Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ogtOE6y1H3PxL7LU85Xq7YlZfRs.roa
File:                     ogtOE6y1H3PxL7LU85Xq7YlZfRs.roa (raw, json)
Hash identifier:          xXuYfQ2GV6RzbfgOv574BaFoQZx4xzPDD+QC2evV9w4=
Subject key identifier:   A2:0B:4E:13:AC:B5:1F:73:F1:2F:B2:D4:F3:95:EA:ED:89:59:7D:1B
Certificate issuer:       /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial:       01860931041E2EA3DE454FFF27235843F91C
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ogtOE6y1H3PxL7LU85Xq7YlZfRs.roa
Signing time:             Tue 31 Jan 2023 18:57:32 +0000
ROA not before:           Tue 31 Jan 2023 18:57:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204210
IP address blocks:        2a0c:b641:300::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:09:31:04:1e:2e:a3:de:45:4f:ff:27:23:58:43:f9:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05976801363d375786152e4d061e75c8beb35058
        Validity
            Not Before: Jan 31 18:57:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a20b4e13acb51f73f12fb2d4f395eaed89597d1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:f2:cb:f7:69:14:3f:9f:20:0f:67:50:83:13:
                    7c:a8:00:2a:89:60:58:82:3d:86:94:59:12:3c:eb:
                    83:37:cd:21:2d:ba:18:25:8b:5f:32:16:d1:ea:92:
                    c1:0d:c5:62:e7:2b:dd:4b:23:7b:1e:69:66:fb:30:
                    0e:21:0c:2f:fc:ea:06:9a:48:05:a9:79:e1:f7:fd:
                    5c:4e:45:ea:8a:3a:21:90:14:f9:1a:71:4e:8f:ea:
                    7a:57:18:ac:4d:19:42:2e:d6:c1:fc:e8:c8:e7:9d:
                    87:0d:7c:59:7d:60:06:d8:a0:b3:f6:3b:d6:2f:63:
                    29:35:19:90:31:37:21:33:2e:1e:42:72:48:36:fd:
                    56:61:cd:3f:f4:2e:9e:a3:f2:b5:c8:d3:56:3b:e2:
                    0e:36:bf:f3:d6:80:16:f2:a2:2b:83:63:c6:13:eb:
                    98:a8:86:f4:35:ff:d0:11:b2:b9:b5:0c:b1:e7:cb:
                    8c:b1:4f:ce:22:2c:c4:a8:b4:c6:4c:f2:75:1f:d4:
                    54:95:d9:52:85:cd:d2:7d:d4:3a:17:a4:93:b2:c5:
                    87:b4:71:fa:84:4c:a3:52:fa:19:08:a2:b5:94:12:
                    81:f3:c1:27:30:c2:54:38:2b:0b:04:62:8c:2a:1a:
                    d9:f2:8e:2d:67:5d:db:dc:b3:98:41:d5:6e:cf:a2:
                    42:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:0B:4E:13:AC:B5:1F:73:F1:2F:B2:D4:F3:95:EA:ED:89:59:7D:1B
            X509v3 Authority Key Identifier:
                keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ogtOE6y1H3PxL7LU85Xq7YlZfRs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:b641:300::/44

    Signature Algorithm: sha256WithRSAEncryption
         4c:45:97:d2:a7:c9:0a:81:6d:75:16:01:16:76:5a:dd:22:95:
         15:52:da:d4:52:0a:c4:fa:65:1f:86:02:d9:3a:38:43:92:0e:
         78:a7:b5:7a:51:d4:ed:eb:09:84:04:86:f5:4b:35:89:4a:cc:
         8e:df:c1:0a:18:3d:92:40:0e:a1:76:b9:02:08:39:24:3a:f9:
         2a:b6:00:b6:82:7a:5b:80:61:8e:8d:0d:b5:fc:f3:33:93:7f:
         bf:d3:9c:5e:7b:83:e4:26:af:f2:46:69:57:bb:96:77:82:5c:
         cc:c2:a0:ba:d7:e8:55:b0:5a:50:9f:21:ac:89:ac:b2:6b:df:
         85:8c:f4:19:1f:10:0d:2d:f2:f3:ed:5b:78:9b:16:fc:b1:a2:
         1b:45:1c:07:ff:f1:b6:4e:7a:8e:f2:62:a4:ff:3a:b0:49:fd:
         63:36:bb:7a:23:55:31:52:91:08:7c:32:e4:2b:34:49:3b:b9:
         b9:19:7d:1d:b2:ea:c8:a3:a8:f1:3b:c6:32:af:7b:51:e9:c7:
         66:88:d2:20:ee:f5:58:bd:9f:6b:ba:f9:0f:93:d7:33:c3:ce:
         39:9c:62:56:20:f5:1e:23:a1:d5:9b:a6:91:44:3c:36:6f:9d:
         d0:c0:c4:a4:5d:2d:e6:dc:4f:ff:61:6a:13:62:15:94:ff:ee:
         61:03:2f:6d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYYJMQQeLqPeRU//JyNYQ/kcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTMxMTg1NzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjBiNGUxM2FjYjUxZjczZjEyZmIyZDRmMzk1ZWFlZDg5NTk3ZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPLL92kUP58gD2dQgxN8qAAqiWBY
gj2GlFkSPOuDN80hLboYJYtfMhbR6pLBDcVi5yvdSyN7Hmlm+zAOIQwv/OoGmkgF
qXnh9/1cTkXqijohkBT5GnFOj+p6VxisTRlCLtbB/OjI552HDXxZfWAG2KCz9jvW
L2MpNRmQMTchMy4eQnJINv1WYc0/9C6eo/K1yNNWO+IONr/z1oAW8qIrg2PGE+uY
qIb0Nf/QEbK5tQyx58uMsU/OIizEqLTGTPJ1H9RUldlShc3SfdQ6F6STssWHtHH6
hEyjUvoZCKK1lBKB88EnMMJUOCsLBGKMKhrZ8o4tZ13b3LOYQdVuz6JCdwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKILThOstR9z8S+y1POV6u2JWX0bMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvb2d0T0U2eTFIM1B4TDdMVTg1WHE3WWxaZlJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQMA
MA0GCSqGSIb3DQEBCwUAA4IBAQBMRZfSp8kKgW11FgEWdlrdIpUVUtrUUgrE+mUf
hgLZOjhDkg54p7V6UdTt6wmEBIb1SzWJSsyO38EKGD2SQA6hdrkCCDkkOvkqtgC2
gnpbgGGOjQ21/PMzk3+/05xee4PkJq/yRmlXu5Z3glzMwqC61+hVsFpQnyGsiayy
a9+FjPQZHxANLfLz7Vt4mxb8saIbRRwH//G2TnqO8mKk/zqwSf1jNrt6I1UxUpEI
fDLkKzRJO7m5GX0dsurIo6jxO8Yyr3tR6cdmiNIg7vVYvZ9ruvkPk9czw845nGJW
IPUeI6HVm6aRRDw2b53QwMSkXS3m3E//YWoTYhWU/+5hAy9t
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:38 2024 by rpki-client on console-ams.rpki-client.org