Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/xmD_2u5psAY6cnTNMRQZIYh19Kc.roa
File:                     xmD_2u5psAY6cnTNMRQZIYh19Kc.roa (raw, json)
Hash identifier:          Kt3tFcMr3eRa0XZTdfKfaXyDiL9+ckruq6nRyQUA27Y=
Subject key identifier:   C6:60:FF:DA:EE:69:B0:06:3A:72:74:CD:31:14:19:21:88:75:F4:A7
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       01856F42E771A41947D5430D057AF10F1F6E
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/xmD_2u5psAY6cnTNMRQZIYh19Kc.roa
Signing time:             Sun 01 Jan 2023 21:35:33 +0000
ROA not before:           Sun 01 Jan 2023 21:35:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212243
IP address blocks:        2a0e:8f02:f015::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:32:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:e7:71:a4:19:47:d5:43:0d:05:7a:f1:0f:1f:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Jan  1 21:35:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c660ffdaee69b0063a7274cd311419218875f4a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:17:f0:42:17:3c:f6:2e:1a:d8:c8:8a:32:c1:
                    a9:22:56:ee:7c:f6:fa:bb:88:fa:ef:ef:5d:06:00:
                    e8:cc:f9:9b:de:78:29:d9:33:c4:3a:47:94:8e:ed:
                    ac:40:d7:37:60:87:4b:e6:88:4e:46:3d:06:45:71:
                    24:e4:ba:93:4b:40:ab:37:4a:0a:eb:38:60:5f:cd:
                    7a:64:b7:47:24:07:c2:e7:36:59:63:81:13:28:39:
                    c5:e4:9b:94:cc:26:37:b2:db:96:52:db:20:f0:1d:
                    8c:2f:c6:c3:2e:d6:58:6a:6d:67:c4:a6:c3:5f:aa:
                    32:9b:fd:ed:fe:c9:e8:01:c5:04:55:5b:f9:88:f9:
                    14:b6:65:6f:08:02:88:f3:41:0c:57:ff:dc:25:39:
                    01:53:ab:f3:c7:5c:1d:43:d3:55:35:d8:e2:fe:7a:
                    83:20:78:b9:1e:37:16:06:5c:36:56:e6:2d:43:0f:
                    cc:b7:70:05:34:4e:26:06:18:73:bd:33:3a:78:49:
                    b2:f1:6b:b1:64:b6:fb:12:2a:d7:d1:82:13:9a:b4:
                    f0:a3:7a:25:ad:66:7a:ba:1d:92:f2:e1:1b:4f:13:
                    79:7a:e1:3b:f8:fb:6e:c7:2d:77:5d:cb:f9:b6:b2:
                    f1:2a:cf:de:b9:a0:8e:b5:ab:a1:3f:1a:45:d9:44:
                    97:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:60:FF:DA:EE:69:B0:06:3A:72:74:CD:31:14:19:21:88:75:F4:A7
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/xmD_2u5psAY6cnTNMRQZIYh19Kc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f02:f015::/48

    Signature Algorithm: sha256WithRSAEncryption
         86:33:be:55:74:b3:43:46:fb:44:c1:0a:8c:77:3e:1f:b3:5f:
         aa:41:4f:3a:67:c9:3a:79:b8:65:2c:e5:f4:8e:bf:bf:1e:fb:
         51:2a:43:d7:98:3f:c5:22:dc:18:69:db:0a:40:01:f3:e3:25:
         b2:fe:53:ba:d0:0e:ce:b9:d2:36:f5:c4:f3:89:b0:f9:2e:28:
         6a:93:94:be:b6:60:aa:7a:b7:ad:8f:cb:a5:fa:80:36:fe:e0:
         66:9b:66:79:24:c5:96:29:8c:63:26:aa:88:d8:4b:9a:eb:22:
         06:c7:77:e9:20:4e:f7:5e:ba:4b:14:91:a3:24:05:73:99:38:
         3a:d2:fd:b6:6b:24:bd:48:61:42:67:aa:11:fd:fc:cb:f6:13:
         87:1a:c9:43:94:fc:9b:08:32:74:d3:91:11:b9:74:e2:b3:bd:
         c9:3a:b9:8f:d4:d6:52:b1:67:30:21:a9:30:7b:a3:ac:2a:70:
         3e:2b:62:ea:a1:c3:be:5a:1d:82:21:fa:cd:8b:6d:07:bf:f3:
         49:27:04:ce:0d:4c:f7:78:56:fd:69:87:b6:72:28:9f:d7:26:
         ea:b4:4a:29:b6:75:ba:33:ed:2c:18:27:c4:ac:c2:7a:31:e1:
         e2:15:05:b5:b4:72:4c:79:ab:c2:d3:d6:9d:7c:f1:05:64:6a:
         0b:60:76:28
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQudxpBlH1UMNBXrxDx9uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjYwZmZkYWVlNjliMDA2M2E3Mjc0Y2QzMTE0MTkyMTg4NzVmNGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxfwQhc89i4a2MiKMsGpIlbufPb6
u4j67+9dBgDozPmb3ngp2TPEOkeUju2sQNc3YIdL5ohORj0GRXEk5LqTS0CrN0oK
6zhgX816ZLdHJAfC5zZZY4ETKDnF5JuUzCY3stuWUtsg8B2ML8bDLtZYam1nxKbD
X6oym/3t/snoAcUEVVv5iPkUtmVvCAKI80EMV//cJTkBU6vzx1wdQ9NVNdji/nqD
IHi5HjcWBlw2VuYtQw/Mt3AFNE4mBhhzvTM6eEmy8WuxZLb7EirX0YITmrTwo3ol
rWZ6uh2S8uEbTxN5euE7+Ptuxy13Xcv5trLxKs/euaCOtauhPxpF2USX1QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMZg/9ruabAGOnJ0zTEUGSGIdfSnMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEveG1EXzJ1NXBzQVk2Y25UTk1SUVpJWWgxOUtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAV
MA0GCSqGSIb3DQEBCwUAA4IBAQCGM75VdLNDRvtEwQqMdz4fs1+qQU86Z8k6ebhl
LOX0jr+/HvtRKkPXmD/FItwYadsKQAHz4yWy/lO60A7OudI29cTzibD5Lihqk5S+
tmCqeretj8ul+oA2/uBmm2Z5JMWWKYxjJqqI2Eua6yIGx3fpIE73XrpLFJGjJAVz
mTg60v22ayS9SGFCZ6oR/fzL9hOHGslDlPybCDJ005ERuXTis73JOrmP1NZSsWcw
Iakwe6OsKnA+K2LqocO+Wh2CIfrNi20Hv/NJJwTODUz3eFb9aYe2ciif1ybqtEop
tnW6M+0sGCfErMJ6MeHiFQW1tHJMeavC09adfPEFZGoLYHYo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:41 2024 by rpki-client on console-fra.rpki-client.org