Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/Xoe-YoYwo18R6Mjnw2j2Q3nWR9U.roa
File:                     Xoe-YoYwo18R6Mjnw2j2Q3nWR9U.roa (raw, json)
Hash identifier:          xittmWX5MZ6At/fT+jKuFavOW4eklJ92uKurX+O3UZk=
Subject key identifier:   5E:87:BE:62:86:30:A3:5F:11:E8:C8:E7:C3:68:F6:43:79:D6:47:D5
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       01856F42D16AF54C05D0226FD6DF66D60A9C
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/Xoe-YoYwo18R6Mjnw2j2Q3nWR9U.roa
Signing time:             Sun 01 Jan 2023 21:35:28 +0000
ROA not before:           Sun 01 Jan 2023 21:35:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207071
IP address blocks:        2a0e:8f02:f029::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:32:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:d1:6a:f5:4c:05:d0:22:6f:d6:df:66:d6:0a:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Jan  1 21:35:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5e87be628630a35f11e8c8e7c368f64379d647d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:d5:03:42:14:b5:37:e1:8d:35:77:cb:4a:4c:
                    fc:da:f7:75:a9:12:e1:6d:14:3a:4d:ae:91:7a:d8:
                    86:ce:57:fe:e9:fa:ec:6f:07:2f:5a:6e:d0:e2:de:
                    43:b7:15:14:17:7e:38:26:e3:56:eb:28:21:57:84:
                    aa:67:9d:ab:90:1c:7a:8f:82:7e:91:52:d5:1f:24:
                    4f:74:47:cc:7d:13:24:54:46:2a:d5:a3:1d:81:43:
                    07:07:1d:1a:01:c1:e4:af:c3:47:75:56:1b:7d:0d:
                    ed:a6:18:37:42:59:4e:8f:70:fe:e8:4f:5b:b8:dd:
                    13:b6:ff:37:21:8c:34:32:b1:41:92:38:b5:da:f1:
                    16:64:28:47:71:8b:ef:ae:5e:80:77:e4:01:c6:a6:
                    18:2c:5f:24:47:a9:5a:ad:de:4f:40:1c:04:42:a0:
                    26:9f:4c:65:97:cc:32:e1:b2:b4:0d:28:c6:80:78:
                    37:4c:83:f7:de:6c:60:f4:5a:27:33:cd:24:bc:62:
                    f4:d9:b8:2e:4d:6a:26:55:31:9d:14:38:27:54:ec:
                    ae:ee:39:8a:3a:8f:b2:36:c8:17:1c:83:5e:d7:1b:
                    56:4b:04:39:32:00:d5:53:a5:82:bf:a7:1d:23:f1:
                    dd:d8:14:47:75:fc:7a:7c:f1:36:94:3d:c2:93:21:
                    19:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:87:BE:62:86:30:A3:5F:11:E8:C8:E7:C3:68:F6:43:79:D6:47:D5
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/Xoe-YoYwo18R6Mjnw2j2Q3nWR9U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f02:f029::/48

    Signature Algorithm: sha256WithRSAEncryption
         24:0e:fc:17:ef:d5:6b:36:94:d0:c5:7d:d3:21:f9:62:0f:aa:
         2b:2b:a0:85:b6:3e:ac:74:22:9d:64:68:d8:eb:74:23:0d:54:
         d9:50:b2:38:47:2e:b9:b4:f4:41:40:09:23:bf:2c:0a:32:21:
         a8:4a:6f:e9:1f:8a:e1:b8:d8:34:aa:40:91:fc:ac:93:ec:eb:
         81:61:4c:a6:cd:46:19:8d:47:40:c9:d5:dd:25:8e:99:2e:ce:
         8c:c3:52:54:16:1c:1b:4c:92:0a:2b:0d:ac:b4:f6:63:e4:a8:
         e5:75:ed:ef:4c:34:d1:9f:53:47:9f:cd:5d:6f:b6:52:7f:f8:
         5e:b3:de:72:fc:bd:50:ff:3c:bc:81:12:af:ac:fa:65:f2:01:
         24:6b:7d:6a:b4:97:ce:b8:4d:b0:4b:cf:67:31:49:ec:41:73:
         9f:53:68:d1:86:4c:98:0f:aa:41:98:5d:5b:d6:43:0d:f3:a3:
         56:66:68:61:bd:98:44:d1:55:8f:85:ee:78:4e:4c:93:5d:f1:
         13:4a:92:0a:40:c0:77:48:1a:0b:6b:e9:19:8a:21:f5:28:b6:
         ca:01:ab:48:3f:fe:01:60:4b:de:ca:4b:34:0c:6b:d1:e8:69:
         bf:2d:67:7b:eb:8a:77:0c:cb:6a:94:de:b0:54:45:2f:6b:d5:
         9d:78:b0:af
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQtFq9UwF0CJv1t9m1gqcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTg3YmU2Mjg2MzBhMzVmMTFlOGM4ZTdjMzY4ZjY0Mzc5ZDY0N2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutUDQhS1N+GNNXfLSkz82vd1qRLh
bRQ6Ta6RetiGzlf+6frsbwcvWm7Q4t5DtxUUF344JuNW6yghV4SqZ52rkBx6j4J+
kVLVHyRPdEfMfRMkVEYq1aMdgUMHBx0aAcHkr8NHdVYbfQ3tphg3QllOj3D+6E9b
uN0Ttv83IYw0MrFBkji12vEWZChHcYvvrl6Ad+QBxqYYLF8kR6lard5PQBwEQqAm
n0xll8wy4bK0DSjGgHg3TIP33mxg9FonM80kvGL02bguTWomVTGdFDgnVOyu7jmK
Oo+yNsgXHINe1xtWSwQ5MgDVU6WCv6cdI/Hd2BRHdfx6fPE2lD3CkyEZVQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF6HvmKGMKNfEejI58No9kN51kfVMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvWG9lLVlvWXdvMThSNk1qbncyajJRM25XUjlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAp
MA0GCSqGSIb3DQEBCwUAA4IBAQAkDvwX79VrNpTQxX3TIfliD6orK6CFtj6sdCKd
ZGjY63QjDVTZULI4Ry65tPRBQAkjvywKMiGoSm/pH4rhuNg0qkCR/KyT7OuBYUym
zUYZjUdAydXdJY6ZLs6Mw1JUFhwbTJIKKw2stPZj5Kjlde3vTDTRn1NHn81db7ZS
f/hes95y/L1Q/zy8gRKvrPpl8gEka31qtJfOuE2wS89nMUnsQXOfU2jRhkyYD6pB
mF1b1kMN86NWZmhhvZhE0VWPhe54TkyTXfETSpIKQMB3SBoLa+kZiiH1KLbKAatI
P/4BYEveyks0DGvR6Gm/LWd764p3DMtqlN6wVEUva9WdeLCv
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:36 2024 by rpki-client on console-ams.rpki-client.org