Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/UsT6i8aRedysyUYDHCh904jtEn8.roa
File:                     UsT6i8aRedysyUYDHCh904jtEn8.roa (raw, json)
Hash identifier:          XLKp3J9JmHECElWbOmH0QRqbbE4A/l2HXAISL/eBuBg=
Subject key identifier:   52:C4:FA:8B:C6:91:79:DC:AC:C9:46:03:1C:28:7D:D3:88:ED:12:7F
Certificate issuer:       /CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Certificate serial:       0185821835B219C9554D4DE273A410DB01C1
Authority key identifier: ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/UsT6i8aRedysyUYDHCh904jtEn8.roa
Signing time:             Thu 05 Jan 2023 13:21:42 +0000
ROA not before:           Thu 05 Jan 2023 13:21:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202313
IP address blocks:        2a0d:1a40:fa0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:82:18:35:b2:19:c9:55:4d:4d:e2:73:a4:10:db:01:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
        Validity
            Not Before: Jan  5 13:21:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=52c4fa8bc69179dcacc946031c287dd388ed127f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:fb:f9:c2:d7:c0:b9:ba:de:0c:b9:89:46:a7:
                    1f:09:43:80:e0:ca:40:35:15:d2:b0:f4:9d:89:9d:
                    a4:29:49:d5:48:c3:e2:b6:b0:3e:2a:ca:80:78:84:
                    71:a4:c8:85:db:72:33:60:69:57:ef:33:6e:2c:1d:
                    66:01:8c:15:77:95:94:33:42:5c:a8:2b:a2:fd:b3:
                    e8:cd:0b:33:ee:f9:30:f7:68:af:76:f0:61:18:43:
                    bf:42:38:77:be:5d:06:d5:66:72:32:8b:53:29:69:
                    4a:97:59:8f:90:3b:40:1d:d3:ac:58:3b:9c:cf:63:
                    37:c0:f5:5e:0b:48:56:1e:1e:48:5e:67:ff:93:be:
                    cc:d0:30:3c:0d:c1:eb:a3:63:25:c4:6a:8b:51:e7:
                    1c:23:27:a6:59:6e:7a:e9:c0:48:6e:56:4c:5a:5e:
                    e3:f2:a6:fb:25:b9:bc:19:6a:ef:90:be:8f:c3:2d:
                    55:f8:0c:51:ef:ca:a8:95:07:9e:bb:39:1b:7e:35:
                    51:8a:1d:a0:74:d3:68:2b:e5:0e:18:89:16:be:6a:
                    ac:06:9e:d6:56:4c:53:53:9d:65:2b:86:23:63:84:
                    0f:49:0a:07:ee:d9:16:e8:78:54:9a:ca:29:17:a4:
                    fd:12:c0:d7:7e:ba:8a:29:a9:83:be:40:96:b8:3a:
                    72:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:C4:FA:8B:C6:91:79:DC:AC:C9:46:03:1C:28:7D:D3:88:ED:12:7F
            X509v3 Authority Key Identifier:
                keyid:ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/UsT6i8aRedysyUYDHCh904jtEn8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:1a40:fa0::/44

    Signature Algorithm: sha256WithRSAEncryption
         03:55:e0:aa:94:da:72:61:5b:00:6a:43:16:23:f7:1f:78:79:
         31:dd:d5:e0:16:5e:df:7b:f4:b3:52:9e:91:c6:67:f9:d7:c8:
         1a:7c:ab:94:1f:82:a0:c0:13:db:7e:79:ca:c8:06:7d:b4:31:
         b2:01:8f:85:1a:b8:05:bd:59:4d:4d:b5:11:27:2b:3f:af:a7:
         61:3a:d7:fe:a4:8b:ca:6d:e1:b4:7a:4f:41:e3:64:a4:fc:0f:
         75:d6:99:8b:a2:eb:be:95:85:0d:06:46:9a:cb:4d:ea:6b:b8:
         ed:68:e4:b8:77:45:04:ec:cc:a2:d8:25:4f:9f:c6:3e:7a:84:
         b5:70:30:a4:52:21:ad:f8:9d:9a:38:30:a6:86:05:38:3b:ed:
         08:9b:db:f4:0f:b0:6e:57:d8:db:9a:9b:c9:72:7a:62:b7:fa:
         ae:0f:63:a2:04:cf:6e:d7:96:ed:33:51:72:a6:49:f3:45:60:
         a9:3c:2e:81:c2:92:3d:dc:fb:36:27:52:1f:1e:4e:e9:a7:f2:
         c7:b1:11:78:8c:f7:5f:dc:08:92:4c:02:eb:54:94:5f:14:00:
         3c:59:ee:8b:48:af:11:81:6c:8a:05:4e:26:6b:5b:5f:72:d4:
         e3:5a:6d:b1:c2:1e:52:63:66:28:06:4c:fa:0e:48:ce:f8:92:
         4b:fc:db:06
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYWCGDWyGclVTU3ic6QQ2wHBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNzdlNmI5MjViM2I3YTdhYmI5Mjg4NWQ1NWQ3MzNkYzVm
YTYyZDIwHhcNMjMwMTA1MTMyMTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmM0ZmE4YmM2OTE3OWRjYWNjOTQ2MDMxYzI4N2RkMzg4ZWQxMjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPv5wtfAubreDLmJRqcfCUOA4MpA
NRXSsPSdiZ2kKUnVSMPitrA+KsqAeIRxpMiF23IzYGlX7zNuLB1mAYwVd5WUM0Jc
qCui/bPozQsz7vkw92ivdvBhGEO/Qjh3vl0G1WZyMotTKWlKl1mPkDtAHdOsWDuc
z2M3wPVeC0hWHh5IXmf/k77M0DA8DcHro2MlxGqLUeccIyemWW566cBIblZMWl7j
8qb7Jbm8GWrvkL6Pwy1V+AxR78qolQeeuzkbfjVRih2gdNNoK+UOGIkWvmqsBp7W
VkxTU51lK4YjY4QPSQoH7tkW6HhUmsopF6T9EsDXfrqKKamDvkCWuDpy9QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFLE+ovGkXncrMlGAxwofdOI7RJ/MB8GA1UdIwQY
MBaAFO135rkls7enq7kohdVdcz3F+mLSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMt
OTI4MTlkZThhMDM2LzEvVXNUNmk4YVJlZHlzeVVZREhDaDkwNGp0RW44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMtOTI4MTlkZThhMDM2
LzEvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg0aQA+g
MA0GCSqGSIb3DQEBCwUAA4IBAQADVeCqlNpyYVsAakMWI/cfeHkx3dXgFl7fe/Sz
Up6Rxmf518gafKuUH4KgwBPbfnnKyAZ9tDGyAY+FGrgFvVlNTbURJys/r6dhOtf+
pIvKbeG0ek9B42Sk/A911pmLouu+lYUNBkaay03qa7jtaOS4d0UE7Myi2CVPn8Y+
eoS1cDCkUiGt+J2aODCmhgU4O+0Im9v0D7BuV9jbmpvJcnpit/quD2OiBM9u15bt
M1FypknzRWCpPC6BwpI93Ps2J1IfHk7pp/LHsRF4jPdf3AiSTALrVJRfFAA8We6L
SK8RgWyKBU4ma1tfctTjWm2xwh5SY2YoBkz6DkjO+JJL/NsG
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:35 2024 by rpki-client on console-ams.rpki-client.org