Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/tiElz-OSDduwVCwedy6I0EgBEAQ.roa
File:                     tiElz-OSDduwVCwedy6I0EgBEAQ.roa (raw, json)
Hash identifier:          9LJXWBjhqZnfUtw5vpJ523vAL7YiNP7DotY1ffj5De4=
Subject key identifier:   B6:21:25:CF:E3:92:0D:DB:B0:54:2C:1E:77:2E:88:D0:48:01:10:04
Certificate issuer:       /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial:       0185CCECB6507641BBEA67AA379B97A0B686
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/tiElz-OSDduwVCwedy6I0EgBEAQ.roa
Signing time:             Fri 20 Jan 2023 02:05:43 +0000
ROA not before:           Fri 20 Jan 2023 02:05:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56884
IP address blocks:        2a12:4b40::/29 maxlen: 29

Validation:               Failed, certificate revoked on Thu 16 Mar 2023 11:42:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:cc:ec:b6:50:76:41:bb:ea:67:aa:37:9b:97:a0:b6:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
        Validity
            Not Before: Jan 20 02:05:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b62125cfe3920ddbb0542c1e772e88d048011004
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:b7:64:26:e1:a0:d4:41:7b:70:d3:10:e7:c5:
                    0d:68:38:6d:1e:f4:fa:da:a5:8e:2d:57:2a:20:98:
                    fe:23:c3:f3:94:05:3a:18:8c:da:ef:93:c5:89:ff:
                    0c:7f:11:b2:14:03:8a:bd:b7:9d:8d:74:98:07:66:
                    0b:5e:5b:22:ea:21:e9:71:fe:9a:d7:22:f5:4b:8c:
                    6e:9c:1d:21:1f:a5:35:48:1f:cb:dd:b5:2f:06:09:
                    7c:9b:9d:5a:13:77:0b:58:9e:8d:18:26:03:d3:59:
                    aa:fb:e0:b5:a9:06:29:cd:fd:c3:dc:dd:b2:1a:f4:
                    af:df:13:9b:fb:3f:d0:05:04:32:7c:13:93:d7:ab:
                    75:23:bd:50:c1:93:44:23:a6:c0:7c:e7:24:b0:19:
                    a0:c4:6c:68:92:b2:dd:b0:4d:42:3c:8e:bb:65:71:
                    81:fa:f6:f5:dc:0e:58:9d:58:54:59:ea:dd:a7:6f:
                    0c:11:2c:6a:68:ab:75:2c:cd:4a:09:94:17:17:ff:
                    6a:93:5e:bf:34:4c:d5:83:9b:6b:42:19:bc:ca:39:
                    87:4a:c5:30:07:48:8e:f7:eb:6c:e4:aa:30:21:ce:
                    5a:4c:e4:3c:1b:37:10:bd:fe:e7:76:ed:96:f2:93:
                    b8:6f:89:0d:d2:bb:66:86:b0:6d:04:2a:17:a2:fd:
                    6c:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:21:25:CF:E3:92:0D:DB:B0:54:2C:1E:77:2E:88:D0:48:01:10:04
            X509v3 Authority Key Identifier:
                keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/tiElz-OSDduwVCwedy6I0EgBEAQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:4b40::/29

    Signature Algorithm: sha256WithRSAEncryption
         bd:dc:ac:38:52:af:93:94:37:51:e5:b6:e6:05:cd:4a:2f:bf:
         b3:9a:29:9f:b5:cb:cf:6c:ff:de:7e:23:c9:08:df:a7:c4:11:
         0b:bf:73:31:c6:97:b8:0d:7c:70:5a:bd:5b:36:94:5a:38:6e:
         af:20:15:c6:51:6d:23:2d:2f:3d:89:01:24:55:f5:dc:f8:ec:
         25:33:da:5e:a6:ff:22:40:ff:24:49:a9:24:75:c7:f6:15:97:
         2c:0e:ed:3e:aa:57:36:e2:aa:6f:ce:f1:c1:84:63:fe:e8:63:
         92:4f:60:f2:2c:56:4a:4f:ee:05:ca:2d:fd:ae:80:3d:a7:a4:
         f3:c7:1d:35:a0:57:26:a1:ca:d1:3d:8d:cb:9c:84:9e:0b:5d:
         6f:c0:e3:fb:52:9b:75:9a:61:c0:c0:29:a5:58:12:33:bb:e8:
         76:e6:1c:a4:ce:56:df:96:99:7f:cb:ba:3f:cf:80:33:94:9a:
         f9:cc:00:a5:0c:dc:d8:72:90:49:f8:dc:f0:de:6c:68:4f:4e:
         c3:f5:4e:a6:ba:13:76:3e:88:6d:60:af:85:5f:2d:dc:c2:4c:
         1a:f2:70:86:09:9f:2f:4b:8e:48:f0:d9:f4:39:9c:3a:d0:1a:
         29:af:20:b8:9f:83:b0:89:45:92:53:00:8e:70:92:ff:96:a5:
         fd:54:1b:4c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYXM7LZQdkG76meqN5uXoLaGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjMwMTIwMDIwNTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjIxMjVjZmUzOTIwZGRiYjA1NDJjMWU3NzJlODhkMDQ4MDExMDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAordkJuGg1EF7cNMQ58UNaDhtHvT6
2qWOLVcqIJj+I8PzlAU6GIza75PFif8MfxGyFAOKvbedjXSYB2YLXlsi6iHpcf6a
1yL1S4xunB0hH6U1SB/L3bUvBgl8m51aE3cLWJ6NGCYD01mq++C1qQYpzf3D3N2y
GvSv3xOb+z/QBQQyfBOT16t1I71QwZNEI6bAfOcksBmgxGxokrLdsE1CPI67ZXGB
+vb13A5YnVhUWerdp28MESxqaKt1LM1KCZQXF/9qk16/NEzVg5trQhm8yjmHSsUw
B0iO9+ts5KowIc5aTOQ8GzcQvf7ndu2W8pO4b4kN0rtmhrBtBCoXov1sJwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLYhJc/jkg3bsFQsHncuiNBIARAEMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvdGlFbHotT1NEZHV3VkN3ZWR5NkkwRWdCRUFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJLQDAN
BgkqhkiG9w0BAQsFAAOCAQEAvdysOFKvk5Q3UeW25gXNSi+/s5opn7XLz2z/3n4j
yQjfp8QRC79zMcaXuA18cFq9WzaUWjhuryAVxlFtIy0vPYkBJFX13PjsJTPaXqb/
IkD/JEmpJHXH9hWXLA7tPqpXNuKqb87xwYRj/uhjkk9g8ixWSk/uBcot/a6APaek
88cdNaBXJqHK0T2Ny5yEngtdb8Dj+1KbdZphwMAppVgSM7voduYcpM5W35aZf8u6
P8+AM5Sa+cwApQzc2HKQSfjc8N5saE9Ow/VOproTdj6IbWCvhV8t3MJMGvJwhgmf
L0uOSPDZ9DmcOtAaKa8guJ+DsIlFklMAjnCS/5al/VQbTA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:01 2024 by rpki-client on console-fra.rpki-client.org