Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/qMdBzt9-JvD8Ke9N7bqDP6yyYmo.roa
File:                     qMdBzt9-JvD8Ke9N7bqDP6yyYmo.roa (raw, json)
Hash identifier:          5T//Mo8GcWukNh7swQlq/ksz1QlG4VHzQeuvHfKSXng=
Subject key identifier:   A8:C7:41:CE:DF:7E:26:F0:FC:29:EF:4D:ED:BA:83:3F:AC:B2:62:6A
Certificate issuer:       /CN=56afcd8fb40aae1d243c2a8ce2541a69987eed13
Certificate serial:       018571B0E07CFB47DEDE0AF4B21ED71F1A09
Authority key identifier: 56:AF:CD:8F:B4:0A:AE:1D:24:3C:2A:8C:E2:54:1A:69:98:7E:ED:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/qMdBzt9-JvD8Ke9N7bqDP6yyYmo.roa
Signing time:             Mon 02 Jan 2023 08:54:55 +0000
ROA not before:           Mon 02 Jan 2023 08:54:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210674
IP address blocks:        2a11:e487:ff01::/48 maxlen: 48
                          2a11:e487:ff00::/48 maxlen: 48
                          2a11:e487:ff00::/40 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:b0:e0:7c:fb:47:de:de:0a:f4:b2:1e:d7:1f:1a:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56afcd8fb40aae1d243c2a8ce2541a69987eed13
        Validity
            Not Before: Jan  2 08:54:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a8c741cedf7e26f0fc29ef4dedba833facb2626a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:44:2f:01:5c:c5:29:71:ec:56:61:df:72:24:
                    1e:ac:69:35:61:a8:4a:34:72:3a:64:58:44:2b:e9:
                    b6:89:b7:d2:f4:c4:92:1f:18:9c:1f:f3:6c:9a:98:
                    fa:d7:14:d8:f3:73:41:99:76:f6:26:e8:c0:4e:42:
                    d8:ec:1c:de:96:90:2c:01:eb:81:1c:54:7b:2a:93:
                    82:14:ec:86:e6:8b:d9:34:6c:7f:ca:08:04:91:08:
                    04:4e:a3:f4:f1:43:85:e7:56:af:f5:44:cf:4e:94:
                    db:e9:c4:e1:5a:d9:d4:26:c7:02:ca:00:08:06:e9:
                    cc:8d:6d:75:78:47:82:29:f7:9d:cc:aa:3b:b6:c0:
                    8c:79:12:e9:f0:2e:8d:30:74:e7:9b:52:9c:75:ab:
                    06:77:2f:8f:1a:0a:8b:29:3e:21:91:ba:61:e4:5c:
                    ca:9c:95:90:6d:ae:0b:e1:c3:cf:6a:da:9a:ce:e5:
                    8e:56:f6:08:e8:99:39:bb:f1:61:b3:2d:8e:a8:51:
                    f0:7c:b3:68:96:5a:b2:90:22:cc:7f:04:36:4a:61:
                    a2:9f:95:22:a0:39:b3:a6:03:46:2a:65:61:9b:4b:
                    12:1f:fd:f0:c1:cc:6f:d4:cc:19:6d:9c:2a:17:7f:
                    c5:6a:5d:5f:a6:14:24:5c:5a:0a:08:20:0e:15:e3:
                    a0:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:C7:41:CE:DF:7E:26:F0:FC:29:EF:4D:ED:BA:83:3F:AC:B2:62:6A
            X509v3 Authority Key Identifier:
                keyid:56:AF:CD:8F:B4:0A:AE:1D:24:3C:2A:8C:E2:54:1A:69:98:7E:ED:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/qMdBzt9-JvD8Ke9N7bqDP6yyYmo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:e487:ff00::/40

