Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/KItQfrcBIPg835YejlvuRSycb4g.roa
File:                     KItQfrcBIPg835YejlvuRSycb4g.roa (raw, json)
Hash identifier:          B0TJWa/rMBGfKwl7Iher5pVDuH188hREFJuy+QWTUhY=
Subject key identifier:   28:8B:50:7E:B7:01:20:F8:3C:DF:96:1E:8E:5B:EE:45:2C:9C:6F:88
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       018BC7070F51DBFCB8EA45CFEB3B058215B1
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/KItQfrcBIPg835YejlvuRSycb4g.roa
Signing time:             Mon 13 Nov 2023 04:53:30 +0000
ROA not before:           Mon 13 Nov 2023 04:53:30 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60945
IP address blocks:        185.133.73.0/24 maxlen: 24
                          45.85.194.0/24 maxlen: 24
                          194.156.159.0/24 maxlen: 32
                          2a06:7a03::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:34:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:c7:07:0f:51:db:fc:b8:ea:45:cf:eb:3b:05:82:15:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Nov 13 04:53:30 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=288b507eb70120f83cdf961e8e5bee452c9c6f88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:e7:38:a6:93:93:3d:73:c2:46:48:5a:69:8a:
                    5d:9f:ab:9d:e0:36:68:09:f4:4c:b0:eb:48:32:e7:
                    ee:cb:8f:4e:b6:85:83:84:65:95:30:fc:00:9c:0a:
                    3e:cc:e6:a0:5a:54:b1:aa:0c:51:af:a0:6c:1a:41:
                    71:d4:5a:55:35:25:14:94:37:c7:3a:b4:25:6d:37:
                    1f:1d:a7:3e:79:7e:06:d8:92:f9:ab:19:95:a9:73:
                    0d:77:e1:3b:f3:59:ef:5f:ac:04:af:19:ed:23:0e:
                    e5:8d:c9:47:17:52:2d:62:74:27:18:2c:bf:e1:bf:
                    c5:e6:9d:68:ab:fc:1a:9d:28:e9:ef:cb:12:b8:d0:
                    51:1f:ba:43:44:64:19:e3:e7:b0:05:9e:6c:5b:b8:
                    af:19:81:38:68:7a:5d:e4:4e:fe:86:bc:48:5c:37:
                    5d:4f:9a:2e:40:34:df:30:04:b3:ed:14:3e:08:5a:
                    c6:11:09:74:ed:44:e5:bd:72:1b:42:99:ec:50:31:
                    e5:bf:9c:01:fc:5c:20:a5:47:bc:46:b0:4e:5b:d7:
                    d9:3e:fc:a7:f9:78:06:db:75:43:c5:77:e6:c1:d1:
                    a4:42:b3:1f:5c:35:bd:08:2c:1b:0d:cd:f3:2d:ca:
                    1a:fb:79:97:7a:a1:52:99:d2:a8:20:b2:e3:06:47:
                    ce:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:8B:50:7E:B7:01:20:F8:3C:DF:96:1E:8E:5B:EE:45:2C:9C:6F:88
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/KItQfrcBIPg835YejlvuRSycb4g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.85.194.0/24
                  185.133.73.0/24
                  194.156.159.0/24
                IPv6:
                  2a06:7a03::/48

    Signature Algorithm: sha256WithRSAEncryption
         50:e1:4b:82:26:db:9b:87:1e:75:09:9b:85:cf:36:98:0f:35:
         b9:92:ac:69:1b:9c:fe:e2:34:27:99:be:e3:fe:8c:04:ca:33:
         bf:1f:df:f5:5f:bf:a8:6c:b2:59:ac:4d:97:47:3c:b2:28:f1:
         08:c6:9c:9a:e0:80:d1:90:75:78:df:b7:71:2b:27:88:d0:50:
         91:8b:a1:b8:19:53:12:07:cf:e3:2e:a1:76:ad:4d:89:84:67:
         c7:d9:e1:7f:3c:da:02:71:a5:47:61:9e:2e:eb:70:ae:11:dc:
         cf:b6:23:8b:72:a8:b5:9c:64:4f:dd:58:a6:0c:22:82:d2:f1:
         46:3c:74:fc:bb:5a:0d:cb:0d:09:e4:bf:7a:4a:15:9f:4a:60:
         ee:3a:00:2a:29:c9:8f:0c:71:94:cb:69:a4:42:11:32:25:2a:
         be:42:51:e4:70:65:27:43:33:de:5e:ca:a6:33:81:fc:0f:73:
         44:d1:92:a6:bd:fa:3e:f7:c4:87:dd:a1:51:ba:63:84:e2:13:
         df:6e:a4:c2:e6:a3:59:5e:e1:e9:e1:4d:25:38:13:03:a8:8a:
         93:a4:e4:a6:91:0e:21:17:2d:fd:c1:f8:5a:c2:49:2f:30:7a:
         e3:06:8e:19:9e:c6:3f:8d:d5:b0:9f:68:e7:fe:95:07:05:be:
         71:7b:ba:c5
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYvHBw9R2/y46kXP6zsFghWxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMxMTEzMDQ1MzMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODhiNTA3ZWI3MDEyMGY4M2NkZjk2MWU4ZTViZWU0NTJjOWM2Zjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArec4ppOTPXPCRkhaaYpdn6ud4DZo
CfRMsOtIMufuy49OtoWDhGWVMPwAnAo+zOagWlSxqgxRr6BsGkFx1FpVNSUUlDfH
OrQlbTcfHac+eX4G2JL5qxmVqXMNd+E781nvX6wErxntIw7ljclHF1ItYnQnGCy/
4b/F5p1oq/wanSjp78sSuNBRH7pDRGQZ4+ewBZ5sW7ivGYE4aHpd5E7+hrxIXDdd
T5ouQDTfMASz7RQ+CFrGEQl07UTlvXIbQpnsUDHlv5wB/FwgpUe8RrBOW9fZPvyn
+XgG23VDxXfmwdGkQrMfXDW9CCwbDc3zLcoa+3mXeqFSmdKoILLjBkfOtwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFCiLUH63ASD4PN+WHo5b7kUsnG+IMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvS0l0UWZyY0JJUGc4MzVZZWpsdnVSU3ljYjRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQALVXCAwQA
uYVJAwQAwpyfMA8EAgACMAkDBwAqBnoDAAAwDQYJKoZIhvcNAQELBQADggEBAFDh
S4Im25uHHnUJm4XPNpgPNbmSrGkbnP7iNCeZvuP+jATKM78f3/Vfv6hsslmsTZdH
PLIo8QjGnJrggNGQdXjft3ErJ4jQUJGLobgZUxIHz+MuoXatTYmEZ8fZ4X882gJx
pUdhni7rcK4R3M+2I4tyqLWcZE/dWKYMIoLS8UY8dPy7Wg3LDQnkv3pKFZ9KYO46
ACopyY8McZTLaaRCETIlKr5CUeRwZSdDM95eyqYzgfwPc0TRkqa9+j73xIfdoVG6
Y4TiE99upMLmo1le4enhTSU4EwOoipOk5KaRDiEXLf3B+FrCSS8weuMGjhmexj+N
1bCfaOf+lQcFvnF7usU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org