Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/KGWM72Xkh70pGwhdEsUD5hofx7o.roa
File:                     KGWM72Xkh70pGwhdEsUD5hofx7o.roa (raw, json)
Hash identifier:          xbzDKiX657MYm5IJhDFkvIFBwYu2Fld+kp7/phSY7Ns=
Subject key identifier:   28:65:8C:EF:65:E4:87:BD:29:1B:08:5D:12:C5:03:E6:1A:1F:C7:BA
Certificate issuer:       /CN=fc44297e9271c6edf064915f6180ae12690dda8b
Certificate serial:       01856E66754651FA80B6C31CF6FB92E837B0
Authority key identifier: FC:44:29:7E:92:71:C6:ED:F0:64:91:5F:61:80:AE:12:69:0D:DA:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_EQpfpJxxu3wZJFfYYCuEmkN2os.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/KGWM72Xkh70pGwhdEsUD5hofx7o.roa
Signing time:             Sun 01 Jan 2023 17:34:46 +0000
ROA not before:           Sun 01 Jan 2023 17:34:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199270
IP address blocks:        82.114.44.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:66:75:46:51:fa:80:b6:c3:1c:f6:fb:92:e8:37:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc44297e9271c6edf064915f6180ae12690dda8b
        Validity
            Not Before: Jan  1 17:34:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=28658cef65e487bd291b085d12c503e61a1fc7ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:f9:0a:5e:da:c8:96:bc:b5:6f:fc:8e:55:fd:
                    f9:da:d7:b4:9d:9e:b7:e3:38:2d:ee:6f:69:64:f0:
                    65:db:f2:6a:7b:c1:24:10:10:68:8b:96:99:c9:32:
                    a7:07:d2:7a:de:a4:46:ab:9c:ee:b0:d4:8f:0d:73:
                    ac:8b:3c:94:bc:cc:e3:16:3c:d0:82:8c:73:76:da:
                    f7:51:6a:93:f4:2b:f0:91:c1:db:8e:12:e6:f4:ec:
                    3f:23:fa:9c:41:25:08:c0:4e:f8:c9:4c:84:d2:01:
                    14:3a:cb:1d:86:2a:f3:0b:55:90:3a:51:fa:7b:42:
                    af:87:91:9a:bd:99:39:c7:55:0f:35:48:e7:b4:b2:
                    75:49:81:4f:28:64:ef:4d:1e:6e:e5:d9:92:1b:4c:
                    8b:ce:12:dd:60:12:e6:9f:bd:53:88:d5:2a:86:c1:
                    db:f9:e8:9b:21:47:0c:9c:c8:0d:fa:fc:ca:27:55:
                    09:09:2c:3c:e9:16:23:9c:5b:04:2c:59:e4:3b:e8:
                    0c:a8:ea:41:6c:61:0e:7f:87:cf:9b:fd:13:94:75:
                    4f:91:dd:6d:40:8d:48:ed:8e:95:df:2b:3a:1a:05:
                    82:48:98:01:24:4c:ce:c3:b2:f4:97:85:5d:e2:ce:
                    04:0e:df:ce:f4:89:d5:34:a1:c1:d6:0e:a8:4b:93:
                    ed:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:65:8C:EF:65:E4:87:BD:29:1B:08:5D:12:C5:03:E6:1A:1F:C7:BA
            X509v3 Authority Key Identifier:
                keyid:FC:44:29:7E:92:71:C6:ED:F0:64:91:5F:61:80:AE:12:69:0D:DA:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_EQpfpJxxu3wZJFfYYCuEmkN2os.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/KGWM72Xkh70pGwhdEsUD5hofx7o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/_EQpfpJxxu3wZJFfYYCuEmkN2os.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.114.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         10:21:bb:4c:2f:70:4b:f4:97:94:f3:a4:be:ae:ef:56:70:ac:
