Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/0L5IfAUjHf2AbazGAaeuQQnct1k.roa
File:                     0L5IfAUjHf2AbazGAaeuQQnct1k.roa (raw, json)
Hash identifier:          HCHCrPPahGnzbLdXujj7UjVyDtgoHhcuWQNXKkdKHi4=
Subject key identifier:   D0:BE:48:7C:05:23:1D:FD:80:6D:AC:C6:01:A7:AE:41:09:DC:B7:59
Certificate issuer:       /CN=ccad68f7e8abadf4472623343a32561507224189
Certificate serial:       018DEC09982746C975FB3022F900C1AE37A2
Authority key identifier: CC:AD:68:F7:E8:AB:AD:F4:47:26:23:34:3A:32:56:15:07:22:41:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zK1o9-irrfRHJiM0OjJWFQciQYk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/0L5IfAUjHf2AbazGAaeuQQnct1k.roa
Signing time:             Tue 27 Feb 2024 19:27:48 +0000
ROA not before:           Tue 27 Feb 2024 19:27:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216463
IP address blocks:        2a02:f680::/29 maxlen: 29
                          2a02:f680::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 19 Mar 2024 03:09:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:ec:09:98:27:46:c9:75:fb:30:22:f9:00:c1:ae:37:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ccad68f7e8abadf4472623343a32561507224189
        Validity
            Not Before: Feb 27 19:27:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d0be487c05231dfd806dacc601a7ae4109dcb759
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:88:88:98:40:c0:2b:11:e5:b7:62:fd:3b:7a:
                    2f:9c:4b:02:6c:57:0c:4c:46:bb:33:4c:78:db:75:
                    c2:b5:8c:87:1f:12:58:c3:b8:c2:d1:4c:bd:05:f8:
                    f4:c0:5c:85:f6:ee:31:10:38:7f:29:f4:6b:c6:39:
                    4e:4a:46:8f:81:cc:50:3c:52:af:bf:e4:c6:f1:a4:
                    67:e1:c4:3c:36:08:d5:da:46:42:7a:b8:f3:6e:28:
                    5a:1a:25:9b:85:b7:71:63:65:fe:75:1c:c5:a3:90:
                    ab:72:9c:dc:d7:0a:cc:ae:41:ee:cb:b0:1b:a4:71:
                    1f:d2:df:87:d5:f7:59:88:fb:bd:39:c5:3e:d6:db:
                    c9:5d:95:7a:3b:05:4a:30:42:20:e1:e8:53:0d:1a:
                    84:c4:08:ea:c0:11:f0:a9:55:1a:46:0d:13:71:f1:
                    36:1f:f1:77:60:9a:fb:02:5b:01:98:27:e7:0f:1e:
                    fa:d7:4c:ee:92:e9:b0:2b:37:5d:e5:a9:97:c5:51:
                    7e:85:eb:27:be:20:d8:8f:0a:a1:07:0f:c1:a2:20:
                    a9:62:b2:87:55:c8:59:44:4a:fe:a9:06:24:a6:3e:
                    30:0f:0f:3a:be:32:9e:c7:c7:cb:27:f4:5f:5e:ad:
                    4a:a9:90:13:ac:17:6b:b9:f1:32:7b:1c:fa:3e:6c:
                    01:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:BE:48:7C:05:23:1D:FD:80:6D:AC:C6:01:A7:AE:41:09:DC:B7:59
            X509v3 Authority Key Identifier:
                keyid:CC:AD:68:F7:E8:AB:AD:F4:47:26:23:34:3A:32:56:15:07:22:41:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zK1o9-irrfRHJiM0OjJWFQciQYk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/0L5IfAUjHf2AbazGAaeuQQnct1k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a02:f680::/29

