Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/rTU6HMS-8zJfFDehn2BAr9lhIVQ.roa
File:                     rTU6HMS-8zJfFDehn2BAr9lhIVQ.roa (raw, json)
Hash identifier:          T3fknaBNt2ukAppEFxsfMOig8oCdil43mVu70Nm/Wlo=
Subject key identifier:   AD:35:3A:1C:C4:BE:F3:32:5F:14:37:A1:9F:60:40:AF:D9:61:21:54
Certificate issuer:       /CN=e1ef9694aa48d81279e8ede430795f2768d2dd52
Certificate serial:       01856C25E74589FD438CE4A64A6162F5A12E
Authority key identifier: E1:EF:96:94:AA:48:D8:12:79:E8:ED:E4:30:79:5F:27:68:D2:DD:52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/rTU6HMS-8zJfFDehn2BAr9lhIVQ.roa
Signing time:             Sun 01 Jan 2023 07:05:01 +0000
ROA not before:           Sun 01 Jan 2023 07:05:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6786
IP address blocks:        185.39.48.0/23 maxlen: 23
                          2a04:7a00::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:25:e7:45:89:fd:43:8c:e4:a6:4a:61:62:f5:a1:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1ef9694aa48d81279e8ede430795f2768d2dd52
        Validity
            Not Before: Jan  1 07:05:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ad353a1cc4bef3325f1437a19f6040afd9612154
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:46:05:4d:c5:8a:06:4e:52:8c:eb:c5:b6:fb:
                    c6:6b:aa:a2:77:76:ff:85:71:fa:cc:df:b2:e1:90:
                    27:4b:82:4b:77:62:07:3e:75:40:8d:9d:dd:31:09:
                    5c:97:1e:12:95:82:3d:43:75:f5:a8:0b:59:93:4f:
                    65:a8:b3:96:57:63:92:4f:d8:af:04:06:22:c7:0a:
                    5e:be:c4:55:e2:b2:b9:fc:19:ba:0f:d8:60:d0:a0:
                    c4:b2:70:fa:3b:79:94:80:54:17:7c:e4:c0:b7:3a:
                    16:79:a1:b6:d0:ae:f5:0e:52:14:0f:f5:94:12:73:
                    0b:ee:ed:d0:2e:11:e7:76:ae:8d:17:5d:8d:c2:0e:
                    35:9a:44:9e:22:c3:dc:5f:2e:48:6e:b4:01:69:20:
                    08:4d:e4:32:07:98:b4:af:82:ec:5b:24:f1:b5:82:
                    8a:1f:e7:c8:eb:20:d4:ce:8b:8c:4c:c6:8b:e8:4a:
                    7b:5b:0b:f9:c6:76:20:50:1b:75:34:ea:9e:ca:08:
                    73:5f:7a:41:ac:e6:0c:97:52:29:dd:21:60:ff:88:
                    14:87:4f:32:70:33:a3:5d:c8:ec:1d:2c:ee:14:39:
                    a4:9f:a4:10:6d:ee:fc:a3:f0:88:17:6e:65:79:6a:
                    84:9d:c6:14:3c:78:5b:c6:71:9f:97:20:70:91:c4:
                    1b:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:35:3A:1C:C4:BE:F3:32:5F:14:37:A1:9F:60:40:AF:D9:61:21:54
            X509v3 Authority Key Identifier:
                keyid:E1:EF:96:94:AA:48:D8:12:79:E8:ED:E4:30:79:5F:27:68:D2:DD:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/rTU6HMS-8zJfFDehn2BAr9lhIVQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.39.48.0/23
