Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/d52e84-eb84-45c2-b6c5-51c1faa4718f/1/KKD3Bp4FrxSQ_Gjl3_mJ0jNurr4.roa
File:                     KKD3Bp4FrxSQ_Gjl3_mJ0jNurr4.roa (raw, json)
Hash identifier:          eyHYyTEObaiYp6zPMOJ+IwKaSUgGLy4obT8zevnA1UA=
Subject key identifier:   28:A0:F7:06:9E:05:AF:14:90:FC:68:E5:DF:F9:89:D2:33:6E:AE:BE
Certificate issuer:       /CN=d1bbf3680cdae6c267a98d03d08f6b23d0ed1d46
Certificate serial:       01856E0B1E8224C5F2397466D3DB30C4F445
Authority key identifier: D1:BB:F3:68:0C:DA:E6:C2:67:A9:8D:03:D0:8F:6B:23:D0:ED:1D:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0bvzaAza5sJnqY0D0I9rI9DtHUY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/d52e84-eb84-45c2-b6c5-51c1faa4718f/1/KKD3Bp4FrxSQ_Gjl3_mJ0jNurr4.roa
Signing time:             Sun 01 Jan 2023 15:55:00 +0000
ROA not before:           Sun 01 Jan 2023 15:55:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209714
IP address blocks:        193.168.154.0/24 maxlen: 24
                          193.168.155.0/24 maxlen: 24
                          193.168.153.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 09 May 2023 08:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:0b:1e:82:24:c5:f2:39:74:66:d3:db:30:c4:f4:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1bbf3680cdae6c267a98d03d08f6b23d0ed1d46
        Validity
            Not Before: Jan  1 15:55:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=28a0f7069e05af1490fc68e5dff989d2336eaebe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:66:ce:4b:5d:79:71:24:46:6b:3a:41:d3:13:
                    4e:01:2d:a4:65:c2:7d:f9:66:67:34:94:49:52:25:
                    a2:98:e5:b3:c6:15:51:ba:33:d1:e9:19:b7:b0:48:
                    76:cd:0a:93:39:28:2d:48:bf:a7:59:59:ba:ed:93:
                    6d:78:08:fe:fd:f2:4d:6c:a8:aa:77:01:2f:18:f6:
                    14:e4:75:26:10:69:e0:82:ec:d1:7e:c8:58:00:cf:
                    d7:26:38:ac:9e:01:ff:ae:ee:2a:12:be:77:8f:01:
                    9f:df:1b:71:4a:9f:7f:91:cb:f7:9a:48:bf:d7:92:
                    85:f8:ad:f2:32:f4:d6:96:2f:8d:66:0c:2e:e1:39:
                    27:b3:da:95:9e:f1:48:7f:14:f8:da:84:0e:dc:1e:
                    a9:ff:1c:8b:03:c3:74:11:14:2c:4b:84:fb:01:0f:
                    41:cf:d8:85:5f:bd:77:d2:7f:a2:6d:72:65:b1:b4:
                    6a:dc:57:48:93:a2:9b:8e:a3:10:36:63:b4:a1:85:
                    d9:24:ec:59:c5:14:a8:be:ff:e3:8c:16:6b:5b:c4:
                    e0:e4:9c:d1:e9:e9:1b:6f:02:f5:44:49:1a:68:b6:
                    de:ce:2b:59:30:88:bf:ab:5b:29:f4:e3:94:da:cb:
                    d7:96:2b:db:13:2a:03:73:d0:72:4a:b1:39:7a:48:
                    98:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:A0:F7:06:9E:05:AF:14:90:FC:68:E5:DF:F9:89:D2:33:6E:AE:BE
            X509v3 Authority Key Identifier:
