Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/7bddda-0c6c-4a5e-b1c5-3ba5f30caabf/1/kNKSdqdL4dfJUhS21OEpsbsBMtk.roa
File:                     kNKSdqdL4dfJUhS21OEpsbsBMtk.roa (raw, json)
Hash identifier:          DN5Op+CVqaqLyW6zHLADizXPu0raBLg+KPXttuqTdNo=
Subject key identifier:   90:D2:92:76:A7:4B:E1:D7:C9:52:14:B6:D4:E1:29:B1:BB:01:32:D9
Certificate issuer:       /CN=1a4dd11554247bd2bd301cea43ff5180372c38e4
Certificate serial:       0185715E49088D280ADA200172D31EED8E93
Authority key identifier: 1A:4D:D1:15:54:24:7B:D2:BD:30:1C:EA:43:FF:51:80:37:2C:38:E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gk3RFVQke9K9MBzqQ_9RgDcsOOQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/7bddda-0c6c-4a5e-b1c5-3ba5f30caabf/1/kNKSdqdL4dfJUhS21OEpsbsBMtk.roa
Signing time:             Mon 02 Jan 2023 07:24:42 +0000
ROA not before:           Mon 02 Jan 2023 07:24:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42962
IP address blocks:        185.192.56.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:5e:49:08:8d:28:0a:da:20:01:72:d3:1e:ed:8e:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a4dd11554247bd2bd301cea43ff5180372c38e4
        Validity
            Not Before: Jan  2 07:24:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=90d29276a74be1d7c95214b6d4e129b1bb0132d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:f2:cc:92:b1:3f:53:a7:c3:a9:96:a3:da:a1:
                    92:cd:66:65:b2:6f:74:22:8a:5e:70:57:eb:ca:a0:
                    d7:97:b6:34:31:22:fb:fc:ae:d4:19:9e:57:56:35:
                    02:41:4e:71:3c:47:00:df:5a:b7:a0:33:1a:98:7e:
                    72:16:a5:5c:0b:11:86:44:96:88:65:a1:d6:97:44:
                    ad:6e:19:0d:e2:02:7c:54:fb:d0:57:15:dc:49:f6:
                    34:b6:78:da:a0:f8:d2:4e:64:1b:73:d5:e4:e6:6a:
                    3f:04:eb:7f:db:bb:c2:dc:02:b0:ea:d3:d6:56:a9:
                    16:e8:a4:b4:bf:96:60:39:3a:75:23:66:f5:ac:e7:
                    d0:dd:60:16:44:ff:44:5d:9f:c0:e8:5d:a6:d6:bb:
                    c7:27:cb:30:8c:82:b6:cc:21:b9:da:4e:97:61:e3:
                    1e:5a:84:28:8e:4a:44:aa:8e:86:20:9c:35:9c:fc:
                    46:6b:39:d1:a1:cc:eb:e1:d4:60:4d:c1:dd:2e:fc:
                    81:83:0e:34:16:b6:7a:06:87:fd:3c:06:3f:49:a5:
                    ac:cf:3e:db:97:8d:f8:f2:fe:f5:a7:95:af:a3:ae:
                    22:32:43:ae:3f:40:74:b4:f6:0d:9a:49:d0:d3:a6:
                    c4:96:36:68:1d:e0:ca:7f:0e:a7:35:a6:aa:40:da:
                    8f:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:D2:92:76:A7:4B:E1:D7:C9:52:14:B6:D4:E1:29:B1:BB:01:32:D9
            X509v3 Authority Key Identifier:
