Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/3b54d2-783d-4d5b-891a-29262790409d/1/KIWMwKxxgnL1pYpuearJU6jeQwo.roa
File:                     KIWMwKxxgnL1pYpuearJU6jeQwo.roa (raw, json)
Hash identifier:          67Uyc/huAKbt5UVv/2+cC6+xmspNnrwpxo7yHuNWIG0=
Subject key identifier:   28:85:8C:C0:AC:71:82:72:F5:A5:8A:6E:79:AA:C9:53:A8:DE:43:0A
Certificate issuer:       /CN=67800aba40639bf38d1eb6c9157b994f19323b13
Certificate serial:       01856D2F30C867D14782A6EEE5FE426BA4F8
Authority key identifier: 67:80:0A:BA:40:63:9B:F3:8D:1E:B6:C9:15:7B:99:4F:19:32:3B:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z4AKukBjm_ONHrbJFXuZTxkyOxM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/3b54d2-783d-4d5b-891a-29262790409d/1/KIWMwKxxgnL1pYpuearJU6jeQwo.roa
Signing time:             Sun 01 Jan 2023 11:54:47 +0000
ROA not before:           Sun 01 Jan 2023 11:54:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49941
IP address blocks:        176.119.193.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:2f:30:c8:67:d1:47:82:a6:ee:e5:fe:42:6b:a4:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67800aba40639bf38d1eb6c9157b994f19323b13
        Validity
            Not Before: Jan  1 11:54:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=28858cc0ac718272f5a58a6e79aac953a8de430a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:05:1c:68:75:f8:d2:15:6d:c7:70:83:70:04:
                    46:3d:d2:ec:24:ca:84:61:84:e0:fe:cf:aa:5d:86:
                    6e:81:d1:ac:23:0f:05:20:9e:7c:a8:05:63:e1:b1:
                    99:b5:9f:26:12:ce:78:b3:90:b1:c2:2d:34:b4:9c:
                    70:85:a4:a4:38:0c:32:8a:10:6b:78:07:3c:e6:9a:
                    72:8b:b9:91:c2:e9:87:a0:42:73:91:90:c1:7d:47:
                    3e:91:72:8e:01:ba:ea:b8:e9:8e:dd:6b:f1:2e:8a:
                    89:a7:e2:4e:fb:9a:57:7a:b9:0f:a9:1b:7e:74:08:
                    ba:86:92:dc:7b:ee:e7:fd:32:a7:27:9c:6b:9f:d6:
                    d1:86:08:0c:ca:57:0e:33:8c:19:b1:fc:e9:17:21:
                    54:c7:a3:bb:2b:b2:3e:5c:f8:54:e9:f7:ae:88:84:
                    0d:16:a8:9b:92:59:a1:51:8e:44:86:9a:f7:32:08:
                    86:2a:c6:4d:45:52:92:c6:74:a1:28:10:d1:bd:15:
                    85:3b:84:2a:3e:0c:66:75:20:ab:9d:0d:1e:b3:8b:
                    8a:0c:02:be:f1:ca:0d:3f:59:83:ea:c6:18:87:a0:
                    a8:1f:8d:37:7e:4c:01:fa:6b:a2:6d:b0:18:86:1a:
                    cf:97:34:70:ad:49:e5:2a:d8:a9:20:cf:bf:17:6b:
                    9d:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:85:8C:C0:AC:71:82:72:F5:A5:8A:6E:79:AA:C9:53:A8:DE:43:0A
            X509v3 Authority Key Identifier:
                keyid:67:80:0A:BA:40:63:9B:F3:8D:1E:B6:C9:15:7B:99:4F:19:32:3B:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z4AKukBjm_ONHrbJFXuZTxkyOxM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/3b54d2-783d-4d5b-891a-29262790409d/1/KIWMwKxxgnL1pYpuearJU6jeQwo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/3b54d2-783d-4d5b-891a-29262790409d/1/Z4AKukBjm_ONHrbJFXuZTxkyOxM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.119.193.0/24

