Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/2b5e7c-67b1-477d-895f-8f5fc92125db/1/Kr8mTlGovmmFH99ZyyWWZxh5qFY.roa
File:                     Kr8mTlGovmmFH99ZyyWWZxh5qFY.roa (raw, json)
Hash identifier:          SBaVQ6rgoeAimnTWH5JNtqAKRk5ZkLyvucMO86rCpBc=
Subject key identifier:   2A:BF:26:4E:51:A8:BE:69:85:1F:DF:59:CB:25:96:67:18:79:A8:56
Certificate issuer:       /CN=66d337d330ba44efcfef555355132a6a2c69783c
Certificate serial:       018571A7BEA912649FA99D1E2C93505D65F7
Authority key identifier: 66:D3:37:D3:30:BA:44:EF:CF:EF:55:53:55:13:2A:6A:2C:69:78:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZtM30zC6RO_P71VTVRMqaixpeDw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/2b5e7c-67b1-477d-895f-8f5fc92125db/1/Kr8mTlGovmmFH99ZyyWWZxh5qFY.roa
Signing time:             Mon 02 Jan 2023 08:44:56 +0000
ROA not before:           Mon 02 Jan 2023 08:44:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206635
IP address blocks:        185.176.58.0/24 maxlen: 24
                          185.176.56.0/24 maxlen: 24
                          185.176.56.0/22 maxlen: 22
                          185.176.57.0/24 maxlen: 24
                          185.176.59.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:a7:be:a9:12:64:9f:a9:9d:1e:2c:93:50:5d:65:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66d337d330ba44efcfef555355132a6a2c69783c
        Validity
            Not Before: Jan  2 08:44:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2abf264e51a8be69851fdf59cb2596671879a856
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:16:df:2f:9c:ab:94:ed:ee:49:9e:a0:34:96:
                    84:f6:7c:14:50:93:30:32:9e:a0:df:dd:25:d5:e4:
                    42:60:cf:4a:1c:6c:b9:3f:a5:04:b1:ba:68:4d:32:
                    25:b4:9e:1d:c3:27:e2:bc:da:a6:ea:b2:3c:d2:f4:
                    23:ad:4e:29:32:71:54:ff:fe:cd:80:5e:1d:b9:80:
                    10:63:f6:0c:49:a7:fd:20:e4:e4:fe:4a:3f:8c:c9:
                    a7:65:10:37:38:c4:9e:ea:74:bd:ab:81:b5:e5:70:
                    33:58:04:8a:9a:8f:6d:35:9b:8e:d0:5c:8f:83:03:
                    7c:55:f9:86:b3:30:40:b8:56:2b:3a:c0:39:58:92:
                    1c:ca:3b:85:75:38:98:f0:c0:72:ba:d8:83:02:35:
                    f4:28:96:c3:b9:ac:4d:de:b6:cb:62:ae:07:ff:25:
                    24:de:75:2a:10:e9:3d:eb:c9:30:09:06:a3:15:f7:
                    b3:fe:9c:c2:6e:a1:e6:ac:5c:c3:9d:3e:ee:17:24:
                    df:ff:36:80:69:8d:e7:90:76:24:81:54:e9:f8:d2:
                    b7:f2:ad:ef:8c:b9:a5:2d:2b:16:1b:8a:c7:78:d5:
                    1c:ae:04:14:06:bf:98:fd:ba:95:c8:99:63:65:22:
                    7d:4c:df:72:09:be:c2:e1:76:76:ae:4d:e0:7b:4a:
                    42:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:BF:26:4E:51:A8:BE:69:85:1F:DF:59:CB:25:96:67:18:79:A8:56
            X509v3 Authority Key Identifier:
