Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/KKBIxfOOtiK_BSD6yXMfSAmOXOg.roa
File:                     KKBIxfOOtiK_BSD6yXMfSAmOXOg.roa (raw, json)
Hash identifier:          B5J5qVBM9B7U/bJ7jPJq6faFcJjslh/bAQWqQKuNn9A=
Subject key identifier:   28:A0:48:C5:F3:8E:B6:22:BF:05:20:FA:C9:73:1F:48:09:8E:5C:E8
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       0189F4D77479AF22892A24BF089815BD7BAE
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/KKBIxfOOtiK_BSD6yXMfSAmOXOg.roa
Signing time:             Mon 14 Aug 2023 16:18:28 +0000
ROA not before:           Mon 14 Aug 2023 16:18:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.81.28.0/22 maxlen: 24
                          45.146.232.0/23 maxlen: 23
                          188.64.108.0/22 maxlen: 24
                          45.141.170.0/23 maxlen: 23
                          45.141.168.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Sun 20 Aug 2023 14:38:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:f4:d7:74:79:af:22:89:2a:24:bf:08:98:15:bd:7b:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Aug 14 16:18:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=28a048c5f38eb622bf0520fac9731f48098e5ce8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:3c:45:c1:a2:93:84:c1:82:1f:1f:0b:e7:ac:
                    48:6f:ea:8b:34:3a:40:98:3a:8b:13:f8:bc:e3:0f:
                    e3:7e:11:7d:52:06:0c:55:7b:b6:0b:dd:84:4f:a3:
                    11:0a:8b:84:eb:ba:74:24:05:bd:90:78:77:ce:ab:
                    ed:94:36:97:ac:0b:66:a6:87:91:92:50:c8:1f:a4:
                    9b:54:1d:36:ed:f4:05:1f:4a:a9:5b:b0:44:68:d7:
                    d1:d4:7a:d7:06:a2:bf:50:d8:58:c5:05:47:27:2f:
                    00:dd:28:78:44:3f:44:d6:06:c4:39:61:7a:64:4e:
                    71:be:b4:12:21:f3:8e:f3:51:79:dc:4b:63:ba:9c:
                    e1:a9:bd:dc:f1:21:d9:92:b5:38:f8:23:d4:40:e4:
                    af:b9:de:0f:15:5a:d5:04:da:58:8b:b4:b9:a7:45:
                    aa:b5:11:91:df:6a:aa:78:c7:fc:5a:80:6b:25:e0:
                    f2:66:08:df:c8:85:81:60:d8:df:04:f3:8e:f3:a8:
                    39:cc:ac:51:e7:dc:70:99:cc:57:32:ff:7c:51:8e:
                    48:3d:77:94:48:cd:fc:19:ea:f7:c5:92:5b:d7:f3:
                    be:49:c3:c4:cd:a3:eb:75:ce:92:31:ff:5e:7a:8e:
                    61:0e:77:d0:91:77:cd:ad:cc:5e:07:1d:80:5a:b9:
                    09:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:A0:48:C5:F3:8E:B6:22:BF:05:20:FA:C9:73:1F:48:09:8E:5C:E8
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/KKBIxfOOtiK_BSD6yXMfSAmOXOg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.141.168.0/22
                  45.146.232.0/23
                  185.81.28.0/22
                  188.64.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         93:0a:8a:77:30:e6:b3:ab:26:4d:a3:03:9b:9b:67:bc:28:ec:
         47:e4:ce:f7:64:10:90:6b:0b:df:83:8c:95:a9:da:91:15:bd:
         c2:b9:74:d3:1a:9c:ed:07:c6:04:df:8b:39:fe:cd:3e:97:53:
         a9:3d:1b:a3:64:a4:42:4d:0d:ab:ff:b3:ab:c5:cc:16:47:f4:
         96:20:cf:d4:74:3c:3e:88:46:fd:72:f4:06:e8:74:20:5d:a6:
         d0:93:98:af:da:85:26:97:ed:7e:d9:3a:7b:c7:5a:cc:d7:a3:
         95:2e:d5:f0:7e:8c:d9:75:ad:20:b4:c3:08:64:f2:41:98:b6:
         d5:24:55:15:b7:6c:34:52:1f:56:61:2d:2d:8f:0d:e1:ff:fc:
         4d:76:b7:cd:cb:74:2d:d7:a8:bf:2b:82:50:99:b4:38:5f:cf:
         2c:f1:fc:1d:0a:1e:df:a4:83:b8:fc:24:57:b1:50:ad:55:65:
         d3:70:ec:da:7c:1f:68:80:7c:b5:6c:f7:a8:ad:25:82:5b:69:
         0c:4d:d6:63:05:7e:fd:6d:d4:ed:cd:b3:ee:b3:17:1a:42:25:
         87:9d:95:df:ed:ea:2d:a8:39:2f:e1:2e:a9:be:30:ce:f3:5b:
         0c:9a:88:ad:6c:ab:f3:30:df:c8:60:4c:ff:d1:c2:2d:d0:dc:
         43:a0:92:bd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYn013R5ryKJKiS/CJgVvXuuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjMwODE0MTYxODI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGEwNDhjNWYzOGViNjIyYmYwNTIwZmFjOTczMWY0ODA5OGU1Y2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjxFwaKThMGCHx8L56xIb+qLNDpA
mDqLE/i84w/jfhF9UgYMVXu2C92ET6MRCouE67p0JAW9kHh3zqvtlDaXrAtmpoeR
klDIH6SbVB027fQFH0qpW7BEaNfR1HrXBqK/UNhYxQVHJy8A3Sh4RD9E1gbEOWF6
ZE5xvrQSIfOO81F53Etjupzhqb3c8SHZkrU4+CPUQOSvud4PFVrVBNpYi7S5p0Wq
tRGR32qqeMf8WoBrJeDyZgjfyIWBYNjfBPOO86g5zKxR59xwmcxXMv98UY5IPXeU
SM38Ger3xZJb1/O+ScPEzaPrdc6SMf9eeo5hDnfQkXfNrcxeBx2AWrkJTQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCigSMXzjrYivwUg+slzH0gJjlzoMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvS0tCSXhmT090aUtfQlNENnlYTWZTQW1PWE9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLY2oAwQB
LZLoAwQCuVEcAwQCvEBsMA0GCSqGSIb3DQEBCwUAA4IBAQCTCop3MOazqyZNowOb
m2e8KOxH5M73ZBCQawvfg4yVqdqRFb3CuXTTGpztB8YE34s5/s0+l1OpPRujZKRC
TQ2r/7OrxcwWR/SWIM/UdDw+iEb9cvQG6HQgXabQk5iv2oUml+1+2Tp7x1rM16OV
LtXwfozZda0gtMMIZPJBmLbVJFUVt2w0Uh9WYS0tjw3h//xNdrfNy3Qt16i/K4JQ
mbQ4X88s8fwdCh7fpIO4/CRXsVCtVWXTcOzafB9ogHy1bPeorSWCW2kMTdZjBX79
bdTtzbPusxcaQiWHnZXf7eotqDkv4S6pvjDO81sMmoitbKvzMN/IYEz/0cIt0NxD
oJK9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:38 2024 by rpki-client on console-ams.rpki-client.org