    Signature Algorithm: sha256WithRSAEncryption
         e0:34:6f:a6:5c:10:40:5b:48:7d:c9:68:81:de:e4:51:1d:db:
         26:1b:bb:c9:8b:78:af:20:07:fc:70:44:65:86:ef:6b:77:6a:
         32:b5:13:a9:1d:49:64:6c:79:b7:83:68:ac:d2:3f:82:f4:73:
         e0:00:c0:17:41:3a:e3:d0:40:1f:3d:83:de:27:3c:3c:d2:04:
         52:0b:54:00:7a:44:89:61:96:d4:4d:91:2a:9b:da:06:89:67:
         4a:79:30:ba:21:28:b3:c5:57:c5:bf:13:aa:bb:4a:a0:e6:0d:
         4c:e5:fa:9b:07:09:a9:ff:44:b4:3f:56:90:21:24:d3:85:3e:
         2b:21:a6:20:6f:fa:10:cf:5c:10:25:92:4e:97:bc:44:74:ca:
         4b:86:0f:81:d3:52:6f:4d:22:63:48:d6:69:18:09:09:e9:47:
         d7:0a:49:a3:58:68:a3:9a:3a:54:70:99:7a:1c:ce:7a:e2:44:
         ac:53:3b:e8:ef:d0:0d:43:48:ff:35:dd:6c:d7:fd:71:c4:2e:
         a8:ae:c9:a2:02:21:82:93:82:53:d3:f2:fa:39:2a:5b:d3:be:
         5c:08:7c:fb:b4:7b:5b:4a:33:7e:0b:9e:af:57:43:da:c6:b6:
         23:2a:c8:ef:8d:4a:14:dd:91:ad:93:22:ab:a7:50:d8:16:56:
         07:9d:55:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtLzDIZ9FHgqbu5f5Ca6T4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ODAwYWJhNDA2MzliZjM4ZDFlYjZjOTE1N2I5OTRmMTkz
MjNiMTMwHhcNMjMwMTAxMTE1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODg1OGNjMGFjNzE4MjcyZjVhNThhNmU3OWFhYzk1M2E4ZGU0MzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAUcaHX40hVtx3CDcARGPdLsJMqE
YYTg/s+qXYZugdGsIw8FIJ58qAVj4bGZtZ8mEs54s5Cxwi00tJxwhaSkOAwyihBr
eAc85ppyi7mRwumHoEJzkZDBfUc+kXKOAbrquOmO3WvxLoqJp+JO+5pXerkPqRt+
dAi6hpLce+7n/TKnJ5xrn9bRhggMylcOM4wZsfzpFyFUx6O7K7I+XPhU6feuiIQN
FqibklmhUY5Ehpr3MgiGKsZNRVKSxnShKBDRvRWFO4QqPgxmdSCrnQ0es4uKDAK+
8coNP1mD6sYYh6CoH403fkwB+muibbAYhhrPlzRwrUnlKtipIM+/F2udtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCiFjMCscYJy9aWKbnmqyVOo3kMKMB8GA1UdIwQY
MBaAFGeACrpAY5vzjR62yRV7mU8ZMjsTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjRBS3VrQmptX09OSHJiSkZYdVpUeGt5T3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8zYjU0ZDItNzgzZC00ZDViLTg5MWEt
MjkyNjI3OTA0MDlkLzEvS0lXTXdLeHhnbkwxcFlwdWVhckpVNmplUXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8zYjU0ZDItNzgzZC00ZDViLTg5MWEtMjkyNjI3OTA0MDlk
LzEvWjRBS3VrQmptX09OSHJiSkZYdVpUeGt5T3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHfBMA0G
CSqGSIb3DQEBCwUAA4IBAQDgNG+mXBBAW0h9yWiB3uRRHdsmG7vJi3ivIAf8cERl
hu9rd2oytROpHUlkbHm3g2is0j+C9HPgAMAXQTrj0EAfPYPeJzw80gRSC1QAekSJ
YZbUTZEqm9oGiWdKeTC6ISizxVfFvxOqu0qg5g1M5fqbBwmp/0S0P1aQISTThT4r
IaYgb/oQz1wQJZJOl7xEdMpLhg+B01JvTSJjSNZpGAkJ6UfXCkmjWGijmjpUcJl6
HM564kSsUzvo79ANQ0j/Nd1s1/1xxC6orsmiAiGCk4JT0/L6OSpb075cCHz7tHtb
SjN+C56vV0PaxrYjKsjvjUoU3ZGtkyKrp1DYFlYHnVVN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:16 2024 by rpki-client on console-fra.rpki-client.org