Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/4BNcK_FAZgtb1fNrUn-odlud6HM.roa
File:                     4BNcK_FAZgtb1fNrUn-odlud6HM.roa (raw, json)
Hash identifier:          oIXpORXI1qd3Kj9yWrnrXkhfmMOD/Jg7bJbtUQ5wuzY=
Subject key identifier:   E0:13:5C:2B:F1:40:66:0B:5B:D5:F3:6B:52:7F:A8:76:5B:9D:E8:73
Certificate issuer:       /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial:       018CC3B6742C269195A9449B53147B8812D0
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/4BNcK_FAZgtb1fNrUn-odlud6HM.roa
Signing time:             Mon 01 Jan 2024 06:29:23 +0000
ROA not before:           Mon 01 Jan 2024 06:29:23 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49245
IP address blocks:        2a05:4140:14::/48 maxlen: 48
                          2a05:4140:12::/48 maxlen: 48
                          2a05:4140:13::/48 maxlen: 48
                          2a05:4140:3::/48 maxlen: 48
                          2a05:4140:11::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sun 28 Jul 2024 08:57:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:74:2c:26:91:95:a9:44:9b:53:14:7b:88:12:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
        Validity
            Not Before: Jan  1 06:29:23 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e0135c2bf140660b5bd5f36b527fa8765b9de873
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:ca:12:f1:4d:d9:2f:72:08:63:ea:b5:ed:96:
                    14:b1:43:18:09:f5:12:46:5d:0c:04:2a:24:a6:42:
                    95:1e:9f:f4:78:f7:0e:fe:62:5a:87:c3:be:f2:b5:
                    a9:1d:59:3d:eb:eb:42:96:67:f7:20:ff:71:b8:f6:
                    c1:89:02:d3:45:ff:22:ed:13:29:40:56:ff:75:48:
                    ba:03:f4:15:18:de:9e:4f:0e:8f:65:43:66:99:88:
                    e0:89:c3:02:f5:4a:1e:1d:c0:1f:e2:15:fa:1a:15:
                    36:0e:5f:ff:10:ea:9a:c7:13:e9:a0:d6:e1:ff:b5:
                    49:68:5c:67:22:bc:c7:70:b4:ed:7f:c7:62:73:d0:
                    99:c2:8e:51:b2:18:a4:33:0e:dd:96:25:ca:4b:ca:
                    b3:4f:81:9e:ac:00:e1:5d:76:6a:76:a3:d1:93:5f:
                    63:e5:e1:06:9c:0a:79:dd:72:15:3e:b2:6b:e5:3e:
                    d5:bc:ee:76:41:cb:93:59:bc:58:68:b9:8c:58:cf:
                    4a:3b:18:86:f5:e6:b4:50:c3:6f:fe:de:1c:d7:2d:
                    f5:69:58:43:0f:a6:cf:01:d4:0b:93:ae:f2:c1:c1:
                    25:a3:65:94:fa:6b:dc:19:f6:9e:67:62:2c:59:52:
                    b5:3a:1f:80:13:fa:5d:97:cd:ca:5a:b3:b7:d3:01:
                    2f:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:13:5C:2B:F1:40:66:0B:5B:D5:F3:6B:52:7F:A8:76:5B:9D:E8:73
            X509v3 Authority Key Identifier:
                keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/4BNcK_FAZgtb1fNrUn-odlud6HM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:4140:3::/48
                  2a05:4140:11::-2a05:4140:14:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         4c:22:0a:67:fc:25:4d:42:a1:42:e7:6f:58:a1:66:38:d6:d9:
         ff:cc:d1:2d:1d:19:5a:ff:e9:d7:38:7d:6c:86:ac:5b:bf:ce:
         76:d6:c6:82:60:dd:af:4f:8e:50:61:a7:9f:44:0d:8b:0e:cb:
         e4:5b:2c:a2:0c:32:0a:c3:2a:2a:3c:6e:7a:29:a5:94:4b:06:
         9d:87:28:66:ce:a9:f0:e4:23:df:28:de:5a:89:cd:87:74:d1:
         df:8c:cc:5f:47:b3:53:12:99:4a:7d:64:59:aa:5b:66:41:73:
         62:da:5b:fb:b7:92:bc:37:34:f1:d1:02:63:bb:67:17:03:37:
         72:f7:6e:aa:8e:9d:98:72:d4:8f:35:5e:de:16:bc:43:c8:e0:
         7d:b8:8d:41:82:2d:d9:49:62:22:9a:27:03:5f:f3:1e:e6:43:
         9b:97:2d:3c:54:f1:8a:1c:28:29:84:ec:0c:a2:3f:38:99:02:
         34:ba:70:59:ca:2c:7d:02:9e:95:8c:0a:45:29:a5:12:f5:74:
         5c:a3:d7:70:6c:15:19:4f:7c:fb:46:f5:07:04:59:87:49:bc:
         aa:62:27:c6:57:29:6f:a9:cd:44:d2:54:54:9d:be:df:6f:af:
         8a:88:d1:70:05:a8:bb:54:b5:2f:e8:51:24:d7:67:5e:e0:78:
         c9:54:90:7f
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzDtnQsJpGVqUSbUxR7iBLQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjQwMTAxMDYyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDEzNWMyYmYxNDA2NjBiNWJkNWYzNmI1MjdmYTg3NjViOWRlODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsoS8U3ZL3IIY+q17ZYUsUMYCfUS
Rl0MBCokpkKVHp/0ePcO/mJah8O+8rWpHVk96+tClmf3IP9xuPbBiQLTRf8i7RMp
QFb/dUi6A/QVGN6eTw6PZUNmmYjgicMC9UoeHcAf4hX6GhU2Dl//EOqaxxPpoNbh
/7VJaFxnIrzHcLTtf8dic9CZwo5RshikMw7dliXKS8qzT4GerADhXXZqdqPRk19j
5eEGnAp53XIVPrJr5T7VvO52QcuTWbxYaLmMWM9KOxiG9ea0UMNv/t4c1y31aVhD
D6bPAdQLk67ywcElo2WU+mvcGfaeZ2IsWVK1Oh+AE/pdl83KWrO30wEvlwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOATXCvxQGYLW9Xza1J/qHZbnehzMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvNEJOY0tfRkFaZ3RiMWZOclVuLW9kbHVkNkhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcAKgVBQAAD
MBIDBwAqBUFAABEDBwAqBUFAABQwDQYJKoZIhvcNAQELBQADggEBAEwiCmf8JU1C
oULnb1ihZjjW2f/M0S0dGVr/6dc4fWyGrFu/znbWxoJg3a9PjlBhp59EDYsOy+Rb
LKIMMgrDKio8bnoppZRLBp2HKGbOqfDkI98o3lqJzYd00d+MzF9Hs1MSmUp9ZFmq
W2ZBc2LaW/u3krw3NPHRAmO7ZxcDN3L3bqqOnZhy1I81Xt4WvEPI4H24jUGCLdlJ
YiKaJwNf8x7mQ5uXLTxU8YocKCmE7AyiPziZAjS6cFnKLH0CnpWMCkUppRL1dFyj
13BsFRlPfPtG9QcEWYdJvKpiJ8ZXKW+pzUTSVFSdvt9vr4qI0XAFqLtUtS/oUSTX
Z17geMlUkH8=
-----END CERTIFICATE-----
Generated at Sun Jul 28 10:28:11 2024 by rpki-client on console-fra.rpki-client.org