+OXe2V5o2LJ63mYUicXD9gVXbgR
y+sT6EjFypfqvU7BfkhTAxmJWjfkZDbB/7q1BRWwPG12CMnM36I+cibMaEdhxuFZ
w6SGHmEAlEs9B2xhyWKP5LFBbA9AT3obpmaDSZxOkxBxiwHRInFXn4IuEoZZLWXI
8VuPhoG5iPW0/a8Xvj/bC3wbjt/GdgGMiedcWnZgC5NEIc0QYu0GxTsZbuu3kBR5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:54 2024 by rpki-client on console-ams.rpki-client.org