Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/IvcWey3U51C1sRPH07vvGWu39MM.roa
File:                     IvcWey3U51C1sRPH07vvGWu39MM.roa (raw, json)
Hash identifier:          +P4C+U5vDTXR3UjU9lYcTPMqklVkqOXGBcraS8yDSZQ=
Subject key identifier:   22:F7:16:7B:2D:D4:E7:50:B5:B1:13:C7:D3:BB:EF:19:6B:B7:F4:C3
Certificate issuer:       /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial:       018A07E640CEE30DA4A57FAD23F9E401851B
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/IvcWey3U51C1sRPH07vvGWu39MM.roa
Signing time:             Fri 18 Aug 2023 09:07:24 +0000
ROA not before:           Fri 18 Aug 2023 09:07:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60939
IP address blocks:        2a05:f300::/29 maxlen: 64
                          2a12:4b40::/29 maxlen: 64
                          2a13:c800::/29 maxlen: 64

Validation:               Failed, certificate revoked on Sat 19 Aug 2023 09:32:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:07:e6:40:ce:e3:0d:a4:a5:7f:ad:23:f9:e4:01:85:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
        Validity
            Not Before: Aug 18 09:07:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=22f7167b2dd4e750b5b113c7d3bbef196bb7f4c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:ae:3c:18:5d:28:59:56:93:51:7e:fe:6d:16:
                    7f:b2:ab:b2:18:9c:17:1e:10:ba:e6:d8:2e:4c:99:
                    e3:d6:6f:b0:8b:03:27:61:3d:7a:ed:7a:d5:48:01:
                    1d:41:b7:2c:be:68:29:21:e8:2f:41:6b:8c:3d:ad:
                    ba:15:ea:1d:ff:b5:92:fd:7e:63:6a:be:97:ab:45:
                    a4:9f:67:22:d0:42:42:88:1e:bc:9f:67:a7:2d:9a:
                    c9:21:88:6b:18:9f:ab:fc:0a:e3:14:13:19:f4:05:
                    6e:68:8d:52:39:02:71:79:1d:26:46:72:81:d9:1b:
                    3b:8e:31:a6:11:c6:41:75:d9:e9:ac:7c:bf:38:f9:
                    c0:bd:de:b5:a0:bd:d5:d3:08:8e:8a:4e:ca:15:6b:
                    17:7f:7a:b5:03:27:40:3f:14:e5:b3:9e:21:a7:16:
                    99:8d:52:b5:ac:fc:98:fc:17:92:a6:c0:16:fc:f9:
                    54:84:2f:8a:3d:58:42:c1:6a:40:bf:2e:44:34:4d:
                    61:23:3f:ba:18:03:66:98:79:1e:35:9e:85:8b:f3:
                    ab:96:21:72:96:02:30:1e:20:9c:74:d0:6d:56:17:
                    2e:fe:ca:e7:58:da:53:26:e0:27:d3:37:2b:99:71:
                    41:b9:9f:d5:38:3e:74:a9:3a:d2:e0:36:b4:22:64:
                    98:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:F7:16:7B:2D:D4:E7:50:B5:B1:13:C7:D3:BB:EF:19:6B:B7:F4:C3
            X509v3 Authority Key Identifier:
                keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/IvcWey3U51C1sRPH07vvGWu39MM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:f300::/29
                  2a12:4b40::/29
                  2a13:c800::/29

    Signature Algorithm: sha256WithRSAEncryption
         78:ca:7a:53:16:0b:70:2c:a9:f5:40:1e:19:8c:c9:cc:50:7e:
         a5:e0:bf:dd:55:91:54:9d:e6:09:e2:e0:dd:c2:fb:9d:40:25:
         c2:67:95:55:d9:e8:31:e9:d6:e0:b0:d1:31:2d:0f:2d:27:e0:
         d6:02:e2:51:d2:8c:1d:57:82:74:6b:27:91:51:a0:28:7a:ec:
         06:3d:e7:3e:c0:6e:3e:93:53:6a:f4:7a:f8:fc:e6:ad:34:db:
         f3:f3:22:12:dc:e2:13:67:50:1f:71:9a:50:39:7b:b0:bd:59:
         b3:b0:3a:1f:04:bf:e7:64:2b:39:d8:d7:f9:15:0e:76:b3:39:
         99:9d:cc:aa:a1:22:f4:04:61:46:49:ef:a4:35:3b:24:81:23:
         55:1a:1c:3f:37:6f:64:44:7a:f9:d0:26:91:94:45:be:3c:eb:
         19:83:bb:97:08:80:a7:16:5a:c1:ca:6a:d2:40:64:40:13:5c:
         54:9d:d4:95:50:ec:17:c2:ba:17:c8:8e:b1:b6:cf:d2:bd:92:
         cf:2e:78:42:c0:05:e8:2b:ee:ae:0b:c9:6b:ff:6b:72:9c:68:
         6b:62:c1:74:57:8c:36:9c:b2:05:a2:e1:ce:3c:d2:7a:d8:b2:
         53:3e:33:ed:d9:89:d2:ad:11:d9:b1:0e:ce:50:4e:bc:45:e7:
         5b:d6:09:fa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYoH5kDO4w2kpX+tI/nkAYUbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjMwODE4MDkwNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmY3MTY3YjJkZDRlNzUwYjViMTEzYzdkM2JiZWYxOTZiYjdmNGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhK48GF0oWVaTUX7+bRZ/squyGJwX
HhC65tguTJnj1m+wiwMnYT167XrVSAEdQbcsvmgpIegvQWuMPa26Feod/7WS/X5j
ar6Xq0Wkn2ci0EJCiB68n2enLZrJIYhrGJ+r/ArjFBMZ9AVuaI1SOQJxeR0mRnKB
2Rs7jjGmEcZBddnprHy/OPnAvd61oL3V0wiOik7KFWsXf3q1AydAPxTls54hpxaZ
jVK1rPyY/BeSpsAW/PlUhC+KPVhCwWpAvy5ENE1hIz+6GANmmHkeNZ6Fi/OrliFy
lgIwHiCcdNBtVhcu/srnWNpTJuAn0zcrmXFBuZ/VOD50qTrS4Da0ImSYsQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCL3Fnst1OdQtbETx9O77xlrt/TDMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvSXZjV2V5M1U1MUMxc1JQSDA3dnZHV3UzOU1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgXzAAMF
AyoSS0ADBQMqE8gAMA0GCSqGSIb3DQEBCwUAA4IBAQB4ynpTFgtwLKn1QB4ZjMnM
UH6l4L/dVZFUneYJ4uDdwvudQCXCZ5VV2egx6dbgsNExLQ8tJ+DWAuJR0owdV4J0
ayeRUaAoeuwGPec+wG4+k1Nq9Hr4/OatNNvz8yIS3OITZ1AfcZpQOXuwvVmzsDof
BL/nZCs52Nf5FQ52szmZncyqoSL0BGFGSe+kNTskgSNVGhw/N29kRHr50CaRlEW+
POsZg7uXCICnFlrBymrSQGRAE1xUndSVUOwXwroXyI6xts/SvZLPLnhCwAXoK+6u
C8lr/2tynGhrYsF0V4w2nLIFouHOPNJ62LJTPjPt2YnSrRHZsQ7OUE68Redb1gn6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:58 2024 by rpki-client on console-ams.rpki-client.org