Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/5zPvrNaNtSFGMLgtb3xXflqxYhs.roa
File:                     5zPvrNaNtSFGMLgtb3xXflqxYhs.roa (raw, json)
Hash identifier:          mvAvsbTaz9igYm4IoVuiuhdmCvhJb3i0h9QxBnIfxkY=
Subject key identifier:   E7:33:EF:AC:D6:8D:B5:21:46:30:B8:2D:6F:7C:57:7E:5A:B1:62:1B
Certificate issuer:       /CN=27d8640c305107766a646fbf8ec81db45ce1f249
Certificate serial:       0189DF6EA9EEC50080EDD779C47801D16A2A
Authority key identifier: 27:D8:64:0C:30:51:07:76:6A:64:6F:BF:8E:C8:1D:B4:5C:E1:F2:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/5zPvrNaNtSFGMLgtb3xXflqxYhs.roa
Signing time:             Thu 10 Aug 2023 12:31:58 +0000
ROA not before:           Thu 10 Aug 2023 12:31:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8399
IP address blocks:        2a0c:10c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:df:6e:a9:ee:c5:00:80:ed:d7:79:c4:78:01:d1:6a:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27d8640c305107766a646fbf8ec81db45ce1f249
        Validity
            Not Before: Aug 10 12:31:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e733efacd68db5214630b82d6f7c577e5ab1621b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:d5:f9:f3:c3:c0:38:40:00:6a:03:62:04:70:
                    26:08:b7:6d:9c:f4:e7:ca:d1:6f:fa:34:ed:4f:d1:
                    06:50:6f:15:ad:d1:dd:18:44:fb:14:90:92:29:09:
                    7d:6d:92:90:05:d9:42:34:7b:67:96:0a:21:53:8a:
                    27:5a:0c:43:15:14:e6:8d:ad:81:c8:3e:c4:c8:9a:
                    a6:05:4d:49:ee:d5:da:95:64:aa:57:d7:c6:51:90:
                    d3:3c:ac:4c:3d:e7:7c:fb:72:81:41:a8:2b:13:7f:
                    ff:9d:0a:7f:36:f4:b3:ec:2d:fe:7f:21:e1:46:4f:
                    26:dd:84:81:9d:0e:94:7a:86:ea:02:0e:50:11:e6:
                    65:61:3d:22:1b:78:2b:f3:2d:f0:64:b8:88:88:86:
                    27:3e:e6:12:85:83:1a:77:21:79:12:f6:37:1d:59:
                    c2:74:51:c7:45:85:7d:e6:d5:b3:85:e2:24:c2:b7:
                    58:4b:ad:c1:42:c2:86:8d:a5:8b:72:69:02:34:f7:
                    1b:cd:41:3d:56:e3:ea:45:38:71:90:a7:77:64:32:
                    a5:93:ec:4e:73:5a:36:15:f1:65:b4:b2:07:88:fc:
                    96:8a:88:1e:e7:c3:95:71:f0:74:d5:f8:4b:94:d2:
                    e5:da:a1:0a:ca:15:9f:b4:be:fe:67:9e:05:c5:99:
                    63:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:33:EF:AC:D6:8D:B5:21:46:30:B8:2D:6F:7C:57:7E:5A:B1:62:1B
            X509v3 Authority Key Identifier:
                keyid:27:D8:64:0C:30:51:07:76:6A:64:6F:BF:8E:C8:1D:B4:5C:E1:F2:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/5zPvrNaNtSFGMLgtb3xXflqxYhs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:10c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         86:af:00:c4:ed:8c:a2:bd:31:83:1f:61:1e:d5:9c:66:3d:43:
