Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/KPSkuCoz87uKegHq1LNP668O41w.roa
File:                     KPSkuCoz87uKegHq1LNP668O41w.roa (raw, json)
Hash identifier:          XXrI3HXEjiA8RGe+wbLatteIo9TRcUrGs18HWTQEzJ4=
Subject key identifier:   28:F4:A4:B8:2A:33:F3:BB:8A:7A:01:EA:D4:B3:4F:EB:AF:0E:E3:5C
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       018CC793F338DC8B91AD1D7F82DFC0F63227
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/KPSkuCoz87uKegHq1LNP668O41w.roa
Signing time:             Tue 02 Jan 2024 00:30:11 +0000
ROA not before:           Tue 02 Jan 2024 00:30:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204203
IP address blocks:        85.133.143.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 17 Mar 2024 15:32:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:93:f3:38:dc:8b:91:ad:1d:7f:82:df:c0:f6:32:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Jan  2 00:30:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=28f4a4b82a33f3bb8a7a01ead4b34febaf0ee35c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:8e:ad:d6:27:c0:86:fe:11:69:c4:a0:b4:55:
                    89:dd:69:b7:3a:c6:ca:99:c7:8c:3b:16:bb:d8:50:
                    27:83:c1:29:f7:40:7f:16:78:fb:f8:1d:3d:35:38:
                    91:de:e8:fb:fd:eb:0b:fd:17:13:1c:80:25:a0:16:
                    94:3e:03:8b:99:04:51:b0:13:13:7f:31:cd:73:9a:
                    32:ca:b0:12:01:09:a4:1b:c0:76:b2:6d:50:9d:25:
                    78:93:bb:9e:47:27:05:3b:d9:15:cd:4e:24:70:2c:
                    f3:94:53:a3:ff:bd:c8:f2:9d:28:dd:a0:b7:93:47:
                    c6:c3:ac:44:29:f6:84:c0:5a:89:3a:3f:6f:2c:c7:
                    b3:99:54:4b:91:40:58:e7:c5:88:92:08:4c:47:c1:
                    5d:dc:cb:4a:70:2b:5d:4b:1d:25:f0:4c:f3:a0:35:
                    26:f6:17:bb:ab:d7:2d:2a:3e:76:e3:0c:6f:87:00:
                    e3:ca:f3:7b:93:06:2e:69:90:85:22:11:e9:83:04:
                    d0:42:9c:d4:59:03:80:7e:06:6f:68:6d:91:a9:34:
                    8c:dd:8f:2c:11:01:0f:37:22:ca:f7:74:1c:54:63:
                    a5:ae:06:8c:b6:50:da:19:87:27:74:20:26:5c:d6:
                    3b:93:00:5d:ba:69:1c:fc:93:1e:79:71:ef:da:51:
                    7e:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:F4:A4:B8:2A:33:F3:BB:8A:7A:01:EA:D4:B3:4F:EB:AF:0E:E3:5C
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/KPSkuCoz87uKegHq1LNP668O41w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.143.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:77:f1:e8:40:3c:73:b7:11:9a:06:96:8a:2e:bf:26:89:30:
         92:c5:a1:42:21:8b:99:42:e8:b7:7c:34:be:59:34:72:5b:3b:
         c8:38:43:24:06:ea:8d:a3:84:dc:cc:87:c5:ac:0f:a4:16:ce:
         c1:9e:a2:b9:1d:f6:d9:84:86:3f:38:d0:bb:31:55:ac:26:7e:
         12:a8:ad:8d:d4:8e:b0:12:ea:73:54:4a:84:8f:e5:a1:a0:ea:
         84:90:cb:d8:6b:e8:e7:2b:0d:4f:40:94:c5:cd:f1:65:8d:44:
         58:96:f6:66:06:1c:12:70:3c:03:fa:a9:ce:96:9a:21:2a:26:
         c7:10:46:c6:0f:de:fa:cb:e5:8f:64:79:c2:34:8d:03:d1:81:
         63:de:c2:12:6d:a0:cd:0e:10:5d:3b:5a:a7:3e:83:d7:a0:b7:
         77:cf:a5:3f:a3:51:96:87:6a:ae:f1:70:79:65:96:f4:a9:db:
         13:24:09:72:12:8f:65:6c:f1:76:09:3c:3a:c8:bb:c2:84:dd:
         c5:d7:91:27:d1:c0:85:d2:03:f0:2e:c9:b0:d8:0e:a3:3c:63:
         d4:53:97:97:b6:13:07:fe:c7:9a:7c:a2:05:cf:f1:1e:f8:a0:
         2a:85:47:4d:d3:8f:6c:64:ba:98:c3:41:79:36:d7:02:4c:04:
         69:47:8a:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHk/M43IuRrR1/gt/A9jInMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMTAyMDAzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGY0YTRiODJhMzNmM2JiOGE3YTAxZWFkNGIzNGZlYmFmMGVlMzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgY6t1ifAhv4RacSgtFWJ3Wm3OsbK
mceMOxa72FAng8Ep90B/Fnj7+B09NTiR3uj7/esL/RcTHIAloBaUPgOLmQRRsBMT
fzHNc5oyyrASAQmkG8B2sm1QnSV4k7ueRycFO9kVzU4kcCzzlFOj/73I8p0o3aC3
k0fGw6xEKfaEwFqJOj9vLMezmVRLkUBY58WIkghMR8Fd3MtKcCtdSx0l8EzzoDUm
9he7q9ctKj524wxvhwDjyvN7kwYuaZCFIhHpgwTQQpzUWQOAfgZvaG2RqTSM3Y8s
EQEPNyLK93QcVGOlrgaMtlDaGYcndCAmXNY7kwBdumkc/JMeeXHv2lF+xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCj0pLgqM/O7inoB6tSzT+uvDuNcMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvS1BTa3VDb3o4N3VLZWdIcTFMTlA2NjhPNDF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVYWPMA0G
CSqGSIb3DQEBCwUAA4IBAQCld/HoQDxztxGaBpaKLr8miTCSxaFCIYuZQui3fDS+
WTRyWzvIOEMkBuqNo4TczIfFrA+kFs7BnqK5HfbZhIY/ONC7MVWsJn4SqK2N1I6w
EupzVEqEj+WhoOqEkMvYa+jnKw1PQJTFzfFljURYlvZmBhwScDwD+qnOlpohKibH
EEbGD976y+WPZHnCNI0D0YFj3sISbaDNDhBdO1qnPoPXoLd3z6U/o1GWh2qu8XB5
ZZb0qdsTJAlyEo9lbPF2CTw6yLvChN3F15En0cCF0gPwLsmw2A6jPGPUU5eXthMH
/seafKIFz/Ee+KAqhUdN049sZLqYw0F5NtcCTARpR4oz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org