Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/4lE-ql-vGnO3cEW3sywoOcnGKiU.roa
File:                     4lE-ql-vGnO3cEW3sywoOcnGKiU.roa (raw, json)
Hash identifier:          IJQRy4EnGAlkqCbd+cBwCGOfIIC6LOA/uR5dMrv0z/o=
Subject key identifier:   E2:51:3E:AA:5F:AF:1A:73:B7:70:45:B7:B3:2C:28:39:C9:C6:2A:25
Certificate issuer:       /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial:       0185711E971DC923F6E6DA5E65C14755B4F9
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/4lE-ql-vGnO3cEW3sywoOcnGKiU.roa
Signing time:             Mon 02 Jan 2023 06:15:08 +0000
ROA not before:           Mon 02 Jan 2023 06:15:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213236
IP address blocks:        2a0c:b641:6c0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:1e:97:1d:c9:23:f6:e6:da:5e:65:c1:47:55:b4:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05976801363d375786152e4d061e75c8beb35058
        Validity
            Not Before: Jan  2 06:15:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e2513eaa5faf1a73b77045b7b32c2839c9c62a25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:e3:eb:da:4f:1b:4a:b8:69:57:35:eb:c3:70:
                    21:c3:5b:9a:01:74:53:b5:43:66:79:5b:16:bd:7b:
                    8b:d5:9b:cf:16:f2:42:0d:d7:87:fb:f0:fb:a9:c8:
                    dd:ce:e4:08:ef:6b:5a:69:5a:49:d1:fb:9a:5c:16:
                    c3:56:ec:d5:20:6b:a9:9e:2f:3d:85:2e:ef:7a:47:
                    ad:07:dd:4a:7a:c3:15:92:4a:42:15:97:5e:92:40:
                    23:96:20:b4:1d:5c:1c:91:c1:12:2b:b1:d4:21:a1:
                    ae:98:0f:da:1e:ad:46:15:fd:86:32:93:49:54:3b:
                    c9:ba:7c:bf:4f:e7:18:dd:9a:cf:41:4a:2b:c9:33:
                    6f:b6:6a:8c:60:a4:87:c0:5c:72:ed:91:39:ce:9f:
                    26:fe:a0:a9:81:2c:76:2b:57:36:fe:5d:9e:12:5f:
                    c6:b5:5b:36:fe:91:53:8b:78:34:bc:b0:72:8d:5f:
                    3a:c4:b8:f5:4f:ab:4a:66:22:6a:49:97:44:bb:f1:
                    cc:76:19:4b:6a:d2:6f:21:bd:f1:24:da:e9:f7:89:
                    4e:9a:90:00:cd:a4:7e:9c:8e:a9:bd:df:24:a0:b3:
                    e6:ae:81:7d:60:df:68:79:3d:b3:eb:f0:d9:7f:4f:
                    3e:ee:7f:a5:58:67:e7:1d:59:cf:5b:61:52:14:f7:
                    df:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:51:3E:AA:5F:AF:1A:73:B7:70:45:B7:B3:2C:28:39:C9:C6:2A:25
            X509v3 Authority Key Identifier:
                keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/4lE-ql-vGnO3cEW3sywoOcnGKiU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:b641:6c0::/44

    Signature Algorithm: sha256WithRSAEncryption
         63:15:e0:50:74:c6:f6:67:8b:23:94:9e:65:c5:86:ac:d0:24:
         42:ec:3f:99:58:3f:77:d5:7d:f6:72:54:d7:1b:4e:a2:b6:7b:
         13:f6:8a:df:39:bc:56:0f:c5:7d:57:a6:f1:1f:fe:16:d3:be:
         4b:7e:c1:36:09:57:c1:e3:1b:ca:fa:1e:ae:2b:69:fb:d0:6c:
         76:a2:40:e3:7f:3e:ae:36:a8:0f:a0:8d:04:f4:01:e9:da:83:
         f9:c5:eb:e0:53:7b:59:f2:4c:38:3f:8e:45:d8:f1:f2:da:2f:
         9f:58:18:3e:5d:58:78:66:04:d3:85:ef:b2:5b:3c:91:87:fd:
         68:5f:51:c4:7f:a4:0c:d1:04:a0:83:28:15:a8:74:f0:58:5d:
         28:7b:59:53:b6:e1:4b:b3:1b:a2:c6:8e:fb:84:c1:55:1f:e5:
         4d:11:74:1c:a7:0f:2c:bf:bf:fa:8a:7f:2c:49:51:f6:6a:ed:
         b0:bc:a4:0c:e0:41:7e:67:02:e3:89:62:f6:6a:0a:11:fa:7d:
         09:7c:73:72:61:93:6f:dd:10:ca:00:02:12:74:d3:9a:bf:37:
         21:b3:44:66:49:92:ed:96:95:44:24:76:ae:07:b0:fc:13:43:
         01:aa:76:4c:5e:f2:08:55:87:b9:97:19:53:8a:db:88:9a:5c:
         05:cd:cb:86
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxHpcdySP25tpeZcFHVbT5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjUxM2VhYTVmYWYxYTczYjc3MDQ1YjdiMzJjMjgzOWM5YzYyYTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+Pr2k8bSrhpVzXrw3Ahw1uaAXRT
tUNmeVsWvXuL1ZvPFvJCDdeH+/D7qcjdzuQI72taaVpJ0fuaXBbDVuzVIGupni89
hS7veketB91KesMVkkpCFZdekkAjliC0HVwckcESK7HUIaGumA/aHq1GFf2GMpNJ
VDvJuny/T+cY3ZrPQUoryTNvtmqMYKSHwFxy7ZE5zp8m/qCpgSx2K1c2/l2eEl/G
tVs2/pFTi3g0vLByjV86xLj1T6tKZiJqSZdEu/HMdhlLatJvIb3xJNrp94lOmpAA
zaR+nI6pvd8koLPmroF9YN9oeT2z6/DZf08+7n+lWGfnHVnPW2FSFPffIwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOJRPqpfrxpzt3BFt7MsKDnJxiolMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvNGxFLXFsLXZHbk8zY0VXM3N5d29PY25HS2lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQbA
MA0GCSqGSIb3DQEBCwUAA4IBAQBjFeBQdMb2Z4sjlJ5lxYas0CRC7D+ZWD931X32
clTXG06itnsT9orfObxWD8V9V6bxH/4W075LfsE2CVfB4xvK+h6uK2n70Gx2okDj
fz6uNqgPoI0E9AHp2oP5xevgU3tZ8kw4P45F2PHy2i+fWBg+XVh4ZgTThe+yWzyR
h/1oX1HEf6QM0QSggygVqHTwWF0oe1lTtuFLsxuixo77hMFVH+VNEXQcpw8sv7/6
in8sSVH2au2wvKQM4EF+ZwLjiWL2agoR+n0JfHNyYZNv3RDKAAISdNOavzchs0Rm
SZLtlpVEJHauB7D8E0MBqnZMXvIIVYe5lxlTituImlwFzcuG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:15 2024 by rpki-client on console-fra.rpki-client.org