Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/SGoaRUGPYXJGSaPVBHkXlvL3tAI.roa
File:                     SGoaRUGPYXJGSaPVBHkXlvL3tAI.roa (raw, json)
Hash identifier:          Pek01/DL9kTKe8U87oAHlAKM9SY0NH/uuTXGrdENMvw=
Subject key identifier:   48:6A:1A:45:41:8F:61:72:46:49:A3:D5:04:79:17:96:F2:F7:B4:02
Certificate issuer:       /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial:       018A07E63F66BAD16E27B84A2B77AD119779
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/SGoaRUGPYXJGSaPVBHkXlvL3tAI.roa
Signing time:             Fri 18 Aug 2023 09:07:24 +0000
ROA not before:           Fri 18 Aug 2023 09:07:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48261
IP address blocks:        2a12:4b40::/29 maxlen: 64

Validation:               Failed, certificate revoked on Sat 19 Aug 2023 09:32:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:07:e6:3f:66:ba:d1:6e:27:b8:4a:2b:77:ad:11:97:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
        Validity
            Not Before: Aug 18 09:07:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=486a1a45418f61724649a3d504791796f2f7b402
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:53:fa:c3:91:b6:c5:de:8a:fe:9a:a6:96:0c:
                    7e:3c:25:4e:9e:4c:bf:7d:ff:54:db:c1:97:f8:21:
                    e8:29:99:1b:29:43:69:fd:39:65:9d:2b:f8:87:bd:
                    c4:01:bf:1a:84:e3:ed:b6:91:21:6e:d1:9e:61:4d:
                    97:11:f9:58:2e:30:74:df:7e:97:78:19:cc:d1:44:
                    27:b7:8c:41:5b:cf:58:79:f2:8e:15:33:b7:8f:69:
                    b6:b8:16:84:09:78:52:b7:e6:e9:91:f2:17:be:ae:
                    39:e6:2a:8f:2b:06:00:40:2e:f1:7d:27:52:8d:de:
                    f3:05:41:af:92:c9:7b:0b:93:10:32:b3:10:68:86:
                    b6:81:5e:8f:41:5b:0d:12:45:da:f7:c7:10:f9:49:
                    32:fc:14:c2:7a:72:3b:9b:03:71:d6:4b:c9:dd:5a:
                    dd:d5:84:f4:b8:a8:61:d3:9d:7c:b2:32:5f:81:18:
                    12:8e:56:26:93:31:d5:c9:15:ef:84:64:f8:b3:2c:
                    2a:b1:99:39:b1:06:f5:d3:69:3d:1e:30:59:cc:77:
                    0e:1e:8f:bc:1e:50:e8:8e:91:ee:e9:97:e3:f2:1c:
                    36:32:dc:9f:c3:e1:b7:8c:ae:5a:d3:ca:6e:c5:b9:
                    d0:0d:36:56:70:c6:5a:a7:87:24:bf:9d:19:85:ea:
                    51:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:6A:1A:45:41:8F:61:72:46:49:A3:D5:04:79:17:96:F2:F7:B4:02
            X509v3 Authority Key Identifier:
                keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/SGoaRUGPYXJGSaPVBHkXlvL3tAI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:4b40::/29

    Signature Algorithm: sha256WithRSAEncryption
         68:26:e7:06:cb:dd:8a:42:23:fc:ae:70:5a:6d:c8:c8:a5:cb:
         f0:46:fd:86:48:14:87:89:54:4b:4a:31:32:a1:07:8e:d8:98:
         61:b9:2c:1a:f6:2f:72:bd:f8:ab:33:a4:bc:f8:3f:fa:40:76:
         97:f4:aa:f0:20:c0:f8:16:82:52:2a:92:7a:21:bc:ed:df:71:
         6a:0b:c6:26:0e:ae:69:9b:a5:13:d6:3d:6e:1d:43:db:f3:be:
         9a:7a:56:1f:ea:dc:a3:79:c7:c6:48:16:d9:9a:73:14:f2:6b:
         41:95:8b:9a:ad:5b:e7:e0:7b:13:17:9c:c4:4d:42:ec:04:26:
         5c:14:ea:dd:c1:e4:f1:a9:85:4f:83:15:4d:c8:44:f0:6b:cd:
         13:05:5b:2b:d1:8f:ba:92:64:74:ec:21:1b:69:46:a4:5b:77:
         92:9d:20:10:24:7f:7b:f9:2e:f5:f6:e0:6a:06:98:91:6a:4c:
         31:01:46:40:94:e7:ac:8d:ae:00:0a:4b:16:2b:87:49:20:a9:
         93:0c:61:5e:00:1b:03:dd:4f:97:2a:70:e0:f7:3b:cb:80:dd:
         cc:a4:37:54:89:b8:fb:db:ad:c5:d5:e9:85:01:47:41:f7:e6:
         fd:6d:b5:db:ee:d3:ed:c8:29:7e:1f:9d:96:14:79:74:d6:bb:
         66:0e:c0:b3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYoH5j9mutFuJ7hKK3etEZd5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjMwODE4MDkwNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODZhMWE0NTQxOGY2MTcyNDY0OWEzZDUwNDc5MTc5NmYyZjdiNDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFP6w5G2xd6K/pqmlgx+PCVOnky/
ff9U28GX+CHoKZkbKUNp/TllnSv4h73EAb8ahOPttpEhbtGeYU2XEflYLjB0336X
eBnM0UQnt4xBW89YefKOFTO3j2m2uBaECXhSt+bpkfIXvq455iqPKwYAQC7xfSdS
jd7zBUGvksl7C5MQMrMQaIa2gV6PQVsNEkXa98cQ+Uky/BTCenI7mwNx1kvJ3Vrd
1YT0uKhh0518sjJfgRgSjlYmkzHVyRXvhGT4sywqsZk5sQb102k9HjBZzHcOHo+8
HlDojpHu6Zfj8hw2Mtyfw+G3jK5a08puxbnQDTZWcMZap4ckv50ZhepRrQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEhqGkVBj2FyRkmj1QR5F5by97QCMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvU0dvYVJVR1BZWEpHU2FQVkJIa1hsdkwzdEFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJLQDAN
BgkqhkiG9w0BAQsFAAOCAQEAaCbnBsvdikIj/K5wWm3IyKXL8Eb9hkgUh4lUS0ox
MqEHjtiYYbksGvYvcr34qzOkvPg/+kB2l/Sq8CDA+BaCUiqSeiG87d9xagvGJg6u
aZulE9Y9bh1D2/O+mnpWH+rco3nHxkgW2ZpzFPJrQZWLmq1b5+B7ExecxE1C7AQm
XBTq3cHk8amFT4MVTchE8GvNEwVbK9GPupJkdOwhG2lGpFt3kp0gECR/e/ku9fbg
agaYkWpMMQFGQJTnrI2uAApLFiuHSSCpkwxhXgAbA91Plypw4Pc7y4DdzKQ3VIm4
+9utxdXphQFHQffm/W212+7T7cgpfh+dlhR5dNa7Zg7Asw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:01 2024 by rpki-client on console-fra.rpki-client.org