    Signature Algorithm: sha256WithRSAEncryption
         94:7a:b4:5c:41:c9:8b:b1:6a:a1:a1:fe:5d:8d:72:6a:2a:de:
         f0:29:63:64:90:c7:81:44:1d:8c:5e:d8:80:7b:e5:a4:1d:6e:
         6d:fa:ac:58:f9:18:c2:52:cc:a8:d3:4d:24:1c:f5:ae:2a:7f:
         9b:b2:2e:9c:81:40:fa:1e:d0:63:ea:bb:15:8a:fa:8f:17:74:
         51:1a:e7:22:33:ff:af:fa:98:45:76:af:75:43:f2:e5:45:90:
         99:b4:12:7b:65:6d:b4:0c:ca:2b:d5:9d:fe:66:91:22:e5:97:
         e0:6f:63:b5:08:1f:30:14:38:26:3c:4e:6d:25:ea:7c:d9:bb:
         5d:52:88:e1:1c:7d:29:47:25:60:e3:59:90:39:02:2f:6a:fd:
         d5:df:e0:9d:79:1c:3b:ff:07:a7:ae:6d:aa:ef:b1:ca:db:96:
         57:78:f3:d3:a9:87:80:c4:77:77:42:ab:d4:31:fa:50:30:20:
         0d:c7:21:11:76:0b:cb:b0:4b:ac:0b:d0:e7:62:fa:f4:dc:c0:
         52:79:c5:a0:a8:42:9e:4f:aa:1d:9a:8f:8e:2a:80:09:ba:23:
         07:e1:17:fc:29:37:82:f0:fd:43:b9:aa:10:14:23:f2:9c:d1:
         3a:23:06:47:cb:97:63:e9:80:cf:9c:3d:62:e1:b0:a2:dd:96:
         dd:0b:e8:d4
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVxsOB8+0fe3gr0sh7XHxoJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YWZjZDhmYjQwYWFlMWQyNDNjMmE4Y2UyNTQxYTY5OTg3
ZWVkMTMwHhcNMjMwMTAyMDg1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGM3NDFjZWRmN2UyNmYwZmMyOWVmNGRlZGJhODMzZmFjYjI2MjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0QvAVzFKXHsVmHfciQerGk1YahK
NHI6ZFhEK+m2ibfS9MSSHxicH/Nsmpj61xTY83NBmXb2JujATkLY7BzelpAsAeuB
HFR7KpOCFOyG5ovZNGx/yggEkQgETqP08UOF51av9UTPTpTb6cThWtnUJscCygAI
BunMjW11eEeCKfedzKo7tsCMeRLp8C6NMHTnm1KcdasGdy+PGgqLKT4hkbph5FzK
nJWQba4L4cPPatqazuWOVvYI6Jk5u/Fhsy2OqFHwfLNollqykCLMfwQ2SmGin5Ui
oDmzpgNGKmVhm0sSH/3wwcxv1MwZbZwqF3/Fal1fphQkXFoKCCAOFeOgGQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKjHQc7ffibw/CnvTe26gz+ssmJqMB8GA1UdIwQY
MBaAFFavzY+0Cq4dJDwqjOJUGmmYfu0TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnFfTmo3UUtyaDBrUENxTTRsUWFhWmgtN1JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80YzI2MzctM2JiYi00YTUzLWEyMTYt
MjM3YmU3NzMwMDdhLzEvcU1kQnp0OS1KdkQ4S2U5TjdicURQNnl5WW1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80YzI2MzctM2JiYi00YTUzLWEyMTYtMjM3YmU3NzMwMDdh
LzEvVnFfTmo3UUtyaDBrUENxTTRsUWFhWmgtN1JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhHkh/8w
DQYJKoZIhvcNAQELBQADggEBAJR6tFxByYuxaqGh/l2Ncmoq3vApY2SQx4FEHYxe
2IB75aQdbm36rFj5GMJSzKjTTSQc9a4qf5uyLpyBQPoe0GPquxWK+o8XdFEa5yIz
/6/6mEV2r3VD8uVFkJm0EntlbbQMyivVnf5mkSLll+BvY7UIHzAUOCY8Tm0l6nzZ
u11SiOEcfSlHJWDjWZA5Ai9q/dXf4J15HDv/B6eubarvscrblld489Oph4DEd3dC
q9Qx+lAwIA3HIRF2C8uwS6wL0Odi+vTcwFJ5xaCoQp5Pqh2aj44qgAm6IwfhF/wp
N4Lw/UO5qhAUI/Kc0TojBkfLl2PpgM+cPWLhsKLdlt0L6NQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:52 2024 by rpki-client on console-fra.rpki-client.org