Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1eNh6_FYuWp6zZTKGMoVFYztI5g.roa
File:                     1eNh6_FYuWp6zZTKGMoVFYztI5g.roa (raw, json)
Hash identifier:          FhOO9RTyr1GP9Xs4vf6tSOw+gpdTAC/Pl5/HvNFb/aE=
Subject key identifier:   D5:E3:61:EB:F1:58:B9:6A:7A:CD:94:CA:18:CA:15:15:8C:ED:23:98
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       01856F42D405942C2E581D1E3D81E77EA70C
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1eNh6_FYuWp6zZTKGMoVFYztI5g.roa
Signing time:             Sun 01 Jan 2023 21:35:28 +0000
ROA not before:           Sun 01 Jan 2023 21:35:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208137
IP address blocks:        2a0e:8f02:f03c::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:32:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:d4:05:94:2c:2e:58:1d:1e:3d:81:e7:7e:a7:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Jan  1 21:35:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d5e361ebf158b96a7acd94ca18ca15158ced2398
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:22:ac:36:db:dc:59:90:13:1c:02:35:04:0c:
                    3d:a2:3d:2e:6c:32:b8:2c:c1:94:ac:3d:b5:0d:c5:
                    8d:19:1b:60:5e:0d:65:b2:f5:fe:c6:79:cb:e9:d7:
                    89:cf:86:2b:68:05:ff:b5:7f:ec:da:19:0a:12:54:
                    66:74:6b:70:28:d5:3d:c7:be:cd:33:48:cc:7a:91:
                    3e:46:12:64:41:8f:27:08:8c:bd:5c:e2:47:dd:a3:
                    9d:59:80:47:9d:43:1c:c9:c3:ff:42:be:21:dc:94:
                    b4:fa:ff:b0:e6:bd:a6:1d:59:08:8e:29:4a:d3:90:
                    56:2c:d2:2a:91:3c:b1:a0:9d:32:1e:0d:44:35:84:
                    fd:1f:24:fc:2c:bb:28:d4:84:e3:45:f8:b0:11:8e:
                    a3:84:5b:99:15:be:3e:4c:56:c1:0e:65:1c:97:24:
                    96:cd:bb:e3:a8:0f:be:c7:1d:e2:b5:21:0a:c1:6b:
                    00:77:17:e8:af:4d:62:57:c9:ef:11:d5:99:cf:2b:
                    4b:bf:16:f0:dc:d6:fa:2c:c4:36:54:39:70:ea:4e:
                    9b:a2:fc:99:46:46:cb:05:17:bb:15:7d:cd:9a:c7:
                    9b:f4:a3:d9:b5:7b:ab:f6:25:53:5b:23:4b:ef:0c:
                    bb:c2:fe:4c:f7:80:81:55:93:b2:83:ca:23:2e:f0:
                    ea:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:E3:61:EB:F1:58:B9:6A:7A:CD:94:CA:18:CA:15:15:8C:ED:23:98
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1eNh6_FYuWp6zZTKGMoVFYztI5g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f02:f03c::/48

    Signature Algorithm: sha256WithRSAEncryption
         6f:20:dd:7d:88:e0:7d:b6:47:7b:53:64:83:5e:4e:b8:89:15:
         7d:f6:0d:a3:38:af:4e:f5:9f:54:ac:27:07:69:14:6d:6a:4c:
         77:e8:83:d4:a8:8b:13:ea:46:3d:4d:72:3b:74:ec:71:03:19:
         89:f8:47:01:4b:0d:71:c2:09:c1:ad:d3:d7:1f:ca:b6:2e:c1:
         fd:c3:fb:bb:ea:07:12:37:17:8b:dc:6f:8c:98:f4:c9:b0:c4:
         bc:5b:e3:5d:27:76:b3:ae:a8:49:eb:db:e2:00:60:03:62:91:
         f3:fb:2a:0f:77:d1:6f:6c:c1:3d:f9:63:03:45:92:58:93:e1:
         39:e4:8f:e5:d4:88:ac:ad:6d:5d:b8:62:2c:1d:6b:a2:ce:29:
         42:61:13:e2:b1:8d:2c:d9:b5:1b:c6:a6:f2:a5:ee:3c:f8:64:
         c8:cd:1c:12:14:97:c5:34:ff:72:47:48:22:76:ce:79:58:c2:
         ed:33:cb:99:d1:ae:c2:7b:f3:f9:6d:54:e5:b3:9c:9f:e0:13:
         93:bd:22:47:c3:11:34:bf:3e:13:9c:ac:ef:8e:a7:4d:ab:9b:
         b5:1a:e3:b8:9f:20:71:1e:56:c2:c7:db:bb:e6:91:95:08:18:
         b2:69:44:65:f3:a4:56:70:48:f9:6a:a9:db:c5:8e:ea:ea:91:
         3f:20:72:c7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQtQFlCwuWB0ePYHnfqcMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWUzNjFlYmYxNThiOTZhN2FjZDk0Y2ExOGNhMTUxNThjZWQyMzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSKsNtvcWZATHAI1BAw9oj0ubDK4
LMGUrD21DcWNGRtgXg1lsvX+xnnL6deJz4YraAX/tX/s2hkKElRmdGtwKNU9x77N
M0jMepE+RhJkQY8nCIy9XOJH3aOdWYBHnUMcycP/Qr4h3JS0+v+w5r2mHVkIjilK
05BWLNIqkTyxoJ0yHg1ENYT9HyT8LLso1ITjRfiwEY6jhFuZFb4+TFbBDmUclySW
zbvjqA++xx3itSEKwWsAdxfor01iV8nvEdWZzytLvxbw3Nb6LMQ2VDlw6k6bovyZ
RkbLBRe7FX3Nmseb9KPZtXur9iVTWyNL7wy7wv5M94CBVZOyg8ojLvDqDQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNXjYevxWLlqes2UyhjKFRWM7SOYMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvMWVOaDZfRll1V3A2elpUS0dNb1ZGWXp0STVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvA8
MA0GCSqGSIb3DQEBCwUAA4IBAQBvIN19iOB9tkd7U2SDXk64iRV99g2jOK9O9Z9U
rCcHaRRtakx36IPUqIsT6kY9TXI7dOxxAxmJ+EcBSw1xwgnBrdPXH8q2LsH9w/u7
6gcSNxeL3G+MmPTJsMS8W+NdJ3azrqhJ69viAGADYpHz+yoPd9FvbME9+WMDRZJY
k+E55I/l1IisrW1duGIsHWuizilCYRPisY0s2bUbxqbype48+GTIzRwSFJfFNP9y
R0gids55WMLtM8uZ0a7Ce/P5bVTls5yf4BOTvSJHwxE0vz4TnKzvjqdNq5u1GuO4
nyBxHlbCx9u75pGVCBiyaURl86RWcEj5aqnbxY7q6pE/IHLH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:41 2024 by rpki-client on console-fra.rpki-client.org