                IPv6:
                  2a04:7a00::/32

    Signature Algorithm: sha256WithRSAEncryption
         29:b4:39:e0:21:8a:ba:a5:ce:b1:5a:5e:92:1a:6f:42:4e:d8:
         a8:a0:17:d1:ec:60:1c:60:24:da:b7:28:a5:1e:79:0d:c9:40:
         4f:ea:0f:d5:a0:16:73:95:bf:fc:36:b6:28:71:0e:25:7d:28:
         0d:3a:39:a3:a9:f5:76:0d:f2:09:2a:9f:e5:23:44:98:30:c0:
         68:fb:1c:c8:00:b9:c7:4b:5b:88:e0:14:97:12:0d:6d:28:34:
         31:ef:d8:e5:db:84:61:fc:3b:83:27:aa:e2:53:65:66:e1:4d:
         7b:8e:d8:5a:ba:e8:69:1b:fb:fa:c5:bc:ae:77:95:49:92:1b:
         45:21:ca:2f:d4:7f:86:c2:54:aa:c2:bf:ae:45:f0:39:5b:aa:
         52:e5:0b:fe:d3:fc:fc:d0:7a:a7:af:a5:f6:66:66:c9:9f:f7:
         af:12:5b:d5:58:4d:31:9e:bf:a2:8b:60:7a:0f:c2:a2:86:4b:
         f6:5a:66:c6:9e:e9:e4:88:84:fe:30:f1:75:70:c5:2f:43:7d:
         9d:cb:bc:e8:84:1f:c4:44:47:c3:63:34:42:d2:f7:1b:26:4f:
         fa:9d:20:02:b0:a4:ee:93:bd:a9:04:50:bc:26:fd:25:e8:a8:
         b7:ef:fe:cc:b4:6e:18:5b:72:ba:8e:cb:01:52:55:37:ec:07:
         76:49:62:f9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsJedFif1DjOSmSmFi9aEuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZWY5Njk0YWE0OGQ4MTI3OWU4ZWRlNDMwNzk1ZjI3Njhk
MmRkNTIwHhcNMjMwMTAxMDcwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDM1M2ExY2M0YmVmMzMyNWYxNDM3YTE5ZjYwNDBhZmQ5NjEyMTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEYFTcWKBk5SjOvFtvvGa6qid3b/
hXH6zN+y4ZAnS4JLd2IHPnVAjZ3dMQlclx4SlYI9Q3X1qAtZk09lqLOWV2OST9iv
BAYixwpevsRV4rK5/Bm6D9hg0KDEsnD6O3mUgFQXfOTAtzoWeaG20K71DlIUD/WU
EnML7u3QLhHndq6NF12Nwg41mkSeIsPcXy5IbrQBaSAITeQyB5i0r4LsWyTxtYKK
H+fI6yDUzouMTMaL6Ep7Wwv5xnYgUBt1NOqeyghzX3pBrOYMl1Ip3SFg/4gUh08y
cDOjXcjsHSzuFDmkn6QQbe78o/CIF25leWqEncYUPHhbxnGflyBwkcQb3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK01OhzEvvMyXxQ3oZ9gQK/ZYSFUMB8GA1UdIwQY
MBaAFOHvlpSqSNgSeejt5DB5Xydo0t1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGUtV2xLcEkyQko1Nk8za01IbGZKMmpTM1ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iMDU2NjctZTg1MC00YzQ1LWFlZTMt
YWRlZDFjNDY5ZWFmLzEvclRVNkhNUy04ekpmRkRlaG4yQkFyOWxoSVZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iMDU2NjctZTg1MC00YzQ1LWFlZTMtYWRlZDFjNDY5ZWFm
LzEvNGUtV2xLcEkyQko1Nk8za01IbGZKMmpTM1ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuScwMA0E
AgACMAcDBQAqBHoAMA0GCSqGSIb3DQEBCwUAA4IBAQAptDngIYq6pc6xWl6SGm9C
TtiooBfR7GAcYCTatyilHnkNyUBP6g/VoBZzlb/8NrYocQ4lfSgNOjmjqfV2DfIJ
Kp/lI0SYMMBo+xzIALnHS1uI4BSXEg1tKDQx79jl24Rh/DuDJ6riU2Vm4U17jtha
uuhpG/v6xbyud5VJkhtFIcov1H+GwlSqwr+uRfA5W6pS5Qv+0/z80Hqnr6X2ZmbJ
n/evElvVWE0xnr+ii2B6D8Kihkv2WmbGnunkiIT+MPF1cMUvQ32dy7zohB/EREfD
YzRC0vcbJk/6nSACsKTuk72pBFC8Jv0l6Ki37/7MtG4YW3K6jssBUlU37Ad2SWL5
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:07 2024 by rpki-client on console-ams.rpki-client.org