Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/4CuOWOy_0A9TSW42_tZuw-TMCBg.roa
File:                     4CuOWOy_0A9TSW42_tZuw-TMCBg.roa (raw, json)
Hash identifier:          At4PLEXhatHqtnPY1R2J1IB5pEsqX5oCTiBS6EoTYro=
Subject key identifier:   E0:2B:8E:58:EC:BF:D0:0F:53:49:6E:36:FE:D6:6E:C3:E4:CC:08:18
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       018573900BBC91B260E1285C8B3ED3B368E5
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/4CuOWOy_0A9TSW42_tZuw-TMCBg.roa
Signing time:             Mon 02 Jan 2023 17:38:18 +0000
ROA not before:           Mon 02 Jan 2023 17:38:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211571
IP address blocks:        2a0b:b87:ffb5::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:90:0b:bc:91:b2:60:e1:28:5c:8b:3e:d3:b3:68:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  2 17:38:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e02b8e58ecbfd00f53496e36fed66ec3e4cc0818
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:0a:6d:d1:bd:08:b2:ee:bd:07:18:6d:ac:e3:
                    b2:9a:85:45:08:26:0b:2b:bb:2d:94:76:bb:53:e4:
                    e3:cf:86:7e:f9:ff:32:12:cf:14:3b:16:de:28:b5:
                    b4:8b:b2:11:af:be:73:46:b1:7d:6f:12:2f:b8:31:
                    62:f7:35:64:ab:fc:f2:41:11:dd:f0:ab:e5:b1:f0:
                    29:b7:37:f2:bb:0a:a5:c4:4d:e8:2b:72:87:b0:7c:
                    54:67:08:7d:c0:75:03:19:25:2c:77:2e:a5:2d:12:
                    95:03:1c:74:33:a6:ff:60:45:b5:8f:39:a9:74:74:
                    73:5d:c0:3e:45:dc:38:29:7f:68:71:49:7f:1c:67:
                    be:b6:e2:c3:89:16:c5:98:4f:aa:d2:7b:2a:d4:52:
                    e5:c4:eb:55:10:24:f8:41:ae:2a:67:5f:31:ae:8c:
                    a9:bd:f2:81:ec:de:d8:11:2e:92:70:6e:63:03:c7:
                    6d:03:fd:57:35:61:27:82:6a:e7:de:a8:0d:ed:d6:
                    56:fa:0f:f7:c6:a4:49:a2:cd:44:3a:bd:1f:73:a6:
                    15:58:22:96:2b:8f:bf:27:bf:32:81:c6:7f:96:10:
                    aa:7b:cb:e8:7b:43:7b:b5:02:45:aa:ee:c1:da:fc:
                    bc:7d:0e:18:32:37:73:89:15:44:e1:85:47:ca:eb:
                    14:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:2B:8E:58:EC:BF:D0:0F:53:49:6E:36:FE:D6:6E:C3:E4:CC:08:18
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/4CuOWOy_0A9TSW42_tZuw-TMCBg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:b87:ffb5::/48

    Signature Algorithm: sha256WithRSAEncryption
         84:f7:93:81:8a:85:a3:34:8e:f6:85:47:3c:09:68:46:19:6b:
         5b:44:74:97:88:34:bd:cd:41:e4:5f:18:4c:b2:8a:9b:b1:6a:
         9c:43:0c:ab:c4:56:50:75:0f:ba:e1:56:7d:c8:04:5b:33:eb:
         fe:e7:4b:2a:e5:3e:a0:37:fd:6a:27:4a:29:fa:6a:2d:76:78:
         b8:ab:96:a1:80:79:9b:38:e1:fa:a7:a7:4f:0d:3d:57:40:39:
         3e:db:d8:e2:e1:4e:e1:82:95:b7:db:35:93:3d:ee:c0:d0:d9:
         34:62:9e:d2:0a:d1:e6:d9:bb:42:6a:ac:5b:ec:70:78:85:d9:
         7d:37:f3:de:22:8b:87:2b:b1:33:da:63:97:96:49:c3:38:46:
         73:56:76:05:6c:6d:48:8a:32:43:84:18:ef:7a:76:14:1a:ab:
         d9:f5:5b:6f:b7:d8:a3:ac:0c:84:15:f4:e4:e4:4a:43:c4:53:
         d0:d0:c6:90:5a:38:11:bd:63:15:ae:8b:58:37:7f:85:9d:66:
         ed:c2:d1:80:b5:f4:77:b3:10:07:76:e4:7c:14:12:4f:1d:76:
         a7:21:2d:33:91:07:ba:1d:fd:b6:d3:6c:03:35:99:c5:83:b6:
         0c:2c:bc:ed:b5:b0:7e:ca:04:df:b8:5c:fc:36:ce:2f:7c:21:
         d6:4b:7d:61
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzkAu8kbJg4Shciz7Ts2jlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDJiOGU1OGVjYmZkMDBmNTM0OTZlMzZmZWQ2NmVjM2U0Y2MwODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQpt0b0Isu69BxhtrOOymoVFCCYL
K7stlHa7U+Tjz4Z++f8yEs8UOxbeKLW0i7IRr75zRrF9bxIvuDFi9zVkq/zyQRHd
8KvlsfAptzfyuwqlxE3oK3KHsHxUZwh9wHUDGSUsdy6lLRKVAxx0M6b/YEW1jzmp
dHRzXcA+Rdw4KX9ocUl/HGe+tuLDiRbFmE+q0nsq1FLlxOtVECT4Qa4qZ18xroyp
vfKB7N7YES6ScG5jA8dtA/1XNWEngmrn3qgN7dZW+g/3xqRJos1EOr0fc6YVWCKW
K4+/J78ygcZ/lhCqe8voe0N7tQJFqu7B2vy8fQ4YMjdziRVE4YVHyusUswIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOArjljsv9APU0luNv7WbsPkzAgYMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvNEN1T1dPeV8wQTlUU1c0Ml90WnV3LVRNQ0JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh/+1
MA0GCSqGSIb3DQEBCwUAA4IBAQCE95OBioWjNI72hUc8CWhGGWtbRHSXiDS9zUHk
XxhMsoqbsWqcQwyrxFZQdQ+64VZ9yARbM+v+50sq5T6gN/1qJ0op+motdni4q5ah
gHmbOOH6p6dPDT1XQDk+29ji4U7hgpW32zWTPe7A0Nk0Yp7SCtHm2btCaqxb7HB4
hdl9N/PeIouHK7Ez2mOXlknDOEZzVnYFbG1IijJDhBjvenYUGqvZ9Vtvt9ijrAyE
FfTk5EpDxFPQ0MaQWjgRvWMVrotYN3+FnWbtwtGAtfR3sxAHduR8FBJPHXanIS0z
kQe6Hf2202wDNZnFg7YMLLzttbB+ygTfuFz8Ns4vfCHWS31h
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:39 2024 by rpki-client on console-ams.rpki-client.org