Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Ljgr4TCgOEvjD_qnUBIsNPYXG80.roa
File:                     Ljgr4TCgOEvjD_qnUBIsNPYXG80.roa (raw, json)
Hash identifier:          /CtTvRZf4eG04RwLpQ4b3vprToFHHpfkI4woRQP/+PE=
Subject key identifier:   2E:38:2B:E1:30:A0:38:4B:E3:0F:FA:A7:50:12:2C:34:F6:17:1B:CD
Certificate issuer:       /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial:       018A1DF5C4AAB72D02FAA114B10AC1145A81
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Ljgr4TCgOEvjD_qnUBIsNPYXG80.roa
Signing time:             Tue 22 Aug 2023 15:56:00 +0000
ROA not before:           Tue 22 Aug 2023 15:56:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216424
IP address blocks:        2a0c:b641:ac0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:1d:f5:c4:aa:b7:2d:02:fa:a1:14:b1:0a:c1:14:5a:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05976801363d375786152e4d061e75c8beb35058
        Validity
            Not Before: Aug 22 15:56:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2e382be130a0384be30ffaa750122c34f6171bcd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:3c:8e:48:9d:a7:c5:8b:72:c4:9a:61:ee:87:
                    00:3d:d8:9f:d6:48:89:9d:f8:fc:b8:ef:3b:8e:e7:
                    9e:b0:f2:64:84:67:29:57:79:3a:9c:27:c5:32:7e:
                    a4:7e:42:04:d0:1a:d3:e2:ac:40:67:02:e3:b4:db:
                    c3:bc:dc:27:ae:91:2c:54:06:fe:68:cd:61:42:f4:
                    be:6c:14:26:bb:1e:1f:3a:5c:6c:b3:d8:e8:bb:b9:
                    d6:63:e4:0a:85:4a:f9:82:a1:d6:bb:48:b5:35:ed:
                    c8:01:27:71:1c:9a:47:60:0e:cb:b3:41:54:89:fd:
                    b4:97:b0:54:b5:78:ba:07:67:6a:96:58:ea:7a:8a:
                    09:b5:bb:cc:02:fa:29:65:dd:1c:71:55:a7:29:96:
                    e5:9c:a8:10:0a:2a:dd:47:bf:0a:c2:6a:4f:f2:b4:
                    32:25:1d:d5:8b:e4:23:53:8f:04:ff:f7:e3:83:61:
                    9a:ab:a0:df:b8:90:2d:97:ff:a4:0f:61:ed:14:d8:
                    b0:65:4f:ee:62:cb:db:e9:bc:7c:2d:ea:f8:7b:e5:
                    59:6e:27:56:6a:e3:d8:d9:16:02:c1:81:38:13:71:
                    b3:67:61:2b:5f:7d:eb:1b:f5:c2:73:e1:71:43:19:
                    9c:d4:38:66:80:12:a3:69:91:38:88:a1:7c:15:91:
                    e2:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:38:2B:E1:30:A0:38:4B:E3:0F:FA:A7:50:12:2C:34:F6:17:1B:CD
            X509v3 Authority Key Identifier:
                keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Ljgr4TCgOEvjD_qnUBIsNPYXG80.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:b641:ac0::/44

    Signature Algorithm: sha256WithRSAEncryption
         33:8e:ad:de:27:9e:c1:6b:34:ff:47:f0:40:77:f2:e0:2a:c7:
         fc:1e:02:8c:b5:fc:6f:dd:72:29:0e:2a:75:d2:0d:17:ea:ec:
         fb:ff:be:bb:dd:66:28:8f:00:46:b9:64:de:84:86:5a:4b:b4:
         0a:67:96:c7:42:9c:91:e1:6e:b5:9d:9d:26:f3:7a:2a:c9:1b:
         8c:85:0a:27:36:d9:e3:34:99:d5:c7:0f:a7:a6:6f:38:8a:ab:
         e2:c3:eb:25:32:09:53:f1:75:c4:4e:60:d4:e4:2f:41:6e:e6:
         5a:63:2a:3d:c4:ab:ab:1a:fd:f9:df:7f:b0:6b:b4:8b:89:e6:
         46:8f:c6:53:09:2c:86:d6:d6:9e:7f:b4:a1:93:f1:b2:61:99:
         e6:a0:49:f1:78:19:0e:b7:c0:b6:c5:01:6c:5d:03:44:ea:e6:
         52:f8:13:cd:0b:30:24:4c:12:de:36:a5:94:34:4a:fc:88:8d:
         4c:23:e3:cc:3d:3a:bd:85:d2:8e:75:5e:64:3e:f2:56:10:dd:
         b5:7e:b9:99:95:7b:c1:46:42:78:2d:d5:f6:55:a9:6a:8a:51:
         d1:80:c1:9c:fd:81:f8:3f:52:80:6e:17:eb:d0:4a:25:f9:9f:
         fc:7b:56:ba:2b:f7:11:9e:b8:9a:a9:f3:a9:cb:ab:93:09:9c:
         d6:b1:92:77
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYod9cSqty0C+qEUsQrBFFqBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwODIyMTU1NjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTM4MmJlMTMwYTAzODRiZTMwZmZhYTc1MDEyMmMzNGY2MTcxYmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjyOSJ2nxYtyxJph7ocAPdif1kiJ
nfj8uO87jueesPJkhGcpV3k6nCfFMn6kfkIE0BrT4qxAZwLjtNvDvNwnrpEsVAb+
aM1hQvS+bBQmux4fOlxss9jou7nWY+QKhUr5gqHWu0i1Ne3IASdxHJpHYA7Ls0FU
if20l7BUtXi6B2dqlljqeooJtbvMAvopZd0ccVWnKZblnKgQCirdR78KwmpP8rQy
JR3Vi+QjU48E//fjg2Gaq6DfuJAtl/+kD2HtFNiwZU/uYsvb6bx8Ler4e+VZbidW
auPY2RYCwYE4E3GzZ2ErX33rG/XCc+FxQxmc1DhmgBKjaZE4iKF8FZHirQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFC44K+EwoDhL4w/6p1ASLDT2FxvNMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvTGpncjRUQ2dPRXZqRF9xblVCSXNOUFlYRzgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQrA
MA0GCSqGSIb3DQEBCwUAA4IBAQAzjq3eJ57BazT/R/BAd/LgKsf8HgKMtfxv3XIp
Dip10g0X6uz7/7673WYojwBGuWTehIZaS7QKZ5bHQpyR4W61nZ0m83oqyRuMhQon
NtnjNJnVxw+npm84iqviw+slMglT8XXETmDU5C9BbuZaYyo9xKurGv3533+wa7SL
ieZGj8ZTCSyG1taef7Shk/GyYZnmoEnxeBkOt8C2xQFsXQNE6uZS+BPNCzAkTBLe
NqWUNEr8iI1MI+PMPTq9hdKOdV5kPvJWEN21frmZlXvBRkJ4LdX2ValqilHRgMGc
/YH4P1KAbhfr0Eol+Z/8e1a6K/cRnriaqfOpy6uTCZzWsZJ3
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:38 2024 by rpki-client on console-ams.rpki-client.org