Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/let4eAmD_cSv0A3pE0usIMltkqU.roa
File:                     let4eAmD_cSv0A3pE0usIMltkqU.roa (raw, json)
Hash identifier:          wMXAJKOzNT0m1eVbe5TpwKNT2uApDmJI49M1049ucxU=
Subject key identifier:   95:EB:78:78:09:83:FD:C4:AF:D0:0D:E9:13:4B:AC:20:C9:6D:92:A5
Certificate issuer:       /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial:       01856CAEFC70DA93676CFCDBE4D81C9BE8C7
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/let4eAmD_cSv0A3pE0usIMltkqU.roa
Signing time:             Sun 01 Jan 2023 09:34:45 +0000
ROA not before:           Sun 01 Jan 2023 09:34:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43289
IP address blocks:        2a03:f80:373::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 28 Aug 2023 07:15:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:ae:fc:70:da:93:67:6c:fc:db:e4:d8:1c:9b:e8:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
        Validity
            Not Before: Jan  1 09:34:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=95eb78780983fdc4afd00de9134bac20c96d92a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:e6:d4:6d:d1:ac:94:33:f8:40:ce:1e:0f:81:
                    2e:5d:28:a2:2a:f9:db:80:c8:22:8b:71:fe:2c:f8:
                    53:23:b4:98:69:c1:d6:e5:4a:aa:76:6d:ae:5b:01:
                    6f:f2:35:89:1d:11:27:29:62:9f:c9:48:d0:44:23:
                    d6:f6:80:13:40:5f:2b:a5:33:5e:6b:64:c7:0c:fd:
                    dc:ec:a5:40:c4:54:9b:c5:49:34:a5:2c:07:2d:2a:
                    ca:69:15:eb:3d:89:f7:2c:2f:ce:bb:fb:3c:a3:22:
                    9e:b9:55:7b:af:ab:a5:32:18:d9:01:e1:9d:19:24:
                    ee:34:c3:3a:b3:28:06:ef:20:93:a6:25:53:f4:f3:
                    4d:e0:9f:ed:b7:87:27:f8:af:40:ef:e4:18:87:59:
                    22:07:08:bc:45:87:57:45:ff:c9:d4:30:2c:94:08:
                    a2:b3:83:4f:b5:58:76:76:f7:a9:3c:f8:07:7d:17:
                    a6:79:df:63:9b:62:d3:4b:49:28:07:70:0d:ba:f4:
                    06:dc:f5:2e:a7:21:80:7b:32:7e:67:9e:a0:83:22:
                    82:55:27:f2:d7:34:e3:55:72:b4:94:4e:04:03:9d:
                    7f:4d:0c:d0:4d:70:ec:48:ce:cf:6d:d4:0e:bc:86:
                    82:ca:2a:74:ec:1e:f8:2f:76:7d:26:e9:df:77:c5:
                    e7:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:EB:78:78:09:83:FD:C4:AF:D0:0D:E9:13:4B:AC:20:C9:6D:92:A5
            X509v3 Authority Key Identifier:
                keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/let4eAmD_cSv0A3pE0usIMltkqU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a03:f80:373::/48

    Signature Algorithm: sha256WithRSAEncryption
         55:a6:cd:fc:af:b1:a0:97:f8:6c:9a:64:e5:93:c5:78:22:81:
         2d:35:81:25:16:8e:26:6f:5f:29:b6:3f:c1:08:28:0e:14:01:
         f4:19:f9:38:f1:1d:43:b8:de:95:91:ae:73:b3:cc:fa:14:3a:
         d2:6d:32:ac:01:39:91:78:7b:fe:7d:b8:e5:da:38:ed:34:63:
         d0:bc:b1:70:fb:17:b3:f6:2a:4d:0b:b5:86:a0:b6:06:c2:72:
         a5:6f:0f:52:94:47:8b:e0:3e:15:ad:1d:53:d8:13:94:1e:1c:
         6a:f8:52:78:b1:98:e8:8d:4c:ca:18:bc:47:3f:81:a0:c2:d6:
         9e:7d:d9:fe:cc:45:b5:b5:2f:3e:b0:1b:c2:6a:e3:9e:c8:55:
         40:03:e1:13:b6:59:b3:f5:d4:51:55:eb:65:dd:61:06:cc:06:
         27:ed:e4:52:7e:f1:2b:df:7b:93:a8:ac:3c:d4:00:cd:a6:c5:
         94:ea:f6:d1:ed:80:3b:31:27:df:13:bb:2f:c9:5b:73:8a:b7:
         f5:fc:8d:c3:f4:6c:b4:8f:71:bd:df:76:6e:e9:df:73:e0:1f:
         32:18:ee:89:0e:95:82:0e:5d:73:29:06:99:c6:ea:64:bb:1e:
         7f:9b:10:e0:f5:1f:73:e3:99:d2:02:c8:69:31:5f:67:0b:c6:
         96:2c:5e:bc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsrvxw2pNnbPzb5Ngcm+jHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwMTAxMDkzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWViNzg3ODA5ODNmZGM0YWZkMDBkZTkxMzRiYWMyMGM5NmQ5MmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArebUbdGslDP4QM4eD4EuXSiiKvnb
gMgii3H+LPhTI7SYacHW5Uqqdm2uWwFv8jWJHREnKWKfyUjQRCPW9oATQF8rpTNe
a2THDP3c7KVAxFSbxUk0pSwHLSrKaRXrPYn3LC/Ou/s8oyKeuVV7r6ulMhjZAeGd
GSTuNMM6sygG7yCTpiVT9PNN4J/tt4cn+K9A7+QYh1kiBwi8RYdXRf/J1DAslAii
s4NPtVh2dvepPPgHfRemed9jm2LTS0koB3ANuvQG3PUupyGAezJ+Z56ggyKCVSfy
1zTjVXK0lE4EA51/TQzQTXDsSM7PbdQOvIaCyip07B74L3Z9Junfd8XnrQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJXreHgJg/3Er9AN6RNLrCDJbZKlMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvbGV0NGVBbURfY1N2MEEzcEUwdXNJTWx0a3FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgMPgANz
MA0GCSqGSIb3DQEBCwUAA4IBAQBVps38r7Ggl/hsmmTlk8V4IoEtNYElFo4mb18p
tj/BCCgOFAH0Gfk48R1DuN6Vka5zs8z6FDrSbTKsATmReHv+fbjl2jjtNGPQvLFw
+xez9ipNC7WGoLYGwnKlbw9SlEeL4D4VrR1T2BOUHhxq+FJ4sZjojUzKGLxHP4Gg
wtaefdn+zEW1tS8+sBvCauOeyFVAA+ETtlmz9dRRVetl3WEGzAYn7eRSfvEr33uT
qKw81ADNpsWU6vbR7YA7MSffE7svyVtzirf1/I3D9Gy0j3G933Zu6d9z4B8yGO6J
DpWCDl1zKQaZxupkux5/mxDg9R9z45nSAshpMV9nC8aWLF68
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:28 2024 by rpki-client on console-fra.rpki-client.org