Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/3UUWnorauXTvtUBbSCOOsSC5kns.roa
File:                     3UUWnorauXTvtUBbSCOOsSC5kns.roa (raw, json)
Hash identifier:          3aeeePZUWwD94rt5NwoLnnyWzROSoV8gKfqb643iJJA=
Subject key identifier:   DD:45:16:9E:8A:DA:B9:74:EF:B5:40:5B:48:23:8E:B1:20:B9:92:7B
Certificate issuer:       /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial:       018BF7E2DBD6B38C2874B40D4BF750D0070F
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/3UUWnorauXTvtUBbSCOOsSC5kns.roa
Signing time:             Wed 22 Nov 2023 16:35:21 +0000
ROA not before:           Wed 22 Nov 2023 16:35:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198889
IP address blocks:        2a05:4140:28::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:f7:e2:db:d6:b3:8c:28:74:b4:0d:4b:f7:50:d0:07:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
        Validity
            Not Before: Nov 22 16:35:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dd45169e8adab974efb5405b48238eb120b9927b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:7b:4d:67:5f:86:35:49:a4:b3:4a:78:0e:82:
                    4f:b0:b4:22:10:81:d3:7e:82:d3:26:3d:bc:b4:35:
                    e6:02:1e:3f:e7:34:ce:36:43:69:03:28:81:23:f4:
                    12:c8:81:9f:37:88:9e:85:4b:42:87:d3:14:03:35:
                    8c:a9:c3:56:cb:f6:f2:c2:b9:a9:75:4e:d2:49:dc:
                    b2:b3:13:4f:b1:52:e4:73:27:31:85:17:0b:d8:d3:
                    74:b0:a5:71:ca:20:da:b6:fa:ab:4a:2a:51:1f:98:
                    a6:e9:fa:a3:85:29:b7:12:46:d3:c5:3d:3d:26:e3:
                    f4:cf:de:00:73:de:13:d1:ef:7c:91:0f:f3:9b:9b:
                    8e:98:f4:7b:b0:83:f4:ea:17:1f:6b:fd:82:2f:ab:
                    60:8d:84:68:f6:30:b2:94:48:b5:7a:b0:d5:56:8d:
                    b1:87:c1:4d:11:31:23:67:0c:3b:7b:f3:f2:a9:5c:
                    4d:ab:0f:9f:5f:fa:1a:34:59:df:5f:b4:32:88:b7:
                    44:e6:71:c9:49:b7:84:24:6f:3e:ac:ee:12:42:4b:
                    f3:22:17:be:86:c4:39:da:51:d9:3b:ef:5b:22:ca:
                    4a:5b:7c:51:36:75:56:ff:40:62:00:00:ab:f9:47:
                    56:27:f2:38:c5:2e:52:e2:33:85:7f:e0:b4:f3:63:
                    8d:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:45:16:9E:8A:DA:B9:74:EF:B5:40:5B:48:23:8E:B1:20:B9:92:7B
            X509v3 Authority Key Identifier:
                keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/3UUWnorauXTvtUBbSCOOsSC5kns.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:4140:28::/48

    Signature Algorithm: sha256WithRSAEncryption
         42:71:1c:d0:64:0c:6a:23:f9:10:b7:03:7c:f9:71:5e:63:3c:
         17:a7:6f:16:ee:b8:20:14:6b:45:37:cd:a8:81:36:be:3d:4e:
         a2:e7:c6:2b:9e:86:45:78:06:53:17:8a:0d:66:4e:75:c4:67:
         18:bf:00:c2:92:eb:71:59:21:66:ba:fd:9c:4e:83:8a:4f:4b:
         59:7c:59:01:08:71:77:58:e7:5a:26:50:61:07:1a:a5:33:2e:
         3c:da:24:33:04:7c:10:93:04:d1:5d:2d:7d:01:80:9a:0e:2b:
         05:3b:75:b1:c6:98:1d:f8:fc:5e:33:e4:0e:d0:26:02:24:4b:
         f6:e2:58:17:97:44:a7:26:94:48:5b:1e:63:42:78:95:5c:e3:
         0d:a4:9f:bd:7a:5d:8f:f4:91:20:b3:76:4c:5a:3b:dd:c4:7d:
         c3:41:98:60:34:fe:c7:5d:7c:ce:52:a0:3b:40:10:cc:df:76:
         9c:9c:fb:7c:1f:7f:2a:a8:6d:95:ae:ae:05:88:d2:1b:60:17:
         25:62:80:41:14:42:d1:06:90:80:d4:06:93:c9:ff:5d:9b:73:
         43:01:f5:b3:a4:cb:23:68:6e:16:ca:af:cc:f7:47:e1:e8:d1:
         93:80:65:3d:bc:2c:93:7f:21:de:eb:dc:b4:cc:1e:2c:8e:13:
         fb:8a:0e:a6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYv34tvWs4wodLQNS/dQ0AcPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjMxMTIyMTYzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDQ1MTY5ZThhZGFiOTc0ZWZiNTQwNWI0ODIzOGViMTIwYjk5MjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XtNZ1+GNUmks0p4DoJPsLQiEIHT
foLTJj28tDXmAh4/5zTONkNpAyiBI/QSyIGfN4iehUtCh9MUAzWMqcNWy/bywrmp
dU7SSdyysxNPsVLkcycxhRcL2NN0sKVxyiDatvqrSipRH5im6fqjhSm3EkbTxT09
JuP0z94Ac94T0e98kQ/zm5uOmPR7sIP06hcfa/2CL6tgjYRo9jCylEi1erDVVo2x
h8FNETEjZww7e/PyqVxNqw+fX/oaNFnfX7QyiLdE5nHJSbeEJG8+rO4SQkvzIhe+
hsQ52lHZO+9bIspKW3xRNnVW/0BiAACr+UdWJ/I4xS5S4jOFf+C082ONjQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN1FFp6K2rl077VAW0gjjrEguZJ7MB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvM1VVV25vcmF1WFR2dFVCYlNDT09zU0M1a25zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgVBQAAo
MA0GCSqGSIb3DQEBCwUAA4IBAQBCcRzQZAxqI/kQtwN8+XFeYzwXp28W7rggFGtF
N82ogTa+PU6i58YrnoZFeAZTF4oNZk51xGcYvwDCkutxWSFmuv2cToOKT0tZfFkB
CHF3WOdaJlBhBxqlMy482iQzBHwQkwTRXS19AYCaDisFO3Wxxpgd+PxeM+QO0CYC
JEv24lgXl0SnJpRIWx5jQniVXOMNpJ+9el2P9JEgs3ZMWjvdxH3DQZhgNP7HXXzO
UqA7QBDM33acnPt8H38qqG2Vrq4FiNIbYBclYoBBFELRBpCA1AaTyf9dm3NDAfWz
pMsjaG4Wyq/M90fh6NGTgGU9vCyTfyHe69y0zB4sjhP7ig6m
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:30 2024 by rpki-client on console-ams.rpki-client.org