Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KvvXCal46gIAGAMEzArZxR-kJQc.roa
File:                     KvvXCal46gIAGAMEzArZxR-kJQc.roa (raw, json)
Hash identifier:          RBww9+4HtEvND3oL0tIFAqTu2amB4kSmHqTxXkN5YW0=
Subject key identifier:   2A:FB:D7:09:A9:78:EA:02:00:18:03:04:CC:0A:D9:C5:1F:A4:25:07
Certificate issuer:       /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial:       0190336AC830E0FE4198215967D45F3A1275
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KvvXCal46gIAGAMEzArZxR-kJQc.roa
Signing time:             Thu 20 Jun 2024 02:12:34 +0000
ROA not before:           Thu 20 Jun 2024 02:12:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 20 Jun 2024 03:05:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:33:6a:c8:30:e0:fe:41:98:21:59:67:d4:5f:3a:12:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
        Validity
            Not Before: Jun 20 02:12:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2afbd709a978ea0200180304cc0ad9c51fa42507
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:2b:d8:5c:de:4f:e2:fe:80:55:1d:99:aa:a8:
                    0a:b8:f8:8a:db:28:a5:c8:bd:a8:ce:d5:14:05:92:
                    b8:b8:44:26:26:cf:db:29:2e:dc:4f:23:23:25:e2:
                    8f:05:4d:60:5e:32:0d:13:7f:4b:67:19:7e:e4:93:
                    68:d3:80:cc:34:15:49:4e:a0:23:48:52:4d:78:3a:
                    32:4d:18:f7:af:68:93:05:60:cc:57:73:22:e9:5e:
                    e7:5c:76:de:08:93:83:ca:d7:9c:42:7a:91:1f:66:
                    d8:ba:62:01:84:57:2e:13:e7:61:c6:31:f5:9d:61:
                    40:28:42:86:d2:8d:fa:c3:bb:e7:d4:2a:22:e0:66:
                    78:f3:88:5e:6b:79:31:09:f0:3a:d7:90:a2:a8:e8:
                    b2:9e:00:05:88:8e:9f:34:bf:d6:2c:00:f2:8e:2a:
                    66:8b:cf:9b:e6:ce:7c:0d:96:dc:af:1b:a9:7c:b9:
                    5d:f9:42:ea:69:59:8e:bb:ae:69:63:bd:1e:24:49:
                    5c:01:57:17:c8:f1:88:19:37:cb:d4:3d:f2:a8:47:
                    f8:af:a3:46:34:49:de:c0:cb:b4:b8:cf:fd:10:db:
                    f1:a3:33:97:16:b8:fd:6a:c1:a2:bb:2a:16:99:7a:
                    8e:72:86:72:9a:f6:d0:60:e9:d3:35:16:5a:71:04:
                    06:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:FB:D7:09:A9:78:EA:02:00:18:03:04:CC:0A:D9:C5:1F:A4:25:07
            X509v3 Authority Key Identifier:
                keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KvvXCal46gIAGAMEzArZxR-kJQc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         94:de:88:b4:69:47:bf:5a:59:8d:45:f9:a8:d4:58:26:42:87:
         bd:ce:0b:84:65:0e:fa:42:17:ef:14:ca:be:3b:33:34:7d:b5:
         9f:9d:af:54:fb:81:d5:6e:ca:8d:cd:a1:e8:c7:72:96:3a:e6:
         7a:a7:b7:0e:8b:f6:91:b6:b0:53:44:ae:b5:42:e7:be:e2:5b:
         60:77:54:3c:99:4a:dd:bc:23:d2:b4:57:fb:0e:61:8b:1e:b7:
         8a:a2:c0:5e:49:2e:8f:19:23:2d:66:44:95:0a:a7:a8:1a:c5:
         62:fa:09:fb:bb:c6:90:cc:17:5b:1a:9e:28:f9:f0:7b:27:61:
         86:ad:d4:01:da:11:6d:39:92:cb:11:2c:a8:be:04:ed:bd:ba:
         10:26:47:2e:d4:9b:40:53:96:2a:8a:68:71:22:a6:29:0e:7d:
         ba:56:1d:da:74:a0:b1:5f:1c:68:36:e5:22:63:ed:9a:84:a4:
         e0:bf:b3:97:9a:d3:34:09:6a:b4:da:9a:a9:c1:11:8b:ae:db:
         c0:84:33:07:c6:ed:a5:d3:19:d3:4a:f7:bb:ef:de:c3:df:4d:
         e6:15:bc:7e:3c:13:ec:64:7b:88:f7:dd:44:48:c3:91:29:10:
         21:19:d5:d5:89:31:d3:2a:d6:cb:77:8f:a4:e4:de:aa:67:9b:
         bd:27:b6:79
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAzasgw4P5BmCFZZ9RfOhJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIwMDIxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWZiZDcwOWE5NzhlYTAyMDAxODAzMDRjYzBhZDljNTFmYTQyNTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwivYXN5P4v6AVR2ZqqgKuPiK2yil
yL2oztUUBZK4uEQmJs/bKS7cTyMjJeKPBU1gXjINE39LZxl+5JNo04DMNBVJTqAj
SFJNeDoyTRj3r2iTBWDMV3Mi6V7nXHbeCJODytecQnqRH2bYumIBhFcuE+dhxjH1
nWFAKEKG0o36w7vn1Coi4GZ484hea3kxCfA615CiqOiyngAFiI6fNL/WLADyjipm
i8+b5s58DZbcrxupfLld+ULqaVmOu65pY70eJElcAVcXyPGIGTfL1D3yqEf4r6NG
NEnewMu0uM/9ENvxozOXFrj9asGiuyoWmXqOcoZymvbQYOnTNRZacQQG5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCr71wmpeOoCABgDBMwK2cUfpCUHMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvS3Z2WENhbDQ2Z0lBR0FNRXpBclp4Ui1rSlFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJTeiLRpR79aWY1F+ajU
WCZCh73OC4RlDvpCF+8Uyr47MzR9tZ+dr1T7gdVuyo3NoejHcpY65nqntw6L9pG2
sFNErrVC577iW2B3VDyZSt28I9K0V/sOYYset4qiwF5JLo8ZIy1mRJUKp6gaxWL6
Cfu7xpDMF1sanij58HsnYYat1AHaEW05kssRLKi+BO29uhAmRy7Um0BTliqKaHEi
pikOfbpWHdp0oLFfHGg25SJj7ZqEpOC/s5ea0zQJarTamqnBEYuu28CEMwfG7aXT
GdNK97vv3sPfTeYVvH48E+xke4j33URIw5EpECEZ1dWJMdMq1st3j6Tk3qpnm70n
tnk=
Generated at Thu Jun 20 04:59:59 2024 by rpki-client on console-ams.rpki-client.org