Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/KdO6GzOl0xyTK7jtoBeHxkMhsQw.roa
File:                     KdO6GzOl0xyTK7jtoBeHxkMhsQw.roa (raw, json)
Hash identifier:          ExD0lJ+UoPqSLc3ABOzHcmJEQYMNRpRUrySqiCtgzAI=
Subject key identifier:   29:D3:BA:1B:33:A5:D3:1C:93:2B:B8:ED:A0:17:87:C6:43:21:B1:0C
Certificate issuer:       /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial:       018A3E88ADB6D1526FE4A8853838B887B37B
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/KdO6GzOl0xyTK7jtoBeHxkMhsQw.roa
Signing time:             Mon 28 Aug 2023 23:44:19 +0000
ROA not before:           Mon 28 Aug 2023 23:44:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5065
IP address blocks:        188.214.232.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 02 Oct 2023 13:02:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:3e:88:ad:b6:d1:52:6f:e4:a8:85:38:38:b8:87:b3:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
        Validity
            Not Before: Aug 28 23:44:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=29d3ba1b33a5d31c932bb8eda01787c64321b10c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:e6:c1:1a:86:2d:4a:28:4f:d8:e5:a6:e6:0e:
                    56:64:19:05:e7:8d:3a:09:4a:ac:2d:53:08:19:a7:
                    81:1c:0f:c3:67:52:92:fc:dc:5b:62:f4:db:b7:36:
                    79:c7:01:be:ac:58:7f:b6:ef:74:4c:19:88:fb:2c:
                    7c:e4:f3:06:52:b9:2c:09:51:51:6f:2a:9b:79:20:
                    4b:64:a0:28:f1:08:ff:66:d3:eb:27:91:8d:22:34:
                    92:92:6f:a7:4d:ef:85:bd:1a:da:90:4d:70:27:20:
                    4b:44:43:99:ad:ce:c0:07:e1:46:14:d1:74:fa:2f:
                    84:8d:fa:d2:6c:8d:e1:eb:10:5c:bb:93:1e:05:b9:
                    d2:41:50:0f:7e:15:0e:e1:45:60:85:53:f7:34:ae:
                    79:65:16:fe:d8:9b:3c:3b:b6:f2:9b:30:50:b0:94:
                    04:29:93:62:3b:cf:e3:ad:2f:f2:ef:b4:ad:f8:72:
                    1a:66:c2:c8:41:5f:5e:1f:96:04:f0:df:7c:5e:fb:
                    18:fd:8e:65:ed:c9:af:21:42:60:0d:e4:50:cd:b9:
                    22:91:b6:c5:4d:0c:1a:ca:f9:15:c8:f6:fb:b8:da:
                    9e:e2:b4:ef:7a:de:53:7c:33:9a:19:4c:d9:da:1e:
                    50:4d:31:b5:8c:c7:70:0c:9f:c1:0d:5b:af:60:06:
                    08:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:D3:BA:1B:33:A5:D3:1C:93:2B:B8:ED:A0:17:87:C6:43:21:B1:0C
            X509v3 Authority Key Identifier:
                keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/KdO6GzOl0xyTK7jtoBeHxkMhsQw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.214.232.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7b:2d:f3:bf:77:61:60:9b:aa:cc:78:d0:eb:e7:3b:00:09:7b:
         fa:fb:2a:3e:a4:75:71:6d:6b:54:9c:a7:48:13:47:06:56:86:
         d3:f3:f2:78:6f:6f:64:04:19:db:76:1a:1b:3e:cd:fc:92:f8:
         2b:36:0e:c7:b8:2d:f8:8b:a9:d8:92:2c:06:c3:ca:fb:87:e1:
         e0:c5:be:ec:51:ea:c3:5a:83:dc:84:ba:bb:65:22:fb:4c:86:
         01:f1:d2:f0:57:e1:b4:b3:ba:e3:88:62:2e:e5:18:51:ad:ee:
         50:ff:d7:e2:9f:ea:a4:14:56:31:bf:88:5b:c8:75:99:6f:72:
         19:20:8e:0d:85:a9:23:d3:5c:a2:06:41:64:02:96:a2:37:45:
         c9:12:13:ca:7f:bb:2c:eb:60:55:2d:2b:e3:ca:6d:d8:29:bc:
         68:7d:ae:bc:e5:8f:d3:dd:b2:94:f2:d7:7e:82:d4:0f:f5:be:
         bc:16:25:4d:ae:5d:56:a6:a4:b1:eb:cb:c8:d5:26:3f:50:6b:
         6c:45:5a:66:bf:37:f7:7f:ec:28:1e:6d:9a:01:9a:ab:2c:ef:
         5a:21:47:48:e8:aa:c2:e7:05:05:8d:8b:16:85:d3:83:97:ea:
         f7:9e:64:f9:a7:ba:e7:47:5f:20:85:31:b6:66:09:aa:24:9c:
         ea:81:dc:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYo+iK220VJv5KiFODi4h7N7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjMwODI4MjM0NDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWQzYmExYjMzYTVkMzFjOTMyYmI4ZWRhMDE3ODdjNjQzMjFiMTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ebBGoYtSihP2OWm5g5WZBkF5406
CUqsLVMIGaeBHA/DZ1KS/NxbYvTbtzZ5xwG+rFh/tu90TBmI+yx85PMGUrksCVFR
byqbeSBLZKAo8Qj/ZtPrJ5GNIjSSkm+nTe+FvRrakE1wJyBLREOZrc7AB+FGFNF0
+i+EjfrSbI3h6xBcu5MeBbnSQVAPfhUO4UVghVP3NK55ZRb+2Js8O7bymzBQsJQE
KZNiO8/jrS/y77St+HIaZsLIQV9eH5YE8N98XvsY/Y5l7cmvIUJgDeRQzbkikbbF
TQwayvkVyPb7uNqe4rTvet5TfDOaGUzZ2h5QTTG1jMdwDJ/BDVuvYAYIDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCnTuhszpdMckyu47aAXh8ZDIbEMMB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEvS2RPNkd6T2wweHlUSzdqdG9CZUh4a01oc1F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBvNboMA0G
CSqGSIb3DQEBCwUAA4IBAQB7LfO/d2Fgm6rMeNDr5zsACXv6+yo+pHVxbWtUnKdI
E0cGVobT8/J4b29kBBnbdhobPs38kvgrNg7HuC34i6nYkiwGw8r7h+Hgxb7sUerD
WoPchLq7ZSL7TIYB8dLwV+G0s7rjiGIu5RhRre5Q/9fin+qkFFYxv4hbyHWZb3IZ
II4Nhakj01yiBkFkApaiN0XJEhPKf7ss62BVLSvjym3YKbxofa685Y/T3bKU8td+
gtQP9b68FiVNrl1WpqSx68vI1SY/UGtsRVpmvzf3f+woHm2aAZqrLO9aIUdI6KrC
5wUFjYsWhdODl+r3nmT5p7rnR18ghTG2ZgmqJJzqgdwz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:24 2024 by rpki-client on console-ams.rpki-client.org