         1b:e5:5a:98:56:85:4c:bf:df:62:69:7c:62:69:fa:e9:bf:c9:
         68:1e:c0:f9:fe:e0:3d:8e:c9:f3:e2:eb:84:99:83:41:c4:e3:
         31:b1:30:f4:c6:b9:5b:39:6a:2a:a4:e2:27:22:c5:9d:7d:be:
         ad:e6:68:87:99:17:dd:ef:d5:f3:48:ac:eb:b3:b4:14:aa:c6:
         26:10:a8:6d:d5:a5:88:70:46:16:ec:f0:ab:c6:b3:1b:72:d7:
         b7:40:25:31:a0:f0:07:3f:cb:dd:65:52:94:37:9d:c1:5d:58:
         56:18:a0:74:ed:ef:bf:70:40:ae:02:68:2b:4a:7d:1a:00:fa:
         51:9f:47:bb:2d:94:3e:32:ef:3b:80:50:60:e3:2d:1a:7d:9d:
         07:c7:f8:be:9d:7d:54:b0:ed:4b:85:d2:94:4a:db:9a:61:7c:
         ef:33:5e:7d:a1:06:9c:b3:35:21:b9:d4:b2:f0:65:fb:af:f8:
         51:64:89:44:35:db:11:78:8c:90:5f:8c:d8:15:f0:08:18:71:
         58:ac:e1:e9:9b:ac:d1:d2:87:ff:66:c0:6c:5e:68:8d:b3:57:
         86:d3:2b:a8:d6:7b:5a:a9:20:23:dd:09:8a:79:3b:70:84:5c:
         38:e1:05:74
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYnfbqnuxQCA7dd5xHgB0WoqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZDg2NDBjMzA1MTA3NzY2YTY0NmZiZjhlYzgxZGI0NWNl
MWYyNDkwHhcNMjMwODEwMTIzMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzMzZWZhY2Q2OGRiNTIxNDYzMGI4MmQ2ZjdjNTc3ZTVhYjE2MjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdX588PAOEAAagNiBHAmCLdtnPTn
ytFv+jTtT9EGUG8VrdHdGET7FJCSKQl9bZKQBdlCNHtnlgohU4onWgxDFRTmja2B
yD7EyJqmBU1J7tXalWSqV9fGUZDTPKxMPed8+3KBQagrE3//nQp/NvSz7C3+fyHh
Rk8m3YSBnQ6UeobqAg5QEeZlYT0iG3gr8y3wZLiIiIYnPuYShYMadyF5EvY3HVnC
dFHHRYV95tWzheIkwrdYS63BQsKGjaWLcmkCNPcbzUE9VuPqRThxkKd3ZDKlk+xO
c1o2FfFltLIHiPyWioge58OVcfB01fhLlNLl2qEKyhWftL7+Z54FxZljsQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOcz76zWjbUhRjC4LW98V35asWIbMB8GA1UdIwQY
MBaAFCfYZAwwUQd2amRvv47IHbRc4fJJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjloa0REQlJCM1pxWkctX2pzZ2R0RnpoOGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ODE3NWEtMTJjOC00NTkwLTgyZTAt
M2M2Zjg4YzkxNGIxLzEvNXpQdnJOYU50U0ZHTUxndGIzeFhmbHF4WWhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84ODE3NWEtMTJjOC00NTkwLTgyZTAtM2M2Zjg4YzkxNGIx
LzEvSjloa0REQlJCM1pxWkctX2pzZ2R0RnpoOGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgwQwDAN
BgkqhkiG9w0BAQsFAAOCAQEAhq8AxO2Mor0xgx9hHtWcZj1DG+VamFaFTL/fYml8
Ymn66b/JaB7A+f7gPY7J8+LrhJmDQcTjMbEw9Ma5WzlqKqTiJyLFnX2+reZoh5kX
3e/V80is67O0FKrGJhCobdWliHBGFuzwq8azG3LXt0AlMaDwBz/L3WVSlDedwV1Y
VhigdO3vv3BArgJoK0p9GgD6UZ9Huy2UPjLvO4BQYOMtGn2dB8f4vp19VLDtS4XS
lErbmmF87zNefaEGnLM1IbnUsvBl+6/4UWSJRDXbEXiMkF+M2BXwCBhxWKzh6Zus
0dKH/2bAbF5ojbNXhtMrqNZ7WqkgI90Jink7cIRcOOEFdA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:48 2024 by rpki-client on console-ams.rpki-client.org