Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/kpkt2HEw7fGcnz1Dllv7q3jkPZM.roa
File:                     kpkt2HEw7fGcnz1Dllv7q3jkPZM.roa (raw, json)
Hash identifier:          DxxZgTq+JnvJMJF9r0RY4i8xF8dDqs8uKol8wVRtqCY=
Subject key identifier:   92:99:2D:D8:71:30:ED:F1:9C:9F:3D:43:96:5B:FB:AB:78:E4:3D:93
Certificate issuer:       /CN=1c06a82bb115d7393e39fd58b73bbf20f6cd0b1f
Certificate serial:       0189A8977C955F69EF9CECCE87525438D6AD
Authority key identifier: 1C:06:A8:2B:B1:15:D7:39:3E:39:FD:58:B7:3B:BF:20:F6:CD:0B:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/kpkt2HEw7fGcnz1Dllv7q3jkPZM.roa
Signing time:             Sun 30 Jul 2023 20:57:27 +0000
ROA not before:           Sun 30 Jul 2023 20:57:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204316
IP address blocks:        185.20.255.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:a8:97:7c:95:5f:69:ef:9c:ec:ce:87:52:54:38:d6:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c06a82bb115d7393e39fd58b73bbf20f6cd0b1f
        Validity
            Not Before: Jul 30 20:57:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=92992dd87130edf19c9f3d43965bfbab78e43d93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:f4:6b:b6:b2:7b:36:ed:b4:25:c1:a7:72:01:
                    cb:58:4c:21:80:c4:c0:c5:d1:e5:b8:c0:2d:ba:d7:
                    b3:b3:70:df:af:00:e2:6b:67:9a:ac:b6:a7:2a:41:
                    7c:d7:cf:be:93:71:61:63:49:80:31:79:f3:1f:96:
                    2e:e8:04:13:66:81:9a:70:9f:de:3d:4c:a9:12:ff:
                    4e:47:a9:c8:58:cc:ce:16:6b:64:03:0e:2e:45:e3:
                    5c:46:dc:1c:0b:d7:2f:44:4a:be:89:cc:42:71:43:
                    82:4a:01:1c:66:41:fb:c2:28:ce:56:09:f3:94:bc:
                    48:ce:f9:be:f5:48:d4:44:c5:df:9d:4e:91:53:7a:
                    40:13:3e:7c:c5:68:bf:de:ba:62:0b:f0:92:75:92:
                    44:ed:47:77:bd:9a:10:8e:2b:f3:9d:b1:68:fa:22:
                    17:5d:00:06:f1:cf:22:51:f1:c8:f4:bc:c5:11:8b:
                    9f:dd:9e:82:92:7b:6a:7e:99:0c:ae:c6:3b:d2:21:
                    8e:aa:5f:13:be:77:e5:aa:8f:cc:c3:42:4b:02:66:
                    33:ad:97:15:69:ed:08:15:b9:98:02:67:e8:8b:fd:
                    2b:38:48:50:50:ec:31:82:fa:a6:92:11:62:97:dd:
                    8c:5e:6f:5e:9a:af:e3:3a:a1:85:52:ed:b6:e2:5e:
                    7c:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:99:2D:D8:71:30:ED:F1:9C:9F:3D:43:96:5B:FB:AB:78:E4:3D:93
            X509v3 Authority Key Identifier:
                keyid:1C:06:A8:2B:B1:15:D7:39:3E:39:FD:58:B7:3B:BF:20:F6:CD:0B:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/kpkt2HEw7fGcnz1Dllv7q3jkPZM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.20.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:ed:e3:f9:0d:c4:a6:56:fe:77:49:3f:43:81:36:aa:f3:f1:
