Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/V_td3-Si-PgSrNSAanrN897gsu8.roa
File:                     V_td3-Si-PgSrNSAanrN897gsu8.roa (raw, json)
Hash identifier:          mhy9Gjmv+MVSBFJOY4pS2XdoPmrg3WxGk76n0HusLJc=
Subject key identifier:   57:FB:5D:DF:E4:A2:F8:F8:12:AC:D4:80:6A:7A:CD:F3:DE:E0:B2:EF
Certificate issuer:       /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial:       0185711E765215C346C21DF973E95CFDEB4B
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/V_td3-Si-PgSrNSAanrN897gsu8.roa
Signing time:             Mon 02 Jan 2023 06:14:59 +0000
ROA not before:           Mon 02 Jan 2023 06:14:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210361
IP address blocks:        2a0c:b641:1b0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Wed 25 Jan 2023 22:03:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:1e:76:52:15:c3:46:c2:1d:f9:73:e9:5c:fd:eb:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05976801363d375786152e4d061e75c8beb35058
        Validity
            Not Before: Jan  2 06:14:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=57fb5ddfe4a2f8f812acd4806a7acdf3dee0b2ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:a4:34:c3:6e:6f:d6:6b:f3:6a:48:72:60:52:
                    9f:de:28:e4:f7:76:a7:4b:c9:23:72:59:07:e8:7f:
                    36:ea:67:5b:85:33:ab:af:ac:da:37:30:e6:88:ff:
                    cd:03:f1:bd:1c:1e:21:de:3d:15:23:af:0e:db:2d:
                    f0:4d:06:0d:29:4a:c9:1f:5b:ea:9c:12:0e:85:66:
                    9e:23:d0:2f:9f:4f:53:87:f6:33:8d:e9:43:e4:e5:
                    da:03:3f:15:72:af:84:41:fc:44:26:67:c2:96:fd:
                    b7:5f:45:10:2b:87:63:e4:30:50:d7:9e:20:80:0f:
                    89:96:e5:dc:99:30:27:b9:cd:95:94:12:55:9b:42:
                    20:82:d8:35:33:37:0f:04:01:15:54:de:61:a9:e7:
                    e2:f8:76:86:6a:f4:c4:c4:41:70:70:37:5b:ae:ac:
                    f9:22:b6:3b:38:76:33:f4:50:69:0e:c9:d9:5f:55:
                    d1:4f:e1:1e:00:42:4d:b5:69:93:17:e3:88:9e:d6:
                    44:38:a4:87:50:10:bf:39:ea:0f:8f:65:34:08:33:
                    21:22:93:a7:33:56:17:bf:46:40:ef:e2:44:31:f3:
                    82:05:fc:4c:4f:83:4e:dd:9d:d4:1e:69:77:f9:e0:
                    e5:04:cb:87:0d:aa:ef:a3:61:29:89:17:53:4d:3b:
                    ff:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:FB:5D:DF:E4:A2:F8:F8:12:AC:D4:80:6A:7A:CD:F3:DE:E0:B2:EF
            X509v3 Authority Key Identifier:
                keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/V_td3-Si-PgSrNSAanrN897gsu8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:b641:1b0::/44

    Signature Algorithm: sha256WithRSAEncryption
         79:e3:9c:23:3c:fb:ef:9a:24:eb:72:5a:fb:1a:d4:4d:9b:3a:
         e1:72:52:9d:f6:c5:d8:bf:42:8b:5b:d0:56:a6:04:6d:1e:0d:
         a7:4b:2c:57:67:e0:67:0a:66:d2:3f:21:ce:a5:d4:c1:b6:32:
         8a:8c:da:ee:ad:e4:cd:da:cb:c1:b7:2b:13:9e:a5:c7:35:86:
         15:af:eb:dd:b6:7f:eb:f5:1b:e5:e5:be:83:af:3e:8b:56:39:
         bf:c6:45:87:36:ce:78:a4:e5:62:c3:27:8f:d7:40:9d:3b:e8:
         b5:cc:b9:a6:8d:54:13:f0:0d:2c:9f:aa:d7:14:44:14:a2:10:
         09:2a:a7:f2:37:a7:4d:68:54:61:86:b4:ce:24:f1:16:d8:88:
         c0:ae:62:a2:ba:af:ad:1e:fd:86:7a:4a:c2:f4:0e:74:af:5a:
         63:84:ff:9a:0f:28:9f:de:fd:0c:37:b8:ea:41:76:ac:f0:55:
         05:37:b7:28:e6:f2:0b:71:92:e2:89:6d:50:e5:99:13:5d:fe:
         c2:26:e0:9a:c6:77:8f:3e:80:fe:48:a7:e4:69:92:c0:94:b6:
         00:8a:ac:4d:98:03:42:4f:a4:64:88:cc:48:2f:13:1d:d1:44:
         5e:2f:e5:e8:0f:38:05:29:79:e0:07:11:d5:5d:d3:a8:dd:22:
         bc:18:57:9a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxHnZSFcNGwh35c+lc/etLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2ZiNWRkZmU0YTJmOGY4MTJhY2Q0ODA2YTdhY2RmM2RlZTBiMmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6Q0w25v1mvzakhyYFKf3ijk93an
S8kjclkH6H826mdbhTOrr6zaNzDmiP/NA/G9HB4h3j0VI68O2y3wTQYNKUrJH1vq
nBIOhWaeI9Avn09Th/YzjelD5OXaAz8Vcq+EQfxEJmfClv23X0UQK4dj5DBQ154g
gA+JluXcmTAnuc2VlBJVm0Iggtg1MzcPBAEVVN5hqefi+HaGavTExEFwcDdbrqz5
IrY7OHYz9FBpDsnZX1XRT+EeAEJNtWmTF+OIntZEOKSHUBC/OeoPj2U0CDMhIpOn
M1YXv0ZA7+JEMfOCBfxMT4NO3Z3UHml3+eDlBMuHDarvo2EpiRdTTTv/NQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFf7Xd/kovj4EqzUgGp6zfPe4LLvMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvVl90ZDMtU2ktUGdTck5TQWFuck44OTdnc3U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQGw
MA0GCSqGSIb3DQEBCwUAA4IBAQB545wjPPvvmiTrclr7GtRNmzrhclKd9sXYv0KL
W9BWpgRtHg2nSyxXZ+BnCmbSPyHOpdTBtjKKjNrureTN2svBtysTnqXHNYYVr+vd
tn/r9Rvl5b6Drz6LVjm/xkWHNs54pOViwyeP10CdO+i1zLmmjVQT8A0sn6rXFEQU
ohAJKqfyN6dNaFRhhrTOJPEW2IjArmKiuq+tHv2GekrC9A50r1pjhP+aDyif3v0M
N7jqQXas8FUFN7co5vILcZLiiW1Q5ZkTXf7CJuCaxnePPoD+SKfkaZLAlLYAiqxN
mANCT6RkiMxILxMd0UReL+XoDzgFKXngBxHVXdOo3SK8GFea
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:38 2024 by rpki-client on console-ams.rpki-client.org