    Signature Algorithm: sha256WithRSAEncryption
         1a:82:0d:7d:1c:77:de:ac:81:90:de:a4:fd:55:d8:ab:90:d6:
         10:5b:5f:cb:29:af:c8:e7:09:50:d2:1b:f7:f2:68:7e:f8:4d:
         5d:16:df:34:c1:e1:94:28:b0:a2:89:0c:79:56:a3:d9:b1:e9:
         c9:2b:2e:8e:de:f3:ea:b9:a6:2d:e2:6e:17:da:6d:b1:b1:c0:
         3a:99:0d:d1:7a:84:f1:f2:08:79:a8:2e:30:c8:47:cd:57:4f:
         16:79:ce:f2:b4:2c:6a:10:a1:04:b4:b5:74:d8:be:75:bc:47:
         97:81:29:0a:6d:6d:0a:6d:49:9f:3a:70:5b:3a:0b:e2:bc:33:
         71:4e:e7:20:5b:39:82:b0:cc:fc:80:41:7d:5e:dc:31:53:b1:
         07:05:2a:4e:24:b1:aa:73:c0:0b:f2:07:b3:12:1f:d4:ff:d4:
         6b:88:6d:ae:aa:a4:17:20:71:5c:aa:cc:6e:bf:0f:e4:f9:50:
         5a:f0:f4:75:a8:17:02:a5:e9:de:c7:d3:ef:be:52:ab:cb:12:
         77:59:ba:d7:12:80:67:14:32:c0:4b:da:ba:5e:dd:fe:8b:2b:
         41:49:9d:c5:23:1a:19:8a:33:42:e5:af:36:4b:b3:af:8a:10:
         01:e1:30:bd:be:81:eb:ba:b5:c9:ef:30:27:6c:4a:c9:4a:35:
         ea:94:e8:e5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY3sCZgnRsl1+zAi+QDBrjeiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjYWQ2OGY3ZThhYmFkZjQ0NzI2MjMzNDNhMzI1NjE1MDcy
MjQxODkwHhcNMjQwMjI3MTkyNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGJlNDg3YzA1MjMxZGZkODA2ZGFjYzYwMWE3YWU0MTA5ZGNiNzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloiImEDAKxHlt2L9O3ovnEsCbFcM
TEa7M0x423XCtYyHHxJYw7jC0Uy9Bfj0wFyF9u4xEDh/KfRrxjlOSkaPgcxQPFKv
v+TG8aRn4cQ8NgjV2kZCerjzbihaGiWbhbdxY2X+dRzFo5Crcpzc1wrMrkHuy7Ab
pHEf0t+H1fdZiPu9OcU+1tvJXZV6OwVKMEIg4ehTDRqExAjqwBHwqVUaRg0TcfE2
H/F3YJr7AlsBmCfnDx7610zukumwKzdd5amXxVF+hesnviDYjwqhBw/BoiCpYrKH
VchZREr+qQYkpj4wDw86vjKex8fLJ/RfXq1KqZATrBdrufEyexz6PmwBvQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNC+SHwFIx39gG2sxgGnrkEJ3LdZMB8GA1UdIwQY
MBaAFMytaPfoq630RyYjNDoyVhUHIkGJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveksxbzktaXJyZlJISmlNME9qSldGUWNpUVlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS80YmJhMDgtYmUzNi00N2ViLWFiMmMt
NjM1OWY5MmUxZDJmLzEvMEw1SWZBVWpIZjJBYmF6R0FhZXVRUW5jdDFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS80YmJhMDgtYmUzNi00N2ViLWFiMmMtNjM1OWY5MmUxZDJm
LzEveksxbzktaXJyZlJISmlNME9qSldGUWNpUVlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgL2gDAN
BgkqhkiG9w0BAQsFAAOCAQEAGoINfRx33qyBkN6k/VXYq5DWEFtfyymvyOcJUNIb
9/JofvhNXRbfNMHhlCiwookMeVaj2bHpySsujt7z6rmmLeJuF9ptsbHAOpkN0XqE
8fIIeaguMMhHzVdPFnnO8rQsahChBLS1dNi+dbxHl4EpCm1tCm1JnzpwWzoL4rwz
cU7nIFs5grDM/IBBfV7cMVOxBwUqTiSxqnPAC/IHsxIf1P/Ua4htrqqkFyBxXKrM
br8P5PlQWvD0dagXAqXp3sfT775Sq8sSd1m61xKAZxQywEvaul7d/osrQUmdxSMa
GYozQuWvNkuzr4oQAeEwvb6B67q1ye8wJ2xKyUo16pTo5Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:40 2024 by rpki-client on console-fra.rpki-client.org