Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/hPVLom9kTRkqMfaq_8-sTPW4fqc.roa
File:                     hPVLom9kTRkqMfaq_8-sTPW4fqc.roa (raw, json)
Hash identifier:          T/h7vj/hr6/D0M+okLSqKAdLNmhxExDiQHdAiehzrxk=
Subject key identifier:   84:F5:4B:A2:6F:64:4D:19:2A:31:F6:AA:FF:CF:AC:4C:F5:B8:7E:A7
Certificate issuer:       /CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Certificate serial:       01877A5FF5527B3631DDD2A5EB57A8420B59
Authority key identifier: A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/hPVLom9kTRkqMfaq_8-sTPW4fqc.roa
Signing time:             Thu 13 Apr 2023 11:28:41 +0000
ROA not before:           Thu 13 Apr 2023 11:28:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62359
IP address blocks:        2a01:4a0:5::/48 maxlen: 48
                          2a01:4a0:15::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:7a:5f:f5:52:7b:36:31:dd:d2:a5:eb:57:a8:42:0b:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
        Validity
            Not Before: Apr 13 11:28:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=84f54ba26f644d192a31f6aaffcfac4cf5b87ea7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:91:b9:82:41:9c:0a:d0:b0:b4:c9:25:fe:b8:
                    d8:26:ad:00:f4:53:a2:5a:7c:54:9b:3b:6a:4d:82:
                    1b:24:12:db:88:37:61:7c:04:04:e3:13:84:d8:9c:
                    a6:03:04:eb:b7:76:cc:e8:9a:20:23:33:4e:2b:63:
                    91:f1:35:c7:78:ad:15:c5:3e:e4:c1:2d:68:56:1c:
                    79:3e:aa:00:09:62:0d:2f:31:3e:1f:ed:c7:19:30:
                    7f:06:14:94:07:85:92:41:57:9e:78:9f:98:03:ab:
                    be:88:51:40:c4:11:b9:e0:f1:1e:ae:51:01:30:cb:
                    51:40:70:45:41:3b:fa:f5:3e:72:64:e9:c4:30:42:
                    a0:3f:e3:5d:e5:be:9f:2c:12:d4:0c:11:1d:f1:2e:
                    4a:fb:d3:88:c9:e0:8b:a3:46:f3:d4:6a:82:77:29:
                    63:6c:7c:af:f1:ea:23:64:2c:d1:35:22:5f:49:89:
                    20:e5:4a:54:c9:3c:ef:26:0d:0b:b9:41:e4:08:ef:
                    d3:0b:4f:eb:40:f0:c7:bf:85:01:49:46:27:12:2e:
                    83:a9:bc:4c:a1:ae:93:ac:03:a3:a3:99:77:5e:8c:
                    ca:4e:5c:17:7b:42:a8:2f:a9:73:76:b2:8a:8d:64:
                    ac:a0:2f:b4:fe:7d:db:9e:94:49:82:99:ca:a8:44:
                    63:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:F5:4B:A2:6F:64:4D:19:2A:31:F6:AA:FF:CF:AC:4C:F5:B8:7E:A7
            X509v3 Authority Key Identifier:
                keyid:A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/hPVLom9kTRkqMfaq_8-sTPW4fqc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a01:4a0:5::/48
