Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/b0668b-6ec2-4db4-a957-af7382395e00/1/kUoO0ts7lykugJja6aa7QqCX6YI.roa
File:                     kUoO0ts7lykugJja6aa7QqCX6YI.roa (raw, json)
Hash identifier:          Zn2uBURXzbMBdX+Rdn3AX85KsmgLeNBWshJ3RGZRP18=
Subject key identifier:   91:4A:0E:D2:DB:3B:97:29:2E:80:98:DA:E9:A6:BB:42:A0:97:E9:82
Certificate issuer:       /CN=11d9d7975b8cda9232a4247cc9de9a6dfdbc6069
Certificate serial:       01856C413B17C1D0EB5CDA05BE7D039D3684
Authority key identifier: 11:D9:D7:97:5B:8C:DA:92:32:A4:24:7C:C9:DE:9A:6D:FD:BC:60:69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EdnXl1uM2pIypCR8yd6abf28YGk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/b0668b-6ec2-4db4-a957-af7382395e00/1/kUoO0ts7lykugJja6aa7QqCX6YI.roa
Signing time:             Sun 01 Jan 2023 07:34:52 +0000
ROA not before:           Sun 01 Jan 2023 07:34:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34241
IP address blocks:        188.190.116.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:31:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:41:3b:17:c1:d0:eb:5c:da:05:be:7d:03:9d:36:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11d9d7975b8cda9232a4247cc9de9a6dfdbc6069
        Validity
            Not Before: Jan  1 07:34:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=914a0ed2db3b97292e8098dae9a6bb42a097e982
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:0f:2e:d7:f4:2f:88:8b:74:fe:40:db:ee:c3:
                    2a:d0:44:83:11:3a:e6:b9:3f:3c:a4:ca:67:85:88:
                    98:b8:34:3f:3a:3f:db:51:b8:e6:bc:04:3d:98:20:
                    0b:fb:e8:d7:f2:44:3b:b3:a2:98:e8:f7:c9:6c:85:
                    52:00:b3:1c:f3:57:52:8f:fd:1c:09:84:15:6c:63:
                    41:21:2d:95:83:18:41:f5:76:e9:3f:77:52:e4:33:
                    b1:af:fa:3a:0f:6c:9c:42:27:8e:5c:97:88:c1:12:
                    91:13:c5:e0:58:bb:10:45:e7:82:97:1b:a7:15:3f:
                    70:e4:60:1b:36:04:e1:f3:1f:58:d5:21:95:62:67:
                    23:a0:7e:d0:63:9c:22:53:f7:f0:03:fd:62:1e:74:
                    28:22:b5:d0:4b:53:97:38:0f:5f:9e:b8:5c:d7:e3:
                    a9:4a:9b:8d:d0:f8:c6:59:1b:de:2a:1f:8d:12:5e:
                    6f:da:e6:bf:fd:2b:ab:89:da:14:54:5f:2d:0f:5a:
                    99:25:1e:3f:7a:b0:16:0a:e0:d3:24:0c:46:09:54:
                    5c:54:9d:09:16:4c:04:2d:c0:09:a9:4e:a2:10:44:
                    38:ba:52:3c:04:16:7c:bf:a9:3e:79:93:f7:c7:c2:
                    7c:1d:d3:45:1b:55:e7:46:5c:10:26:99:5f:67:d4:
                    c0:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:4A:0E:D2:DB:3B:97:29:2E:80:98:DA:E9:A6:BB:42:A0:97:E9:82
            X509v3 Authority Key Identifier:
                keyid:11:D9:D7:97:5B:8C:DA:92:32:A4:24:7C:C9:DE:9A:6D:FD:BC:60:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EdnXl1uM2pIypCR8yd6abf28YGk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b0668b-6ec2-4db4-a957-af7382395e00/1/kUoO0ts7lykugJja6aa7QqCX6YI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b0668b-6ec2-4db4-a957-af7382395e00/1/EdnXl1uM2pIypCR8yd6abf28YGk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.190.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         46:cb:bb:e1:9b:f4:f0:c1:ff:37:b7:8a:4c:10:3d:20:2d:d1:
         e2:00:b1:2d:19:1e:53:83:77:b0:b7:30:fb:99:75:c6:33:d7:
         42:38:1e:14:b2:2f:40:69:a8:b5:26:2b:94:65:c0:7a:ef:78:
         0f:e4:5c:a0:9a:5c:6c:98:41:46:21:aa:68:21:04:5a:80:73:
         73:d0:c6:e0:f6:93:75:af:cc:4a:b0:e3:cb:43:46:79:b4:0f:
         29:81:d0:20:c9:b6:ee:1f:f5:20:95:d5:6c:11:f6:19:71:22:
         ff:31:32:7d:65:87:46:a0:8d:7c:30:fd:95:51:0b:87:87:bb:
         da:da:e7:bc:a7:fa:33:58:29:70:fa:b1:a4:07:13:b5:81:1c:
         b4:91:bd:ee:46:e0:95:a9:fd:dc:b5:c7:7b:80:cd:11:75:ad:
         e9:c9:ec:12:16:8d:01:d3:5f:87:b1:a7:5c:ec:84:87:e3:1c:
         7b:e1:d5:13:fe:b2:cf:88:a7:ff:ad:7d:8e:a6:d9:ba:1f:9f:
         1a:3a:95:5c:5a:78:52:c7:f7:e6:34:d8:27:3b:f8:7f:63:8d:
         92:c6:95:aa:1e:6a:8b:ba:fd:5d:de:e8:92:e2:a1:7c:e2:28:
         0f:c1:a7:7f:10:c9:e7:45:48:c5:e6:59:0e:82:95:69:e5:81:
         67:4f:b9:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsQTsXwdDrXNoFvn0DnTaEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZDlkNzk3NWI4Y2RhOTIzMmE0MjQ3Y2M5ZGU5YTZkZmRi
YzYwNjkwHhcNMjMwMTAxMDczNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTRhMGVkMmRiM2I5NzI5MmU4MDk4ZGFlOWE2YmI0MmEwOTdlOTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQ8u1/QviIt0/kDb7sMq0ESDETrm
uT88pMpnhYiYuDQ/Oj/bUbjmvAQ9mCAL++jX8kQ7s6KY6PfJbIVSALMc81dSj/0c
CYQVbGNBIS2VgxhB9XbpP3dS5DOxr/o6D2ycQieOXJeIwRKRE8XgWLsQReeClxun
FT9w5GAbNgTh8x9Y1SGVYmcjoH7QY5wiU/fwA/1iHnQoIrXQS1OXOA9fnrhc1+Op
SpuN0PjGWRveKh+NEl5v2ua//SuridoUVF8tD1qZJR4/erAWCuDTJAxGCVRcVJ0J
FkwELcAJqU6iEEQ4ulI8BBZ8v6k+eZP3x8J8HdNFG1XnRlwQJplfZ9TAmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJFKDtLbO5cpLoCY2ummu0Kgl+mCMB8GA1UdIwQY
MBaAFBHZ15dbjNqSMqQkfMnemm39vGBpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWRuWGwxdU0ycEl5cENSOHlkNmFiZjI4WUdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iMDY2OGItNmVjMi00ZGI0LWE5NTct
YWY3MzgyMzk1ZTAwLzEva1VvTzB0czdseWt1Z0pqYTZhYTdRcUNYNllJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iMDY2OGItNmVjMi00ZGI0LWE5NTctYWY3MzgyMzk1ZTAw
LzEvRWRuWGwxdU0ycEl5cENSOHlkNmFiZjI4WUdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvL50MA0G
CSqGSIb3DQEBCwUAA4IBAQBGy7vhm/Twwf83t4pMED0gLdHiALEtGR5Tg3ewtzD7
mXXGM9dCOB4Usi9Aaai1JiuUZcB673gP5FygmlxsmEFGIapoIQRagHNz0Mbg9pN1
r8xKsOPLQ0Z5tA8pgdAgybbuH/UgldVsEfYZcSL/MTJ9ZYdGoI18MP2VUQuHh7va
2ue8p/ozWClw+rGkBxO1gRy0kb3uRuCVqf3ctcd7gM0Rda3pyewSFo0B01+Hsadc
7ISH4xx74dUT/rLPiKf/rX2Optm6H58aOpVcWnhSx/fmNNgnO/h/Y42SxpWqHmqL
uv1d3uiS4qF84igPwad/EMnnRUjF5lkOgpVp5YFnT7kw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:14 2024 by rpki-client on console-fra.rpki-client.org