         99:a3:ec:62:1b:25:67:0e:f2:25:e8:89:30:4b:86:bf:71:5b:
         2b:a2:7f:2e:f5:69:43:ab:84:73:5b:94:53:4a:a7:6f:43:b0:
         39:3a:b3:ab:15:22:c7:7d:58:c6:66:1c:a8:e8:f4:ed:58:98:
         00:e8:9f:42:13:a8:eb:cf:b1:31:30:fa:4e:5f:75:94:a6:7d:
         30:8d:27:5f:56:f8:11:ab:e4:ca:02:a6:6a:e4:06:9a:fe:43:
         3a:de:f1:79:cf:6f:07:ef:eb:6d:8c:9f:26:49:ab:e8:a3:2b:
         ee:33:6d:b7:00:f4:56:8d:99:db:4e:b1:f1:53:38:61:12:5f:
         06:86:86:87:dc:b1:51:fd:ef:66:9f:6d:c8:ab:27:d0:80:b3:
         dc:df:f7:09:97:55:c8:cc:b5:10:95:8f:d7:16:35:c9:f8:8e:
         50:20:4d:f7:c9:67:8d:8d:59:ae:c2:c8:66:19:d3:c8:cd:26:
         6b:21:30:5c:9c:3c:ff:61:06:33:d5:03:7f:3f:f6:2c:ff:5d:
         10:d5:48:63:2c:79:63:59:fa:b9:70:5a:ed:b0:3a:3a:c5:c6:
         94:93:97:03:49:62:a9:5a:e0:6c:03:48:59:33:aa:a1:31:7b:
         74:a7:1f:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuZnVGUfqAtsMc9vuS6DewMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNDQyOTdlOTI3MWM2ZWRmMDY0OTE1ZjYxODBhZTEyNjkw
ZGRhOGIwHhcNMjMwMTAxMTczNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODY1OGNlZjY1ZTQ4N2JkMjkxYjA4NWQxMmM1MDNlNjFhMWZjN2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfkKXtrIlry1b/yOVf352te0nZ63
4zgt7m9pZPBl2/Jqe8EkEBBoi5aZyTKnB9J63qRGq5zusNSPDXOsizyUvMzjFjzQ
goxzdtr3UWqT9CvwkcHbjhLm9Ow/I/qcQSUIwE74yUyE0gEUOssdhirzC1WQOlH6
e0Kvh5GavZk5x1UPNUjntLJ1SYFPKGTvTR5u5dmSG0yLzhLdYBLmn71TiNUqhsHb
+eibIUcMnMgN+vzKJ1UJCSw86RYjnFsELFnkO+gMqOpBbGEOf4fPm/0TlHVPkd1t
QI1I7Y6V3ys6GgWCSJgBJEzOw7L0l4Vd4s4EDt/O9InVNKHB1g6oS5PtLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFChljO9l5Ie9KRsIXRLFA+YaH8e6MB8GA1UdIwQY
MBaAFPxEKX6Sccbt8GSRX2GArhJpDdqLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0VRcGZwSnh4dTN3WkpGZllZQ3VFbWtOMm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi83Y2IxNzktYWQyYy00ODI0LWExZTUt
YWUwN2YzMmU0MTAyLzEvS0dXTTcyWGtoNzBwR3doZEVzVUQ1aG9meDdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi83Y2IxNzktYWQyYy00ODI0LWExZTUtYWUwN2YzMmU0MTAy
LzEvX0VRcGZwSnh4dTN3WkpGZllZQ3VFbWtOMm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUnIsMA0G
CSqGSIb3DQEBCwUAA4IBAQAQIbtML3BL9JeU86S+ru9WcKyZo+xiGyVnDvIl6Ikw
S4a/cVsron8u9WlDq4RzW5RTSqdvQ7A5OrOrFSLHfVjGZhyo6PTtWJgA6J9CE6jr
z7ExMPpOX3WUpn0wjSdfVvgRq+TKAqZq5Aaa/kM63vF5z28H7+ttjJ8mSavooyvu
M223APRWjZnbTrHxUzhhEl8GhoaH3LFR/e9mn23IqyfQgLPc3/cJl1XIzLUQlY/X
FjXJ+I5QIE33yWeNjVmuwshmGdPIzSZrITBcnDz/YQYz1QN/P/Ys/10Q1UhjLHlj
Wfq5cFrtsDo6xcaUk5cDSWKpWuBsA0hZM6qhMXt0px+p
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:10 2024 by rpki-client on console-fra.rpki-client.org