Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/KFmaWaWK6ZlJf4_OkzzoRBKhkPA.roa
File:                     KFmaWaWK6ZlJf4_OkzzoRBKhkPA.roa (raw, json)
Hash identifier:          af3P66Dkb8rpyvZG4wTcJb7lyCMUeTIITqZvVCVG8IQ=
Subject key identifier:   28:59:9A:59:A5:8A:E9:99:49:7F:8F:CE:93:3C:E8:44:12:A1:90:F0
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       01880565AE09705DC6EB7C8BABCB9750AE16
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/KFmaWaWK6ZlJf4_OkzzoRBKhkPA.roa
Signing time:             Wed 10 May 2023 11:22:09 +0000
ROA not before:           Wed 10 May 2023 11:22:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62068
IP address blocks:        178.253.55.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 10 Jul 2023 10:40:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:05:65:ae:09:70:5d:c6:eb:7c:8b:ab:cb:97:50:ae:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: May 10 11:22:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=28599a59a58ae999497f8fce933ce84412a190f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:58:f3:d2:61:1e:7c:4a:ed:95:6c:ef:ec:84:
                    5c:75:3b:6e:d0:95:64:8f:50:0f:e4:c5:8e:41:76:
                    78:07:dc:25:de:cc:82:c2:63:ad:6f:00:7f:9b:88:
                    c3:7b:eb:1f:f2:1e:97:9e:b8:60:c0:1e:c7:d2:23:
                    85:99:48:06:7d:f2:b2:83:1b:e5:96:1a:04:be:f3:
                    ac:44:e9:5e:88:86:e6:0b:f5:41:35:4a:6a:23:b9:
                    89:76:3a:c2:e6:93:b7:a2:1f:88:ef:b6:d0:a2:01:
                    ab:02:7e:26:0c:cc:0a:64:7a:75:e5:92:a0:99:fb:
                    56:c3:1d:f9:34:7a:58:d0:5f:9c:4c:54:71:f1:f2:
                    6f:ea:dd:79:d0:64:05:3a:cb:a1:e6:ca:4d:d7:63:
                    0b:0e:64:2e:23:33:86:ba:4e:66:df:b6:26:36:c9:
                    a8:2b:7a:68:70:67:05:8d:f6:73:1d:5e:47:b6:eb:
                    92:92:53:99:92:5d:5c:08:37:34:f1:da:1d:83:fb:
                    a1:51:9c:0c:41:55:9f:b2:fe:02:05:45:7c:4d:9f:
                    70:72:1b:fd:e7:68:c1:4f:59:ee:a1:71:88:c2:4a:
                    9d:0c:47:f3:15:7e:7d:29:85:e8:23:97:aa:07:b0:
                    52:19:61:71:f5:d7:f7:57:c6:ed:5b:0f:eb:d4:2d:
                    da:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:59:9A:59:A5:8A:E9:99:49:7F:8F:CE:93:3C:E8:44:12:A1:90:F0
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/KFmaWaWK6ZlJf4_OkzzoRBKhkPA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.253.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:85:21:4f:d5:3e:48:2c:85:64:a1:40:91:5d:7a:44:74:ed:
         70:f9:d2:01:3c:c3:b7:53:2d:f3:b0:ca:0e:71:c0:45:08:bb:
         33:c8:2f:7f:19:12:04:b6:a9:d1:9f:5e:ac:eb:34:64:50:96:
         0d:d6:00:92:44:ce:7e:5f:8f:87:b6:fa:72:37:e1:50:b9:8f:
         f0:f6:39:3d:dd:2f:0d:e3:29:d2:ea:f6:4d:f6:19:3b:e4:7e:
         ab:7e:02:13:cc:86:cc:c2:9e:59:8f:85:cf:94:84:58:f1:49:
         1f:46:3b:3e:87:ef:84:4a:ac:90:8b:35:cd:94:33:9d:c3:e5:
         31:e4:b3:db:23:3b:2d:85:81:85:f6:15:9d:6d:49:9d:1f:12:
         09:eb:76:4f:a0:d5:24:6e:f5:e5:a3:80:55:73:d7:97:42:b4:
         44:d6:f9:ec:5d:2e:de:ef:37:35:b7:4b:df:00:94:e7:5c:f1:
         27:2b:70:5d:ce:92:71:0b:3b:37:5a:70:e1:a6:09:8e:23:eb:
         b4:58:ec:18:aa:ef:1b:15:43:a7:d4:da:14:f5:14:fd:1f:55:
         85:21:b9:bd:f2:f7:f0:09:0f:9c:0a:1a:57:82:b3:80:b0:3c:
         c2:4f:eb:88:81:87:32:72:43:86:ea:47:20:22:d6:73:02:0d:
         e2:95:c4:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgFZa4JcF3G63yLq8uXUK4WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwNTEwMTEyMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODU5OWE1OWE1OGFlOTk5NDk3ZjhmY2U5MzNjZTg0NDEyYTE5MGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtljz0mEefErtlWzv7IRcdTtu0JVk
j1AP5MWOQXZ4B9wl3syCwmOtbwB/m4jDe+sf8h6XnrhgwB7H0iOFmUgGffKygxvl
lhoEvvOsROleiIbmC/VBNUpqI7mJdjrC5pO3oh+I77bQogGrAn4mDMwKZHp15ZKg
mftWwx35NHpY0F+cTFRx8fJv6t150GQFOsuh5spN12MLDmQuIzOGuk5m37YmNsmo
K3pocGcFjfZzHV5HtuuSklOZkl1cCDc08dodg/uhUZwMQVWfsv4CBUV8TZ9wchv9
52jBT1nuoXGIwkqdDEfzFX59KYXoI5eqB7BSGWFx9df3V8btWw/r1C3apQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFChZmlmliumZSX+PzpM86EQSoZDwMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvS0ZtYVdhV0s2WmxKZjRfT2t6em9SQktoa1BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsv03MA0G
CSqGSIb3DQEBCwUAA4IBAQAthSFP1T5ILIVkoUCRXXpEdO1w+dIBPMO3Uy3zsMoO
ccBFCLszyC9/GRIEtqnRn16s6zRkUJYN1gCSRM5+X4+HtvpyN+FQuY/w9jk93S8N
4ynS6vZN9hk75H6rfgITzIbMwp5Zj4XPlIRY8UkfRjs+h++ESqyQizXNlDOdw+Ux
5LPbIzsthYGF9hWdbUmdHxIJ63ZPoNUkbvXlo4BVc9eXQrRE1vnsXS7e7zc1t0vf
AJTnXPEnK3BdzpJxCzs3WnDhpgmOI+u0WOwYqu8bFUOn1NoU9RT9H1WFIbm98vfw
CQ+cChpXgrOAsDzCT+uIgYcyckOG6kcgItZzAg3ilcQ2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:09 2024 by rpki-client on console-fra.rpki-client.org