Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/9awWvJqusdQ_a_gBefI2ZK8wnQE.roa
File:                     9awWvJqusdQ_a_gBefI2ZK8wnQE.roa (raw, json)
Hash identifier:          Mjhg6ZiSRdHpOrXACWcvOvGqkwg0s4WmsNEyn9QJIsQ=
Subject key identifier:   F5:AC:16:BC:9A:AE:B1:D4:3F:6B:F8:01:79:F2:36:64:AF:30:9D:01
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       01856F42E8EF1EB991B7CB40A847FE5BE5CB
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/9awWvJqusdQ_a_gBefI2ZK8wnQE.roa
Signing time:             Sun 01 Jan 2023 21:35:34 +0000
ROA not before:           Sun 01 Jan 2023 21:35:34 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212279
IP address blocks:        2a0e:8f02:f013::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:32:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:e8:ef:1e:b9:91:b7:cb:40:a8:47:fe:5b:e5:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Jan  1 21:35:34 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f5ac16bc9aaeb1d43f6bf80179f23664af309d01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:db:b3:f6:d6:d9:5c:5d:96:b7:8a:96:50:bb:
                    03:de:65:ea:c7:c2:06:15:a2:7c:41:d3:b1:8d:b4:
                    22:4a:62:a9:ff:87:7f:32:97:73:e1:00:8c:57:11:
                    d3:f3:ae:96:50:37:f5:92:61:7b:4a:92:5e:c4:7e:
                    69:96:05:57:7a:e9:fe:e1:85:00:e6:a4:ab:f0:d7:
                    93:33:7e:d2:92:d5:d1:54:be:df:30:b4:75:b0:1c:
                    31:34:56:d3:c7:04:67:32:52:d7:0e:06:8e:1d:9b:
                    4a:81:75:4e:76:76:ed:cd:c5:0b:c9:17:e8:d2:1f:
                    fc:53:96:89:59:c0:2e:c4:eb:4d:8a:c0:eb:45:67:
                    39:06:e9:9b:f8:6b:72:e5:2f:68:b7:10:6b:26:bf:
                    a3:d1:54:f2:b1:9b:3c:6d:5e:ba:ed:d1:92:85:ad:
                    09:3f:8b:ce:e4:ed:18:d5:d7:5b:95:3f:1f:7e:c7:
                    08:26:b7:23:3e:f3:cb:19:bb:b4:5d:f8:bc:b4:ab:
                    0a:d7:39:a3:76:01:23:96:c0:d5:9b:88:76:6b:94:
                    ca:c8:d5:28:62:f1:a5:4b:44:7c:26:6b:6f:02:4b:
                    db:9d:98:c7:e5:b6:d0:76:dc:09:22:19:ad:50:75:
                    90:e7:4d:0b:e6:b4:fd:56:f2:25:42:32:da:48:7b:
                    0b:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:AC:16:BC:9A:AE:B1:D4:3F:6B:F8:01:79:F2:36:64:AF:30:9D:01
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/9awWvJqusdQ_a_gBefI2ZK8wnQE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f02:f013::/48

    Signature Algorithm: sha256WithRSAEncryption
         9f:bf:4e:70:9d:d3:c1:2e:7b:f0:95:16:aa:b3:3b:8b:74:db:
         9d:4a:e4:52:7f:cc:b1:12:63:46:28:5d:2f:36:03:b3:c9:04:
         86:9c:f5:2e:c6:cc:b3:ce:96:99:57:a1:48:b5:ae:74:a1:ba:
         11:51:55:a7:28:f2:eb:d9:c2:63:d1:f1:89:88:a7:72:77:f3:
         b5:24:7a:50:fe:4a:32:d9:3f:dc:4a:c3:9a:64:d3:3f:7c:21:
         86:6c:94:cb:72:89:f2:ce:8b:28:6e:2f:06:3e:69:14:59:70:
         17:83:a2:62:6f:a2:82:62:29:b9:ad:f2:48:29:be:1d:02:89:
         6a:aa:f9:c1:95:5d:7e:aa:da:d2:cd:1c:c7:90:43:b5:38:7a:
         cb:73:ff:cc:4a:1f:6a:bd:4b:41:ee:e6:9c:7f:ca:81:80:31:
         c7:18:2f:75:78:eb:a4:d3:6b:da:f3:a6:c9:34:57:1c:e6:fa:
         87:77:79:b9:50:d9:06:da:38:40:8a:45:5e:c5:68:a5:72:29:
         e1:ab:7b:e5:54:ab:01:65:3b:7c:da:13:3f:49:49:22:80:d0:
         47:40:c6:5f:5a:f0:7b:25:76:35:70:b4:b1:fb:55:39:75:26:
         c7:71:75:34:e7:35:d7:22:9d:08:48:71:a7:d1:4d:4c:1d:de:
         18:36:00:d5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQujvHrmRt8tAqEf+W+XLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWFjMTZiYzlhYWViMWQ0M2Y2YmY4MDE3OWYyMzY2NGFmMzA5ZDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApduz9tbZXF2Wt4qWULsD3mXqx8IG
FaJ8QdOxjbQiSmKp/4d/Mpdz4QCMVxHT866WUDf1kmF7SpJexH5plgVXeun+4YUA
5qSr8NeTM37SktXRVL7fMLR1sBwxNFbTxwRnMlLXDgaOHZtKgXVOdnbtzcULyRfo
0h/8U5aJWcAuxOtNisDrRWc5Bumb+Gty5S9otxBrJr+j0VTysZs8bV667dGSha0J
P4vO5O0Y1ddblT8ffscIJrcjPvPLGbu0Xfi8tKsK1zmjdgEjlsDVm4h2a5TKyNUo
YvGlS0R8JmtvAkvbnZjH5bbQdtwJIhmtUHWQ500L5rT9VvIlQjLaSHsLSwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPWsFryarrHUP2v4AXnyNmSvMJ0BMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvOWF3V3ZKcXVzZFFfYV9nQmVmSTJaSzh3blFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAT
MA0GCSqGSIb3DQEBCwUAA4IBAQCfv05wndPBLnvwlRaqszuLdNudSuRSf8yxEmNG
KF0vNgOzyQSGnPUuxsyzzpaZV6FIta50oboRUVWnKPLr2cJj0fGJiKdyd/O1JHpQ
/koy2T/cSsOaZNM/fCGGbJTLconyzosobi8GPmkUWXAXg6Jib6KCYim5rfJIKb4d
AolqqvnBlV1+qtrSzRzHkEO1OHrLc//MSh9qvUtB7uacf8qBgDHHGC91eOuk02va
86bJNFcc5vqHd3m5UNkG2jhAikVexWilcinhq3vlVKsBZTt82hM/SUkigNBHQMZf
WvB7JXY1cLSx+1U5dSbHcXU05zXXIp0ISHGn0U1MHd4YNgDV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:35 2024 by rpki-client on console-ams.rpki-client.org