Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/3ukFwe2IzE0QsFMe0ENmutYc00A.roa
File:                     3ukFwe2IzE0QsFMe0ENmutYc00A.roa (raw, json)
Hash identifier:          E3LFl/w4W52ixgoRqyDM8YRJ/20kp+owNmY//iDawew=
Subject key identifier:   DE:E9:05:C1:ED:88:CC:4D:10:B0:53:1E:D0:43:66:BA:D6:1C:D3:40
Certificate issuer:       /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial:       018CC80158A5CF7725D38DD63BF967FD54E7
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/3ukFwe2IzE0QsFMe0ENmutYc00A.roa
Signing time:             Tue 02 Jan 2024 02:29:40 +0000
ROA not before:           Tue 02 Jan 2024 02:29:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     201671
IP address blocks:        2a0c:b641:900::/44 maxlen: 48

Validation:               Failed, certificate revoked on Sat 03 Feb 2024 13:46:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:58:a5:cf:77:25:d3:8d:d6:3b:f9:67:fd:54:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05976801363d375786152e4d061e75c8beb35058
        Validity
            Not Before: Jan  2 02:29:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=dee905c1ed88cc4d10b0531ed04366bad61cd340
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:b5:95:ce:a0:30:14:b9:df:56:6c:fc:b6:14:
                    3c:fa:36:bd:b9:d9:89:16:84:60:77:08:33:a4:17:
                    78:25:ea:fe:8b:80:f0:6a:c1:4c:36:75:c8:d5:a6:
                    f3:ca:3d:5a:3b:be:c4:26:a7:7c:95:54:12:f9:e1:
                    29:f8:b2:a2:e3:81:b7:ad:75:1f:9c:1a:e7:d6:33:
                    a8:97:72:17:57:5b:3a:57:71:a9:c5:84:25:7a:f5:
                    8f:77:25:49:ee:16:ff:f0:24:31:80:e2:68:5c:36:
                    79:71:12:43:e1:79:90:f3:b6:b8:50:28:03:5e:94:
                    7a:4f:85:3c:63:b4:47:08:70:46:be:97:5a:a9:9f:
                    6d:e2:fe:20:33:86:e2:ec:4b:20:6a:e6:98:30:f9:
                    86:db:c8:b8:3c:1d:be:8c:e1:a8:82:64:ba:5c:94:
                    6f:57:cf:0e:f2:c4:63:7b:0b:65:69:9f:27:8c:27:
                    8f:40:6a:d6:c9:f9:10:c1:d8:d6:ba:23:ef:a6:ad:
                    35:c7:cd:c0:b7:e8:49:79:e8:cc:1a:36:49:46:de:
                    fb:05:1b:bb:a3:d4:ad:59:f4:38:2d:63:8c:0f:03:
                    ef:3f:5f:7a:51:0f:23:46:4c:f5:3f:6a:13:d1:93:
                    92:9e:a5:c8:df:b0:a9:bf:2b:37:2b:f7:5a:f0:b4:
                    4a:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:E9:05:C1:ED:88:CC:4D:10:B0:53:1E:D0:43:66:BA:D6:1C:D3:40
            X509v3 Authority Key Identifier:
                keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/3ukFwe2IzE0QsFMe0ENmutYc00A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:b641:900::/44

    Signature Algorithm: sha256WithRSAEncryption
         93:d3:6c:e6:10:1d:4c:15:5d:44:a5:ab:38:48:d5:ac:7c:fe:
         82:5f:a0:5b:12:71:78:cb:63:74:d6:86:55:0f:f7:cd:b8:fc:
         d9:4d:cf:d0:4b:94:b2:0a:78:02:90:34:09:ae:a5:ed:ef:e8:
         7a:bd:ad:c0:aa:04:4b:b4:c2:39:39:ae:e4:eb:ae:4c:d7:64:
         7c:ca:9b:46:41:ba:c3:a8:c5:b5:6c:22:8e:5b:b8:76:d4:eb:
         72:8e:d7:fb:ae:d9:59:94:2d:3b:4b:1d:3a:df:89:ef:76:40:
         63:09:55:36:a7:1f:fd:d8:21:82:80:b2:93:c9:e6:4c:1a:99:
         48:4a:f7:ca:a0:37:d7:b8:9c:cc:3b:a6:b1:1f:bf:36:8b:66:
         9d:66:0e:dd:d8:b7:ba:af:58:8f:17:b1:8e:c3:a0:d8:f5:e9:
         05:8a:06:94:57:36:98:34:5a:2b:d2:7c:6c:bb:2a:ba:c9:bd:
         0b:76:af:d1:9a:58:ef:e5:38:93:89:cf:6e:b8:fa:a1:88:85:
         f0:b6:81:72:d7:af:68:df:cd:7f:86:33:c1:52:bc:3e:a5:72:
         dc:51:63:61:30:f9:e8:06:4e:45:73:6a:a6:9b:44:d6:0a:43:
         59:aa:7d:28:aa:31:b7:f2:e9:ff:7c:a7:b2:a2:c9:56:18:d0:
         72:f4:a6:71
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIAVilz3cl043WO/ln/VTnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQwMTAyMDIyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWU5MDVjMWVkODhjYzRkMTBiMDUzMWVkMDQzNjZiYWQ2MWNkMzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7WVzqAwFLnfVmz8thQ8+ja9udmJ
FoRgdwgzpBd4Jer+i4DwasFMNnXI1abzyj1aO77EJqd8lVQS+eEp+LKi44G3rXUf
nBrn1jOol3IXV1s6V3GpxYQlevWPdyVJ7hb/8CQxgOJoXDZ5cRJD4XmQ87a4UCgD
XpR6T4U8Y7RHCHBGvpdaqZ9t4v4gM4bi7EsgauaYMPmG28i4PB2+jOGogmS6XJRv
V88O8sRjewtlaZ8njCePQGrWyfkQwdjWuiPvpq01x83At+hJeejMGjZJRt77BRu7
o9StWfQ4LWOMDwPvP196UQ8jRkz1P2oT0ZOSnqXI37Cpvys3K/da8LRKnwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN7pBcHtiMxNELBTHtBDZrrWHNNAMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvM3VrRndlMkl6RTBRc0ZNZTBFTm11dFljMDBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQkA
MA0GCSqGSIb3DQEBCwUAA4IBAQCT02zmEB1MFV1Epas4SNWsfP6CX6BbEnF4y2N0
1oZVD/fNuPzZTc/QS5SyCngCkDQJrqXt7+h6va3AqgRLtMI5Oa7k665M12R8yptG
QbrDqMW1bCKOW7h21Otyjtf7rtlZlC07Sx0634nvdkBjCVU2px/92CGCgLKTyeZM
GplISvfKoDfXuJzMO6axH782i2adZg7d2Le6r1iPF7GOw6DY9ekFigaUVzaYNFor
0nxsuyq6yb0Ldq/Rmljv5TiTic9uuPqhiIXwtoFy169o381/hjPBUrw+pXLcUWNh
MPnoBk5Fc2qmm0TWCkNZqn0oqjG38un/fKeyoslWGNBy9KZx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:15 2024 by rpki-client on console-fra.rpki-client.org