Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/YkVLF8tMODCs1lrgrz9Iw_Avx7w.roa
File:                     YkVLF8tMODCs1lrgrz9Iw_Avx7w.roa (raw, json)
Hash identifier:          Kv5OR2ul9O5Yg9iyTJ6smvwvuUu2MsMbivuxzn0fc24=
Subject key identifier:   62:45:4B:17:CB:4C:38:30:AC:D6:5A:E0:AF:3F:48:C3:F0:2F:C7:BC
Certificate issuer:       /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial:       0185711E89340BAA161724FD0165B2A9509F
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/YkVLF8tMODCs1lrgrz9Iw_Avx7w.roa
Signing time:             Mon 02 Jan 2023 06:15:04 +0000
ROA not before:           Mon 02 Jan 2023 06:15:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212500
IP address blocks:        2a0d:ef01::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:1e:89:34:0b:aa:16:17:24:fd:01:65:b2:a9:50:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05976801363d375786152e4d061e75c8beb35058
        Validity
            Not Before: Jan  2 06:15:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=62454b17cb4c3830acd65ae0af3f48c3f02fc7bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:52:ae:1d:eb:cb:60:6d:c9:f0:a2:91:89:20:
                    d7:e4:98:a3:c3:45:69:40:c8:cc:6e:0a:77:c5:93:
                    12:65:bb:27:18:b3:da:91:d5:dd:bc:cf:c9:66:9f:
                    0c:31:91:50:ea:3b:79:1d:86:56:11:8f:9f:27:69:
                    91:f2:34:e8:bb:92:e3:9b:c3:56:ea:fe:4e:7a:97:
                    9d:aa:63:10:41:74:66:56:e9:f8:da:b7:64:e5:da:
                    6b:f9:3e:88:73:92:06:c9:5f:2d:23:50:d3:9c:fb:
                    b8:8a:d9:19:49:e6:6c:9a:50:fc:32:86:e0:8b:da:
                    d7:74:bc:d2:a9:84:d4:58:9d:01:2c:3c:95:08:27:
                    4e:8a:a2:89:71:f5:f9:73:12:31:03:ed:c3:df:45:
                    7f:c5:39:54:5f:a5:e4:e1:44:82:84:f4:61:2f:0c:
                    0d:42:32:ee:0b:d6:e8:0e:9d:b7:e9:44:52:5a:4c:
                    21:97:72:45:7e:b3:a0:9b:90:c0:5a:38:2f:15:0a:
                    93:5b:8e:ab:99:0d:6e:9e:34:17:b6:14:12:67:25:
                    4b:af:d7:e6:49:e5:cb:ef:d9:3a:13:ae:db:f7:0f:
                    e4:31:d8:1f:e8:69:95:60:0c:6e:63:cb:c8:f9:cd:
                    21:54:d1:70:a8:ac:44:bb:1e:31:41:8e:96:2c:e4:
                    43:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:45:4B:17:CB:4C:38:30:AC:D6:5A:E0:AF:3F:48:C3:F0:2F:C7:BC
            X509v3 Authority Key Identifier:
                keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/YkVLF8tMODCs1lrgrz9Iw_Avx7w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:ef01::/44

    Signature Algorithm: sha256WithRSAEncryption
         80:cf:5a:5f:df:82:b3:3e:06:e7:8a:08:64:4b:0d:95:73:41:
         a8:86:12:1c:93:21:e3:32:ba:5e:98:8f:0e:d2:da:9b:26:ea:
         65:05:09:48:e7:95:08:0a:31:3a:14:e9:3b:39:0f:3e:7d:59:
         b2:45:09:8a:c5:1f:a2:1a:53:2a:d5:61:7e:7b:d7:81:fe:77:
         c9:da:54:f5:7e:72:94:2a:86:8c:20:f4:f7:2a:1d:34:68:d0:
         5a:27:0e:f3:46:3d:7f:c9:cd:06:01:d5:c5:0f:4a:da:4e:63:
         9c:32:15:f0:09:65:11:d2:eb:86:6b:2c:90:4a:21:45:2f:9f:
         0a:8e:84:87:28:45:ca:cb:db:9b:16:cf:e5:a6:7f:0c:51:9b:
         e8:06:68:fc:e7:b9:3e:90:bb:2f:ea:eb:a5:df:4b:2b:6e:0e:
         e2:2c:c5:91:e7:02:7c:c1:b7:2c:7c:95:11:8f:4e:3f:8b:06:
         3f:f3:3f:25:fc:82:4e:ce:a8:88:b3:fb:ee:13:da:16:b3:73:
         69:0a:37:10:d4:ff:16:78:be:61:70:e8:c8:72:ee:4f:2a:77:
         76:49:94:8f:38:a1:99:98:4f:32:06:25:a9:b1:f7:73:8f:8c:
         28:21:02:f1:e4:0b:61:6d:4f:c9:50:b6:a4:bc:16:49:51:df:
         5d:af:44:88
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxHok0C6oWFyT9AWWyqVCfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjQ1NGIxN2NiNGMzODMwYWNkNjVhZTBhZjNmNDhjM2YwMmZjN2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5FKuHevLYG3J8KKRiSDX5Jijw0Vp
QMjMbgp3xZMSZbsnGLPakdXdvM/JZp8MMZFQ6jt5HYZWEY+fJ2mR8jTou5Ljm8NW
6v5OepedqmMQQXRmVun42rdk5dpr+T6Ic5IGyV8tI1DTnPu4itkZSeZsmlD8Mobg
i9rXdLzSqYTUWJ0BLDyVCCdOiqKJcfX5cxIxA+3D30V/xTlUX6Xk4USChPRhLwwN
QjLuC9boDp236URSWkwhl3JFfrOgm5DAWjgvFQqTW46rmQ1unjQXthQSZyVLr9fm
SeXL79k6E67b9w/kMdgf6GmVYAxuY8vI+c0hVNFwqKxEux4xQY6WLORDnwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGJFSxfLTDgwrNZa4K8/SMPwL8e8MB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvWWtWTEY4dE1PRENzMWxyZ3J6OUl3X0F2eDd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg3vAQAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCAz1pf34KzPgbnighkSw2Vc0GohhIckyHjMrpe
mI8O0tqbJuplBQlI55UICjE6FOk7OQ8+fVmyRQmKxR+iGlMq1WF+e9eB/nfJ2lT1
fnKUKoaMIPT3Kh00aNBaJw7zRj1/yc0GAdXFD0raTmOcMhXwCWUR0uuGayyQSiFF
L58KjoSHKEXKy9ubFs/lpn8MUZvoBmj857k+kLsv6uul30srbg7iLMWR5wJ8wbcs
fJURj04/iwY/8z8l/IJOzqiIs/vuE9oWs3NpCjcQ1P8WeL5hcOjIcu5PKnd2SZSP
OKGZmE8yBiWpsfdzj4woIQLx5AthbU/JULakvBZJUd9dr0SI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:38 2024 by rpki-client on console-ams.rpki-client.org