Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/XnLRMZfJu7_D2XRBpeJtMNXUdeI.roa
File:                     XnLRMZfJu7_D2XRBpeJtMNXUdeI.roa (raw, json)
Hash identifier:          HogTP0EMTClv4wHpy4eaEk/WZMlaeY1qUgS3fUon9Vo=
Subject key identifier:   5E:72:D1:31:97:C9:BB:BF:C3:D9:74:41:A5:E2:6D:30:D5:D4:75:E2
Certificate issuer:       /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial:       0185711E37664D5C1E69240B5A82D61994EA
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/XnLRMZfJu7_D2XRBpeJtMNXUdeI.roa
Signing time:             Mon 02 Jan 2023 06:14:43 +0000
ROA not before:           Mon 02 Jan 2023 06:14:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     24239
IP address blocks:        2a0c:b641:570::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:1e:37:66:4d:5c:1e:69:24:0b:5a:82:d6:19:94:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05976801363d375786152e4d061e75c8beb35058
        Validity
            Not Before: Jan  2 06:14:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5e72d13197c9bbbfc3d97441a5e26d30d5d475e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:b4:3e:0a:de:cf:b4:bd:6c:b5:6c:7f:27:3d:
                    db:79:aa:d8:21:ce:da:d9:bd:cb:d7:6d:04:86:1b:
                    b5:7d:a3:68:b1:12:41:86:b4:5f:ce:ed:e8:bf:7d:
                    9a:35:f8:9c:f6:04:ec:bf:ce:ea:00:89:85:9a:b8:
                    55:f3:b6:c4:8d:77:db:1f:db:58:1d:9c:23:9f:50:
                    24:3d:3b:72:a9:22:b1:1d:f2:a7:33:e1:6c:9d:81:
                    fa:5f:23:33:9a:16:e0:b7:ff:12:6c:f2:f0:67:3b:
                    fc:de:bc:9a:fb:c2:10:5b:09:2f:b9:a1:79:a9:44:
                    5b:a6:2d:5d:5a:d8:98:2c:f3:3c:02:41:e1:ed:46:
                    77:a7:f6:17:0a:ee:c9:12:f4:a8:fe:82:a5:bd:6c:
                    75:a4:42:d3:c2:25:36:f0:7a:24:42:84:e2:b7:27:
                    b1:fe:d2:46:6f:4e:c4:a8:09:03:37:0a:37:83:82:
                    94:ea:22:99:6d:3d:46:24:e4:dd:6e:98:fb:1c:b9:
                    be:64:0d:8e:b8:46:d2:00:57:ac:34:f4:5d:15:d8:
                    cb:17:e6:f5:3b:7c:9c:67:86:3b:2a:81:da:82:93:
                    e2:5e:d3:f0:15:73:28:e7:b9:7d:98:eb:ca:22:f1:
                    16:16:28:8c:b7:7f:85:46:08:37:24:a5:bb:14:81:
                    72:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:72:D1:31:97:C9:BB:BF:C3:D9:74:41:A5:E2:6D:30:D5:D4:75:E2
            X509v3 Authority Key Identifier:
                keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/XnLRMZfJu7_D2XRBpeJtMNXUdeI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:b641:570::/44

    Signature Algorithm: sha256WithRSAEncryption
         7a:f2:b2:d8:37:b4:00:a5:ba:d6:7d:fd:31:34:47:86:9c:ee:
         8d:a2:07:7f:5c:34:f5:4a:2e:36:e6:5e:36:44:28:7c:e7:85:
         9d:2c:3f:e2:e6:2f:58:80:cd:16:84:37:af:4f:01:48:74:f7:
         30:73:c0:32:54:2a:df:ff:27:0a:56:98:c4:9d:4d:b7:b2:e7:
         82:f2:65:c1:1f:50:df:53:9a:7d:1f:f5:8c:da:29:b6:53:e4:
         e1:ea:1a:89:84:77:b4:02:12:10:82:18:b7:cf:53:a9:1d:93:
         8e:84:28:b8:f2:03:ce:90:9b:92:0e:ae:2d:53:fb:d6:d2:e1:
         02:01:b7:7b:ef:b5:1b:60:d0:7e:a9:d4:75:f0:c0:b9:52:cc:
         c7:73:1a:17:45:ca:de:44:f7:24:23:2b:97:2a:24:da:d7:e1:
         6a:72:91:21:84:96:79:54:61:e6:53:a8:32:28:f9:8a:e3:50:
         5f:39:13:cf:01:ae:1f:91:f4:e1:17:67:6a:89:2b:65:ef:ca:
         16:59:41:68:2e:71:16:e3:72:ba:54:a9:51:d5:6e:16:8f:35:
         09:f5:21:f2:b7:d5:8e:61:ee:62:cb:4a:65:d8:cb:b6:ff:56:
         b3:43:21:9e:38:9e:26:c7:3a:24:c8:e7:c5:7e:ae:ee:2c:64:
         e2:98:8e:cd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxHjdmTVweaSQLWoLWGZTqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTcyZDEzMTk3YzliYmJmYzNkOTc0NDFhNWUyNmQzMGQ1ZDQ3NWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrQ+Ct7PtL1stWx/Jz3bearYIc7a
2b3L120Ehhu1faNosRJBhrRfzu3ov32aNfic9gTsv87qAImFmrhV87bEjXfbH9tY
HZwjn1AkPTtyqSKxHfKnM+FsnYH6XyMzmhbgt/8SbPLwZzv83rya+8IQWwkvuaF5
qURbpi1dWtiYLPM8AkHh7UZ3p/YXCu7JEvSo/oKlvWx1pELTwiU28HokQoTityex
/tJGb07EqAkDNwo3g4KU6iKZbT1GJOTdbpj7HLm+ZA2OuEbSAFesNPRdFdjLF+b1
O3ycZ4Y7KoHagpPiXtPwFXMo57l9mOvKIvEWFiiMt3+FRgg3JKW7FIFyBQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF5y0TGXybu/w9l0QaXibTDV1HXiMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvWG5MUk1aZkp1N19EMlhSQnBlSnRNTlhVZGVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQVw
MA0GCSqGSIb3DQEBCwUAA4IBAQB68rLYN7QApbrWff0xNEeGnO6Nogd/XDT1Si42
5l42RCh854WdLD/i5i9YgM0WhDevTwFIdPcwc8AyVCrf/ycKVpjEnU23sueC8mXB
H1DfU5p9H/WM2im2U+Th6hqJhHe0AhIQghi3z1OpHZOOhCi48gPOkJuSDq4tU/vW
0uECAbd777UbYNB+qdR18MC5UszHcxoXRcreRPckIyuXKiTa1+FqcpEhhJZ5VGHm
U6gyKPmK41BfORPPAa4fkfThF2dqiStl78oWWUFoLnEW43K6VKlR1W4WjzUJ9SHy
t9WOYe5iy0pl2Mu2/1azQyGeOJ4mxzokyOfFfq7uLGTimI7N
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:15 2024 by rpki-client on console-fra.rpki-client.org