Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/DoaAtUkLOGwECdPgV47xkP3tG6I.roa
File:                     DoaAtUkLOGwECdPgV47xkP3tG6I.roa (raw, json)
Hash identifier:          V0NjhjMEDAra2vuSaMKmtMxwhggqdNaLy1R/BcSb5yM=
Subject key identifier:   0E:86:80:B5:49:0B:38:6C:04:09:D3:E0:57:8E:F1:90:FD:ED:1B:A2
Certificate issuer:       /CN=0bb3e73aa8b7f0af3bd8400572dae72b0d46f55c
Certificate serial:       01856F391BBA7735EAD45ED69DDFC74D444E
Authority key identifier: 0B:B3:E7:3A:A8:B7:F0:AF:3B:D8:40:05:72:DA:E7:2B:0D:46:F5:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C7PnOqi38K872EAFctrnKw1G9Vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/DoaAtUkLOGwECdPgV47xkP3tG6I.roa
Signing time:             Sun 01 Jan 2023 21:24:51 +0000
ROA not before:           Sun 01 Jan 2023 21:24:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209968
IP address blocks:        2a0e:48c0::/29 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:39:1b:ba:77:35:ea:d4:5e:d6:9d:df:c7:4d:44:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0bb3e73aa8b7f0af3bd8400572dae72b0d46f55c
        Validity
            Not Before: Jan  1 21:24:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0e8680b5490b386c0409d3e0578ef190fded1ba2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:f3:5f:a1:2d:1b:0b:26:79:db:72:a3:3d:d2:
                    6f:03:a9:68:3b:a5:63:b4:74:9a:08:75:61:f1:01:
                    35:10:ac:98:38:ad:e3:01:db:af:a6:f3:a0:5a:e8:
                    b1:08:32:8e:f3:a7:38:c6:d1:a1:92:26:dc:b3:00:
                    19:4a:42:ce:71:e1:aa:66:f7:f9:98:6b:ef:6d:fd:
                    22:a6:40:7c:e1:90:dc:89:b2:cf:96:0d:2d:57:93:
                    80:6e:fa:c1:03:87:db:37:5a:69:c7:00:3f:2b:7a:
                    bb:76:31:3d:95:f8:d6:74:0a:0a:d9:13:0e:c9:64:
                    14:10:e9:f8:82:9c:44:ae:87:d5:6f:cd:3b:aa:65:
                    02:76:f8:e6:a2:49:5b:99:72:1c:e6:19:61:b1:83:
                    1d:40:f5:90:43:13:c9:d2:f0:cb:cc:37:be:f2:3e:
                    2b:cd:8d:39:ad:e1:65:42:06:31:c6:43:49:14:e9:
                    50:b6:40:dd:54:57:e3:22:84:b9:67:f2:ae:ad:0a:
                    ef:82:84:6e:eb:25:d3:24:c6:bf:98:79:b0:92:b1:
                    13:15:36:32:0d:86:46:a5:b9:45:41:c1:f5:07:ea:
                    04:e2:37:5e:62:d1:ec:60:c5:c7:93:a4:c8:4f:b5:
                    17:87:0f:88:3f:13:ad:1b:e9:a2:68:13:dc:2f:96:
                    18:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:86:80:B5:49:0B:38:6C:04:09:D3:E0:57:8E:F1:90:FD:ED:1B:A2
            X509v3 Authority Key Identifier:
                keyid:0B:B3:E7:3A:A8:B7:F0:AF:3B:D8:40:05:72:DA:E7:2B:0D:46:F5:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C7PnOqi38K872EAFctrnKw1G9Vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/DoaAtUkLOGwECdPgV47xkP3tG6I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/C7PnOqi38K872EAFctrnKw1G9Vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:48c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         39:1e:0b:bd:5b:22:61:a9:cd:97:02:23:55:b4:b5:8f:06:63:
