Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/KjKJ5UIW5adboFy5RZRGSsy1bqQ.roa
File:                     KjKJ5UIW5adboFy5RZRGSsy1bqQ.roa (raw, json)
Hash identifier:          wq+vQ2PCKf8dbVQY3NwbXMzNBcDeeC9E/GByoZfs+oU=
Subject key identifier:   2A:32:89:E5:42:16:E5:A7:5B:A0:5C:B9:45:94:46:4A:CC:B5:6E:A4
Certificate issuer:       /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial:       0185D4FB285028D05651D5A64DD501CAC096
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/KjKJ5UIW5adboFy5RZRGSsy1bqQ.roa
Signing time:             Sat 21 Jan 2023 15:38:27 +0000
ROA not before:           Sat 21 Jan 2023 15:38:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209260
IP address blocks:        77.81.79.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 21 Apr 2023 16:04:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:d4:fb:28:50:28:d0:56:51:d5:a6:4d:d5:01:ca:c0:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
        Validity
            Not Before: Jan 21 15:38:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2a3289e54216e5a75ba05cb94594464accb56ea4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:1f:60:dc:99:ed:14:ea:7c:ab:c8:98:7c:db:
                    72:61:f5:76:62:4b:08:aa:21:4e:16:a9:b9:24:b6:
                    d0:7f:34:40:56:ef:a7:6e:13:ad:07:a6:33:2a:05:
                    5f:b5:9b:2f:7e:38:b3:3d:eb:e9:8e:25:65:72:2a:
                    db:24:a8:26:ca:6b:ce:58:2c:94:b7:10:8d:9d:45:
                    af:b3:9b:14:14:86:78:90:ee:94:8a:20:06:29:7c:
                    4b:38:29:7a:66:69:fc:92:8f:b2:f8:13:03:03:39:
                    dc:f8:a4:98:5f:15:d8:f3:63:68:59:c5:37:4e:42:
                    10:e6:36:93:78:2b:92:52:b8:e7:17:b5:55:74:be:
                    50:3b:e5:75:13:73:15:90:fb:c9:a1:43:4c:e6:64:
                    b9:80:b4:4b:4f:36:23:c0:d3:6c:0d:db:8e:3c:f3:
                    cb:a5:36:15:56:58:ce:95:c8:59:66:85:6c:14:bb:
                    91:3a:c5:0e:17:ae:2b:86:44:96:bd:46:10:b4:67:
                    64:11:f8:93:8a:37:0e:64:6e:cb:98:26:c4:3c:2f:
                    04:fd:95:3d:91:22:67:38:22:4b:38:76:55:36:09:
                    5c:fb:08:6a:00:0a:54:b2:09:45:67:b5:6e:73:c0:
                    3a:c6:80:23:fd:34:ed:9d:76:65:af:ec:b9:03:79:
                    49:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:32:89:E5:42:16:E5:A7:5B:A0:5C:B9:45:94:46:4A:CC:B5:6E:A4
            X509v3 Authority Key Identifier:
                keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/KjKJ5UIW5adboFy5RZRGSsy1bqQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.81.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:ac:36:7f:be:d0:98:24:71:e2:dd:e2:b5:4c:18:b9:f3:5f:
         e9:71:d4:e4:08:c5:01:0f:ea:e6:5b:11:c4:19:f1:55:9e:59:
         b3:26:8a:13:a1:28:5f:6d:a4:4c:48:10:cc:8d:3f:c7:b0:8d:
         86:6f:06:74:ad:34:9f:f1:aa:58:95:4a:67:c6:5b:61:ae:dd:
         59:47:dd:cb:4e:92:88:1f:d1:53:42:47:8d:b3:5e:ed:3b:a9:
         80:5d:c0:2c:d4:92:c2:72:44:29:61:88:f2:34:e8:1b:c2:5f:
         9d:e3:c5:e5:8f:d8:82:3d:6a:c8:80:fc:ce:fe:1f:99:2e:e4:
         3d:1c:af:4d:15:2d:b4:8e:93:45:05:8c:8a:07:9a:bd:d2:1b:
         d9:2a:fc:af:98:7c:c1:13:cf:ba:ee:da:f4:ec:43:5f:e8:bd:
         20:76:a2:29:32:71:c2:6d:74:e6:3c:ae:c6:0c:db:ec:54:93:
         e4:48:90:49:8e:09:f5:ce:5f:0c:02:5c:e5:f1:25:4d:f2:1f:
         82:9a:f4:b3:93:10:81:53:0e:8f:e3:b4:4d:3b:80:24:9d:ed:
         ae:12:9d:e4:c0:ec:1e:fb:d0:9e:1b:07:d3:79:d9:59:dd:50:
         1d:1c:16:2c:e5:ab:23:db:9d:2c:99:28:72:ca:d8:54:42:6f:
         d6:23:76:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXU+yhQKNBWUdWmTdUBysCWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjMwMTIxMTUzODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTMyODllNTQyMTZlNWE3NWJhMDVjYjk0NTk0NDY0YWNjYjU2ZWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuB9g3JntFOp8q8iYfNtyYfV2YksI
qiFOFqm5JLbQfzRAVu+nbhOtB6YzKgVftZsvfjizPevpjiVlcirbJKgmymvOWCyU
txCNnUWvs5sUFIZ4kO6UiiAGKXxLOCl6Zmn8ko+y+BMDAznc+KSYXxXY82NoWcU3
TkIQ5jaTeCuSUrjnF7VVdL5QO+V1E3MVkPvJoUNM5mS5gLRLTzYjwNNsDduOPPPL
pTYVVljOlchZZoVsFLuROsUOF64rhkSWvUYQtGdkEfiTijcOZG7LmCbEPC8E/ZU9
kSJnOCJLOHZVNglc+whqAApUsglFZ7Vuc8A6xoAj/TTtnXZlr+y5A3lJWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCoyieVCFuWnW6BcuUWURkrMtW6kMB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEvS2pLSjVVSVc1YWRib0Z5NVJaUkdTc3kxYnFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVFPMA0G
CSqGSIb3DQEBCwUAA4IBAQCSrDZ/vtCYJHHi3eK1TBi581/pcdTkCMUBD+rmWxHE
GfFVnlmzJooToShfbaRMSBDMjT/HsI2GbwZ0rTSf8apYlUpnxlthrt1ZR93LTpKI
H9FTQkeNs17tO6mAXcAs1JLCckQpYYjyNOgbwl+d48Xlj9iCPWrIgPzO/h+ZLuQ9
HK9NFS20jpNFBYyKB5q90hvZKvyvmHzBE8+67tr07ENf6L0gdqIpMnHCbXTmPK7G
DNvsVJPkSJBJjgn1zl8MAlzl8SVN8h+CmvSzkxCBUw6P47RNO4Akne2uEp3kwOwe
+9CeGwfTedlZ3VAdHBYs5asj250smShyythUQm/WI3Zn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:23 2024 by rpki-client on console-fra.rpki-client.org