Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/H6v2IkG5irTnMXS0vrpkZ21j4nw.roa
File:                     H6v2IkG5irTnMXS0vrpkZ21j4nw.roa (raw, json)
Hash identifier:          gcjbGuy2H4Ewgf295Nc7XAYIppmQudfMj8h12nrXdz0=
Subject key identifier:   1F:AB:F6:22:41:B9:8A:B4:E7:31:74:B4:BE:BA:64:67:6D:63:E2:7C
Certificate issuer:       /CN=588cabf6f523f26e267db03b524347841aaaa465
Certificate serial:       01856FA6F90A743FBB055BABA71B2F8B471C
Authority key identifier: 58:8C:AB:F6:F5:23:F2:6E:26:7D:B0:3B:52:43:47:84:1A:AA:A4:65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WIyr9vUj8m4mfbA7UkNHhBqqpGU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/H6v2IkG5irTnMXS0vrpkZ21j4nw.roa
Signing time:             Sun 01 Jan 2023 23:24:51 +0000
ROA not before:           Sun 01 Jan 2023 23:24:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202916
IP address blocks:        2a04:1cc0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:30:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:a6:f9:0a:74:3f:bb:05:5b:ab:a7:1b:2f:8b:47:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=588cabf6f523f26e267db03b524347841aaaa465
        Validity
            Not Before: Jan  1 23:24:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1fabf62241b98ab4e73174b4beba64676d63e27c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:f7:7d:19:9a:86:75:79:29:bf:e2:6c:3d:9c:
                    b7:98:e1:8d:26:40:e1:7d:4a:ee:51:12:31:9b:5f:
                    16:99:fd:6e:00:48:c4:78:cb:9c:b8:97:cd:ae:0f:
                    90:a6:57:a3:23:80:ab:cf:2c:6d:92:b0:50:39:36:
                    3b:2e:f2:c2:94:2b:28:e0:5a:c4:de:1d:10:d8:e5:
                    23:37:6f:ff:d6:27:9c:32:22:04:50:f9:0c:8c:6b:
                    4a:19:7f:4c:32:3e:e0:ef:fc:a9:66:a5:cc:f8:6e:
                    ae:b9:1b:64:1e:a3:e8:45:6c:73:bd:fd:c7:b6:09:
                    e9:d8:3c:2a:3d:42:da:03:cf:d3:01:84:fa:2b:ef:
                    38:77:89:72:12:2e:60:0a:dc:dd:24:86:db:cb:ab:
                    6a:6e:e9:20:3a:e3:48:7d:9a:4a:ec:54:9e:34:12:
                    98:4b:b2:fb:bb:8f:24:69:b5:e8:1c:6b:db:e4:de:
                    1e:fb:3e:97:cc:52:14:14:d9:89:6c:8d:c8:74:fc:
                    76:32:c7:90:c1:a4:8c:bc:1c:2c:1b:7e:9e:59:67:
                    ec:f1:d4:d0:7c:99:9a:e6:b8:5c:6d:82:81:0e:ea:
                    db:7e:ea:36:7f:de:0c:35:8a:31:84:97:9d:e7:34:
                    e2:6f:14:05:6a:67:e7:67:ea:a0:45:2e:41:70:47:
                    d2:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:AB:F6:22:41:B9:8A:B4:E7:31:74:B4:BE:BA:64:67:6D:63:E2:7C
            X509v3 Authority Key Identifier:
