Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/eEOPr9o1_oLlLIeQbUm8DrKNdPw.roa
File:                     eEOPr9o1_oLlLIeQbUm8DrKNdPw.roa (raw, json)
Hash identifier:          BbEAZGuAT3CFJb9AVpsDByG0LxzPe7uJoepSBdsxdic=
Subject key identifier:   78:43:8F:AF:DA:35:FE:82:E5:2C:87:90:6D:49:BC:0E:B2:8D:74:FC
Certificate issuer:       /CN=b155daddb871b9d6a53cd6b47f776250837f7774
Certificate serial:       01856DDD28F2AE980AD8BF5878E81578133E
Authority key identifier: B1:55:DA:DD:B8:71:B9:D6:A5:3C:D6:B4:7F:77:62:50:83:7F:77:74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVXa3bhxudalPNa0f3diUIN_d3Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/eEOPr9o1_oLlLIeQbUm8DrKNdPw.roa
Signing time:             Sun 01 Jan 2023 15:04:48 +0000
ROA not before:           Sun 01 Jan 2023 15:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35062
IP address blocks:        2a02:8205:480b::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:dd:28:f2:ae:98:0a:d8:bf:58:78:e8:15:78:13:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155daddb871b9d6a53cd6b47f776250837f7774
        Validity
            Not Before: Jan  1 15:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=78438fafda35fe82e52c87906d49bc0eb28d74fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:b7:ef:3f:24:de:7d:f3:26:aa:bb:b8:2e:68:
                    c8:c7:b9:a5:cf:15:76:f7:79:d1:ed:2a:b6:a8:bb:
                    92:9b:ce:4c:96:cb:61:e0:23:b2:63:2c:d7:c6:52:
                    02:fa:7a:e8:da:61:8b:65:5f:70:44:70:c7:ed:ae:
                    7b:db:ec:67:7a:85:dd:6a:ec:c2:e9:93:56:54:b4:
                    dc:02:8b:64:03:7b:d2:6f:e5:8e:c6:12:d8:36:8f:
                    96:76:6b:0d:fe:85:93:08:8d:b4:31:b2:32:dc:31:
                    ab:11:0f:b5:d3:1c:c3:d8:43:02:84:34:bb:42:4d:
                    e0:29:ec:7c:0b:a9:16:d8:56:34:33:5b:af:87:e6:
                    9e:a5:f6:42:c3:64:98:23:10:fd:ae:97:d7:d2:76:
                    d9:af:2c:16:a2:15:6f:e1:7a:1f:95:60:b4:98:79:
                    0f:b7:37:41:90:e4:b5:77:4f:0a:fe:aa:e3:d6:b7:
                    c2:ed:ff:65:31:83:a6:47:a9:a2:39:6d:c8:0a:95:
                    8f:62:a8:67:82:96:40:e7:88:0d:06:c9:a1:5f:3b:
                    50:88:b8:90:48:80:0d:5d:86:86:15:eb:fe:5e:64:
                    45:22:ef:e8:57:9b:47:12:06:70:84:ce:2b:b0:d2:
                    6b:79:ec:4c:75:2a:eb:cf:ae:c9:3d:96:67:02:f2:
                    98:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:43:8F:AF:DA:35:FE:82:E5:2C:87:90:6D:49:BC:0E:B2:8D:74:FC
            X509v3 Authority Key Identifier:
                keyid:B1:55:DA:DD:B8:71:B9:D6:A5:3C:D6:B4:7F:77:62:50:83:7F:77:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVXa3bhxudalPNa0f3diUIN_d3Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/eEOPr9o1_oLlLIeQbUm8DrKNdPw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/sVXa3bhxudalPNa0f3diUIN_d3Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a02:8205:480b::/48

