Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/427PA7f_4MBjcQu3nLSae8Ia7dM.roa
File:                     427PA7f_4MBjcQu3nLSae8Ia7dM.roa (raw, json)
Hash identifier:          6RdyjnlFdOfvt6USw9qcW/Rq5PSQqpjoxh03O35wGX8=
Subject key identifier:   E3:6E:CF:03:B7:FF:E0:C0:63:71:0B:B7:9C:B4:9A:7B:C2:1A:ED:D3
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       01856F42E4813AECB4DD89541992D3DD1574
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/427PA7f_4MBjcQu3nLSae8Ia7dM.roa
Signing time:             Sun 01 Jan 2023 21:35:32 +0000
ROA not before:           Sun 01 Jan 2023 21:35:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211980
IP address blocks:        2a0e:8f02:f006::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:32:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:e4:81:3a:ec:b4:dd:89:54:19:92:d3:dd:15:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Jan  1 21:35:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e36ecf03b7ffe0c063710bb79cb49a7bc21aedd3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:cf:de:9c:90:cd:4b:67:c7:aa:ba:9d:2b:dd:
                    a2:c9:09:bb:7c:de:7f:0d:31:6f:04:32:8b:61:07:
                    ac:8a:0a:e7:e2:65:0b:01:46:18:c4:e3:11:56:9a:
                    92:4b:c7:3a:53:98:01:51:a4:79:1f:75:eb:32:ca:
                    e0:cb:63:ac:da:d5:fb:17:90:d6:1b:53:58:3a:b9:
                    c1:44:fb:b1:85:79:08:ef:21:a2:e4:b5:6e:30:27:
                    fa:88:20:83:9d:41:44:42:a0:07:1d:7c:2b:4e:ca:
                    67:cd:f4:30:34:5b:b8:71:33:95:0b:66:e1:bf:ef:
                    2f:cb:6b:f9:73:7f:54:68:d1:8b:d5:97:74:28:a7:
                    5c:2c:0a:81:5e:5d:51:58:ad:f1:f7:47:cd:00:8d:
                    ab:98:44:83:73:90:74:11:8f:21:f8:0b:c6:e6:0b:
                    ce:85:b1:b8:df:e1:8f:5b:9c:f7:23:1c:2a:5a:92:
                    72:3d:f8:8f:72:9c:46:d6:6d:b4:83:34:b3:b8:30:
                    09:1c:7e:a4:b4:c8:1b:d1:1f:21:1b:3a:23:2b:d8:
                    1f:a5:14:a1:4e:ee:a5:a2:12:ec:69:8a:1a:a9:f2:
                    93:c7:1c:7b:40:a6:5d:aa:13:76:0a:35:78:f9:3a:
                    1b:e9:9e:a4:41:2b:d6:dc:40:5b:9e:0f:02:bf:48:
                    4b:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:6E:CF:03:B7:FF:E0:C0:63:71:0B:B7:9C:B4:9A:7B:C2:1A:ED:D3
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/427PA7f_4MBjcQu3nLSae8Ia7dM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f02:f006::/48

    Signature Algorithm: sha256WithRSAEncryption
         1a:29:db:e6:cd:a7:f6:44:e9:55:a5:bc:9c:52:c7:50:d4:2f:
         52:1a:c0:d6:b4:bd:e0:79:06:5c:6d:93:72:82:13:a2:c5:84:
         48:13:a4:68:dc:76:43:d6:d8:8f:a6:ae:06:9e:89:e9:7a:37:
         03:24:7e:c3:c8:f4:00:12:e6:1e:51:96:8d:b2:32:79:2a:80:
         d7:49:2b:5c:55:53:f4:a9:32:52:ac:05:94:d1:03:32:48:6c:
         be:49:ad:6f:3b:9d:55:61:e5:c2:d0:cf:70:c6:4d:e0:3f:2e:
         c3:c5:a0:34:41:a6:9a:94:34:5a:27:97:67:43:32:5e:65:1c:
         ef:df:cf:86:79:dd:70:ed:84:07:16:a3:e2:e0:d5:48:b0:01:
         5e:62:b1:7c:ea:d2:9f:7a:e1:3a:44:f0:b2:b4:3a:ba:39:e4:
         44:82:9e:6c:f0:b5:3c:c6:bb:e3:f5:85:df:ec:1e:4e:01:12:
         e6:9c:03:a4:e7:82:3e:81:ae:b6:9a:75:76:a7:33:43:bf:c1:
         04:87:66:c1:f1:dd:c2:30:90:7c:26:9a:63:c3:c1:1a:37:ba:
         e3:52:99:c9:4a:85:36:d4:48:d6:cb:e1:c5:c3:d3:77:29:34:
         68:dc:c2:9d:fd:fc:81:a9:f9:13:e2:25:cf:80:b4:c4:c9:f2:
         5f:51:a6:06
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQuSBOuy03YlUGZLT3RV0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzZlY2YwM2I3ZmZlMGMwNjM3MTBiYjc5Y2I0OWE3YmMyMWFlZGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjc/enJDNS2fHqrqdK92iyQm7fN5/
DTFvBDKLYQesigrn4mULAUYYxOMRVpqSS8c6U5gBUaR5H3XrMsrgy2Os2tX7F5DW
G1NYOrnBRPuxhXkI7yGi5LVuMCf6iCCDnUFEQqAHHXwrTspnzfQwNFu4cTOVC2bh
v+8vy2v5c39UaNGL1Zd0KKdcLAqBXl1RWK3x90fNAI2rmESDc5B0EY8h+AvG5gvO
hbG43+GPW5z3IxwqWpJyPfiPcpxG1m20gzSzuDAJHH6ktMgb0R8hGzojK9gfpRSh
Tu6lohLsaYoaqfKTxxx7QKZdqhN2CjV4+Tob6Z6kQSvW3EBbng8Cv0hLiQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFONuzwO3/+DAY3ELt5y0mnvCGu3TMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvNDI3UEE3Zl80TUJqY1F1M25MU2FlOElhN2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAG
MA0GCSqGSIb3DQEBCwUAA4IBAQAaKdvmzaf2ROlVpbycUsdQ1C9SGsDWtL3geQZc
bZNyghOixYRIE6Ro3HZD1tiPpq4GnonpejcDJH7DyPQAEuYeUZaNsjJ5KoDXSStc
VVP0qTJSrAWU0QMySGy+Sa1vO51VYeXC0M9wxk3gPy7DxaA0QaaalDRaJ5dnQzJe
ZRzv38+Ged1w7YQHFqPi4NVIsAFeYrF86tKfeuE6RPCytDq6OeREgp5s8LU8xrvj
9YXf7B5OARLmnAOk54I+ga62mnV2pzNDv8EEh2bB8d3CMJB8Jppjw8EaN7rjUpnJ
SoU21EjWy+HFw9N3KTRo3MKd/fyBqfkT4iXPgLTEyfJfUaYG
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:35 2024 by rpki-client on console-ams.rpki-client.org