                keyid:66:D3:37:D3:30:BA:44:EF:CF:EF:55:53:55:13:2A:6A:2C:69:78:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZtM30zC6RO_P71VTVRMqaixpeDw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2b5e7c-67b1-477d-895f-8f5fc92125db/1/Kr8mTlGovmmFH99ZyyWWZxh5qFY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2b5e7c-67b1-477d-895f-8f5fc92125db/1/ZtM30zC6RO_P71VTVRMqaixpeDw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.176.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1a:c4:f0:a1:3c:2f:4c:1b:81:e4:e2:a4:8c:65:8d:63:89:1c:
         95:7a:16:ea:3e:ab:00:e4:a8:ee:17:e3:fc:9f:7b:fb:20:24:
         19:60:7b:14:af:95:41:51:69:5c:60:50:c6:32:d4:49:77:cc:
         29:ca:12:97:c4:29:5a:ef:c0:02:de:ff:98:29:74:be:7f:d8:
         57:9d:63:c4:27:54:95:eb:5a:b8:01:5d:4c:76:dd:21:35:b9:
         77:5d:47:5c:37:b1:35:cb:b6:72:e2:74:b7:ef:ff:04:ca:4a:
         24:48:47:f0:8d:6e:a0:14:38:80:3d:70:de:c3:21:36:f4:47:
         c9:0b:97:e0:65:d1:58:5e:ce:b2:4f:31:c6:eb:16:3f:2f:05:
         98:a0:b6:6c:ce:a7:4b:3e:63:77:0b:ca:d6:6f:23:fa:9e:d5:
         ce:fc:c4:fd:77:be:ca:d6:bb:47:65:d6:86:c9:6f:cc:ff:dd:
         ae:a8:f8:5c:24:81:51:2e:05:e1:67:5b:ab:76:56:54:03:9d:
         4a:f0:10:83:99:93:f6:12:af:69:08:11:19:fc:53:9e:c6:4a:
         65:b1:82:5d:b8:ee:10:93:c0:a2:05:f3:ee:2d:00:97:c8:43:
         e4:db:fc:ca:5b:80:53:69:8b:b8:31:92:93:6e:f4:2e:bb:ac:
         48:4e:94:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp76pEmSfqZ0eLJNQXWX3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZDMzN2QzMzBiYTQ0ZWZjZmVmNTU1MzU1MTMyYTZhMmM2
OTc4M2MwHhcNMjMwMTAyMDg0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWJmMjY0ZTUxYThiZTY5ODUxZmRmNTljYjI1OTY2NzE4NzlhODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBbfL5yrlO3uSZ6gNJaE9nwUUJMw
Mp6g390l1eRCYM9KHGy5P6UEsbpoTTIltJ4dwyfivNqm6rI80vQjrU4pMnFU//7N
gF4duYAQY/YMSaf9IOTk/ko/jMmnZRA3OMSe6nS9q4G15XAzWASKmo9tNZuO0FyP
gwN8VfmGszBAuFYrOsA5WJIcyjuFdTiY8MByutiDAjX0KJbDuaxN3rbLYq4H/yUk
3nUqEOk968kwCQajFfez/pzCbqHmrFzDnT7uFyTf/zaAaY3nkHYkgVTp+NK38q3v
jLmlLSsWG4rHeNUcrgQUBr+Y/bqVyJljZSJ9TN9yCb7C4XZ2rk3ge0pCMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCq/Jk5RqL5phR/fWcsllmcYeahWMB8GA1UdIwQY
MBaAFGbTN9MwukTvz+9VU1UTKmosaXg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnRNMzB6QzZST19QNzFWVFZSTXFhaXhwZUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8yYjVlN2MtNjdiMS00NzdkLTg5NWYt
OGY1ZmM5MjEyNWRiLzEvS3I4bVRsR292bW1GSDk5Wnl5V1daeGg1cUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8yYjVlN2MtNjdiMS00NzdkLTg5NWYtOGY1ZmM5MjEyNWRi
LzEvWnRNMzB6QzZST19QNzFWVFZSTXFhaXhwZUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubA4MA0G
CSqGSIb3DQEBCwUAA4IBAQAaxPChPC9MG4Hk4qSMZY1jiRyVehbqPqsA5KjuF+P8
n3v7ICQZYHsUr5VBUWlcYFDGMtRJd8wpyhKXxCla78AC3v+YKXS+f9hXnWPEJ1SV
61q4AV1Mdt0hNbl3XUdcN7E1y7Zy4nS37/8EykokSEfwjW6gFDiAPXDewyE29EfJ
C5fgZdFYXs6yTzHG6xY/LwWYoLZszqdLPmN3C8rWbyP6ntXO/MT9d77K1rtHZdaG
yW/M/92uqPhcJIFRLgXhZ1urdlZUA51K8BCDmZP2Eq9pCBEZ/FOexkplsYJduO4Q
k8CiBfPuLQCXyEPk2/zKW4BTaYu4MZKTbvQuu6xITpST
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:17 2024 by rpki-client on console-ams.rpki-client.org