Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/Iq1Rhdf-IFMQK8VKkZ-iLl2AR4o.roa
File:                     Iq1Rhdf-IFMQK8VKkZ-iLl2AR4o.roa (raw, json)
Hash identifier:          TSsDo+baoOP78zteVqdAtZwwDESyM5qRk7PHPRXFwPw=
Subject key identifier:   22:AD:51:85:D7:FE:20:53:10:2B:C5:4A:91:9F:A2:2E:5D:80:47:8A
Certificate issuer:       /CN=4dd1b2587490ad061cb207176bdeec81a531588c
Certificate serial:       01856E0B14E181257154A9DA090A02003E6E
Authority key identifier: 4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/Iq1Rhdf-IFMQK8VKkZ-iLl2AR4o.roa
Signing time:             Sun 01 Jan 2023 15:54:58 +0000
ROA not before:           Sun 01 Jan 2023 15:54:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     38191
IP address blocks:        2a01:3e0:d01::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:0b:14:e1:81:25:71:54:a9:da:09:0a:02:00:3e:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4dd1b2587490ad061cb207176bdeec81a531588c
        Validity
            Not Before: Jan  1 15:54:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=22ad5185d7fe2053102bc54a919fa22e5d80478a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:ff:18:3c:18:41:88:34:18:9f:ba:98:16:2f:
                    f7:fc:fc:26:d7:98:3c:0f:f8:5f:68:47:8c:bb:26:
                    2a:20:32:96:04:2b:f0:49:04:07:14:9a:33:58:88:
                    58:98:a1:38:42:e1:24:ce:f5:08:32:c3:60:2c:cb:
                    e6:5f:e6:d1:81:54:3e:64:98:96:4b:fe:7e:28:2d:
                    a4:32:de:a2:15:f7:5d:17:ef:14:c8:ca:00:07:52:
                    7d:3e:39:58:fa:84:75:b5:2a:45:8d:fa:11:36:31:
                    bc:6a:79:16:10:10:cb:37:11:2f:50:a1:00:88:f5:
                    a7:9f:85:45:93:2b:e7:b5:5a:06:dd:2c:1e:91:30:
                    9c:cc:cc:f8:46:20:4f:f6:9d:78:05:87:88:55:11:
                    55:d0:a1:fc:a1:35:a4:66:a3:c1:d0:d5:42:0f:fa:
                    c7:9d:fc:55:a7:f0:bc:17:b0:da:3c:1d:b8:43:88:
                    c4:aa:0b:f5:cf:60:f0:20:5e:67:af:b5:5b:c5:a7:
                    c2:c6:54:c5:a2:cb:56:84:65:64:e8:38:33:32:a3:
                    6a:6e:83:db:7c:73:0e:98:32:b1:18:e1:31:54:ac:
                    a1:61:a4:f2:a1:ab:04:22:bd:c6:fb:4e:ca:3b:44:
                    0c:01:53:9e:0b:ad:e4:b5:e3:36:4a:d1:86:f3:be:
                    03:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:AD:51:85:D7:FE:20:53:10:2B:C5:4A:91:9F:A2:2E:5D:80:47:8A
            X509v3 Authority Key Identifier:
                keyid:4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/Iq1Rhdf-IFMQK8VKkZ-iLl2AR4o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a01:3e0:d01::/48

    Signature Algorithm: sha256WithRSAEncryption
         1c:a6:9d:5a:be:3f:1a:27:d2:e8:87:f5:54:fc:68:ac:e5:a1:
         b1:f2:f7:be:08:35:50:bc:e7:27:97:6a:41:71:fb:dd:83:af:
         f2:1d:c7:61:96:8e:3a:55:dc:a3:43:a4:14:ce:32:4d:88:da:
         d9:66:39:b2:44:57:4a:ef:25:24:6e:f8:11:1f:da:2c:82:33:
         c6:e0:61:f5:c2:be:c9:01:0b:ba:6a:9b:04:ff:ec:18:2c:de:
         d2:5f:42:ab:c5:cf:1c:df:f3:9f:3b:cd:b8:6a:72:cb:93:38:
         53:d5:84:54:a0:1b:15:bb:61:d7:d5:1b:bd:ba:32:ef:e8:13:
         6c:cb:23:0e:d4:c3:4a:af:cc:d3:e1:08:cc:00:3e:b7:0f:a1:
         60:f0:be:fc:29:76:28:26:f8:95:b3:84:39:5a:cb:72:ba:29:
         31:c5:60:38:1f:88:de:fe:58:e7:dc:7f:14:0c:e3:57:75:d3:
         b0:57:81:83:1b:d2:2a:de:12:13:19:16:c0:ea:be:c2:4a:c6:
         70:01:62:20:c8:91:a0:44:f7:43:67:b5:c0:29:d0:88:9e:0b:
         cb:33:91:46:c1:be:26:d3:f3:2e:fa:f2:11:28:16:b4:b8:bc:
         20:6c:11:bc:3b:c5:f0:10:9a:6a:b6:1d:a3:79:04:22:49:95:
         86:7d:3d:ad
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuCxThgSVxVKnaCQoCAD5uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDFiMjU4NzQ5MGFkMDYxY2IyMDcxNzZiZGVlYzgxYTUz
MTU4OGMwHhcNMjMwMTAxMTU1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmFkNTE4NWQ3ZmUyMDUzMTAyYmM1NGE5MTlmYTIyZTVkODA0NzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1v8YPBhBiDQYn7qYFi/3/Pwm15g8
D/hfaEeMuyYqIDKWBCvwSQQHFJozWIhYmKE4QuEkzvUIMsNgLMvmX+bRgVQ+ZJiW
S/5+KC2kMt6iFfddF+8UyMoAB1J9PjlY+oR1tSpFjfoRNjG8ankWEBDLNxEvUKEA
iPWnn4VFkyvntVoG3SwekTCczMz4RiBP9p14BYeIVRFV0KH8oTWkZqPB0NVCD/rH
nfxVp/C8F7DaPB24Q4jEqgv1z2DwIF5nr7VbxafCxlTFostWhGVk6DgzMqNqboPb
fHMOmDKxGOExVKyhYaTyoasEIr3G+07KO0QMAVOeC63kteM2StGG874D6QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCKtUYXX/iBTECvFSpGfoi5dgEeKMB8GA1UdIwQY
MBaAFE3Rslh0kK0GHLIHF2ve7IGlMViMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUt
ZGI0NjNjNWZiMGI0LzEvSXExUmhkZi1JRk1RSzhWS2taLWlMbDJBUjRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUtZGI0NjNjNWZiMGI0
LzEvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgED4A0B
MA0GCSqGSIb3DQEBCwUAA4IBAQAcpp1avj8aJ9Loh/VU/Gis5aGx8ve+CDVQvOcn
l2pBcfvdg6/yHcdhlo46VdyjQ6QUzjJNiNrZZjmyRFdK7yUkbvgRH9osgjPG4GH1
wr7JAQu6apsE/+wYLN7SX0Krxc8c3/OfO824anLLkzhT1YRUoBsVu2HX1Ru9ujLv
6BNsyyMO1MNKr8zT4QjMAD63D6Fg8L78KXYoJviVs4Q5WstyuikxxWA4H4je/ljn
3H8UDONXddOwV4GDG9Iq3hITGRbA6r7CSsZwAWIgyJGgRPdDZ7XAKdCIngvLM5FG
wb4m0/Mu+vIRKBa0uLwgbBG8O8XwEJpqth2jeQQiSZWGfT2t
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:19 2024 by rpki-client on console-ams.rpki-client.org