                keyid:58:8C:AB:F6:F5:23:F2:6E:26:7D:B0:3B:52:43:47:84:1A:AA:A4:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIyr9vUj8m4mfbA7UkNHhBqqpGU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/H6v2IkG5irTnMXS0vrpkZ21j4nw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/WIyr9vUj8m4mfbA7UkNHhBqqpGU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a04:1cc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         a1:87:0b:43:88:43:b7:6f:49:82:83:9e:ed:30:13:67:7a:17:
         e8:02:4d:00:44:4b:99:3a:3f:a7:ef:0d:af:3e:47:5a:31:f3:
         c2:ad:5d:3e:dd:c1:59:bc:83:9b:fb:be:ec:7c:b5:b1:73:c0:
         8a:36:28:32:b5:0b:4f:9a:f6:3d:bb:2f:7c:32:87:45:0a:ed:
         17:b3:7e:65:43:2b:ef:6e:71:41:81:5a:2f:be:21:15:2b:16:
         32:ee:d8:2b:7e:42:64:09:ec:be:ba:c3:92:d2:2b:ae:ff:b8:
         c5:91:3b:15:34:12:82:25:6d:46:0a:4e:d8:66:58:3e:ee:37:
         b2:8c:21:d3:45:89:96:15:58:6d:7e:54:7d:8c:db:16:70:4e:
         1d:0a:1a:a4:ab:75:83:aa:a2:28:a0:dd:0b:2b:db:04:4f:83:
         ca:ef:2f:2e:80:27:8f:ac:72:d1:e4:a7:15:0a:3c:ac:14:3f:
         3f:d2:3f:28:f5:0e:01:a8:22:c2:13:4e:a7:69:a4:0b:78:af:
         7f:6a:9a:63:6b:ab:90:9d:3d:2c:d4:17:b3:61:fa:21:2b:89:
         d1:6e:36:b6:a8:eb:c5:c8:44:58:db:67:fb:be:22:21:05:62:
         0f:7b:58:7a:41:a0:d3:3d:95:3d:88:e3:21:80:0d:bd:f7:a9:
         d9:71:99:19
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvpvkKdD+7BVurpxsvi0ccMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4OGNhYmY2ZjUyM2YyNmUyNjdkYjAzYjUyNDM0Nzg0MWFh
YWE0NjUwHhcNMjMwMTAxMjMyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmFiZjYyMjQxYjk4YWI0ZTczMTc0YjRiZWJhNjQ2NzZkNjNlMjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/d9GZqGdXkpv+JsPZy3mOGNJkDh
fUruURIxm18Wmf1uAEjEeMucuJfNrg+QplejI4CrzyxtkrBQOTY7LvLClCso4FrE
3h0Q2OUjN2//1iecMiIEUPkMjGtKGX9MMj7g7/ypZqXM+G6uuRtkHqPoRWxzvf3H
tgnp2DwqPULaA8/TAYT6K+84d4lyEi5gCtzdJIbby6tqbukgOuNIfZpK7FSeNBKY
S7L7u48kabXoHGvb5N4e+z6XzFIUFNmJbI3IdPx2MseQwaSMvBwsG36eWWfs8dTQ
fJma5rhcbYKBDurbfuo2f94MNYoxhJed5zTibxQFamfnZ+qgRS5BcEfSNQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFB+r9iJBuYq05zF0tL66ZGdtY+J8MB8GA1UdIwQY
MBaAFFiMq/b1I/JuJn2wO1JDR4QaqqRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0l5cjl2VWo4bTRtZmJBN1VrTkhoQnFxcEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wMTg3ZDYtOGJmYy00YzU5LWE2YzQt
NmFkMzI1MmExNDI3LzEvSDZ2MklrRzVpclRuTVhTMHZycGtaMjFqNG53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wMTg3ZDYtOGJmYy00YzU5LWE2YzQtNmFkMzI1MmExNDI3
LzEvV0l5cjl2VWo4bTRtZmJBN1VrTkhoQnFxcEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgQcwDAN
BgkqhkiG9w0BAQsFAAOCAQEAoYcLQ4hDt29JgoOe7TATZ3oX6AJNAERLmTo/p+8N
rz5HWjHzwq1dPt3BWbyDm/u+7Hy1sXPAijYoMrULT5r2PbsvfDKHRQrtF7N+ZUMr
725xQYFaL74hFSsWMu7YK35CZAnsvrrDktIrrv+4xZE7FTQSgiVtRgpO2GZYPu43
sowh00WJlhVYbX5UfYzbFnBOHQoapKt1g6qiKKDdCyvbBE+Dyu8vLoAnj6xy0eSn
FQo8rBQ/P9I/KPUOAagiwhNOp2mkC3ivf2qaY2urkJ09LNQXs2H6ISuJ0W42tqjr
xchEWNtn+74iIQViD3tYekGg0z2VPYjjIYANvfep2XGZGQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:25 2024 by rpki-client on console-ams.rpki-client.org