Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/TbuMPL4RMKhEb54y7NrdYL0GzM4.roa
File:                     TbuMPL4RMKhEb54y7NrdYL0GzM4.roa (raw, json)
Hash identifier:          iHxynSg9l9hmRbtC7e49/V2YFzWO/ktdIN+H/R/b6Bs=
Subject key identifier:   4D:BB:8C:3C:BE:11:30:A8:44:6F:9E:32:EC:DA:DD:60:BD:06:CC:CE
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       01856F42D67FFAF4B884230FAB2840DFC738
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/TbuMPL4RMKhEb54y7NrdYL0GzM4.roa
Signing time:             Sun 01 Jan 2023 21:35:29 +0000
ROA not before:           Sun 01 Jan 2023 21:35:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210714
IP address blocks:        2a0e:8f02:2180::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:32:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:d6:7f:fa:f4:b8:84:23:0f:ab:28:40:df:c7:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Jan  1 21:35:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4dbb8c3cbe1130a8446f9e32ecdadd60bd06ccce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:87:34:e0:21:e2:ed:58:a3:3b:d0:7e:ea:ba:
                    cf:59:98:21:08:b9:99:fa:be:e3:96:4a:64:15:b8:
                    86:0c:d4:42:75:57:28:6e:01:db:69:92:e9:a2:9f:
                    3a:9a:25:00:55:9b:e2:76:7d:5f:3d:1a:0c:9f:0d:
                    4c:af:3d:16:54:fa:93:7b:0f:08:bc:52:ee:12:8b:
                    b4:ba:2a:f6:75:7e:d1:0c:83:c6:b7:8d:fd:71:c0:
                    85:2c:e8:3d:86:58:65:9a:d6:69:46:84:fe:5a:56:
                    41:d4:f8:68:5d:ee:e4:8d:8a:4b:9a:a6:36:43:3b:
                    79:da:64:11:f1:af:70:ff:c6:6e:3b:1d:e4:eb:6b:
                    84:aa:5f:b4:a3:c1:03:1a:2c:d7:f2:13:e9:46:3b:
                    51:49:99:78:d2:66:57:7b:c4:b0:9d:e1:6c:16:29:
                    97:90:82:16:a1:ef:e4:4d:a1:87:fd:c6:0f:d2:e8:
                    9f:7f:8d:4f:93:89:06:14:92:0e:ee:d8:8f:27:e5:
                    33:76:98:a2:11:64:c3:ff:7f:c6:95:aa:96:7f:bd:
                    26:5b:07:d1:ae:4a:f5:24:fd:3e:9a:c6:6b:84:d0:
                    e1:3b:a1:dc:13:35:0f:5d:7d:44:d7:d1:31:ff:d7:
                    af:dd:f8:44:b0:a3:34:9d:4e:f0:96:53:c7:ef:8e:
                    d6:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:BB:8C:3C:BE:11:30:A8:44:6F:9E:32:EC:DA:DD:60:BD:06:CC:CE
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/TbuMPL4RMKhEb54y7NrdYL0GzM4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f02:2180::/44

    Signature Algorithm: sha256WithRSAEncryption
         49:e5:a5:f3:6b:6b:dc:36:55:67:90:76:6e:07:9d:90:31:11:
         80:e6:a5:67:e5:b2:16:81:02:e5:41:59:45:97:55:16:54:63:
         12:c2:56:9d:22:a4:f5:b9:02:8b:3c:32:25:7b:74:e4:d1:54:
         21:e7:f8:62:95:04:00:76:02:96:9d:20:ad:ea:03:e7:4c:43:
         c7:ab:cf:e6:87:d6:e8:72:ab:af:b2:ce:56:90:9a:de:8f:47:
         51:ac:dd:ef:dd:e9:60:36:c8:47:04:d0:a6:40:75:ff:e0:e7:
         7b:bf:31:ca:cd:c2:d2:46:5a:3c:3a:19:17:80:62:e9:65:1b:
         e0:e0:bc:d4:12:0e:a6:ef:43:e6:71:83:13:74:6a:3f:03:0b:
         03:c3:f1:19:38:e6:75:64:6c:ca:92:e8:83:14:3f:9f:90:81:
         7a:f1:9e:5a:24:72:c2:ba:a8:aa:88:4d:e2:7f:9e:48:dc:6a:
         bd:20:99:01:48:c2:fb:d6:c6:ae:7d:ca:98:3d:d6:f1:aa:d4:
         bc:03:35:cd:3a:09:f7:fc:8e:aa:e0:8f:d6:c7:61:de:d9:3d:
         6a:fd:d0:f0:13:d6:8c:80:d9:95:be:e0:07:0f:e2:da:1e:eb:
         fb:d2:42:07:a4:f9:f5:e5:75:55:3b:d2:b3:4f:c2:96:30:3d:
         83:e4:f9:6e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQtZ/+vS4hCMPqyhA38c4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGJiOGMzY2JlMTEzMGE4NDQ2ZjllMzJlY2RhZGQ2MGJkMDZjY2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYc04CHi7VijO9B+6rrPWZghCLmZ
+r7jlkpkFbiGDNRCdVcobgHbaZLpop86miUAVZvidn1fPRoMnw1Mrz0WVPqTew8I
vFLuEou0uir2dX7RDIPGt439ccCFLOg9hlhlmtZpRoT+WlZB1PhoXe7kjYpLmqY2
Qzt52mQR8a9w/8ZuOx3k62uEql+0o8EDGizX8hPpRjtRSZl40mZXe8SwneFsFimX
kIIWoe/kTaGH/cYP0uiff41Pk4kGFJIO7tiPJ+UzdpiiEWTD/3/GlaqWf70mWwfR
rkr1JP0+msZrhNDhO6HcEzUPXX1E19Ex/9ev3fhEsKM0nU7wllPH747WeQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE27jDy+ETCoRG+eMuza3WC9BszOMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvVGJ1TVBMNFJNS2hFYjU0eTdOcmRZTDBHek00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiGA
MA0GCSqGSIb3DQEBCwUAA4IBAQBJ5aXza2vcNlVnkHZuB52QMRGA5qVn5bIWgQLl
QVlFl1UWVGMSwladIqT1uQKLPDIle3Tk0VQh5/hilQQAdgKWnSCt6gPnTEPHq8/m
h9bocquvss5WkJrej0dRrN3v3elgNshHBNCmQHX/4Od7vzHKzcLSRlo8OhkXgGLp
ZRvg4LzUEg6m70PmcYMTdGo/AwsDw/EZOOZ1ZGzKkuiDFD+fkIF68Z5aJHLCuqiq
iE3if55I3Gq9IJkBSML71saufcqYPdbxqtS8AzXNOgn3/I6q4I/Wx2He2T1q/dDw
E9aMgNmVvuAHD+LaHuv70kIHpPn15XVVO9KzT8KWMD2D5Plu
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:35 2024 by rpki-client on console-ams.rpki-client.org