Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/c1IRr4o5wwWPxnFNkiE4Kqr1C-w.roa
File:                     c1IRr4o5wwWPxnFNkiE4Kqr1C-w.roa (raw, json)
Hash identifier:          PvLGSftDMCVYjs12vXUtWUQjH7jADFLIxLOocK50FBA=
Subject key identifier:   73:52:11:AF:8A:39:C3:05:8F:C6:71:4D:92:21:38:2A:AA:F5:0B:EC
Certificate issuer:       /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial:       018A07E641D89CD5D54EBE008742125C7B03
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/c1IRr4o5wwWPxnFNkiE4Kqr1C-w.roa
Signing time:             Fri 18 Aug 2023 09:07:25 +0000
ROA not before:           Fri 18 Aug 2023 09:07:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197619
IP address blocks:        2a05:f300::/29 maxlen: 64

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:07:e6:41:d8:9c:d5:d5:4e:be:00:87:42:12:5c:7b:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
        Validity
            Not Before: Aug 18 09:07:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=735211af8a39c3058fc6714d9221382aaaf50bec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:c7:d4:b6:5d:2a:13:f3:09:0c:23:97:9c:29:
                    a7:27:83:6d:f9:62:44:63:7b:7c:d6:be:fd:b1:24:
                    f8:52:13:25:38:42:3c:e9:cc:09:b5:1f:05:b1:65:
                    52:ff:8f:5a:99:20:1a:d8:0d:40:e6:af:65:c3:e7:
                    8e:9e:a9:69:49:b7:ce:19:7a:cc:10:1c:68:d4:1b:
                    ea:52:07:13:99:3c:53:3d:e2:0e:98:ef:6e:7f:0a:
                    f8:05:32:df:2e:c0:d1:17:bb:b7:3f:bb:ab:ba:8c:
                    e5:ad:ca:e9:a3:15:1f:8d:af:27:3f:03:2d:6d:ad:
                    03:c3:e4:f8:73:af:bd:e2:69:2f:1c:24:19:ec:4b:
                    b9:0f:ad:64:d3:06:1f:c0:95:66:a8:09:b0:98:a1:
                    82:95:65:fc:38:f8:c6:f1:26:6f:fb:6a:33:d3:c4:
                    d1:59:34:e1:ae:55:5a:b7:a3:ff:66:cf:4d:fa:0a:
                    74:85:bf:a3:54:3e:02:81:f6:a0:de:36:37:cd:ef:
                    6b:26:bf:20:ff:7b:8f:c9:13:e2:c9:dc:ba:66:17:
                    ba:c3:fd:8a:15:6a:0e:22:67:d2:06:17:7e:c7:93:
                    f9:6b:ee:ce:86:43:24:b5:96:06:9d:71:c2:94:37:
                    56:ec:e4:d4:3d:97:9b:da:fd:ba:c1:1b:58:f4:7e:
                    5c:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:52:11:AF:8A:39:C3:05:8F:C6:71:4D:92:21:38:2A:AA:F5:0B:EC
            X509v3 Authority Key Identifier:
                keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/c1IRr4o5wwWPxnFNkiE4Kqr1C-w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:f300::/29

    Signature Algorithm: sha256WithRSAEncryption
         71:ce:9b:f4:b3:38:c9:1c:ba:12:02:e4:81:26:34:ab:48:24:
         02:ca:fb:a8:d5:89:8b:6e:e0:1b:7b:35:c5:4d:8c:3b:e4:3f:
         7b:bf:ee:53:b4:2d:34:97:0d:d2:8c:3e:ad:48:09:dd:b7:fa:
         a9:54:30:24:74:19:ac:cb:c4:35:38:b0:01:d8:1e:ad:c4:37:
         6e:4e:50:11:b8:de:06:d1:38:15:bf:9e:14:db:c9:f2:75:f2:
         67:e4:d2:46:88:14:a7:8f:7e:9f:29:8f:a6:14:d3:ee:f5:cf:
         c0:2a:cd:67:1a:91:86:67:82:04:33:30:c7:44:0c:e4:e9:fd:
         7c:1d:10:79:19:82:1b:fe:38:4e:d7:b5:6e:8f:2b:ac:6b:45:
         c7:0e:68:d2:90:eb:56:31:93:e6:38:ba:74:1b:0f:5c:33:22:
         0c:34:50:37:5c:63:9d:2a:bd:1b:ba:e8:2a:bb:16:4c:c7:a0:
         6f:48:c1:34:1b:78:69:8a:c2:f7:5f:7f:da:bf:aa:72:4d:66:
         c5:b8:91:df:f8:b6:cb:be:32:43:1d:8a:92:71:ca:ab:f3:fe:
         cf:5f:c3:7d:f8:7c:79:3b:ee:85:76:9b:e0:d9:f8:bf:d7:a8:
         77:35:2a:27:47:65:87:07:79:36:39:95:6c:87:18:0f:79:7d:
         c7:27:68:fb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYoH5kHYnNXVTr4Ah0ISXHsDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjMwODE4MDkwNzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzUyMTFhZjhhMzljMzA1OGZjNjcxNGQ5MjIxMzgyYWFhZjUwYmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMfUtl0qE/MJDCOXnCmnJ4Nt+WJE
Y3t81r79sST4UhMlOEI86cwJtR8FsWVS/49amSAa2A1A5q9lw+eOnqlpSbfOGXrM
EBxo1BvqUgcTmTxTPeIOmO9ufwr4BTLfLsDRF7u3P7uruozlrcrpoxUfja8nPwMt
ba0Dw+T4c6+94mkvHCQZ7Eu5D61k0wYfwJVmqAmwmKGClWX8OPjG8SZv+2oz08TR
WTThrlVat6P/Zs9N+gp0hb+jVD4Cgfag3jY3ze9rJr8g/3uPyRPiydy6Zhe6w/2K
FWoOImfSBhd+x5P5a+7OhkMktZYGnXHClDdW7OTUPZeb2v26wRtY9H5c/QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHNSEa+KOcMFj8ZxTZIhOCqq9QvsMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvYzFJUnI0bzV3d1dQeG5GTmtpRTRLcXIxQy13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgXzADAN
BgkqhkiG9w0BAQsFAAOCAQEAcc6b9LM4yRy6EgLkgSY0q0gkAsr7qNWJi27gG3s1
xU2MO+Q/e7/uU7QtNJcN0ow+rUgJ3bf6qVQwJHQZrMvENTiwAdgercQ3bk5QEbje
BtE4Fb+eFNvJ8nXyZ+TSRogUp49+nymPphTT7vXPwCrNZxqRhmeCBDMwx0QM5On9
fB0QeRmCG/44Tte1bo8rrGtFxw5o0pDrVjGT5ji6dBsPXDMiDDRQN1xjnSq9G7ro
KrsWTMegb0jBNBt4aYrC919/2r+qck1mxbiR3/i2y74yQx2KknHKq/P+z1/Dffh8
eTvuhXab4Nn4v9eodzUqJ0dlhwd5NjmVbIcYD3l9xydo+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:58 2024 by rpki-client on console-ams.rpki-client.org