Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/spnLmtBf1rv0etbrOQSkreREfnM.roa
File:                     spnLmtBf1rv0etbrOQSkreREfnM.roa (raw, json)
Hash identifier:          bCg8rpjSNPviysGQTBDq3nkiBGYWx2pJWQ4GEUk+xdo=
Subject key identifier:   B2:99:CB:9A:D0:5F:D6:BB:F4:7A:D6:EB:39:04:A4:AD:E4:44:7E:73
Certificate issuer:       /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial:       0189B54CD41B6AE67CD2BCCF5036EC0A3C81
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/spnLmtBf1rv0etbrOQSkreREfnM.roa
Signing time:             Wed 02 Aug 2023 08:10:58 +0000
ROA not before:           Wed 02 Aug 2023 08:10:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44812
IP address blocks:        2a0e:dfc2::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:30:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:b5:4c:d4:1b:6a:e6:7c:d2:bc:cf:50:36:ec:0a:3c:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
        Validity
            Not Before: Aug  2 08:10:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b299cb9ad05fd6bbf47ad6eb3904a4ade4447e73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:58:82:1a:ac:7f:d7:14:62:e5:84:da:db:16:
                    e4:a1:70:0f:4b:ba:7e:d6:1a:e1:91:a2:77:a0:67:
                    68:17:9f:52:51:98:57:15:0e:f1:8c:e3:88:a7:bd:
                    1c:48:39:06:eb:97:d2:6f:42:36:7f:9d:ff:a5:9b:
                    4b:6d:f4:f7:7c:14:65:db:41:8d:e0:31:a7:64:d4:
                    df:21:e3:71:f4:2c:0d:d9:4a:29:df:e8:07:7c:83:
                    ec:ac:6d:17:70:92:fb:9d:5d:cd:a6:e6:44:e6:6f:
                    ac:36:f8:01:34:dd:7d:4e:09:f7:c6:76:c2:9c:5b:
                    b3:f5:ba:f8:be:6d:6d:72:e9:1d:94:21:d1:ae:e3:
                    20:a0:d1:a8:dc:1e:e1:41:a1:32:04:49:d9:4d:e3:
                    5c:2a:59:5f:ca:2c:58:ec:31:0c:36:fb:06:4a:97:
                    dc:cc:30:c0:22:8f:3e:dc:31:94:9e:f8:96:3a:22:
                    4b:fe:e9:58:69:c1:62:f8:7d:a3:ab:46:9e:ab:ee:
                    a4:a4:7b:9a:7c:37:fe:ef:f9:62:77:c7:24:ee:be:
                    7e:44:f5:36:0f:a6:84:43:e8:61:47:35:89:b2:12:
                    8c:7e:46:62:91:ca:32:fb:46:61:53:3d:33:2d:64:
                    69:07:e4:e4:ad:14:60:42:35:08:83:f1:14:a2:d4:
                    c8:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:99:CB:9A:D0:5F:D6:BB:F4:7A:D6:EB:39:04:A4:AD:E4:44:7E:73
            X509v3 Authority Key Identifier:
                keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/spnLmtBf1rv0etbrOQSkreREfnM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:dfc2::/32

    Signature Algorithm: sha256WithRSAEncryption
         0b:03:17:fb:25:e9:09:85:61:93:e9:fc:db:b8:ef:ab:14:42:
         f7:96:cc:fa:3b:93:7b:70:01:40:56:d4:58:eb:e1:4c:98:56:
         b4:cb:cf:f6:ac:83:a1:39:4e:b0:92:6a:32:7f:fb:ee:a6:fd:
         7e:72:a0:c8:77:1d:d1:46:40:1a:ef:24:17:f0:24:b7:1f:07:
         8e:22:2f:a5:ae:34:e0:9b:cf:b4:6b:02:85:3c:9b:ad:cc:71:
         4f:9f:3f:86:70:9d:5d:20:4d:6c:e8:37:8f:d5:e8:91:4f:17:
         b6:56:be:f5:30:9f:65:77:f5:d7:95:7f:fc:c4:c3:ee:38:b0:
         f4:7c:41:d1:a2:5f:38:42:21:eb:84:e1:12:d0:4a:32:ed:4e:
         79:d5:de:07:ce:e9:40:fd:44:f1:d1:8a:a2:b3:13:6e:d2:4f:
         ab:00:80:90:13:a0:f2:5d:53:46:09:a3:d7:32:42:ae:6b:6b:
         c3:c2:39:50:a7:7b:8f:04:4c:5d:a0:bc:22:37:2f:50:cd:c3:
         6c:ed:e0:df:35:da:0c:8e:8a:d3:20:59:3e:fd:04:61:03:19:
         4c:d7:ed:98:a4:38:53:d4:c4:2e:cf:3b:2c:71:f4:82:34:b5:
         16:3d:4f:cd:7f:df:3f:bd:29:3c:63:a5:c4:b3:53:ca:7d:36:
         ff:69:d5:a1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYm1TNQbauZ80rzPUDbsCjyBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjMwODAyMDgxMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjk5Y2I5YWQwNWZkNmJiZjQ3YWQ2ZWIzOTA0YTRhZGU0NDQ3ZTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgliCGqx/1xRi5YTa2xbkoXAPS7p+
1hrhkaJ3oGdoF59SUZhXFQ7xjOOIp70cSDkG65fSb0I2f53/pZtLbfT3fBRl20GN
4DGnZNTfIeNx9CwN2Uop3+gHfIPsrG0XcJL7nV3NpuZE5m+sNvgBNN19Tgn3xnbC
nFuz9br4vm1tcukdlCHRruMgoNGo3B7hQaEyBEnZTeNcKllfyixY7DEMNvsGSpfc
zDDAIo8+3DGUnviWOiJL/ulYacFi+H2jq0aeq+6kpHuafDf+7/lid8ck7r5+RPU2
D6aEQ+hhRzWJshKMfkZikcoy+0ZhUz0zLWRpB+TkrRRgQjUIg/EUotTIqQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLKZy5rQX9a79HrW6zkEpK3kRH5zMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvc3BuTG10QmYxcnYwZXRick9RU2tyZVJFZm5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg7fwjAN
BgkqhkiG9w0BAQsFAAOCAQEACwMX+yXpCYVhk+n827jvqxRC95bM+juTe3ABQFbU
WOvhTJhWtMvP9qyDoTlOsJJqMn/77qb9fnKgyHcd0UZAGu8kF/Aktx8HjiIvpa40
4JvPtGsChTybrcxxT58/hnCdXSBNbOg3j9XokU8Xtla+9TCfZXf115V//MTD7jiw
9HxB0aJfOEIh64ThEtBKMu1OedXeB87pQP1E8dGKorMTbtJPqwCAkBOg8l1TRgmj
1zJCrmtrw8I5UKd7jwRMXaC8IjcvUM3DbO3g3zXaDI6K0yBZPv0EYQMZTNftmKQ4
U9TELs87LHH0gjS1Fj1PzX/fP70pPGOlxLNTyn02/2nVoQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:59 2024 by rpki-client on console-fra.rpki-client.org