Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/ms3ajsrKcXyQMTYX2idVec4F6tU.roa
File:                     ms3ajsrKcXyQMTYX2idVec4F6tU.roa (raw, json)
Hash identifier:          vUS6R82bph/zx6UHEWuIq9fHOH1aSEHuZRidRxeXxrw=
Subject key identifier:   9A:CD:DA:8E:CA:CA:71:7C:90:31:36:17:DA:27:55:79:CE:05:EA:D5
Certificate issuer:       /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial:       018E321E3A384CE29B4DB8BE1AA72CEFB705
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/ms3ajsrKcXyQMTYX2idVec4F6tU.roa
Signing time:             Tue 12 Mar 2024 10:03:45 +0000
ROA not before:           Tue 12 Mar 2024 10:03:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     213220
IP address blocks:        2a11:5a42::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 18:35:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:32:1e:3a:38:4c:e2:9b:4d:b8:be:1a:a7:2c:ef:b7:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
        Validity
            Not Before: Mar 12 10:03:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9acdda8ecaca717c90313617da275579ce05ead5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:50:0f:c9:8d:97:0e:47:37:f0:79:11:1f:ff:
                    87:75:41:a9:96:6c:a7:14:49:b3:b2:09:36:70:d2:
                    e4:b2:4c:6a:a1:43:b2:fd:f5:1c:48:ac:11:35:23:
                    83:c5:74:3d:a1:8e:bf:2e:45:d3:53:7e:c0:cd:37:
                    3a:e2:ed:a8:be:35:7c:69:30:a6:01:e2:4b:2d:08:
                    ce:e2:6b:c0:9d:74:5e:4a:3e:24:d1:0d:9f:de:4a:
                    e3:2d:f3:17:3e:9e:e9:12:27:ec:b8:0f:41:0e:7a:
                    37:fc:d8:9a:7b:54:f6:fe:dc:e3:c2:86:89:bb:71:
                    2e:a1:21:ef:ca:88:e7:1b:2d:78:5e:2a:2b:e2:73:
                    9d:1c:bc:39:1e:11:a9:4e:8e:b2:54:99:6f:71:32:
                    25:80:92:e8:dd:1a:e6:dc:44:37:fd:86:43:c4:0a:
                    56:cf:a0:23:dd:be:be:8c:b6:39:e1:bc:d1:f7:e1:
                    46:c3:7b:96:a1:ca:6d:55:f8:9d:fe:5c:ed:29:6b:
                    a4:0f:87:61:02:69:b6:e9:19:32:4c:f4:77:92:d5:
                    02:8c:9b:35:de:55:ee:d5:b5:0a:17:74:08:02:f1:
                    14:7f:ba:77:d0:6c:ac:53:b2:3e:bd:f0:a8:64:2a:
                    2f:4b:3c:4c:1f:74:55:95:1b:82:83:11:73:9a:24:
                    4e:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:CD:DA:8E:CA:CA:71:7C:90:31:36:17:DA:27:55:79:CE:05:EA:D5
            X509v3 Authority Key Identifier:
                keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/ms3ajsrKcXyQMTYX2idVec4F6tU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:5a42::/32

    Signature Algorithm: sha256WithRSAEncryption
         6d:fd:d9:4e:1d:93:87:0e:45:5f:57:1c:ab:e9:3f:6a:9c:54:
         f1:85:a2:f3:b4:89:01:79:67:22:86:60:25:a7:c3:f4:ea:79:
         7e:42:a0:54:32:fc:98:50:52:80:90:46:c4:f3:2a:fe:23:b3:
         5c:c8:4c:00:40:26:8a:85:db:7e:f7:ef:b0:a0:1e:b0:07:4d:
         91:86:2c:78:2b:32:2d:53:fb:3a:63:5d:d4:cc:ce:b0:13:2c:
         3c:9a:b4:e4:7a:46:28:cc:fa:da:65:d6:37:77:88:2d:1f:f2:
         2c:6d:49:e0:27:1a:a3:43:a2:3b:65:1b:a4:79:43:db:54:b1:
         6e:e5:8e:83:66:bf:c0:5a:ac:d9:3b:ad:65:dc:00:15:4d:73:
         2d:90:80:5b:0c:87:43:6b:3e:53:7a:db:8e:c3:6c:36:37:ac:
         f2:1c:23:39:d2:e5:98:78:ca:95:53:83:98:2d:ae:84:4a:1c:
         de:b2:b8:8f:12:c4:ce:33:42:8b:3f:c2:d4:2a:ee:d0:d5:e3:
         6d:54:d1:d3:ad:e0:14:6a:09:61:04:a9:21:fb:31:72:ac:a4:
         7e:73:1b:82:06:28:1e:6b:fa:ce:67:38:7e:df:c9:25:40:d6:
         2f:12:22:a1:3c:b0:14:75:8e:f3:5d:5f:de:f6:19:75:78:a7:
         96:93:ca:22
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY4yHjo4TOKbTbi+Gqcs77cFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjQwMzEyMTAwMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWNkZGE4ZWNhY2E3MTdjOTAzMTM2MTdkYTI3NTU3OWNlMDVlYWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFAPyY2XDkc38HkRH/+HdUGplmyn
FEmzsgk2cNLkskxqoUOy/fUcSKwRNSODxXQ9oY6/LkXTU37AzTc64u2ovjV8aTCm
AeJLLQjO4mvAnXReSj4k0Q2f3krjLfMXPp7pEifsuA9BDno3/Niae1T2/tzjwoaJ
u3EuoSHvyojnGy14Xior4nOdHLw5HhGpTo6yVJlvcTIlgJLo3Rrm3EQ3/YZDxApW
z6Aj3b6+jLY54bzR9+FGw3uWocptVfid/lztKWukD4dhAmm26RkyTPR3ktUCjJs1
3lXu1bUKF3QIAvEUf7p30GysU7I+vfCoZCovSzxMH3RVlRuCgxFzmiROlQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJrN2o7KynF8kDE2F9onVXnOBerVMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvbXMzYWpzcktjWHlRTVRZWDJpZFZlYzRGNnRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhFaQjAN
BgkqhkiG9w0BAQsFAAOCAQEAbf3ZTh2Thw5FX1ccq+k/apxU8YWi87SJAXlnIoZg
JafD9Op5fkKgVDL8mFBSgJBGxPMq/iOzXMhMAEAmioXbfvfvsKAesAdNkYYseCsy
LVP7OmNd1MzOsBMsPJq05HpGKMz62mXWN3eILR/yLG1J4Ccao0OiO2UbpHlD21Sx
buWOg2a/wFqs2TutZdwAFU1zLZCAWwyHQ2s+U3rbjsNsNjes8hwjOdLlmHjKlVOD
mC2uhEoc3rK4jxLEzjNCiz/C1Cru0NXjbVTR063gFGoJYQSpIfsxcqykfnMbggYo
Hmv6zmc4ft/JJUDWLxIioTywFHWO811f3vYZdXinlpPKIg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:42 2024 by rpki-client on console-ams.rpki-client.org