Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/KmIc3WSSy4KG6LPEw1EIQL7C8ng.roa
File:                     KmIc3WSSy4KG6LPEw1EIQL7C8ng.roa (raw, json)
Hash identifier:          q7M4MYNOobHz2/2q1kzmA9Lx8bdcCU0AMQVtUA+gjbg=
Subject key identifier:   2A:62:1C:DD:64:92:CB:82:86:E8:B3:C4:C3:51:08:40:BE:C2:F2:78
Certificate issuer:       /CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Certificate serial:       018964C050B43AE82D97BC92DB6E9769C8C9
Authority key identifier: 31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/KmIc3WSSy4KG6LPEw1EIQL7C8ng.roa
Signing time:             Mon 17 Jul 2023 16:47:52 +0000
ROA not before:           Mon 17 Jul 2023 16:47:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59729
IP address blocks:        193.9.20.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:64:c0:50:b4:3a:e8:2d:97:bc:92:db:6e:97:69:c8:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
        Validity
            Not Before: Jul 17 16:47:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2a621cdd6492cb8286e8b3c4c3510840bec2f278
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:56:ea:3e:d2:29:b3:fd:5e:47:7a:2f:88:dc:
                    9f:24:72:bb:f0:bb:32:a5:58:83:3d:67:9c:13:54:
                    6d:68:55:e4:a5:a7:67:54:c5:f0:d2:01:59:06:ea:
                    d4:96:82:6a:7c:89:a3:46:47:1a:fc:89:7f:32:56:
                    2d:76:43:6f:8c:fc:dc:b0:4f:f2:dd:69:32:29:eb:
                    a6:50:92:60:77:f6:6c:1d:2c:93:ad:a0:5a:b6:37:
                    14:1f:0d:7b:76:0c:bd:60:fb:0f:94:ee:c0:b0:3c:
                    ca:90:bd:b2:90:7d:17:a1:ed:47:a5:41:73:31:ae:
                    9f:23:04:dc:4d:9a:7c:f5:6c:32:72:9e:47:d1:f7:
                    78:61:a3:4a:27:5c:ff:6f:63:ec:ed:16:b2:8d:15:
                    ef:06:b6:2a:de:7f:f8:3a:06:53:91:44:a8:61:d1:
                    9e:ac:c7:26:3f:aa:75:a6:d3:8d:38:ef:d0:7f:7d:
                    d0:29:e2:27:80:e3:e2:a1:44:e9:4b:6a:da:8f:91:
                    5d:84:c9:8a:76:94:29:d5:8b:4f:bc:c8:3a:36:bd:
                    4f:39:59:14:7d:16:f1:0c:bc:60:fb:da:a9:cd:e8:
                    d6:85:61:7b:45:74:5f:66:d2:e0:53:c3:c6:7c:e5:
                    d7:46:d9:53:01:28:98:45:bb:82:46:02:23:e6:72:
                    dd:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:62:1C:DD:64:92:CB:82:86:E8:B3:C4:C3:51:08:40:BE:C2:F2:78
            X509v3 Authority Key Identifier:
                keyid:31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/KmIc3WSSy4KG6LPEw1EIQL7C8ng.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/MQsFJRN4mUz6gIjSO27u1Onmqwg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.9.20.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:df:44:fa:8c:d3:44:76:d7:0e:a5:c9:bc:97:61:ee:f1:08:
         4c:f0:dc:44:fb:df:43:73:f1:f8:75:30:a6:b7:dd:f4:2a:41:
         8f:bf:40:eb:72:ba:20:f3:bf:e1:ca:0b:92:90:3a:b3:ec:43:
         60:8c:c8:bb:35:3f:80:fc:a6:6a:df:57:92:a9:c1:18:30:57:
         c4:f7:a4:43:88:6a:c1:9d:30:ee:83:73:11:c3:1f:62:b0:ec:
         c9:b4:2c:0e:86:f1:71:0a:54:4b:f9:76:6c:cb:46:5d:1b:c3:
         aa:70:46:92:5e:66:3c:2d:fd:02:b3:3d:57:1d:6a:f3:a2:ff:
         83:3b:6e:77:40:b7:1e:c3:cb:4c:de:aa:ea:69:aa:16:14:1d:
         e0:80:ce:40:f9:e0:3f:f6:e4:80:c9:7a:df:7e:97:71:91:3d:
         f2:04:89:c1:9c:88:30:18:5f:d8:b1:ad:29:89:15:9d:fc:63:
         08:cf:13:ec:05:e6:b0:3c:49:09:69:1f:69:5a:61:4b:c3:1a:
         64:6c:0d:b3:6d:43:33:1c:fd:b7:2a:04:c4:ec:04:f7:91:68:
         6a:5b:3e:97:15:af:9f:17:38:17:c0:75:fc:89:ac:ad:e9:f6:
         27:9d:aa:5f:ec:27:6a:0e:7d:64:db:a0:2a:3e:9f:ba:34:60:
         8f:b6:f3:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlkwFC0Ougtl7yS226XacjJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMGIwNTI1MTM3ODk5NGNmYTgwODhkMjNiNmVlZWQ0ZTll
NmFiMDgwHhcNMjMwNzE3MTY0NzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTYyMWNkZDY0OTJjYjgyODZlOGIzYzRjMzUxMDg0MGJlYzJmMjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVbqPtIps/1eR3oviNyfJHK78Lsy
pViDPWecE1RtaFXkpadnVMXw0gFZBurUloJqfImjRkca/Il/MlYtdkNvjPzcsE/y
3WkyKeumUJJgd/ZsHSyTraBatjcUHw17dgy9YPsPlO7AsDzKkL2ykH0Xoe1HpUFz
Ma6fIwTcTZp89Wwycp5H0fd4YaNKJ1z/b2Ps7RayjRXvBrYq3n/4OgZTkUSoYdGe
rMcmP6p1ptONOO/Qf33QKeIngOPioUTpS2raj5FdhMmKdpQp1YtPvMg6Nr1POVkU
fRbxDLxg+9qpzejWhWF7RXRfZtLgU8PGfOXXRtlTASiYRbuCRgIj5nLdmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpiHN1kksuChuizxMNRCEC+wvJ4MB8GA1UdIwQY
MBaAFDELBSUTeJlM+oCI0jtu7tTp5qsIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEt
N2NmZGYyZGY2NjMyLzEvS21JYzNXU1N5NEtHNkxQRXcxRUlRTDdDOG5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEtN2NmZGYyZGY2NjMy
LzEvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQkUMA0G
CSqGSIb3DQEBCwUAA4IBAQCB30T6jNNEdtcOpcm8l2Hu8QhM8NxE+99Dc/H4dTCm
t930KkGPv0Drcrog87/hyguSkDqz7ENgjMi7NT+A/KZq31eSqcEYMFfE96RDiGrB
nTDug3MRwx9isOzJtCwOhvFxClRL+XZsy0ZdG8OqcEaSXmY8Lf0Csz1XHWrzov+D
O253QLcew8tM3qrqaaoWFB3ggM5A+eA/9uSAyXrffpdxkT3yBInBnIgwGF/Ysa0p
iRWd/GMIzxPsBeawPEkJaR9pWmFLwxpkbA2zbUMzHP23KgTE7AT3kWhqWz6XFa+f
FzgXwHX8iayt6fYnnapf7CdqDn1k26AqPp+6NGCPtvPT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:47 2024 by rpki-client on console-ams.rpki-client.org