                keyid:1A:4D:D1:15:54:24:7B:D2:BD:30:1C:EA:43:FF:51:80:37:2C:38:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gk3RFVQke9K9MBzqQ_9RgDcsOOQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/7bddda-0c6c-4a5e-b1c5-3ba5f30caabf/1/kNKSdqdL4dfJUhS21OEpsbsBMtk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/7bddda-0c6c-4a5e-b1c5-3ba5f30caabf/1/Gk3RFVQke9K9MBzqQ_9RgDcsOOQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.192.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         75:43:51:51:da:34:28:93:73:fe:57:42:27:85:a0:85:f8:2a:
         d8:b4:5c:f0:04:2e:ce:d6:89:dc:40:96:ea:ee:b7:18:2c:b6:
         ba:eb:33:11:8d:d7:18:2e:e4:59:05:5e:e8:c6:48:51:f0:a5:
         54:68:17:32:b4:b9:75:29:8b:82:61:6a:f4:9b:09:5d:24:4a:
         0e:89:ed:ed:e4:4a:10:96:01:cb:05:3d:4e:a9:b7:07:09:01:
         59:ad:d7:81:83:7f:c3:31:8d:a2:06:e7:7c:e0:9b:62:4d:f2:
         c0:2a:52:22:fa:4f:83:89:7d:c5:8d:78:72:b7:59:d5:fa:f7:
         69:dc:28:23:c9:d6:65:c6:d3:ab:7b:b2:8c:a5:52:84:33:f5:
         e1:7c:4f:20:fb:7a:bf:cb:a9:cb:6c:9a:d2:e6:92:32:b0:98:
         a0:bb:fb:b7:c4:71:d1:f2:2e:bc:e9:58:86:4a:62:d0:43:a0:
         6f:21:4e:15:2d:ee:e1:62:0d:5f:3d:35:99:a9:a1:9a:2c:54:
         97:84:a9:9c:8e:67:d9:de:4b:1b:8e:a3:55:82:eb:ef:4a:3a:
         8f:43:03:f8:6a:16:16:e5:8a:63:14:a8:23:de:ef:9f:0b:bc:
         6c:74:6c:fa:94:09:bf:0c:c9:e7:3c:89:55:73:5f:d9:42:56:
         8d:39:35:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxXkkIjSgK2iABctMe7Y6TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNGRkMTE1NTQyNDdiZDJiZDMwMWNlYTQzZmY1MTgwMzcy
YzM4ZTQwHhcNMjMwMTAyMDcyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGQyOTI3NmE3NGJlMWQ3Yzk1MjE0YjZkNGUxMjliMWJiMDEzMmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPLMkrE/U6fDqZaj2qGSzWZlsm90
IopecFfryqDXl7Y0MSL7/K7UGZ5XVjUCQU5xPEcA31q3oDMamH5yFqVcCxGGRJaI
ZaHWl0StbhkN4gJ8VPvQVxXcSfY0tnjaoPjSTmQbc9Xk5mo/BOt/27vC3AKw6tPW
VqkW6KS0v5ZgOTp1I2b1rOfQ3WAWRP9EXZ/A6F2m1rvHJ8swjIK2zCG52k6XYeMe
WoQojkpEqo6GIJw1nPxGaznRoczr4dRgTcHdLvyBgw40FrZ6Bof9PAY/SaWszz7b
l4348v71p5Wvo64iMkOuP0B0tPYNmknQ06bEljZoHeDKfw6nNaaqQNqPdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJDSknanS+HXyVIUttThKbG7ATLZMB8GA1UdIwQY
MBaAFBpN0RVUJHvSvTAc6kP/UYA3LDjkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2szUkZWUWtlOUs5TUJ6cVFfOVJnRGNzT09RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS83YmRkZGEtMGM2Yy00YTVlLWIxYzUt
M2JhNWYzMGNhYWJmLzEva05LU2RxZEw0ZGZKVWhTMjFPRXBzYnNCTXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS83YmRkZGEtMGM2Yy00YTVlLWIxYzUtM2JhNWYzMGNhYWJm
LzEvR2szUkZWUWtlOUs5TUJ6cVFfOVJnRGNzT09RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucA4MA0G
CSqGSIb3DQEBCwUAA4IBAQB1Q1FR2jQok3P+V0InhaCF+CrYtFzwBC7O1oncQJbq
7rcYLLa66zMRjdcYLuRZBV7oxkhR8KVUaBcytLl1KYuCYWr0mwldJEoOie3t5EoQ
lgHLBT1OqbcHCQFZrdeBg3/DMY2iBud84JtiTfLAKlIi+k+DiX3FjXhyt1nV+vdp
3CgjydZlxtOre7KMpVKEM/XhfE8g+3q/y6nLbJrS5pIysJigu/u3xHHR8i686ViG
SmLQQ6BvIU4VLe7hYg1fPTWZqaGaLFSXhKmcjmfZ3ksbjqNVguvvSjqPQwP4ahYW
5YpjFKgj3u+fC7xsdGz6lAm/DMnnPIlVc1/ZQlaNOTUI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:38 2024 by rpki-client on console-ams.rpki-client.org