Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/yZFbFlHbs6ygS21wW_V8pPlLw8M.roa
File:                     yZFbFlHbs6ygS21wW_V8pPlLw8M.roa (raw, json)
Hash identifier:          fiQruU4B1RAtylDRqkSQ3FJVv9+mdZpOOgcos4hgAfk=
Subject key identifier:   C9:91:5B:16:51:DB:B3:AC:A0:4B:6D:70:5B:F5:7C:A4:F9:4B:C3:C3
Certificate issuer:       /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial:       0187D260B682B03C7ED1C141AA68F50B6F8B
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/yZFbFlHbs6ygS21wW_V8pPlLw8M.roa
Signing time:             Sun 30 Apr 2023 13:36:06 +0000
ROA not before:           Sun 30 Apr 2023 13:36:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49519
IP address blocks:        2a0c:b641:8a0::/44 maxlen: 48
                          2a0c:b642:5000::/36 maxlen: 48

Validation:               Failed, certificate revoked on Wed 31 May 2023 16:57:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:d2:60:b6:82:b0:3c:7e:d1:c1:41:aa:68:f5:0b:6f:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05976801363d375786152e4d061e75c8beb35058
        Validity
            Not Before: Apr 30 13:36:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c9915b1651dbb3aca04b6d705bf57ca4f94bc3c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:cf:4a:e6:d7:32:2c:76:1c:6a:68:6a:6a:13:
                    82:85:f8:ea:05:fd:36:74:66:1f:9e:a5:59:99:c5:
                    a8:e5:bb:e8:bc:ce:e3:1c:ce:24:05:7e:33:0f:36:
                    69:2e:41:eb:7f:77:89:57:7e:ab:4a:a2:9a:1d:13:
                    c9:b5:c4:e0:30:3b:66:b3:a7:e0:46:ea:d2:be:c3:
                    35:90:f7:ef:82:75:69:ce:89:2c:d7:88:08:96:c7:
                    94:0d:a6:2b:e5:79:b1:7f:fd:32:56:41:10:14:6f:
                    4c:7b:45:05:ec:55:4f:3f:78:a4:d0:bd:ce:29:00:
                    e3:1d:c9:d9:5c:90:4c:c1:1f:bd:f6:04:fd:be:77:
                    2d:78:a5:0b:3a:11:98:c8:cc:9d:ee:94:13:0c:63:
                    d4:f0:0f:8f:61:2e:df:73:79:e2:e0:97:64:2d:c1:
                    2b:41:83:78:77:de:08:79:96:91:86:31:d8:c1:5b:
                    11:52:ac:be:72:fc:81:d4:17:fb:e9:9b:99:9c:6e:
                    b1:12:89:bf:43:05:c2:4a:2b:87:29:bb:4e:22:af:
                    9c:57:5f:40:7e:ed:a2:ab:99:8f:14:07:b2:f2:66:
                    60:a4:c1:3a:2f:33:75:4a:5d:2e:d9:88:f9:bb:e4:
                    31:c4:ee:7a:bb:34:ee:84:72:b7:4e:27:f0:57:14:
                    da:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:91:5B:16:51:DB:B3:AC:A0:4B:6D:70:5B:F5:7C:A4:F9:4B:C3:C3
            X509v3 Authority Key Identifier:
                keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/yZFbFlHbs6ygS21wW_V8pPlLw8M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:b641:8a0::/44
                  2a0c:b642:5000::/36

    Signature Algorithm: sha256WithRSAEncryption
         35:b7:44:d9:62:c4:77:5a:9f:0f:73:e9:d0:d5:96:d3:3d:ce:
         cd:7e:42:7e:3d:b5:19:d2:97:3d:22:d6:34:1a:2d:73:5c:ee:
         91:54:fe:b3:8e:35:30:ce:be:47:a6:04:c5:80:c8:bb:91:84:
         de:66:d3:64:74:89:06:4f:7f:09:37:b5:dc:b0:4d:39:7f:e6:
         23:06:c7:0a:8c:57:ce:e1:78:62:eb:cc:f2:9b:e3:dc:a4:79:
         ff:d0:da:44:c0:d1:c9:88:8e:df:b9:32:45:66:e2:42:87:25:
         98:64:3a:bd:bd:81:a2:8e:d3:34:0a:a5:02:73:b3:61:0d:c3:
         eb:94:ce:db:52:0b:e4:b6:1d:75:24:8b:25:8c:52:9a:89:0a:
         2f:df:ea:3d:64:07:b2:d5:9a:fe:27:16:df:ed:d8:2e:8b:d4:
         4c:c4:db:fa:21:74:3a:fa:ac:4d:be:fa:85:c4:91:10:bb:6e:
         1f:1e:ff:2b:6d:ec:17:a0:5e:0d:6d:4f:d6:f0:65:86:f6:1f:
         9a:9e:f5:9a:40:e3:fd:12:16:8b:1a:b9:31:b3:ac:f9:27:ed:
         f5:d7:de:4c:77:f5:f6:77:3f:0e:63:40:77:c6:b1:6e:fd:27:
         c3:52:fe:e9:f3:84:2e:ee:11:74:3e:6d:4e:8f:83:8a:6e:a8:
         da:26:b9:cd
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYfSYLaCsDx+0cFBqmj1C2+LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwNDMwMTMzNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTkxNWIxNjUxZGJiM2FjYTA0YjZkNzA1YmY1N2NhNGY5NGJjM2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq89K5tcyLHYcamhqahOChfjqBf02
dGYfnqVZmcWo5bvovM7jHM4kBX4zDzZpLkHrf3eJV36rSqKaHRPJtcTgMDtms6fg
RurSvsM1kPfvgnVpzoks14gIlseUDaYr5Xmxf/0yVkEQFG9Me0UF7FVPP3ik0L3O
KQDjHcnZXJBMwR+99gT9vncteKULOhGYyMyd7pQTDGPU8A+PYS7fc3ni4JdkLcEr
QYN4d94IeZaRhjHYwVsRUqy+cvyB1Bf76ZuZnG6xEom/QwXCSiuHKbtOIq+cV19A
fu2iq5mPFAey8mZgpME6LzN1Sl0u2Yj5u+QxxO56uzTuhHK3TifwVxTaRQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFMmRWxZR27OsoEttcFv1fKT5S8PDMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEveVpGYkZsSGJzNnlnUzIxd1dfVjhwUGxMdzhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcEKgy2QQig
AwYEKgy2QlAwDQYJKoZIhvcNAQELBQADggEBADW3RNlixHdanw9z6dDVltM9zs1+
Qn49tRnSlz0i1jQaLXNc7pFU/rOONTDOvkemBMWAyLuRhN5m02R0iQZPfwk3tdyw
TTl/5iMGxwqMV87heGLrzPKb49ykef/Q2kTA0cmIjt+5MkVm4kKHJZhkOr29gaKO
0zQKpQJzs2ENw+uUzttSC+S2HXUkiyWMUpqJCi/f6j1kB7LVmv4nFt/t2C6L1EzE
2/ohdDr6rE2++oXEkRC7bh8e/ytt7BegXg1tT9bwZYb2H5qe9ZpA4/0SFosauTGz
rPkn7fXX3kx39fZ3Pw5jQHfGsW79J8NS/unzhC7uEXQ+bU6Pg4puqNomuc0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:38 2024 by rpki-client on console-ams.rpki-client.org