Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/kgks1Qh2hCvJW-M4N7krZICGAm0.roa
File:                     kgks1Qh2hCvJW-M4N7krZICGAm0.roa (raw, json)
Hash identifier:          zbcSMoVbsiovVj8XNoCt7u3GfFvUEyItn06ULMN+7cM=
Subject key identifier:   92:09:2C:D5:08:76:84:2B:C9:5B:E3:38:37:B9:2B:64:80:86:02:6D
Certificate issuer:       /CN=11eecd71c193e4ac30ed03d0b9f05da101c603d2
Certificate serial:       0185715E5AE39011BCCE52DF991BE4023761
Authority key identifier: 11:EE:CD:71:C1:93:E4:AC:30:ED:03:D0:B9:F0:5D:A1:01:C6:03:D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ee7NccGT5Kww7QPQufBdoQHGA9I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/kgks1Qh2hCvJW-M4N7krZICGAm0.roa
Signing time:             Mon 02 Jan 2023 07:24:47 +0000
ROA not before:           Mon 02 Jan 2023 07:24:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212384
IP address blocks:        185.232.207.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:5e:5a:e3:90:11:bc:ce:52:df:99:1b:e4:02:37:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11eecd71c193e4ac30ed03d0b9f05da101c603d2
        Validity
            Not Before: Jan  2 07:24:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=92092cd50876842bc95be33837b92b648086026d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:30:ed:ad:95:1e:b2:13:3a:02:54:43:ea:37:
                    75:f4:97:d3:0a:11:3b:a9:1a:74:31:ec:ad:e6:58:
                    e4:ef:67:42:0f:96:74:f7:84:7f:93:e2:de:9d:dd:
                    db:1e:f6:6c:c8:2b:54:94:b3:fd:f8:79:cb:10:64:
                    f2:3b:d8:a0:19:98:1e:f1:e7:97:33:d9:81:75:60:
                    2f:b2:3f:07:0f:c4:e9:b9:73:74:4d:ac:72:ad:dd:
                    fd:9a:29:1a:fe:dd:da:4b:4a:b9:f7:79:ed:1c:20:
                    b0:57:98:a9:06:07:da:af:9f:65:7d:56:62:1e:bc:
                    8a:97:ca:85:91:c7:a1:c0:a9:0e:5e:42:b1:38:91:
                    46:7b:c2:a2:a9:50:14:c2:a6:ef:31:a3:d8:5d:f5:
                    98:cb:34:f7:74:5c:0a:ae:c8:5f:3c:60:49:67:e6:
                    94:ea:6f:85:7a:9e:74:47:2a:ab:b4:0e:bc:b6:b8:
                    df:ce:1f:11:5f:20:eb:03:cf:e2:92:35:cc:ce:59:
                    b3:1d:01:84:84:e8:08:59:f8:ee:ed:b6:4f:f1:6a:
                    51:96:a3:d9:0d:63:4b:99:ae:82:d7:b6:22:cf:42:
                    9b:63:ae:9f:c8:3e:75:5d:9f:92:9a:08:67:80:05:
                    6c:6c:f8:f8:34:cf:c5:24:66:18:19:8e:d8:42:1d:
                    46:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:09:2C:D5:08:76:84:2B:C9:5B:E3:38:37:B9:2B:64:80:86:02:6D
            X509v3 Authority Key Identifier:
                keyid:11:EE:CD:71:C1:93:E4:AC:30:ED:03:D0:B9:F0:5D:A1:01:C6:03:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ee7NccGT5Kww7QPQufBdoQHGA9I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/kgks1Qh2hCvJW-M4N7krZICGAm0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/Ee7NccGT5Kww7QPQufBdoQHGA9I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.232.207.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:22:6f:4b:75:c7:f8:88:e8:0f:f1:64:20:d5:8c:77:30:74:
