Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Z-aEVupTGniPKz4_Hhc4ZZqNl5A.roa
File:                     Z-aEVupTGniPKz4_Hhc4ZZqNl5A.roa (raw, json)
Hash identifier:          /ZQIrhWsxZrxFCYTuNOKerXLrDCESShL+8Qj+nXPfzA=
Subject key identifier:   67:E6:84:56:EA:53:1A:78:8F:2B:3E:3F:1E:17:38:65:9A:8D:97:90
Certificate issuer:       /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial:       0185711E89E25CBB4D8387B1FBA113119604
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Z-aEVupTGniPKz4_Hhc4ZZqNl5A.roa
Signing time:             Mon 02 Jan 2023 06:15:04 +0000
ROA not before:           Mon 02 Jan 2023 06:15:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212624
IP address blocks:        2a0c:b641:2a0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:1e:89:e2:5c:bb:4d:83:87:b1:fb:a1:13:11:96:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05976801363d375786152e4d061e75c8beb35058
        Validity
            Not Before: Jan  2 06:15:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=67e68456ea531a788f2b3e3f1e1738659a8d9790
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:31:e6:c3:e4:16:75:31:76:7e:b9:f3:69:a0:
                    93:2e:a3:91:e6:91:8d:ab:32:23:0c:a4:04:eb:90:
                    44:df:6f:3e:3a:04:d5:17:3b:5b:21:90:63:77:58:
                    cb:a7:1a:42:5d:c1:2d:35:f0:ce:fc:0b:60:ee:d4:
                    63:8b:97:c1:27:de:41:b2:11:64:1a:6a:09:d7:56:
                    86:64:fd:45:6b:8f:d1:4c:37:d6:f6:46:01:4e:70:
                    43:b5:ce:14:74:4e:68:da:e9:00:45:dc:2c:0f:33:
                    99:f0:cf:fb:1f:70:46:06:dc:d1:30:ac:43:de:66:
                    91:7c:2c:57:77:3b:56:c8:2b:e1:8d:86:d9:b4:00:
                    db:9e:e2:96:fc:61:e9:a1:85:b7:35:04:bd:df:b3:
                    d9:35:18:47:e8:b1:26:0b:cd:5e:c8:30:66:9f:45:
                    f4:15:bd:5b:bf:3b:56:73:ad:ee:a9:08:76:0f:b2:
                    43:7d:7d:40:84:3f:f3:c6:3a:7e:83:a8:1d:cd:df:
                    27:61:89:55:9d:b5:55:27:27:41:22:ec:73:e8:da:
                    46:af:9e:39:a2:f3:8d:3b:63:e5:2b:79:67:b0:b6:
                    5a:6e:33:a2:ac:73:60:de:90:2a:96:9d:39:c7:9a:
                    46:9f:28:aa:75:6f:90:53:de:83:63:89:0d:15:d0:
                    81:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:E6:84:56:EA:53:1A:78:8F:2B:3E:3F:1E:17:38:65:9A:8D:97:90
            X509v3 Authority Key Identifier:
                keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Z-aEVupTGniPKz4_Hhc4ZZqNl5A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:b641:2a0::/44

    Signature Algorithm: sha256WithRSAEncryption
         82:9a:65:6e:a8:38:43:03:67:15:39:de:b5:13:dc:73:6e:73:
         cc:5f:10:27:93:5b:ee:b9:4c:c6:78:90:dd:ab:49:02:e3:2c:
         4b:dd:19:3a:0b:35:68:d6:e8:79:55:10:48:1d:4b:c9:7b:e3:
         b1:b1:2c:1f:47:d7:08:98:4d:fd:ff:3f:78:b8:15:f9:8c:97:
         33:9f:c1:5d:18:73:56:44:48:07:56:49:6b:aa:47:cf:2c:a5:
         ae:6e:c5:be:0d:63:6f:ff:ab:1f:5c:23:3e:30:e3:b5:eb:2f:
         cf:96:38:cc:62:cd:1c:80:ac:66:bb:f4:81:0b:b3:92:f9:2b:
         47:e7:aa:82:3e:d6:34:a0:4c:ad:60:95:83:36:2e:06:27:d4:
         89:ab:47:fd:a6:00:da:67:d1:96:ae:7b:10:40:86:b5:62:67:
         bc:22:f4:d8:38:15:e6:65:98:4f:4e:6a:a4:8a:59:f6:b1:0f:
         7f:7c:be:31:ac:d3:5b:48:1b:ad:43:01:68:eb:17:09:58:3b:
         8e:0d:0f:34:46:ce:4d:9d:8b:45:67:ae:13:6b:1a:8d:3f:de:
         4d:f5:3f:9e:cf:9d:bf:60:ad:da:55:eb:83:b6:4a:81:58:77:
         51:7f:6b:69:c4:3b:37:a7:6d:e3:ce:ba:ca:8d:0e:a3:64:54:
         cb:7e:76:b5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxHoniXLtNg4ex+6ETEZYEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2U2ODQ1NmVhNTMxYTc4OGYyYjNlM2YxZTE3Mzg2NTlhOGQ5NzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDHmw+QWdTF2frnzaaCTLqOR5pGN
qzIjDKQE65BE328+OgTVFztbIZBjd1jLpxpCXcEtNfDO/Atg7tRji5fBJ95BshFk
GmoJ11aGZP1Fa4/RTDfW9kYBTnBDtc4UdE5o2ukARdwsDzOZ8M/7H3BGBtzRMKxD
3maRfCxXdztWyCvhjYbZtADbnuKW/GHpoYW3NQS937PZNRhH6LEmC81eyDBmn0X0
Fb1bvztWc63uqQh2D7JDfX1AhD/zxjp+g6gdzd8nYYlVnbVVJydBIuxz6NpGr545
ovONO2PlK3lnsLZabjOirHNg3pAqlp05x5pGnyiqdW+QU96DY4kNFdCBowIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGfmhFbqUxp4jys+Px4XOGWajZeQMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvWi1hRVZ1cFRHbmlQS3o0X0hoYzRaWnFObDVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQKg
MA0GCSqGSIb3DQEBCwUAA4IBAQCCmmVuqDhDA2cVOd61E9xzbnPMXxAnk1vuuUzG
eJDdq0kC4yxL3Rk6CzVo1uh5VRBIHUvJe+OxsSwfR9cImE39/z94uBX5jJczn8Fd
GHNWREgHVklrqkfPLKWubsW+DWNv/6sfXCM+MOO16y/PljjMYs0cgKxmu/SBC7OS
+StH56qCPtY0oEytYJWDNi4GJ9SJq0f9pgDaZ9GWrnsQQIa1Yme8IvTYOBXmZZhP
Tmqkiln2sQ9/fL4xrNNbSButQwFo6xcJWDuODQ80Rs5NnYtFZ64TaxqNP95N9T+e
z52/YK3aVeuDtkqBWHdRf2tpxDs3p23jzrrKjQ6jZFTLfna1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:15 2024 by rpki-client on console-fra.rpki-client.org