Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/EvtHLGT12ugZc1QTGeBVZfGIoN8.roa
File:                     EvtHLGT12ugZc1QTGeBVZfGIoN8.roa (raw, json)
Hash identifier:          QDzAqx92vdq0XwWFlT//4Lr1G2D8XiCNHszQKIyqV00=
Subject key identifier:   12:FB:47:2C:64:F5:DA:E8:19:73:54:13:19:E0:55:65:F1:88:A0:DF
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       01856F42D061540C32D9DE9885D22B31B65A
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/EvtHLGT12ugZc1QTGeBVZfGIoN8.roa
Signing time:             Sun 01 Jan 2023 21:35:27 +0000
ROA not before:           Sun 01 Jan 2023 21:35:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204406
IP address blocks:        2a0e:8f02:f04b::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:32:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:d0:61:54:0c:32:d9:de:98:85:d2:2b:31:b6:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Jan  1 21:35:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=12fb472c64f5dae81973541319e05565f188a0df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:57:46:9a:19:18:f2:b6:fb:49:eb:3a:98:53:
                    98:b7:c8:fb:71:bd:2c:54:d0:ab:36:f9:01:38:83:
                    50:e6:7c:a7:7b:1f:58:a4:d2:ad:b0:4f:7e:bb:6d:
                    95:49:56:c8:2b:65:d8:6f:86:86:a0:ce:8a:fb:2c:
                    8f:95:85:22:a6:7e:e2:8f:0d:61:8a:b9:4a:77:2e:
                    f1:2c:8b:11:53:7f:cf:34:8d:1f:38:34:64:23:fe:
                    3f:25:cf:b0:f0:2d:14:a6:98:6a:96:75:78:43:97:
                    d0:73:1e:d1:2d:2b:89:d6:87:13:ca:0e:4c:43:cf:
                    6a:6e:5e:da:88:57:4f:43:b8:52:f2:95:15:76:be:
                    8d:57:62:a0:cf:1a:db:09:a0:1d:bb:d7:ce:9c:51:
                    c7:30:b4:34:6f:69:7f:5a:11:a2:93:67:67:29:c0:
                    0a:aa:3b:58:6e:69:00:34:d7:7c:b3:0d:59:ca:5d:
                    fe:d4:31:45:e1:ba:43:77:82:d3:cf:5b:f9:1b:9a:
                    a5:b9:22:91:a8:04:5f:c4:98:ad:c5:bb:ff:a1:b8:
                    04:72:c6:e4:81:f5:f4:5d:31:b7:23:39:22:bc:cb:
                    23:de:01:db:13:ff:aa:65:67:51:c8:f8:cb:71:ac:
                    5f:de:41:65:21:ca:52:79:bc:4b:b6:ec:62:4b:b8:
                    ee:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:FB:47:2C:64:F5:DA:E8:19:73:54:13:19:E0:55:65:F1:88:A0:DF
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/EvtHLGT12ugZc1QTGeBVZfGIoN8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f02:f04b::/48

    Signature Algorithm: sha256WithRSAEncryption
         24:1d:31:a5:f7:f3:01:57:b4:62:33:d3:22:02:29:f2:38:74:
         21:c6:c7:26:df:df:0c:4f:46:b3:20:b5:90:da:42:e8:46:b8:
         2b:9f:d0:3b:98:3d:e7:d4:b7:07:64:91:6b:cc:fa:98:f3:84:
         7c:ad:00:2e:b2:a1:ee:93:aa:26:76:40:37:22:52:15:74:53:
         ec:3a:b7:61:e0:20:40:27:87:21:09:25:13:a6:9a:64:e2:48:
         66:38:76:1f:b1:d6:60:4a:bf:df:f3:1a:96:5a:cc:7a:95:47:
         e3:71:c9:69:8c:a7:89:53:08:8e:27:79:45:a7:25:3a:f3:7f:
         1b:05:fa:56:12:c6:98:bf:b0:b9:94:99:e8:29:27:35:b7:f3:
         38:6f:35:86:eb:e7:a1:ce:ca:87:08:06:e6:15:85:bc:f2:fa:
         5d:60:0c:5b:0c:f7:40:e3:26:1c:49:24:56:a1:71:b0:7a:70:
         32:1b:97:18:65:11:b4:de:3d:3f:30:7f:28:7d:e6:30:39:3b:
         dc:71:3b:ac:af:c0:ad:93:f9:79:3c:dd:38:5f:a8:2b:94:39:
         67:d3:e8:5f:28:43:ca:33:50:a5:30:e5:af:48:00:10:42:f5:
         f3:2e:3d:12:ae:39:9a:e5:86:b0:5c:0c:38:57:ea:87:df:be:
         f9:a8:28:c5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQtBhVAwy2d6YhdIrMbZaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmZiNDcyYzY0ZjVkYWU4MTk3MzU0MTMxOWUwNTU2NWYxODhhMGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVdGmhkY8rb7Ses6mFOYt8j7cb0s
VNCrNvkBOINQ5nynex9YpNKtsE9+u22VSVbIK2XYb4aGoM6K+yyPlYUipn7ijw1h
irlKdy7xLIsRU3/PNI0fODRkI/4/Jc+w8C0UpphqlnV4Q5fQcx7RLSuJ1ocTyg5M
Q89qbl7aiFdPQ7hS8pUVdr6NV2KgzxrbCaAdu9fOnFHHMLQ0b2l/WhGik2dnKcAK
qjtYbmkANNd8sw1Zyl3+1DFF4bpDd4LTz1v5G5qluSKRqARfxJitxbv/obgEcsbk
gfX0XTG3IzkivMsj3gHbE/+qZWdRyPjLcaxf3kFlIcpSebxLtuxiS7juqwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBL7Ryxk9droGXNUExngVWXxiKDfMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvRXZ0SExHVDEydWdaYzFRVEdlQlZaZkdJb044LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvBL
MA0GCSqGSIb3DQEBCwUAA4IBAQAkHTGl9/MBV7RiM9MiAinyOHQhxscm398MT0az
ILWQ2kLoRrgrn9A7mD3n1LcHZJFrzPqY84R8rQAusqHuk6omdkA3IlIVdFPsOrdh
4CBAJ4chCSUTpppk4khmOHYfsdZgSr/f8xqWWsx6lUfjcclpjKeJUwiOJ3lFpyU6
838bBfpWEsaYv7C5lJnoKSc1t/M4bzWG6+ehzsqHCAbmFYW88vpdYAxbDPdA4yYc
SSRWoXGwenAyG5cYZRG03j0/MH8ofeYwOTvccTusr8Ctk/l5PN04X6grlDln0+hf
KEPKM1ClMOWvSAAQQvXzLj0Srjma5YawXAw4V+qH3775qCjF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:41 2024 by rpki-client on console-fra.rpki-client.org