Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/dKA6rI1W4xNG6uyxFgn0951h2LQ.roa
File:                     dKA6rI1W4xNG6uyxFgn0951h2LQ.roa (raw, json)
Hash identifier:          DQhNajchYFeh1QDmCuxj7gr2t6k0vph7cBoJ3JxCucw=
Subject key identifier:   74:A0:3A:AC:8D:56:E3:13:46:EA:EC:B1:16:09:F4:F7:9D:61:D8:B4
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       0186B62BACB0E7D15FC1DB91BDDAE4580DF0
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/dKA6rI1W4xNG6uyxFgn0951h2LQ.roa
Signing time:             Mon 06 Mar 2023 09:06:00 +0000
ROA not before:           Mon 06 Mar 2023 09:06:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     222222
IP address blocks:        2a0e:8f02:f054::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:32:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:b6:2b:ac:b0:e7:d1:5f:c1:db:91:bd:da:e4:58:0d:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Mar  6 09:06:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=74a03aac8d56e31346eaecb11609f4f79d61d8b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:64:65:cc:94:6a:f4:4b:08:13:81:9f:20:b8:
                    08:89:64:8c:a4:61:15:8e:24:35:67:81:61:9b:f0:
                    9d:e0:9d:fc:6a:5b:07:ad:bb:70:12:2d:38:5f:e5:
                    cd:a0:c2:4b:bf:05:37:d2:15:d4:66:26:b4:21:f1:
                    e3:1b:c4:8e:74:57:ce:1a:6a:9c:bc:df:b9:19:a5:
                    a3:b3:34:96:d3:35:ab:79:43:77:90:f3:27:8a:04:
                    14:c7:fe:bf:e7:df:64:04:03:4b:25:e8:d4:66:9a:
                    9a:68:12:cc:b5:77:3e:e5:b0:a1:9f:50:28:99:ba:
                    df:0b:ea:3b:7b:05:39:37:3a:11:ca:22:41:93:a8:
                    04:99:6e:6c:80:7a:22:b6:28:87:74:7c:1a:42:cf:
                    2e:bb:71:e7:34:25:7c:ca:ce:a9:e5:27:51:e5:07:
                    af:7e:f7:f7:63:f3:45:5f:d6:ce:1c:76:32:3e:22:
                    ea:18:ae:05:e2:cc:68:8d:42:e8:32:4a:b9:79:50:
                    c0:fc:d8:28:77:c8:62:c6:00:5a:b1:f0:44:8b:bf:
                    a8:d7:9e:78:7f:d8:57:53:6b:32:7b:92:9e:35:82:
                    3f:7a:1d:1b:a0:b7:4c:40:73:69:9f:16:1e:f6:26:
                    ed:b9:53:14:20:39:2b:5e:04:fe:65:02:70:f8:28:
                    84:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:A0:3A:AC:8D:56:E3:13:46:EA:EC:B1:16:09:F4:F7:9D:61:D8:B4
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/dKA6rI1W4xNG6uyxFgn0951h2LQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f02:f054::/48

    Signature Algorithm: sha256WithRSAEncryption
         0b:76:c0:c0:5e:b1:c7:27:5c:04:41:a5:e2:c4:36:ba:19:8a:
         f3:a5:45:8f:7e:18:12:11:1e:ee:cf:56:6a:44:a1:1c:e4:2c:
         30:5f:d3:81:5a:71:47:f4:b5:57:25:48:ba:d4:9a:cc:ad:6c:
         e9:5b:9a:51:c4:a8:3e:7c:89:c7:6e:73:ef:9e:13:0f:e0:ca:
         b5:51:3d:5b:75:1c:f7:d6:01:f8:a0:07:04:e4:72:95:4c:1a:
         39:89:90:84:e4:91:d1:78:a5:59:d5:be:7b:31:89:ae:46:5f:
         1e:1f:79:08:be:a8:a2:9c:73:5b:5d:0f:ca:3b:e7:51:77:48:
         ca:f7:f3:cf:7f:de:b6:72:7a:2b:9e:26:10:a3:94:4f:4d:8f:
         89:18:ca:54:f4:59:65:be:6e:05:91:68:89:4d:31:9b:c1:66:
         fa:86:df:71:8a:2d:c6:a3:f9:59:96:39:73:eb:4f:09:cd:a0:
         0d:48:2b:dc:b3:b9:1f:56:e2:d8:a3:35:b2:48:26:5d:0c:5b:
         97:24:3d:20:bb:4b:ec:0b:49:92:e7:6c:a2:ec:02:1a:ff:f9:
         75:6e:4f:02:3c:de:8d:55:a8:e4:b1:c3:d8:69:7c:e5:b4:fc:
         8a:ac:4e:9f:48:d6:5b:96:fb:61:dc:50:1a:40:bc:e9:36:95:
         56:cb:0b:65
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYa2K6yw59FfwduRvdrkWA3wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMzA2MDkwNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGEwM2FhYzhkNTZlMzEzNDZlYWVjYjExNjA5ZjRmNzlkNjFkOGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12RlzJRq9EsIE4GfILgIiWSMpGEV
jiQ1Z4Fhm/Cd4J38alsHrbtwEi04X+XNoMJLvwU30hXUZia0IfHjG8SOdFfOGmqc
vN+5GaWjszSW0zWreUN3kPMnigQUx/6/599kBANLJejUZpqaaBLMtXc+5bChn1Ao
mbrfC+o7ewU5NzoRyiJBk6gEmW5sgHoitiiHdHwaQs8uu3HnNCV8ys6p5SdR5Qev
fvf3Y/NFX9bOHHYyPiLqGK4F4sxojULoMkq5eVDA/Ngod8hixgBasfBEi7+o1554
f9hXU2sye5KeNYI/eh0boLdMQHNpnxYe9ibtuVMUIDkrXgT+ZQJw+CiE6QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHSgOqyNVuMTRurssRYJ9PedYdi0MB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvZEtBNnJJMVc0eE5HNnV5eEZnbjA5NTFoMkxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvBU
MA0GCSqGSIb3DQEBCwUAA4IBAQALdsDAXrHHJ1wEQaXixDa6GYrzpUWPfhgSER7u
z1ZqRKEc5CwwX9OBWnFH9LVXJUi61JrMrWzpW5pRxKg+fInHbnPvnhMP4Mq1UT1b
dRz31gH4oAcE5HKVTBo5iZCE5JHReKVZ1b57MYmuRl8eH3kIvqiinHNbXQ/KO+dR
d0jK9/PPf962cnorniYQo5RPTY+JGMpU9Fllvm4FkWiJTTGbwWb6ht9xii3Go/lZ
ljlz608JzaANSCvcs7kfVuLYozWySCZdDFuXJD0gu0vsC0mS52yi7AIa//l1bk8C
PN6NVajkscPYaXzltPyKrE6fSNZblvth3FAaQLzpNpVWywtl
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:36 2024 by rpki-client on console-ams.rpki-client.org