    Signature Algorithm: sha256WithRSAEncryption
         2e:0a:1a:bc:e7:6c:16:39:03:77:d8:75:ae:60:a2:55:42:f8:
         ec:18:a4:0c:30:05:62:02:e0:db:86:19:17:b4:fb:01:3a:4a:
         40:c9:db:12:8d:64:e8:23:6e:40:92:3a:1b:01:9e:88:3e:8a:
         63:09:36:bc:b6:f2:90:8b:d8:4d:88:3e:39:68:ce:9d:5b:ae:
         d0:a3:7e:74:ea:4b:ea:1f:bb:4c:7b:72:90:22:eb:bd:1a:c7:
         69:c8:d6:29:26:b2:50:50:ea:f7:92:7c:05:95:b5:8b:4c:f0:
         bd:a5:a2:5e:a2:2b:95:cb:28:df:6f:7a:5f:3b:ca:f2:f4:8a:
         43:2b:35:46:77:c6:3f:07:c2:ce:59:8b:c8:be:ea:a5:2a:a0:
         02:28:e3:30:d8:c4:cf:f1:d0:9d:32:51:ea:75:45:ea:6d:82:
         7f:1c:af:24:a7:9f:9e:7c:c1:cc:23:a3:da:f6:95:87:f0:03:
         70:5a:6c:dc:55:df:06:f5:2e:d8:6e:1e:6b:7e:9f:17:38:61:
         c5:44:b5:47:31:6e:8f:53:10:35:ea:fa:03:c9:78:e7:35:a9:
         98:97:57:5a:11:ba:9d:81:73:0d:2d:52:60:6f:21:a4:e0:08:
         b3:b0:c1:f3:c6:a6:35:ee:fc:ef:16:54:0d:f2:45:95:be:38:
         a1:bc:4d:70
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVt3SjyrpgK2L9YeOgVeBM+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTVkYWRkYjg3MWI5ZDZhNTNjZDZiNDdmNzc2MjUwODM3
Zjc3NzQwHhcNMjMwMTAxMTUwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODQzOGZhZmRhMzVmZTgyZTUyYzg3OTA2ZDQ5YmMwZWIyOGQ3NGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7fvPyTeffMmqru4LmjIx7mlzxV2
93nR7Sq2qLuSm85Mlsth4COyYyzXxlIC+nro2mGLZV9wRHDH7a572+xneoXdauzC
6ZNWVLTcAotkA3vSb+WOxhLYNo+WdmsN/oWTCI20MbIy3DGrEQ+10xzD2EMChDS7
Qk3gKex8C6kW2FY0M1uvh+aepfZCw2SYIxD9rpfX0nbZrywWohVv4XoflWC0mHkP
tzdBkOS1d08K/qrj1rfC7f9lMYOmR6miOW3ICpWPYqhngpZA54gNBsmhXztQiLiQ
SIANXYaGFev+XmRFIu/oV5tHEgZwhM4rsNJreexMdSrrz67JPZZnAvKY+wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHhDj6/aNf6C5SyHkG1JvA6yjXT8MB8GA1UdIwQY
MBaAFLFV2t24cbnWpTzWtH93YlCDf3d0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZYYTNiaHh1ZGFsUE5hMGYzZGlVSU5fZDNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS84ZmQ2ZTctNDk2Zi00N2NmLTgwZmIt
NTQ2OGIyY2YwYTc3LzEvZUVPUHI5bzFfb0xsTEllUWJVbThEcktOZFB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS84ZmQ2ZTctNDk2Zi00N2NmLTgwZmItNTQ2OGIyY2YwYTc3
LzEvc1ZYYTNiaHh1ZGFsUE5hMGYzZGlVSU5fZDNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgKCBUgL
MA0GCSqGSIb3DQEBCwUAA4IBAQAuChq852wWOQN32HWuYKJVQvjsGKQMMAViAuDb
hhkXtPsBOkpAydsSjWToI25AkjobAZ6IPopjCTa8tvKQi9hNiD45aM6dW67Qo350
6kvqH7tMe3KQIuu9GsdpyNYpJrJQUOr3knwFlbWLTPC9paJeoiuVyyjfb3pfO8ry
9IpDKzVGd8Y/B8LOWYvIvuqlKqACKOMw2MTP8dCdMlHqdUXqbYJ/HK8kp5+efMHM
I6Pa9pWH8ANwWmzcVd8G9S7Ybh5rfp8XOGHFRLVHMW6PUxA16voDyXjnNamYl1da
EbqdgXMNLVJgbyGk4AizsMHzxqY17vzvFlQN8kWVvjihvE1w
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:54 2024 by rpki-client on console-fra.rpki-client.org