                  2a01:4a0:15::/48

    Signature Algorithm: sha256WithRSAEncryption
         02:3f:06:aa:3e:09:f7:a8:d9:45:d3:1f:3b:6e:4a:99:ca:60:
         01:f2:95:68:1c:7c:5e:bf:16:4d:13:ea:2e:32:ea:cb:53:30:
         4b:71:ea:b6:e2:65:88:aa:8a:03:44:94:4b:cb:8a:7b:c7:dd:
         64:bf:84:ec:e1:b1:25:43:1b:ff:a1:d8:ff:ab:63:eb:bf:4a:
         b9:ab:ff:a5:72:56:a4:39:d7:34:5c:50:6b:4d:7d:f9:62:f4:
         15:ba:f2:9d:db:e7:ef:27:3d:fd:be:3c:9a:73:59:49:f0:ea:
         20:3d:ee:28:a9:94:dd:a4:4b:ad:b0:c8:8d:34:48:22:67:92:
         a4:fa:cc:9d:83:e2:d6:70:f7:2d:f0:da:01:8a:69:f2:ae:a2:
         a3:3a:fd:ca:af:f8:fd:a7:8e:16:b8:27:e3:ae:14:1c:48:49:
         a5:71:a8:1e:8b:24:2f:97:0e:1b:2c:be:fd:9a:08:40:c4:75:
         83:b4:07:48:77:4a:dd:68:d8:98:50:a8:ba:a9:fb:61:f9:b4:
         92:4c:37:4c:55:24:af:96:02:cc:06:7f:49:4d:ed:44:ef:d8:
         01:79:52:a5:12:b0:99:d4:e7:4e:73:f1:8a:be:84:3f:e2:5c:
         30:6e:f9:e8:24:aa:43:3a:39:7f:4e:ff:42:a0:bc:36:e4:c6:
         7a:f4:90:e6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYd6X/VSezYx3dKl61eoQgtZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5Yjc1YjY0ZDVkYTE3ZDcwYmJhYmQ4MTFhMzlhNjAyZGRh
Zjk2M2EwHhcNMjMwNDEzMTEyODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGY1NGJhMjZmNjQ0ZDE5MmEzMWY2YWFmZmNmYWM0Y2Y1Yjg3ZWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpG5gkGcCtCwtMkl/rjYJq0A9FOi
WnxUmztqTYIbJBLbiDdhfAQE4xOE2JymAwTrt3bM6JogIzNOK2OR8TXHeK0VxT7k
wS1oVhx5PqoACWINLzE+H+3HGTB/BhSUB4WSQVeeeJ+YA6u+iFFAxBG54PEerlEB
MMtRQHBFQTv69T5yZOnEMEKgP+Nd5b6fLBLUDBEd8S5K+9OIyeCLo0bz1GqCdylj
bHyv8eojZCzRNSJfSYkg5UpUyTzvJg0LuUHkCO/TC0/rQPDHv4UBSUYnEi6DqbxM
oa6TrAOjo5l3XozKTlwXe0KoL6lzdrKKjWSsoC+0/n3bnpRJgpnKqERj2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIT1S6JvZE0ZKjH2qv/PrEz1uH6nMB8GA1UdIwQY
MBaAFKm3W2TV2hfXC7q9gRo5pgLdr5Y6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUt
OWIxMTgwNGVjZDM5LzEvaFBWTG9tOWtUUmtxTWZhcV84LXNUUFc0ZnFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUtOWIxMTgwNGVjZDM5
LzEvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgEEoAAF
AwcAKgEEoAAVMA0GCSqGSIb3DQEBCwUAA4IBAQACPwaqPgn3qNlF0x87bkqZymAB
8pVoHHxevxZNE+ouMurLUzBLceq24mWIqooDRJRLy4p7x91kv4Ts4bElQxv/odj/
q2Prv0q5q/+lclakOdc0XFBrTX35YvQVuvKd2+fvJz39vjyac1lJ8OogPe4oqZTd
pEutsMiNNEgiZ5Kk+sydg+LWcPct8NoBimnyrqKjOv3Kr/j9p44WuCfjrhQcSEml
cageiyQvlw4bLL79mghAxHWDtAdId0rdaNiYUKi6qfth+bSSTDdMVSSvlgLMBn9J
Te1E79gBeVKlErCZ1OdOc/GKvoQ/4lwwbvnoJKpDOjl/Tv9CoLw25MZ69JDm
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:40 2024 by rpki-client on console-ams.rpki-client.org