Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/kyaBD_SFI7JHX3pOn6C-h2i8nls.roa
File:                     kyaBD_SFI7JHX3pOn6C-h2i8nls.roa (raw, json)
Hash identifier:          HEzfqOQ/gzc3xtVDxCRLEHsrd297NjVRqesPXvMGnZA=
Subject key identifier:   93:26:81:0F:F4:85:23:B2:47:5F:7A:4E:9F:A0:BE:87:68:BC:9E:5B
Certificate issuer:       /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial:       0185E95583CE1EF211D58C36E609066469F6
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/kyaBD_SFI7JHX3pOn6C-h2i8nls.roa
Signing time:             Wed 25 Jan 2023 14:29:33 +0000
ROA not before:           Wed 25 Jan 2023 14:29:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205447
IP address blocks:        94.240.27.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e9:55:83:ce:1e:f2:11:d5:8c:36:e6:09:06:64:69:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
        Validity
            Not Before: Jan 25 14:29:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9326810ff48523b2475f7a4e9fa0be8768bc9e5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:f3:51:2f:d0:98:9f:19:d4:dd:ee:2f:97:d8:
                    d2:c4:4f:f1:c5:97:ec:db:73:f3:13:13:71:16:15:
                    03:a9:4f:a4:4f:dc:d6:51:6a:d4:1c:f0:fc:ed:14:
                    34:2a:89:2e:16:fd:44:bc:a9:f8:7f:2b:d0:40:a0:
                    d0:4a:dd:cf:ba:a5:0d:81:94:16:2c:36:a9:d1:95:
                    b2:bb:6f:3c:bf:07:08:3a:0f:35:49:e8:cf:29:c1:
                    35:fd:39:43:f9:7f:f8:21:6b:43:3e:a5:90:b5:12:
                    2e:da:28:15:29:81:7d:5e:14:55:e5:11:61:d6:f3:
                    ab:f3:8a:dc:63:a6:b8:a4:33:c1:5e:3a:1a:65:f6:
                    ae:ce:33:42:8d:a9:27:c1:1f:de:93:c4:3e:0b:a8:
                    fb:33:f1:61:35:8c:7c:63:bc:c3:73:bf:7a:b3:ab:
                    79:76:24:56:6a:04:da:69:6e:48:4c:b0:39:ac:df:
                    bd:78:1b:80:f7:73:b3:a0:fc:3b:d3:bd:15:6d:e2:
                    fc:49:81:a6:03:0e:4a:03:5e:1e:5f:e7:e1:7d:9e:
                    da:7d:de:cc:fe:22:06:5f:84:29:ab:76:3b:28:60:
                    98:ee:9b:4f:ee:f3:cb:e8:df:0e:88:ef:f1:2f:ac:
                    0c:da:93:b5:aa:3c:c2:e2:a8:3a:b8:c3:2a:af:58:
                    96:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:26:81:0F:F4:85:23:B2:47:5F:7A:4E:9F:A0:BE:87:68:BC:9E:5B
            X509v3 Authority Key Identifier:
                keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/kyaBD_SFI7JHX3pOn6C-h2i8nls.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.240.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:f9:af:03:4e:43:91:2a:f1:bd:9e:21:ad:96:e7:cc:80:f5:
         8b:9f:d5:ef:51:d3:6d:cc:e4:d6:9d:6c:07:90:e1:55:4c:8e:
         f4:f3:e0:f2:3f:57:ba:20:53:5d:27:66:80:36:e6:21:f0:fa:
         3c:6c:7b:f1:ab:17:66:76:f0:ae:d5:33:81:ed:2c:4b:6e:33:
         f8:e9:41:41:a3:7d:c3:34:27:c2:f3:54:f5:de:33:84:dc:b5:
         50:c2:47:f2:23:1f:87:cb:62:6c:34:3c:27:92:58:75:1b:e4:
         c9:bc:6a:c0:5d:e2:6b:29:06:70:2b:24:99:f4:58:86:7a:57:
         25:35:fc:2f:cd:01:de:db:5a:bb:a6:a3:68:5a:c5:4a:ff:86:
         2e:42:44:ac:7c:a1:91:ee:55:71:d7:91:05:77:c8:ff:2b:fb:
         97:28:e0:1b:5b:de:34:0a:44:c0:f6:11:3d:dd:8f:f1:27:2d:
         ec:b2:51:b4:67:76:80:c2:3d:65:3c:05:8c:1d:a6:a6:b0:fb:
         c5:a1:07:71:16:fd:a0:67:24:09:a7:b1:2e:b6:f6:58:de:3e:
         f6:55:14:ec:6b:33:0a:ee:fe:86:a8:a3:91:d5:43:34:dd:c4:
         c7:bb:6d:02:35:17:31:e8:7e:0d:f9:be:37:c6:69:65:ed:88:
         07:41:a6:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXpVYPOHvIR1Yw25gkGZGn2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjMwMTI1MTQyOTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzI2ODEwZmY0ODUyM2IyNDc1ZjdhNGU5ZmEwYmU4NzY4YmM5ZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfNRL9CYnxnU3e4vl9jSxE/xxZfs
23PzExNxFhUDqU+kT9zWUWrUHPD87RQ0KokuFv1EvKn4fyvQQKDQSt3PuqUNgZQW
LDap0ZWyu288vwcIOg81SejPKcE1/TlD+X/4IWtDPqWQtRIu2igVKYF9XhRV5RFh
1vOr84rcY6a4pDPBXjoaZfauzjNCjaknwR/ek8Q+C6j7M/FhNYx8Y7zDc796s6t5
diRWagTaaW5ITLA5rN+9eBuA93OzoPw7070VbeL8SYGmAw5KA14eX+fhfZ7afd7M
/iIGX4Qpq3Y7KGCY7ptP7vPL6N8OiO/xL6wM2pO1qjzC4qg6uMMqr1iWwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJMmgQ/0hSOyR196Tp+gvodovJ5bMB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEva3lhQkRfU0ZJN0pIWDNwT242Qy1oMmk4bmxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXvAbMA0G
CSqGSIb3DQEBCwUAA4IBAQAG+a8DTkORKvG9niGtlufMgPWLn9XvUdNtzOTWnWwH
kOFVTI708+DyP1e6IFNdJ2aANuYh8Po8bHvxqxdmdvCu1TOB7SxLbjP46UFBo33D
NCfC81T13jOE3LVQwkfyIx+Hy2JsNDwnklh1G+TJvGrAXeJrKQZwKySZ9FiGelcl
NfwvzQHe21q7pqNoWsVK/4YuQkSsfKGR7lVx15EFd8j/K/uXKOAbW940CkTA9hE9
3Y/xJy3sslG0Z3aAwj1lPAWMHaamsPvFoQdxFv2gZyQJp7EutvZY3j72VRTsazMK
7v6GqKOR1UM03cTHu20CNRcx6H4N+b43xmll7YgHQaZ0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:18 2024 by rpki-client on console-fra.rpki-client.org