         27:02:ac:a5:68:ce:3a:32:35:50:e5:8c:5c:a2:61:db:4c:76:
         b5:e6:9f:a1:65:23:ee:fd:59:ea:fe:ac:fa:3b:ac:c2:b7:1e:
         be:be:30:1e:e2:7b:bc:de:fb:c7:a5:9d:30:8c:33:f4:1c:01:
         9b:f1:36:35:04:a1:15:a8:2e:22:3a:c2:b5:4b:c7:20:41:88:
         f5:5b:a5:ec:9a:4e:88:33:5f:bc:95:85:a2:01:34:c6:6e:ee:
         da:b8:7e:91:43:cd:d7:ef:14:c9:3e:50:16:5a:27:d7:93:98:
         95:35:2d:68:f0:38:82:88:9f:90:3f:33:87:be:2f:ef:c7:a4:
         14:eb:50:b9:ee:c0:75:48:b4:44:ed:06:0a:55:f5:63:23:ba:
         68:a5:33:2b:4c:36:51:c1:29:9d:5a:12:c9:15:88:e1:d2:f0:
         1c:81:5e:b8:7b:c3:b5:78:dd:16:97:32:fd:32:3d:73:57:71:
         09:0a:b6:cf:e5:b9:63:d8:15:e0:cc:c5:15:35:23:cd:ac:ca:
         8d:51:4c:c2:79:9d:81:fa:a8:95:f4:63:ff:2a:fc:e7:32:fa:
         88:c5:26:c2:47:35:1d:d4:b6:9d:d0:eb:d7:11:3a:33:46:70:
         96:81:d7:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxXlrjkBG8zlLfmRvkAjdhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZWVjZDcxYzE5M2U0YWMzMGVkMDNkMGI5ZjA1ZGExMDFj
NjAzZDIwHhcNMjMwMTAyMDcyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjA5MmNkNTA4NzY4NDJiYzk1YmUzMzgzN2I5MmI2NDgwODYwMjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTDtrZUeshM6AlRD6jd19JfTChE7
qRp0Meyt5ljk72dCD5Z094R/k+Lend3bHvZsyCtUlLP9+HnLEGTyO9igGZge8eeX
M9mBdWAvsj8HD8TpuXN0Taxyrd39mika/t3aS0q593ntHCCwV5ipBgfar59lfVZi
HryKl8qFkcehwKkOXkKxOJFGe8KiqVAUwqbvMaPYXfWYyzT3dFwKrshfPGBJZ+aU
6m+Fep50RyqrtA68trjfzh8RXyDrA8/ikjXMzlmzHQGEhOgIWfju7bZP8WpRlqPZ
DWNLma6C17Yiz0KbY66fyD51XZ+SmghngAVsbPj4NM/FJGYYGY7YQh1GDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJIJLNUIdoQryVvjODe5K2SAhgJtMB8GA1UdIwQY
MBaAFBHuzXHBk+SsMO0D0LnwXaEBxgPSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWU3TmNjR1Q1S3d3N1FQUXVmQmRvUUhHQTlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi80ZmQ5NWEtNTE1Ny00YTFiLWI4Njgt
MTM4OTk1Yzk5Yjk3LzEva2drczFRaDJoQ3ZKVy1NNE43a3JaSUNHQW0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi80ZmQ5NWEtNTE1Ny00YTFiLWI4NjgtMTM4OTk1Yzk5Yjk3
LzEvRWU3TmNjR1Q1S3d3N1FQUXVmQmRvUUhHQTlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuejPMA0G
CSqGSIb3DQEBCwUAA4IBAQCdIm9Ldcf4iOgP8WQg1Yx3MHQnAqylaM46MjVQ5Yxc
omHbTHa15p+hZSPu/Vnq/qz6O6zCtx6+vjAe4nu83vvHpZ0wjDP0HAGb8TY1BKEV
qC4iOsK1S8cgQYj1W6Xsmk6IM1+8lYWiATTGbu7auH6RQ83X7xTJPlAWWifXk5iV
NS1o8DiCiJ+QPzOHvi/vx6QU61C57sB1SLRE7QYKVfVjI7popTMrTDZRwSmdWhLJ
FYjh0vAcgV64e8O1eN0WlzL9Mj1zV3EJCrbP5blj2BXgzMUVNSPNrMqNUUzCeZ2B
+qiV9GP/KvznMvqIxSbCRzUd1Lad0OvXETozRnCWgddK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:54 2024 by rpki-client on console-fra.rpki-client.org