         cf:c6:a0:83:af:3e:99:8b:63:8b:6e:71:24:00:b5:c5:e6:7e:
         eb:01:3a:94:78:18:67:a7:a9:3b:73:8e:a5:e4:2b:75:00:9c:
         cb:16:19:2d:4b:48:cd:65:00:f9:29:16:fb:27:59:7c:7c:aa:
         4b:70:ab:98:27:c9:0a:e6:4e:10:2c:dd:28:49:a4:46:ab:00:
         57:c7:17:e9:45:15:fd:9d:13:5c:b8:ef:e3:be:6b:8a:97:8a:
         87:d4:d4:d2:b9:2e:c2:5a:69:8c:ad:e7:ca:02:90:21:3b:bf:
         1d:23:3b:a7:46:93:74:e5:93:dc:29:94:47:1b:24:b6:53:3b:
         9d:42:b7:66:e7:cc:b2:78:c2:35:87:86:e8:49:0b:ca:40:aa:
         d1:b4:b7:c5:ea:14:4d:68:6e:36:3b:56:cd:88:21:4d:9f:e4:
         9b:a7:4e:e6:80:58:11:77:7b:85:2a:dd:4e:e4:c8:0c:67:1f:
         3b:a9:08:87:b7:39:9a:ba:1e:72:40:95:70:e2:2f:33:dc:87:
         6e:97:7b:9c:f1:28:1a:62:cc:5f:7f:59:2b:60:db:ba:d1:d4:
         a9:12:ac:a4:37:2e:03:4a:6e:36:4d:b7:85:8d:77:95:b4:b6:
         a4:0e:15:de
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvORu6dzXq1F7Wnd/HTUROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYjNlNzNhYThiN2YwYWYzYmQ4NDAwNTcyZGFlNzJiMGQ0
NmY1NWMwHhcNMjMwMTAxMjEyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTg2ODBiNTQ5MGIzODZjMDQwOWQzZTA1NzhlZjE5MGZkZWQxYmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/NfoS0bCyZ523KjPdJvA6loO6Vj
tHSaCHVh8QE1EKyYOK3jAduvpvOgWuixCDKO86c4xtGhkibcswAZSkLOceGqZvf5
mGvvbf0ipkB84ZDcibLPlg0tV5OAbvrBA4fbN1ppxwA/K3q7djE9lfjWdAoK2RMO
yWQUEOn4gpxErofVb807qmUCdvjmoklbmXIc5hlhsYMdQPWQQxPJ0vDLzDe+8j4r
zY05reFlQgYxxkNJFOlQtkDdVFfjIoS5Z/KurQrvgoRu6yXTJMa/mHmwkrETFTYy
DYZGpblFQcH1B+oE4jdeYtHsYMXHk6TIT7UXhw+IPxOtG+miaBPcL5YYHwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFA6GgLVJCzhsBAnT4FeO8ZD97RuiMB8GA1UdIwQY
MBaAFAuz5zqot/CvO9hABXLa5ysNRvVcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzdQbk9xaTM4Szg3MkVBRmN0cm5LdzFHOVZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lZmY2N2YtNDBhOS00Nzc1LWE5YzIt
YWQyOGZhOTY2YjUxLzEvRG9hQXRVa0xPR3dFQ2RQZ1Y0N3hrUDN0RzZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lZmY2N2YtNDBhOS00Nzc1LWE5YzItYWQyOGZhOTY2YjUx
LzEvQzdQbk9xaTM4Szg3MkVBRmN0cm5LdzFHOVZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg5IwDAN
BgkqhkiG9w0BAQsFAAOCAQEAOR4LvVsiYanNlwIjVbS1jwZjz8agg68+mYtji25x
JAC1xeZ+6wE6lHgYZ6epO3OOpeQrdQCcyxYZLUtIzWUA+SkW+ydZfHyqS3CrmCfJ
CuZOECzdKEmkRqsAV8cX6UUV/Z0TXLjv475ripeKh9TU0rkuwlppjK3nygKQITu/
HSM7p0aTdOWT3CmURxsktlM7nUK3ZufMsnjCNYeG6EkLykCq0bS3xeoUTWhuNjtW
zYghTZ/km6dO5oBYEXd7hSrdTuTIDGcfO6kIh7c5mroeckCVcOIvM9yHbpd7nPEo
GmLMX39ZK2DbutHUqRKspDcuA0puNk23hY13lbS2pA4V3g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:08 2024 by rpki-client on console-ams.rpki-client.org