Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/0d68d4-adb3-4ff9-b78a-4ef9d07c4405/1/0y2aASvVf571vzs-_lbupmGmF34.roa
File:                     0y2aASvVf571vzs-_lbupmGmF34.roa (raw, json)
Hash identifier:          tBQcfnMT1Cz+nOOnmv6nCC++9jdMmKS0Xug8sW8IBWw=
Subject key identifier:   D3:2D:9A:01:2B:D5:7F:9E:F5:BF:3B:3E:FE:56:EE:A6:61:A6:17:7E
Certificate issuer:       /CN=19193cd0cfb9395989358e0396312cfbb1c88ffe
Certificate serial:       01856D13A8D2F0D2CC898D5783FDE4F67C83
Authority key identifier: 19:19:3C:D0:CF:B9:39:59:89:35:8E:03:96:31:2C:FB:B1:C8:8F:FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GRk80M-5OVmJNY4DljEs-7HIj_4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/0d68d4-adb3-4ff9-b78a-4ef9d07c4405/1/0y2aASvVf571vzs-_lbupmGmF34.roa
Signing time:             Sun 01 Jan 2023 11:24:42 +0000
ROA not before:           Sun 01 Jan 2023 11:24:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211238
IP address blocks:        2a02:6ea0:1000::/40 maxlen: 40

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:13:a8:d2:f0:d2:cc:89:8d:57:83:fd:e4:f6:7c:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19193cd0cfb9395989358e0396312cfbb1c88ffe
        Validity
            Not Before: Jan  1 11:24:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d32d9a012bd57f9ef5bf3b3efe56eea661a6177e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:c2:7d:85:e2:f3:9e:39:5b:a4:5c:92:49:e5:
                    22:73:7b:f4:4a:7f:ee:c0:b8:65:b5:01:b3:b9:1d:
                    4e:3c:2d:a6:b7:49:8a:ae:50:aa:62:7b:6d:45:ec:
                    3e:df:0b:07:02:80:87:dc:0d:16:f0:63:22:48:3c:
                    ab:88:8f:d8:10:31:72:2d:eb:2b:e3:09:de:ee:20:
                    58:30:3f:57:d9:1c:17:51:a5:e4:79:75:2c:ab:c8:
                    2d:58:ec:d0:3c:de:17:f0:bc:e2:a1:e4:67:d5:f2:
                    80:5c:e4:75:80:11:2e:b6:7a:7f:65:54:86:c2:47:
                    16:71:57:ee:0c:83:96:cf:86:a9:97:1d:ac:73:d1:
                    4f:26:2f:ab:d4:6c:52:d2:c5:a6:df:bc:3c:47:42:
                    eb:04:12:dc:99:87:36:cd:d2:6a:05:87:9c:f9:5e:
                    89:45:29:83:3a:ec:4b:c1:66:cc:76:4f:e8:fe:ea:
                    e9:72:ed:1e:69:6d:2e:fa:81:3a:ef:f6:40:e6:cb:
                    d7:53:a1:70:fd:28:48:66:31:a9:f5:0f:b6:16:35:
                    45:10:dc:28:ba:ed:81:16:cf:4c:27:af:1a:f3:3f:
                    e3:f1:06:e7:11:42:f1:48:81:b1:8e:60:da:6a:69:
                    e8:0d:17:16:89:f9:0f:ec:1f:8b:4b:8e:5c:88:2b:
                    b7:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:2D:9A:01:2B:D5:7F:9E:F5:BF:3B:3E:FE:56:EE:A6:61:A6:17:7E
            X509v3 Authority Key Identifier:
                keyid:19:19:3C:D0:CF:B9:39:59:89:35:8E:03:96:31:2C:FB:B1:C8:8F:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GRk80M-5OVmJNY4DljEs-7HIj_4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/0d68d4-adb3-4ff9-b78a-4ef9d07c4405/1/0y2aASvVf571vzs-_lbupmGmF34.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/0d68d4-adb3-4ff9-b78a-4ef9d07c4405/1/GRk80M-5OVmJNY4DljEs-7HIj_4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a02:6ea0:1000::/40

