Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/04d708-feea-4e96-94a1-f428b9954ab2/1/KhS_N6uZ07tJObzV-NYtUIOXaJM.roa
File:                     KhS_N6uZ07tJObzV-NYtUIOXaJM.roa (raw, json)
Hash identifier:          hBoFJfi0QGO82yGGEJk66pRUksepBWq9z4Iv+GcS8oM=
Subject key identifier:   2A:14:BF:37:AB:99:D3:BB:49:39:BC:D5:F8:D6:2D:50:83:97:68:93
Certificate issuer:       /CN=11e5af4c72869209539b1194597b03fa3a4a554a
Certificate serial:       01856D789D37C3AF1299ADB0C9DB32D8B52C
Authority key identifier: 11:E5:AF:4C:72:86:92:09:53:9B:11:94:59:7B:03:FA:3A:4A:55:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EeWvTHKGkglTmxGUWXsD-jpKVUo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/04d708-feea-4e96-94a1-f428b9954ab2/1/KhS_N6uZ07tJObzV-NYtUIOXaJM.roa
Signing time:             Sun 01 Jan 2023 13:14:59 +0000
ROA not before:           Sun 01 Jan 2023 13:14:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        193.3.160.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:78:9d:37:c3:af:12:99:ad:b0:c9:db:32:d8:b5:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11e5af4c72869209539b1194597b03fa3a4a554a
        Validity
            Not Before: Jan  1 13:14:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2a14bf37ab99d3bb4939bcd5f8d62d5083976893
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:87:dd:7c:3c:29:e7:ec:07:60:82:f0:42:a5:
                    05:01:07:17:42:39:8d:e6:15:8a:e8:2b:4d:77:88:
                    53:9d:03:4f:98:5b:df:84:cc:af:51:0a:51:4b:cc:
                    c3:b4:90:be:0b:1a:89:8d:72:a0:15:dd:9e:40:f1:
                    68:16:05:c7:b8:8e:85:de:4b:72:77:9a:31:09:65:
                    79:3c:98:54:b0:ad:34:01:32:5a:62:9d:19:b1:88:
                    cd:00:0a:7d:2e:0a:0a:f8:76:e1:db:16:91:ff:91:
                    e3:70:89:91:dc:51:78:2b:1e:2d:3a:36:9d:73:8b:
                    2c:2a:2f:50:c5:e8:91:c9:e1:d1:41:9c:6d:1f:98:
                    6e:eb:ca:65:88:12:a8:69:0c:0e:5b:8f:56:27:14:
                    f3:d3:8f:93:3a:26:3c:9d:28:e0:07:89:0e:9b:28:
                    b8:e3:9a:cf:ba:d0:d4:51:37:19:e9:c0:ef:17:18:
                    2d:61:7e:ea:b0:62:39:85:07:8e:c0:2e:da:46:9c:
                    61:96:af:98:cd:4e:54:2f:8f:6d:73:2a:77:0a:d1:
                    11:0f:95:36:21:c1:e5:e5:42:76:b2:9d:46:21:a9:
                    49:41:32:03:fa:45:c2:9e:52:a4:1c:ec:fc:33:ba:
                    ec:86:23:59:5c:6b:ca:6e:f2:09:76:1b:dc:06:a7:
                    df:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:14:BF:37:AB:99:D3:BB:49:39:BC:D5:F8:D6:2D:50:83:97:68:93
            X509v3 Authority Key Identifier:
