Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/5jZHFxiMH-xhHyAIAtVdZD5gH5I.roa
File:                     5jZHFxiMH-xhHyAIAtVdZD5gH5I.roa (raw, json)
Hash identifier:          qoJav1zahiDS6lZTbxbmZk4w9VfjfiNihaj6sOrltlc=
Subject key identifier:   E6:36:47:17:18:8C:1F:EC:61:1F:20:08:02:D5:5D:64:3E:60:1F:92
Certificate issuer:       /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial:       018CC3B6770D28B4FBD5E605E06C32F268BE
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/5jZHFxiMH-xhHyAIAtVdZD5gH5I.roa
Signing time:             Mon 01 Jan 2024 06:29:24 +0000
ROA not before:           Mon 01 Jan 2024 06:29:24 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     203323
IP address blocks:        2a05:4140:3f0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Thu 13 Jun 2024 11:38:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:77:0d:28:b4:fb:d5:e6:05:e0:6c:32:f2:68:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
        Validity
            Not Before: Jan  1 06:29:24 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e6364717188c1fec611f200802d55d643e601f92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:0c:d8:74:f3:85:ae:90:c8:f2:4c:b3:53:dd:
                    62:99:84:08:04:fa:89:bd:dc:f5:94:bd:c3:93:5f:
                    9c:c9:f3:c6:93:a5:cf:06:c1:7f:ea:8d:9e:a0:a8:
                    52:4d:5e:68:6e:00:15:ac:46:ad:88:00:7e:e6:15:
                    5d:ab:e3:06:28:46:79:18:21:9d:cd:c1:7f:50:d0:
                    4e:88:f9:79:71:1d:78:2b:85:c5:c6:43:82:e1:d6:
                    70:66:3f:a2:46:6d:b7:26:7a:d5:b9:29:95:96:14:
                    ee:1d:c7:34:cf:19:75:f5:e2:66:0b:4a:46:61:f5:
                    e9:da:a0:b4:36:d1:cc:c0:31:8e:e4:f3:1a:04:1e:
                    86:ee:83:a4:e9:3d:78:5c:d9:0f:93:f2:71:7b:09:
                    42:26:31:f2:4d:20:6b:2a:66:08:1b:65:4f:e5:b6:
                    e9:b5:89:bc:1e:9f:81:02:ad:07:a8:84:b9:02:fe:
                    08:6e:33:7b:5a:62:66:cd:67:74:56:52:71:8f:2d:
                    ce:92:ff:a5:8c:02:bd:0f:b6:4f:49:c9:63:b5:ad:
                    4d:6d:33:14:f1:dd:11:af:20:a0:80:da:51:88:2d:
                    d8:1b:21:9c:d8:82:60:8f:d6:b8:99:4e:cc:d8:d5:
                    e4:9b:91:e8:ae:11:23:e6:a6:e8:ec:f6:41:b7:49:
                    ed:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:36:47:17:18:8C:1F:EC:61:1F:20:08:02:D5:5D:64:3E:60:1F:92
            X509v3 Authority Key Identifier:
                keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/5jZHFxiMH-xhHyAIAtVdZD5gH5I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:4140:3f0::/44

    Signature Algorithm: sha256WithRSAEncryption
         74:12:fc:76:37:26:b5:53:b3:b6:42:28:b6:26:12:2f:69:f0:
         87:a1:11:a2:6b:1e:47:f2:66:a9:3c:1e:97:a8:0f:07:a1:9c:
         3c:8b:5b:d5:a6:9e:f3:0c:ea:c3:8b:58:80:b7:0c:8d:ee:70:
         13:9d:97:38:dd:bc:f4:28:2f:92:58:12:f7:77:df:fb:99:6b:
         c0:85:d8:0a:97:48:0c:9d:de:8a:46:27:c2:af:03:d3:4d:c6:
         55:2c:15:1e:4e:c5:f0:20:2f:22:e7:55:2d:1a:23:6b:d2:af:
         76:47:49:76:c6:b5:12:19:5f:36:b8:c6:74:bf:8a:31:b1:ea:
         e4:0d:06:1a:6f:44:24:46:f5:28:3a:be:9d:18:90:f6:1a:21:
         a5:eb:c1:4b:fd:c5:55:55:59:9e:5e:f1:e4:8b:e7:f3:9e:97:
         60:e7:f8:98:bb:cf:68:8b:c3:00:22:ba:fe:44:7e:43:d6:c6:
         24:42:b7:9a:eb:db:cd:16:e5:6f:81:74:dd:a8:76:03:ff:a2:
         76:4d:1a:f3:10:b3:4a:51:87:f5:0a:b9:bc:b3:90:d1:3e:49:
         a5:ad:a0:1c:4a:ae:1b:25:44:7c:b1:18:db:c8:82:26:74:08:
         60:c4:74:ed:9b:93:cb:a5:52:17:37:de:cc:22:65:25:a2:3f:
         fd:b1:a2:61
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzDtncNKLT71eYF4Gwy8mi+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjQwMTAxMDYyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjM2NDcxNzE4OGMxZmVjNjExZjIwMDgwMmQ1NWQ2NDNlNjAxZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAzYdPOFrpDI8kyzU91imYQIBPqJ
vdz1lL3Dk1+cyfPGk6XPBsF/6o2eoKhSTV5obgAVrEatiAB+5hVdq+MGKEZ5GCGd
zcF/UNBOiPl5cR14K4XFxkOC4dZwZj+iRm23JnrVuSmVlhTuHcc0zxl19eJmC0pG
YfXp2qC0NtHMwDGO5PMaBB6G7oOk6T14XNkPk/JxewlCJjHyTSBrKmYIG2VP5bbp
tYm8Hp+BAq0HqIS5Av4IbjN7WmJmzWd0VlJxjy3Okv+ljAK9D7ZPScljta1NbTMU
8d0RryCggNpRiC3YGyGc2IJgj9a4mU7M2NXkm5HorhEj5qbo7PZBt0ntnQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOY2RxcYjB/sYR8gCALVXWQ+YB+SMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvNWpaSEZ4aU1ILXhoSHlBSUF0VmRaRDVnSDVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgVBQAPw
MA0GCSqGSIb3DQEBCwUAA4IBAQB0Evx2Nya1U7O2Qii2JhIvafCHoRGiax5H8map
PB6XqA8HoZw8i1vVpp7zDOrDi1iAtwyN7nATnZc43bz0KC+SWBL3d9/7mWvAhdgK
l0gMnd6KRifCrwPTTcZVLBUeTsXwIC8i51UtGiNr0q92R0l2xrUSGV82uMZ0v4ox
serkDQYab0QkRvUoOr6dGJD2GiGl68FL/cVVVVmeXvHki+fznpdg5/iYu89oi8MA
Irr+RH5D1sYkQrea69vNFuVvgXTdqHYD/6J2TRrzELNKUYf1Crm8s5DRPkmlraAc
Sq4bJUR8sRjbyIImdAhgxHTtm5PLpVIXN97MImUloj/9saJh
-----END CERTIFICATE-----
Generated at Thu Jun 13 14:15:31 2024 by rpki-client on console-fra.rpki-client.org