Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/gnfvsHhCofYZzHJ1Zf2ZSg6-5oU.roa
File:                     gnfvsHhCofYZzHJ1Zf2ZSg6-5oU.roa (raw, json)
Hash identifier:          MXajzyIy84ZXzOyVi4mij3GjA0450wosWv04+RbEoBg=
Subject key identifier:   82:77:EF:B0:78:42:A1:F6:19:CC:72:75:65:FD:99:4A:0E:BE:E6:85
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       01856F42EA70FF5B016E684911E48EB40ACC
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/gnfvsHhCofYZzHJ1Zf2ZSg6-5oU.roa
Signing time:             Sun 01 Jan 2023 21:35:34 +0000
ROA not before:           Sun 01 Jan 2023 21:35:34 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212357
IP address blocks:        2a0e:8f02:f011::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:32:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:ea:70:ff:5b:01:6e:68:49:11:e4:8e:b4:0a:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Jan  1 21:35:34 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8277efb07842a1f619cc727565fd994a0ebee685
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:30:0a:4a:8b:bc:a8:0a:42:00:c5:a1:ec:46:
                    4b:66:d7:aa:37:20:c6:4b:0a:5c:4c:f5:20:29:19:
                    a9:45:6c:ff:93:05:ae:5c:ad:9d:cb:86:ce:00:7b:
                    25:e7:26:33:cc:80:e9:2f:2e:e6:ca:47:d0:ae:bd:
                    c5:ee:eb:c7:9e:39:27:e9:73:6f:15:1d:a5:01:eb:
                    77:5d:90:02:03:06:a7:66:e6:af:59:96:a6:5b:4f:
                    af:ad:14:0a:9a:03:d6:34:ab:69:a7:27:1c:c1:82:
                    b5:2b:85:be:3c:4e:80:5e:46:7a:c9:2d:eb:bf:54:
                    6f:31:21:2e:4b:9f:1f:af:e8:a7:46:1e:75:68:fd:
                    62:77:64:1a:cf:e6:07:4f:77:9d:d9:9e:c1:1f:90:
                    64:51:2f:03:f5:51:79:16:e5:2a:9b:63:f0:05:8b:
                    a2:9a:c7:5d:fa:a9:d2:57:b7:91:9e:47:18:1d:25:
                    2c:20:5f:02:8a:0c:40:65:67:97:ad:e2:9a:e6:30:
                    44:a0:a5:bb:a7:3f:5b:64:de:f7:10:79:ad:b7:0d:
                    2e:3b:06:ec:94:d4:7e:ef:5c:21:11:1e:bf:25:64:
                    0e:ca:73:01:94:71:1e:39:0a:d0:b3:15:f9:9e:2a:
                    ee:22:be:27:43:42:2a:7f:9e:89:1f:2f:61:08:44:
                    00:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:77:EF:B0:78:42:A1:F6:19:CC:72:75:65:FD:99:4A:0E:BE:E6:85
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/gnfvsHhCofYZzHJ1Zf2ZSg6-5oU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f02:f011::/48

    Signature Algorithm: sha256WithRSAEncryption
         5e:d5:3b:69:7f:70:45:65:60:ce:b9:f9:71:cb:74:fd:f7:a3:
         52:be:61:a1:69:b8:7f:b4:dd:6b:a5:52:3c:cb:32:80:2a:7b:
         87:8e:02:3e:f1:8b:c9:47:38:30:16:5a:40:f8:0e:fc:e0:27:
         08:a1:be:75:8b:b8:94:3f:ae:00:97:8d:05:70:5b:b8:77:bc:
         e1:77:96:3e:d7:43:d1:67:84:22:63:ba:c8:b6:0d:de:49:92:
         9f:f7:8e:96:e2:23:be:39:e7:54:5b:aa:f5:45:fe:b4:7e:9f:
         04:be:af:2e:7c:6c:b4:fb:5a:4f:6c:63:89:47:f5:49:52:7b:
         92:01:2a:32:3c:b6:71:86:ab:ec:ef:c1:29:67:5d:62:8b:00:
         64:a3:9e:c4:35:c8:ee:03:1a:9a:8f:7b:f9:15:ee:84:48:69:
         7e:6d:f0:28:0f:9a:e8:0c:e5:97:67:95:19:6d:35:75:75:cd:
         57:85:46:43:6a:25:b0:ca:da:a5:34:64:25:21:a4:06:b8:ff:
         be:82:71:8c:6d:f9:a9:60:17:c7:ea:f7:6c:3b:45:ef:a8:43:
         9e:c1:fb:b3:f3:64:26:2f:38:47:5d:24:fb:2a:8e:2c:c1:50:
         24:14:f0:b2:09:64:d8:0c:8b:0f:10:ae:f5:b1:fc:13:35:5c:
         43:61:15:0e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQupw/1sBbmhJEeSOtArMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mjc3ZWZiMDc4NDJhMWY2MTljYzcyNzU2NWZkOTk0YTBlYmVlNjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTAKSou8qApCAMWh7EZLZteqNyDG
SwpcTPUgKRmpRWz/kwWuXK2dy4bOAHsl5yYzzIDpLy7mykfQrr3F7uvHnjkn6XNv
FR2lAet3XZACAwanZuavWZamW0+vrRQKmgPWNKtppyccwYK1K4W+PE6AXkZ6yS3r
v1RvMSEuS58fr+inRh51aP1id2Qaz+YHT3ed2Z7BH5BkUS8D9VF5FuUqm2PwBYui
msdd+qnSV7eRnkcYHSUsIF8CigxAZWeXreKa5jBEoKW7pz9bZN73EHmttw0uOwbs
lNR+71whER6/JWQOynMBlHEeOQrQsxX5niruIr4nQ0Iqf56JHy9hCEQAlwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIJ377B4QqH2GcxydWX9mUoOvuaFMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvZ25mdnNIaENvZllaekhKMVpmMlpTZzYtNW9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAR
MA0GCSqGSIb3DQEBCwUAA4IBAQBe1Ttpf3BFZWDOuflxy3T996NSvmGhabh/tN1r
pVI8yzKAKnuHjgI+8YvJRzgwFlpA+A784CcIob51i7iUP64Al40FcFu4d7zhd5Y+
10PRZ4QiY7rItg3eSZKf946W4iO+OedUW6r1Rf60fp8Evq8ufGy0+1pPbGOJR/VJ
UnuSASoyPLZxhqvs78EpZ11iiwBko57ENcjuAxqaj3v5Fe6ESGl+bfAoD5roDOWX
Z5UZbTV1dc1XhUZDaiWwytqlNGQlIaQGuP++gnGMbfmpYBfH6vdsO0XvqEOewfuz
82QmLzhHXST7Ko4swVAkFPCyCWTYDIsPEK71sfwTNVxDYRUO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:36 2024 by rpki-client on console-ams.rpki-client.org