                keyid:11:E5:AF:4C:72:86:92:09:53:9B:11:94:59:7B:03:FA:3A:4A:55:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EeWvTHKGkglTmxGUWXsD-jpKVUo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/04d708-feea-4e96-94a1-f428b9954ab2/1/KhS_N6uZ07tJObzV-NYtUIOXaJM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/04d708-feea-4e96-94a1-f428b9954ab2/1/EeWvTHKGkglTmxGUWXsD-jpKVUo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.3.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:2d:e9:34:61:59:25:ac:9c:e1:cc:17:38:79:8e:38:18:ae:
         eb:ca:5b:28:c7:77:62:75:97:76:0c:85:f9:79:af:ca:60:cc:
         0f:2c:6f:04:bb:42:88:1e:04:3f:c6:b4:d3:b1:30:1e:d1:00:
         f3:91:4d:91:4b:ea:3a:17:90:5d:26:dd:80:f1:e3:ae:61:8f:
         d6:9d:87:e1:49:ec:14:91:39:f1:b1:c7:45:59:66:0f:e7:28:
         72:0c:e0:8d:88:ee:99:1f:e0:03:3a:2e:d4:2c:df:ec:e3:e9:
         04:b2:d6:9d:e1:d4:48:7a:9b:4f:66:50:d3:9e:f1:c1:2d:22:
         30:84:75:ba:6f:7e:8d:46:3e:24:64:f7:f8:29:2e:ad:f5:9d:
         4b:f3:71:87:40:07:7e:2e:a4:3a:23:a4:92:e5:f2:b3:9e:da:
         52:33:9a:3a:e3:9f:a9:98:bf:87:44:2c:8a:a3:df:f3:84:9b:
         ff:b7:82:72:96:9e:a2:9a:6c:2b:c1:79:99:d3:31:ec:2c:60:
         84:5f:74:ba:c5:a1:97:03:1f:03:41:2b:71:fc:33:c9:ba:67:
         bb:c8:c8:5e:54:54:d7:9c:5e:7e:17:d9:c4:80:4e:89:f7:c8:
         50:e0:fb:47:d4:c0:4a:42:55:2b:15:c3:da:f5:ca:d0:5a:48:
         a4:31:2f:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVteJ03w68Sma2wydsy2LUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZTVhZjRjNzI4NjkyMDk1MzliMTE5NDU5N2IwM2ZhM2E0
YTU1NGEwHhcNMjMwMTAxMTMxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTE0YmYzN2FiOTlkM2JiNDkzOWJjZDVmOGQ2MmQ1MDgzOTc2ODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIfdfDwp5+wHYILwQqUFAQcXQjmN
5hWK6CtNd4hTnQNPmFvfhMyvUQpRS8zDtJC+CxqJjXKgFd2eQPFoFgXHuI6F3kty
d5oxCWV5PJhUsK00ATJaYp0ZsYjNAAp9LgoK+Hbh2xaR/5HjcImR3FF4Kx4tOjad
c4ssKi9QxeiRyeHRQZxtH5hu68pliBKoaQwOW49WJxTz04+TOiY8nSjgB4kOmyi4
45rPutDUUTcZ6cDvFxgtYX7qsGI5hQeOwC7aRpxhlq+YzU5UL49tcyp3CtERD5U2
IcHl5UJ2sp1GIalJQTID+kXCnlKkHOz8M7rshiNZXGvKbvIJdhvcBqffiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCoUvzermdO7STm81fjWLVCDl2iTMB8GA1UdIwQY
MBaAFBHlr0xyhpIJU5sRlFl7A/o6SlVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWVXdlRIS0drZ2xUbXhHVVdYc0QtanBLVlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wNGQ3MDgtZmVlYS00ZTk2LTk0YTEt
ZjQyOGI5OTU0YWIyLzEvS2hTX042dVowN3RKT2J6Vi1OWXRVSU9YYUpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8wNGQ3MDgtZmVlYS00ZTk2LTk0YTEtZjQyOGI5OTU0YWIy
LzEvRWVXdlRIS0drZ2xUbXhHVVdYc0QtanBLVlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQOgMA0G
CSqGSIb3DQEBCwUAA4IBAQBuLek0YVklrJzhzBc4eY44GK7rylsox3didZd2DIX5
ea/KYMwPLG8Eu0KIHgQ/xrTTsTAe0QDzkU2RS+o6F5BdJt2A8eOuYY/WnYfhSewU
kTnxscdFWWYP5yhyDOCNiO6ZH+ADOi7ULN/s4+kEstad4dRIeptPZlDTnvHBLSIw
hHW6b36NRj4kZPf4KS6t9Z1L83GHQAd+LqQ6I6SS5fKzntpSM5o645+pmL+HRCyK
o9/zhJv/t4Jylp6immwrwXmZ0zHsLGCEX3S6xaGXAx8DQStx/DPJume7yMheVFTX
nF5+F9nEgE6J98hQ4PtH1MBKQlUrFcPa9crQWkikMS9w
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:56 2024 by rpki-client on console-fra.rpki-client.org