Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/KooDcfb4PZqmVF-q20_DhsR_qVw.roa
File:                     KooDcfb4PZqmVF-q20_DhsR_qVw.roa (raw, json)
Hash identifier:          PPGaAUIAz7Gmm7+cpxJ+K125SDgTZXGfKsp75A9MzRM=
Subject key identifier:   2A:8A:03:71:F6:F8:3D:9A:A6:54:5F:AA:DB:4F:C3:86:C4:7F:A9:5C
Certificate issuer:       /CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Certificate serial:       01856FF06344F52F456E50A951AB1612D358
Authority key identifier: 02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/KooDcfb4PZqmVF-q20_DhsR_qVw.roa
Signing time:             Mon 02 Jan 2023 00:45:03 +0000
ROA not before:           Mon 02 Jan 2023 00:45:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21734
IP address blocks:        195.122.186.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f0:63:44:f5:2f:45:6e:50:a9:51:ab:16:12:d3:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0232a4bfb7796405a556b759f1d193e4c4d37129
        Validity
            Not Before: Jan  2 00:45:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2a8a0371f6f83d9aa6545faadb4fc386c47fa95c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:63:c3:66:1e:fc:cd:4c:8e:f7:5e:bc:e3:d8:
                    d9:50:ec:31:51:8c:c3:45:86:56:d3:d4:e1:d5:b3:
                    4e:b9:69:58:6b:49:0b:9e:c0:79:da:fd:2b:3e:41:
                    ef:ca:e3:72:f7:40:9c:b5:59:92:bc:91:9f:31:63:
                    65:fc:5a:e4:fa:e7:63:fb:c8:45:fe:9f:27:ad:e2:
                    60:72:af:d4:c5:f3:8c:77:67:89:da:ac:65:f2:f8:
                    f5:cb:76:36:39:76:b2:91:33:af:02:2f:b3:b3:15:
                    24:9b:88:0c:0b:2f:5f:64:12:6a:68:cd:cb:01:43:
                    3e:04:5f:da:98:47:43:bc:b5:90:25:f1:d1:c8:6c:
                    a5:ab:09:99:ae:ff:a1:dd:02:48:c9:df:d7:61:fc:
                    aa:09:a3:4d:04:62:2c:2f:45:ab:99:26:3e:0c:d6:
                    83:21:71:74:9c:63:df:61:fd:c3:a2:89:98:1d:1c:
                    31:d4:d3:03:95:59:ea:3a:d9:2c:8e:70:3d:da:53:
                    c3:5a:94:9a:31:b5:e1:7b:70:63:a3:78:9e:a9:fb:
                    6a:96:b5:d9:55:38:c4:e3:7d:56:15:27:60:95:f4:
                    29:32:6a:7a:ea:02:e4:68:f0:55:9e:5e:5e:9e:50:
                    7d:2f:1f:4f:d4:3e:47:cb:e9:6e:ed:71:06:6e:a1:
                    a1:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:8A:03:71:F6:F8:3D:9A:A6:54:5F:AA:DB:4F:C3:86:C4:7F:A9:5C
            X509v3 Authority Key Identifier:
                keyid:02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/KooDcfb4PZqmVF-q20_DhsR_qVw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.122.186.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:e5:47:1e:47:b7:8a:ef:97:7d:09:0e:9a:7c:b9:ae:9e:5c:
         2e:89:a2:85:dc:79:6c:2e:a8:a8:76:bb:f3:e4:09:e0:18:ac:
         ec:69:63:0b:d0:b9:8a:55:c4:c8:bc:c9:3e:a9:88:e9:8e:65:
         e9:72:68:d0:20:3f:0a:6f:95:ff:8d:fe:41:5a:d7:6b:aa:79:
         ac:ff:48:78:c7:e2:dd:fe:a7:26:77:6b:da:f3:25:8d:78:26:
         c2:cd:aa:cc:77:c7:b1:ef:52:28:5c:64:75:33:0e:d7:ac:71:
         90:c8:ae:15:05:ea:e5:60:5d:ad:28:19:20:d5:40:d2:d5:3e:
         d3:c5:e4:28:ae:02:69:54:8f:e9:3e:ef:31:5f:ab:1d:38:2a:
         38:39:c3:0a:f8:28:fc:5d:60:0c:0b:c7:1b:22:c0:9e:aa:45:
         be:85:c7:2b:67:58:82:ec:46:9a:4a:74:b5:dc:f2:55:9a:cb:
         be:10:e4:42:49:57:00:3c:e0:e2:d7:3a:2c:10:92:00:95:78:
         ab:7a:c0:54:76:dc:0a:e4:25:54:42:e2:ed:cd:5b:61:ed:21:
         13:4a:6d:71:d7:01:b8:59:63:4e:e6:da:7b:fc:90:df:0b:04:
         79:cc:79:f3:94:df:35:99:8b:a4:51:0b:33:17:ab:e3:21:3b:
         97:fd:84:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv8GNE9S9FblCpUasWEtNYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMzJhNGJmYjc3OTY0MDVhNTU2Yjc1OWYxZDE5M2U0YzRk
MzcxMjkwHhcNMjMwMTAyMDA0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYThhMDM3MWY2ZjgzZDlhYTY1NDVmYWFkYjRmYzM4NmM0N2ZhOTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2PDZh78zUyO916849jZUOwxUYzD
RYZW09Th1bNOuWlYa0kLnsB52v0rPkHvyuNy90CctVmSvJGfMWNl/Frk+udj+8hF
/p8nreJgcq/UxfOMd2eJ2qxl8vj1y3Y2OXaykTOvAi+zsxUkm4gMCy9fZBJqaM3L
AUM+BF/amEdDvLWQJfHRyGylqwmZrv+h3QJIyd/XYfyqCaNNBGIsL0WrmSY+DNaD
IXF0nGPfYf3DoomYHRwx1NMDlVnqOtksjnA92lPDWpSaMbXhe3Bjo3ieqftqlrXZ
VTjE431WFSdglfQpMmp66gLkaPBVnl5enlB9Lx9P1D5Hy+lu7XEGbqGhVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCqKA3H2+D2aplRfqttPw4bEf6lcMB8GA1UdIwQY
MBaAFAIypL+3eWQFpVa3WfHRk+TE03EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEt
M2JiNGQ2MjAwNTE4LzEvS29vRGNmYjRQWnFtVkYtcTIwX0Roc1JfcVZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEtM2JiNGQ2MjAwNTE4
LzEvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw3q6MA0G
CSqGSIb3DQEBCwUAA4IBAQCf5UceR7eK75d9CQ6afLmunlwuiaKF3HlsLqiodrvz
5AngGKzsaWML0LmKVcTIvMk+qYjpjmXpcmjQID8Kb5X/jf5BWtdrqnms/0h4x+Ld
/qcmd2va8yWNeCbCzarMd8ex71IoXGR1Mw7XrHGQyK4VBerlYF2tKBkg1UDS1T7T
xeQorgJpVI/pPu8xX6sdOCo4OcMK+Cj8XWAMC8cbIsCeqkW+hccrZ1iC7EaaSnS1
3PJVmsu+EORCSVcAPODi1zosEJIAlXiresBUdtwK5CVUQuLtzVth7SETSm1x1wG4
WWNO5tp7/JDfCwR5zHnzlN81mYukUQszF6vjITuX/YTZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:44 2024 by rpki-client on console-ams.rpki-client.org