                keyid:D1:BB:F3:68:0C:DA:E6:C2:67:A9:8D:03:D0:8F:6B:23:D0:ED:1D:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0bvzaAza5sJnqY0D0I9rI9DtHUY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/d52e84-eb84-45c2-b6c5-51c1faa4718f/1/KKD3Bp4FrxSQ_Gjl3_mJ0jNurr4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/d52e84-eb84-45c2-b6c5-51c1faa4718f/1/0bvzaAza5sJnqY0D0I9rI9DtHUY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.168.153.0-193.168.155.255

    Signature Algorithm: sha256WithRSAEncryption
         88:71:5d:b5:27:6d:1e:7e:04:2c:df:b4:bc:35:32:19:e7:b7:
         a3:af:3d:2b:3b:e8:66:cc:58:e6:48:e1:4a:81:ef:6d:0d:2a:
         02:d3:d4:de:58:a9:37:5c:e0:ab:40:df:5e:ab:88:21:c1:62:
         b9:92:0a:71:12:84:5b:be:16:2c:9b:19:fc:07:5e:06:4f:f9:
         3c:b2:60:3f:53:28:af:d7:17:4d:df:23:57:1c:67:60:22:4a:
         36:b9:1c:e7:85:0d:e1:cc:2a:67:4c:b6:9b:35:d0:e2:b3:8d:
         1b:fc:fb:19:28:0e:8a:f0:f6:ad:79:71:c0:f0:f3:9e:3d:37:
         5a:d9:14:e4:07:66:08:04:53:1f:5b:28:98:ab:b4:da:0a:48:
         d9:28:e3:72:4e:4a:58:1c:ef:04:90:d6:6f:53:a7:67:28:18:
         8f:d0:bb:58:4f:6d:61:10:4e:38:50:b3:1f:95:1b:71:87:21:
         34:90:9d:37:3e:a1:28:7c:df:d7:16:74:c8:87:5e:df:b8:22:
         f5:54:eb:b8:20:7f:d5:ab:44:a2:35:9c:db:0c:f6:ef:5e:98:
         72:cc:ef:04:bd:50:66:fa:7a:89:cb:47:8c:ee:f6:71:61:52:
         2e:cd:3a:f2:1e:57:1f:b3:bb:86:6a:f4:da:20:30:f1:82:50:
         5f:a3:56:06
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVuCx6CJMXyOXRm09swxPRFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxYmJmMzY4MGNkYWU2YzI2N2E5OGQwM2QwOGY2YjIzZDBl
ZDFkNDYwHhcNMjMwMTAxMTU1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGEwZjcwNjllMDVhZjE0OTBmYzY4ZTVkZmY5ODlkMjMzNmVhZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWbOS115cSRGazpB0xNOAS2kZcJ9
+WZnNJRJUiWimOWzxhVRujPR6Rm3sEh2zQqTOSgtSL+nWVm67ZNteAj+/fJNbKiq
dwEvGPYU5HUmEGngguzRfshYAM/XJjisngH/ru4qEr53jwGf3xtxSp9/kcv3mki/
15KF+K3yMvTWli+NZgwu4Tkns9qVnvFIfxT42oQO3B6p/xyLA8N0ERQsS4T7AQ9B
z9iFX7130n+ibXJlsbRq3FdIk6KbjqMQNmO0oYXZJOxZxRSovv/jjBZrW8Tg5JzR
6ekbbwL1REkaaLbezitZMIi/q1sp9OOU2svXlivbEyoDc9BySrE5ekiYbwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCig9waeBa8UkPxo5d/5idIzbq6+MB8GA1UdIwQY
MBaAFNG782gM2ubCZ6mNA9CPayPQ7R1GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGJ2emFBemE1c0pucVkwRDBJOXJJOUR0SFVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kNTJlODQtZWI4NC00NWMyLWI2YzUt
NTFjMWZhYTQ3MThmLzEvS0tEM0JwNEZyeFNRX0dqbDNfbUowak51cnI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kNTJlODQtZWI4NC00NWMyLWI2YzUtNTFjMWZhYTQ3MThm
LzEvMGJ2emFBemE1c0pucVkwRDBJOXJJOUR0SFVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADBqJkD
BALBqJgwDQYJKoZIhvcNAQELBQADggEBAIhxXbUnbR5+BCzftLw1Mhnnt6OvPSs7
6GbMWOZI4UqB720NKgLT1N5YqTdc4KtA316riCHBYrmSCnEShFu+FiybGfwHXgZP
+TyyYD9TKK/XF03fI1ccZ2AiSja5HOeFDeHMKmdMtps10OKzjRv8+xkoDorw9q15
ccDw8549N1rZFOQHZggEUx9bKJirtNoKSNko43JOSlgc7wSQ1m9Tp2coGI/Qu1hP
bWEQTjhQsx+VG3GHITSQnTc+oSh839cWdMiHXt+4IvVU67ggf9WrRKI1nNsM9u9e
mHLM7wS9UGb6eonLR4zu9nFhUi7NOvIeVx+zu4Zq9NogMPGCUF+jVgY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:59 2024 by rpki-client on console-ams.rpki-client.org