         a4:2d:f1:61:06:36:96:29:c5:29:27:49:89:5c:6b:05:e1:9d:
         f6:cf:19:14:be:f9:7c:83:c5:dd:67:c3:c5:10:bd:f3:c4:a0:
         1e:69:04:21:a8:ab:04:8a:28:db:d6:6e:47:e1:4f:9b:f1:03:
         8d:5d:9d:08:3e:95:39:ad:e1:0d:66:0d:7c:6b:ea:4f:68:4a:
         cb:b9:da:9c:21:38:b5:fd:a2:89:43:5d:e1:ba:51:48:d4:74:
         0f:ea:78:11:0d:e4:03:a9:9a:08:38:cb:39:cc:4d:12:8e:3a:
         8b:15:8c:c0:14:e2:26:b8:c9:86:cf:cd:89:15:93:fd:7d:ef:
         20:6d:11:ef:70:6d:f2:48:cd:d7:92:0d:ac:f4:95:27:91:92:
         07:ef:78:26:cb:7e:79:03:50:0c:60:df:02:23:0c:b2:09:0d:
         1c:85:bd:66:d6:6f:25:85:05:b3:0e:4e:e1:f4:da:07:71:3b:
         0c:79:2f:2d:24:45:a4:35:e4:a0:67:3a:54:c6:53:82:fe:0e:
         43:35:ba:06:2b:46:e5:34:60:9d:32:54:89:b8:ec:30:39:74:
         c9:2f:cd:e1:2d:72:86:51:aa:2c:98:b7:31:1f:10:d5:81:61:
         f1:7c:eb:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmol3yVX2nvnOzOh1JUONatMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDZhODJiYjExNWQ3MzkzZTM5ZmQ1OGI3M2JiZjIwZjZj
ZDBiMWYwHhcNMjMwNzMwMjA1NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mjk5MmRkODcxMzBlZGYxOWM5ZjNkNDM5NjViZmJhYjc4ZTQzZDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/RrtrJ7Nu20JcGncgHLWEwhgMTA
xdHluMAtutezs3DfrwDia2earLanKkF818++k3FhY0mAMXnzH5Yu6AQTZoGacJ/e
PUypEv9OR6nIWMzOFmtkAw4uReNcRtwcC9cvREq+icxCcUOCSgEcZkH7wijOVgnz
lLxIzvm+9UjURMXfnU6RU3pAEz58xWi/3rpiC/CSdZJE7Ud3vZoQjivznbFo+iIX
XQAG8c8iUfHI9LzFEYuf3Z6CkntqfpkMrsY70iGOql8Tvnflqo/Mw0JLAmYzrZcV
ae0IFbmYAmfoi/0rOEhQUOwxgvqmkhFil92MXm9emq/jOqGFUu224l58zwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJKZLdhxMO3xnJ89Q5Zb+6t45D2TMB8GA1UdIwQY
MBaAFBwGqCuxFdc5Pjn9WLc7vyD2zQsfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFhb0s3RVYxemstT2YxWXR6dV9JUGJOQ3g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xMmVhYWQtOGE0NS00Nzg5LWJhYjUt
NzI2MDU3YTFmMmE0LzEva3BrdDJIRXc3ZkdjbnoxRGxsdjdxM2prUFpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xMmVhYWQtOGE0NS00Nzg5LWJhYjUtNzI2MDU3YTFmMmE0
LzEvSEFhb0s3RVYxemstT2YxWXR6dV9JUGJOQ3g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRT/MA0G
CSqGSIb3DQEBCwUAA4IBAQAO7eP5DcSmVv53ST9DgTaq8/GkLfFhBjaWKcUpJ0mJ
XGsF4Z32zxkUvvl8g8XdZ8PFEL3zxKAeaQQhqKsEiijb1m5H4U+b8QONXZ0IPpU5
reENZg18a+pPaErLudqcITi1/aKJQ13hulFI1HQP6ngRDeQDqZoIOMs5zE0SjjqL
FYzAFOImuMmGz82JFZP9fe8gbRHvcG3ySM3Xkg2s9JUnkZIH73gmy355A1AMYN8C
IwyyCQ0chb1m1m8lhQWzDk7h9NoHcTsMeS8tJEWkNeSgZzpUxlOC/g5DNboGK0bl
NGCdMlSJuOwwOXTJL83hLXKGUaosmLcxHxDVgWHxfOuX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:01 2024 by rpki-client on console-ams.rpki-client.org