Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/e03e0f-f3a6-4c55-addd-241665f49d25/1/KNzuQKUuNbTUWHSLPz872_7FDMQ.roa
File:                     KNzuQKUuNbTUWHSLPz872_7FDMQ.roa (raw, json)
Hash identifier:          GuLyboQF4Arz7pHuaySaTzbIYAw+x24Db8EyELGl+wc=
Subject key identifier:   28:DC:EE:40:A5:2E:35:B4:D4:58:74:8B:3F:3F:3B:DB:FE:C5:0C:C4
Certificate issuer:       /CN=56b4bfcd0164ad7c6688af22246c82e1995dd351
Certificate serial:       018CB54C7DD8919686D2FE672B4E0D535BB7
Authority key identifier: 56:B4:BF:CD:01:64:AD:7C:66:88:AF:22:24:6C:82:E1:99:5D:D3:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VrS_zQFkrXxmiK8iJGyC4Zld01E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/e03e0f-f3a6-4c55-addd-241665f49d25/1/KNzuQKUuNbTUWHSLPz872_7FDMQ.roa
Signing time:             Fri 29 Dec 2023 11:18:58 +0000
ROA not before:           Fri 29 Dec 2023 11:18:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15694
IP address blocks:        185.123.124.0/23 maxlen: 23
                          185.123.126.0/23 maxlen: 23
                          2a06:af00::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:b5:4c:7d:d8:91:96:86:d2:fe:67:2b:4e:0d:53:5b:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56b4bfcd0164ad7c6688af22246c82e1995dd351
        Validity
            Not Before: Dec 29 11:18:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=28dcee40a52e35b4d458748b3f3f3bdbfec50cc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:c9:4f:ab:b6:2f:85:47:ad:7b:f0:d1:12:02:
                    8a:47:e2:11:6b:3c:90:22:b6:bd:db:53:93:2b:72:
                    05:7c:85:be:ff:ef:3b:bb:de:ce:75:cf:f3:40:c0:
                    9f:fc:21:d3:95:ca:a9:5c:be:05:04:ae:29:4f:1d:
                    92:32:a2:92:ea:bf:de:8c:37:f2:95:ae:1b:0a:55:
                    cf:88:b6:61:e0:3e:91:20:ea:44:ab:eb:04:6a:93:
                    fa:da:b9:c7:ac:57:c9:2c:66:76:ff:ad:6e:7d:84:
                    94:24:26:a5:d6:33:94:88:e1:17:dd:b5:d1:13:94:
                    04:b1:8d:d3:13:4f:83:17:27:a6:98:28:8c:a3:41:
                    08:90:ad:17:7f:b4:82:d8:bd:a0:94:20:0a:47:a5:
                    6d:c4:0b:f3:55:97:8b:18:11:cc:f7:fb:1c:d3:de:
                    e4:03:60:b8:c5:47:a6:95:eb:5e:f4:88:48:b2:dc:
                    9c:b8:04:c8:17:bf:a2:14:40:4c:fb:f4:d2:69:a0:
                    6c:5a:1b:48:ba:91:b1:81:24:97:40:79:82:4b:75:
                    05:ce:86:be:fb:9e:cd:b8:e6:e5:d2:e7:b8:71:42:
                    96:1a:a2:f1:0a:19:27:8d:6c:ca:6b:9d:7d:7d:5b:
                    16:0b:5c:a0:9a:1c:4c:74:09:4d:17:8c:7f:d5:34:
                    c4:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:DC:EE:40:A5:2E:35:B4:D4:58:74:8B:3F:3F:3B:DB:FE:C5:0C:C4
            X509v3 Authority Key Identifier:
                keyid:56:B4:BF:CD:01:64:AD:7C:66:88:AF:22:24:6C:82:E1:99:5D:D3:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrS_zQFkrXxmiK8iJGyC4Zld01E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/e03e0f-f3a6-4c55-addd-241665f49d25/1/KNzuQKUuNbTUWHSLPz872_7FDMQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/e03e0f-f3a6-4c55-addd-241665f49d25/1/VrS_zQFkrXxmiK8iJGyC4Zld01E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.123.124.0/22
