Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/0_AZ8w6bZzv3gHZQtmUseb00VS0.roa
File:                     0_AZ8w6bZzv3gHZQtmUseb00VS0.roa (raw, json)
Hash identifier:          m6rGDEKsP9/k6jLtP8t/45iIWp2G1Vh+ojdytU4sTeQ=
Subject key identifier:   D3:F0:19:F3:0E:9B:67:3B:F7:80:76:50:B6:65:2C:79:BD:34:55:2D
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       01856F42CE22B3005BCFF47A5FA9933FEC28
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/0_AZ8w6bZzv3gHZQtmUseb00VS0.roa
Signing time:             Sun 01 Jan 2023 21:35:27 +0000
ROA not before:           Sun 01 Jan 2023 21:35:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202939
IP address blocks:        2a0e:8f02:f04e::/48 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:ce:22:b3:00:5b:cf:f4:7a:5f:a9:93:3f:ec:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Jan  1 21:35:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d3f019f30e9b673bf7807650b6652c79bd34552d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:64:9c:02:a0:8c:a1:79:e4:ec:03:1f:11:ae:
                    a0:f9:a9:ed:49:7d:21:8f:cd:79:1e:86:01:ca:64:
                    81:4a:5b:af:a5:72:86:21:3d:7f:f0:bd:e8:44:34:
                    36:5c:eb:70:8e:5b:5d:00:ca:33:1d:d1:b6:9d:45:
                    8a:64:f3:02:f4:03:ea:1d:73:ce:de:1e:75:9f:cc:
                    a3:53:d0:52:91:f4:bb:c5:4d:5c:19:b3:73:48:3e:
                    26:fe:48:72:96:95:d1:19:71:b2:16:79:88:67:48:
                    ab:dd:75:7f:d6:74:e0:1b:5e:a7:68:3e:c6:25:e7:
                    dc:8d:fd:7c:55:ab:73:6b:ad:99:ba:4d:a5:35:96:
                    00:2a:a5:38:a5:fc:fd:1b:68:fc:65:26:6b:57:48:
                    d6:c0:fc:0e:95:9e:c3:0e:a6:19:93:6d:a9:a0:53:
                    c3:a8:14:af:f1:92:da:7c:42:88:d4:70:66:b9:34:
                    c9:d2:ea:6b:d3:58:4b:17:61:46:77:55:40:fe:26:
                    ad:a5:88:3c:8d:2a:f7:4c:aa:2c:72:81:81:ea:8b:
                    67:4b:02:ae:a8:2c:f4:a4:a8:e8:ce:52:dd:da:c9:
                    97:33:c6:ac:08:78:be:ab:8d:5a:2c:b1:e4:ec:69:
                    65:5e:42:69:4e:01:ad:fd:e9:31:c8:7d:44:52:52:
                    e4:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:F0:19:F3:0E:9B:67:3B:F7:80:76:50:B6:65:2C:79:BD:34:55:2D
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/0_AZ8w6bZzv3gHZQtmUseb00VS0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f02:f04e::/48

    Signature Algorithm: sha256WithRSAEncryption
         61:f6:19:9a:a9:15:ce:2a:e5:76:52:cd:11:85:ca:d8:97:0a:
         df:bb:a3:b0:db:f9:15:71:c8:c3:98:b6:9e:b7:02:8d:14:fa:
         2a:95:30:01:b9:e5:b1:51:15:ee:92:9c:5b:e4:c4:74:24:21:
         6a:18:82:94:b7:8f:9b:95:65:f6:68:56:f5:56:aa:8f:50:24:
         3a:7c:3d:b1:67:8a:cd:36:88:ab:22:73:df:3c:34:e4:aa:83:
         91:e8:36:83:31:22:7d:3b:56:3c:c5:5f:6a:53:07:3a:46:25:
         a7:01:c9:9c:94:01:dc:d6:e1:e5:64:1d:50:fc:0f:72:b2:13:
         12:de:53:d7:dc:aa:e1:0f:20:54:8b:73:4b:19:f1:32:55:3d:
         7b:34:08:55:6a:ef:c2:54:40:a6:05:7d:8f:28:6c:f9:b6:a8:
         88:af:90:0a:ed:82:fb:c7:24:e0:71:0e:e1:96:fb:43:f2:37:
         d8:a7:dc:88:37:1f:5a:e0:b0:29:17:13:d9:d6:48:02:32:b7:
         fc:97:e7:61:f1:0a:ce:49:fb:eb:24:a2:09:df:58:0c:17:f5:
         c9:e7:b6:7e:be:ad:de:33:59:84:78:fb:4b:72:e9:c2:90:2e:
         5e:92:b5:a9:03:56:9a:b6:01:6c:4e:d9:cf:1c:2e:a0:c8:7c:
         a1:9d:8e:da
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQs4iswBbz/R6X6mTP+woMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2YwMTlmMzBlOWI2NzNiZjc4MDc2NTBiNjY1MmM3OWJkMzQ1NTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmScAqCMoXnk7AMfEa6g+antSX0h
j815HoYBymSBSluvpXKGIT1/8L3oRDQ2XOtwjltdAMozHdG2nUWKZPMC9APqHXPO
3h51n8yjU9BSkfS7xU1cGbNzSD4m/khylpXRGXGyFnmIZ0ir3XV/1nTgG16naD7G
Jefcjf18Vatza62Zuk2lNZYAKqU4pfz9G2j8ZSZrV0jWwPwOlZ7DDqYZk22poFPD
qBSv8ZLafEKI1HBmuTTJ0upr01hLF2FGd1VA/iatpYg8jSr3TKoscoGB6otnSwKu
qCz0pKjozlLd2smXM8asCHi+q41aLLHk7GllXkJpTgGt/ekxyH1EUlLkPQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNPwGfMOm2c794B2ULZlLHm9NFUtMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvMF9BWjh3NmJaenYzZ0haUXRtVXNlYjAwVlMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvBO
MA0GCSqGSIb3DQEBCwUAA4IBAQBh9hmaqRXOKuV2Us0RhcrYlwrfu6Ow2/kVccjD
mLaetwKNFPoqlTABueWxURXukpxb5MR0JCFqGIKUt4+blWX2aFb1VqqPUCQ6fD2x
Z4rNNoirInPfPDTkqoOR6DaDMSJ9O1Y8xV9qUwc6RiWnAcmclAHc1uHlZB1Q/A9y
shMS3lPX3KrhDyBUi3NLGfEyVT17NAhVau/CVECmBX2PKGz5tqiIr5AK7YL7xyTg
cQ7hlvtD8jfYp9yINx9a4LApFxPZ1kgCMrf8l+dh8QrOSfvrJKIJ31gMF/XJ57Z+
vq3eM1mEePtLcunCkC5ekrWpA1aatgFsTtnPHC6gyHyhnY7a
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:00 2024 by rpki-client on console-ams.rpki-client.org