    Signature Algorithm: sha256WithRSAEncryption
         57:fc:e6:d9:80:87:67:cc:3f:1b:4e:25:1b:17:cb:43:8d:00:
         0f:38:dd:1b:d1:9f:c0:b7:b6:f4:b2:8c:f0:66:a6:c9:b2:94:
         23:68:b5:78:81:c6:e9:e7:66:38:83:a3:e5:70:0f:0b:7a:e1:
         69:92:c7:93:2c:d9:43:43:ba:84:6c:36:3f:36:30:79:b0:10:
         ad:7f:60:b0:e6:1f:ab:c9:04:b7:fc:da:47:d8:ea:55:4c:5e:
         8c:91:de:af:7d:3c:0c:d7:41:f9:74:3f:df:b4:e9:0f:60:4e:
         53:47:bd:34:13:ca:a0:a7:2f:40:46:9d:52:3a:1c:04:4e:61:
         71:62:5b:92:a9:56:5b:be:c0:81:1f:65:d7:f7:5a:d4:82:ef:
         6b:f4:0e:32:89:4e:4d:b1:f9:65:39:b3:f7:cd:bc:61:4f:20:
         27:69:a2:3a:0a:e4:14:cd:71:0c:9f:6c:47:8d:fa:82:fc:0c:
         06:b3:ba:13:34:9a:e6:af:f3:18:89:12:7d:26:02:50:8a:6d:
         9b:40:54:8d:63:a8:2e:b0:55:6a:f5:f5:a0:e9:3c:cc:34:31:
         23:00:ec:a0:34:0d:04:c6:f1:e9:7a:6f:6a:03:79:c0:3a:10:
         e9:4d:58:3c:bf:e4:15:2a:a6:be:24:f1:1c:9f:7e:13:d4:64:
         f7:80:9f:d8
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtE6jS8NLMiY1Xg/3k9nyDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MTkzY2QwY2ZiOTM5NTk4OTM1OGUwMzk2MzEyY2ZiYjFj
ODhmZmUwHhcNMjMwMTAxMTEyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzJkOWEwMTJiZDU3ZjllZjViZjNiM2VmZTU2ZWVhNjYxYTYxNzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8J9heLznjlbpFySSeUic3v0Sn/u
wLhltQGzuR1OPC2mt0mKrlCqYnttRew+3wsHAoCH3A0W8GMiSDyriI/YEDFyLesr
4wne7iBYMD9X2RwXUaXkeXUsq8gtWOzQPN4X8LzioeRn1fKAXOR1gBEutnp/ZVSG
wkcWcVfuDIOWz4aplx2sc9FPJi+r1GxS0sWm37w8R0LrBBLcmYc2zdJqBYec+V6J
RSmDOuxLwWbMdk/o/urpcu0eaW0u+oE67/ZA5svXU6Fw/ShIZjGp9Q+2FjVFENwo
uu2BFs9MJ68a8z/j8QbnEULxSIGxjmDaamnoDRcWifkP7B+LS45ciCu3IQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNMtmgEr1X+e9b87Pv5W7qZhphd+MB8GA1UdIwQY
MBaAFBkZPNDPuTlZiTWOA5YxLPuxyI/+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1JrODBNLTVPVm1KTlk0RGxqRXMtN0hJal80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8wZDY4ZDQtYWRiMy00ZmY5LWI3OGEt
NGVmOWQwN2M0NDA1LzEvMHkyYUFTdlZmNTcxdnpzLV9sYnVwbUdtRjM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8wZDY4ZDQtYWRiMy00ZmY5LWI3OGEtNGVmOWQwN2M0NDA1
LzEvR1JrODBNLTVPVm1KTlk0RGxqRXMtN0hJal80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgJuoBAw
DQYJKoZIhvcNAQELBQADggEBAFf85tmAh2fMPxtOJRsXy0ONAA843RvRn8C3tvSy
jPBmpsmylCNotXiBxunnZjiDo+VwDwt64WmSx5Ms2UNDuoRsNj82MHmwEK1/YLDm
H6vJBLf82kfY6lVMXoyR3q99PAzXQfl0P9+06Q9gTlNHvTQTyqCnL0BGnVI6HARO
YXFiW5KpVlu+wIEfZdf3WtSC72v0DjKJTk2x+WU5s/fNvGFPICdpojoK5BTNcQyf
bEeN+oL8DAazuhM0muav8xiJEn0mAlCKbZtAVI1jqC6wVWr19aDpPMw0MSMA7KA0
DQTG8el6b2oDecA6EOlNWDy/5BUqpr4k8RyffhPUZPeAn9g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:41 2024 by rpki-client on console-fra.rpki-client.org