                IPv6:
                  2a06:af00::/29

    Signature Algorithm: sha256WithRSAEncryption
         79:10:40:bf:52:6c:dd:36:6b:80:1e:92:65:d4:68:78:f6:fc:
         a6:cb:3f:cb:b8:ce:aa:86:c0:00:08:f8:19:ef:02:db:57:97:
         33:32:15:7b:7f:fb:4b:53:32:2f:ed:20:97:f4:2f:2d:77:a5:
         a7:9e:27:96:af:c5:bc:4d:1d:52:a6:ce:57:c6:b8:ea:00:18:
         11:0d:67:73:54:74:a6:4f:7d:7c:d6:02:22:96:c3:70:f5:8b:
         57:5b:16:14:d1:e8:07:c0:dc:20:50:86:0c:a7:10:7c:8d:b8:
         fc:dd:80:49:b4:9c:dc:38:6e:36:c2:32:f6:96:1a:85:d5:4a:
         c2:a7:92:f1:5f:06:52:c0:53:35:3f:eb:83:49:59:2b:57:27:
         1f:34:15:3e:48:26:c7:7f:66:18:63:72:7c:68:5b:ef:05:61:
         27:7d:ce:78:44:cc:20:1a:2e:bc:8d:72:54:d7:7f:8e:09:08:
         5e:51:6b:bb:ed:e9:04:78:52:60:d4:8b:4f:20:0f:bb:0e:d7:
         fd:fa:79:43:ac:79:f7:fe:9d:22:b0:3f:a3:1b:b9:a0:98:b0:
         68:d9:8d:2d:0d:61:e0:fc:8d:ab:9e:68:b6:82:97:51:63:9f:
         b5:d9:b1:b1:47:41:bb:88:1b:66:e0:c5:c9:3c:1e:4c:37:0c:
         f7:8c:72:db
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYy1TH3YkZaG0v5nK04NU1u3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YjRiZmNkMDE2NGFkN2M2Njg4YWYyMjI0NmM4MmUxOTk1
ZGQzNTEwHhcNMjMxMjI5MTExODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGRjZWU0MGE1MmUzNWI0ZDQ1ODc0OGIzZjNmM2JkYmZlYzUwY2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8lPq7YvhUete/DREgKKR+IRazyQ
Ira921OTK3IFfIW+/+87u97Odc/zQMCf/CHTlcqpXL4FBK4pTx2SMqKS6r/ejDfy
la4bClXPiLZh4D6RIOpEq+sEapP62rnHrFfJLGZ2/61ufYSUJCal1jOUiOEX3bXR
E5QEsY3TE0+DFyemmCiMo0EIkK0Xf7SC2L2glCAKR6VtxAvzVZeLGBHM9/sc097k
A2C4xUemlete9IhIstycuATIF7+iFEBM+/TSaaBsWhtIupGxgSSXQHmCS3UFzoa+
+57NuObl0ue4cUKWGqLxChknjWzKa519fVsWC1ygmhxMdAlNF4x/1TTEEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCjc7kClLjW01Fh0iz8/O9v+xQzEMB8GA1UdIwQY
MBaAFFa0v80BZK18ZoivIiRsguGZXdNRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJTX3pRRmtyWHhtaUs4aUpHeUM0WmxkMDFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9lMDNlMGYtZjNhNi00YzU1LWFkZGQt
MjQxNjY1ZjQ5ZDI1LzEvS056dVFLVXVOYlRVV0hTTFB6ODcyXzdGRE1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9lMDNlMGYtZjNhNi00YzU1LWFkZGQtMjQxNjY1ZjQ5ZDI1
LzEvVnJTX3pRRmtyWHhtaUs4aUpHeUM0WmxkMDFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXt8MA0E
AgACMAcDBQMqBq8AMA0GCSqGSIb3DQEBCwUAA4IBAQB5EEC/UmzdNmuAHpJl1Gh4
9vymyz/LuM6qhsAACPgZ7wLbV5czMhV7f/tLUzIv7SCX9C8td6WnnieWr8W8TR1S
ps5XxrjqABgRDWdzVHSmT3181gIilsNw9YtXWxYU0egHwNwgUIYMpxB8jbj83YBJ
tJzcOG42wjL2lhqF1UrCp5LxXwZSwFM1P+uDSVkrVycfNBU+SCbHf2YYY3J8aFvv
BWEnfc54RMwgGi68jXJU13+OCQheUWu77ekEeFJg1ItPIA+7Dtf9+nlDrHn3/p0i
sD+jG7mgmLBo2Y0tDWHg/I2rnmi2gpdRY5+12bGxR0G7iBtm4MXJPB5MNwz3jHLb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:38 2024 by rpki-client on console-fra.rpki-client.org