Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/PiAVZl4rkAtykAd27QcDpoDW5s8.roa
File:                     PiAVZl4rkAtykAd27QcDpoDW5s8.roa (raw, json)
Hash identifier:          Z0U7sZKTltsHWTR+AraqmiU/PFt7gQApm7+PnIuiDVw=
Subject key identifier:   3E:20:15:66:5E:2B:90:0B:72:90:07:76:ED:07:03:A6:80:D6:E6:CF
Certificate issuer:       /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial:       018F9C6BD8A94EE2B0A8DBED3A7867A9D13B
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/PiAVZl4rkAtykAd27QcDpoDW5s8.roa
Signing time:             Tue 21 May 2024 18:31:04 +0000
ROA not before:           Tue 21 May 2024 18:31:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49217
IP address blocks:        2a0f:eb03::/32 maxlen: 32
                          2a0f:ed00::/32 maxlen: 32
                          2a0f:ed05::/32 maxlen: 32
                          2a0f:ed07::/32 maxlen: 32
                          2a13:a446::/32 maxlen: 32
                          2a13:a447::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 04 Jun 2024 09:49:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:9c:6b:d8:a9:4e:e2:b0:a8:db:ed:3a:78:67:a9:d1:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
        Validity
            Not Before: May 21 18:31:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3e2015665e2b900b72900776ed0703a680d6e6cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:af:6e:31:b4:10:fd:a0:84:5d:ae:26:2b:38:
                    a1:20:f6:14:00:a8:38:e2:67:05:1d:89:1d:c1:fe:
                    61:c8:67:39:c8:f2:ad:b5:79:53:c2:86:0a:d5:8b:
                    27:2a:22:65:ab:d4:fa:7b:da:c9:f9:d2:80:e4:47:
                    48:ce:9b:64:0b:9f:be:fe:c2:3b:1f:5d:4f:1c:53:
                    aa:8e:4a:95:49:c7:44:30:0c:76:5e:5a:53:64:fc:
                    11:6b:f9:27:47:2f:f9:10:c5:a2:e3:f0:46:75:4c:
                    66:30:d8:2e:de:75:72:f4:cc:e8:eb:d5:9b:cd:e7:
                    fc:ef:51:72:4e:3f:be:a3:db:96:66:23:38:12:16:
                    ce:fb:c4:ca:89:6a:32:7c:fc:04:cd:e9:28:92:55:
                    1a:80:bd:94:29:b2:fa:ee:3c:78:38:3e:b4:c0:1b:
                    6f:2b:49:96:97:48:7d:0a:fc:e1:63:94:13:83:35:
                    d6:3d:95:87:4e:b5:12:b6:7b:1f:1a:25:84:33:e7:
                    b7:c5:68:c2:4b:c4:bc:d5:cf:06:8f:54:53:9e:64:
                    4f:1b:74:f8:88:56:5c:a7:89:ee:f6:d5:44:34:f1:
                    59:43:f1:df:c6:a3:d7:89:e5:42:fa:88:6b:58:56:
                    b2:65:81:3b:15:a4:54:98:7e:78:0a:2e:fe:eb:81:
                    1f:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:20:15:66:5E:2B:90:0B:72:90:07:76:ED:07:03:A6:80:D6:E6:CF
            X509v3 Authority Key Identifier:
                keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/PiAVZl4rkAtykAd27QcDpoDW5s8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:eb03::/32
                  2a0f:ed00::/32
                  2a0f:ed05::/32
                  2a0f:ed07::/32
                  2a13:a446::/31

    Signature Algorithm: sha256WithRSAEncryption
         84:1a:0f:7e:f9:6f:e1:b2:bd:31:54:9a:f0:83:fe:50:a3:a6:
         a8:74:ba:46:a8:64:a8:49:87:48:76:a2:9c:4c:a9:df:7f:eb:
         54:ea:8e:63:2b:de:99:68:9f:1d:02:f5:c1:af:fd:70:1d:c1:
         b9:ec:44:c6:40:14:16:a7:84:c3:62:ed:bb:65:44:4e:ab:c0:
         90:37:9b:bd:36:14:79:42:f9:c8:df:b5:1e:63:b1:0b:7e:5e:
         0f:15:8d:1b:70:b3:43:dc:db:bb:a1:6a:bc:24:de:d9:21:cf:
         49:98:91:6c:9a:8e:f6:ff:17:d1:1e:3e:1d:68:6b:2d:ab:85:
         b0:45:2f:46:97:da:94:14:b4:52:3f:ba:30:3e:f2:05:dc:4f:
         ff:02:24:e6:e3:d8:93:db:94:9d:31:76:c9:e5:88:1b:ee:8a:
         96:fb:15:13:69:86:40:8d:77:9d:6b:42:3b:54:1c:ab:04:5b:
         04:b4:25:ae:a6:a7:19:44:8a:c2:33:76:2b:bf:88:9d:54:f3:
         11:cd:da:9f:0e:f4:0e:6a:24:93:94:8c:e2:e5:0c:12:f3:e1:
         15:46:c1:23:7a:69:50:08:b1:d3:b3:3a:16:cd:10:64:ca:c4:
         c0:17:e2:ce:68:dd:7f:a7:7c:f1:30:d0:99:4d:5a:25:ee:58:
         75:a3:80:f2
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY+ca9ipTuKwqNvtOnhnqdE7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjQwNTIxMTgzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTIwMTU2NjVlMmI5MDBiNzI5MDA3NzZlZDA3MDNhNjgwZDZlNmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwq9uMbQQ/aCEXa4mKzihIPYUAKg4
4mcFHYkdwf5hyGc5yPKttXlTwoYK1YsnKiJlq9T6e9rJ+dKA5EdIzptkC5++/sI7
H11PHFOqjkqVScdEMAx2XlpTZPwRa/knRy/5EMWi4/BGdUxmMNgu3nVy9Mzo69Wb
zef871FyTj++o9uWZiM4EhbO+8TKiWoyfPwEzekoklUagL2UKbL67jx4OD60wBtv
K0mWl0h9CvzhY5QTgzXWPZWHTrUStnsfGiWEM+e3xWjCS8S81c8Gj1RTnmRPG3T4
iFZcp4nu9tVENPFZQ/HfxqPXieVC+ohrWFayZYE7FaRUmH54Ci7+64EfcQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFD4gFWZeK5ALcpAHdu0HA6aA1ubPMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvUGlBVlpsNHJrQXR5a0FkMjdRY0Rwb0RXNXM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKg/rAwMF
ACoP7QADBQAqD+0FAwUAKg/tBwMFASoTpEYwDQYJKoZIhvcNAQELBQADggEBAIQa
D375b+GyvTFUmvCD/lCjpqh0ukaoZKhJh0h2opxMqd9/61TqjmMr3plonx0C9cGv
/XAdwbnsRMZAFBanhMNi7btlRE6rwJA3m702FHlC+cjftR5jsQt+Xg8VjRtws0Pc
27uharwk3tkhz0mYkWyajvb/F9EePh1oay2rhbBFL0aX2pQUtFI/ujA+8gXcT/8C
JObj2JPblJ0xdsnliBvuipb7FRNphkCNd51rQjtUHKsEWwS0Ja6mpxlEisIzdiu/
iJ1U8xHN2p8O9A5qJJOUjOLlDBLz4RVGwSN6aVAIsdOzOhbNEGTKxMAX4s5o3X+n
fPEw0JlNWiXuWHWjgPI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:11 2024 by rpki-client on console-fra.rpki-client.org