Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/oTAtMvngRyuQ8WV7FbFCYzWO16g.roa
File:                     oTAtMvngRyuQ8WV7FbFCYzWO16g.roa (raw, json)
Hash identifier:          dowsVQX+Ehpl4O8FHUH7h1IeXhfdD+1sKh/u5nJv3vg=
Subject key identifier:   A1:30:2D:32:F9:E0:47:2B:90:F1:65:7B:15:B1:42:63:35:8E:D7:A8
Certificate issuer:       /CN=e9aab1446100a8fce03df19d755e06329ee24713
Certificate serial:       018571D7E6868C31A90994DBA809320465D6
Authority key identifier: E9:AA:B1:44:61:00:A8:FC:E0:3D:F1:9D:75:5E:06:32:9E:E2:47:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/oTAtMvngRyuQ8WV7FbFCYzWO16g.roa
Signing time:             Mon 02 Jan 2023 09:37:32 +0000
ROA not before:           Mon 02 Jan 2023 09:37:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     33886
IP address blocks:        2a00:1a28:1106::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:d7:e6:86:8c:31:a9:09:94:db:a8:09:32:04:65:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9aab1446100a8fce03df19d755e06329ee24713
        Validity
            Not Before: Jan  2 09:37:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a1302d32f9e0472b90f1657b15b14263358ed7a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:76:f0:17:02:2d:f5:e6:88:01:1b:36:05:75:
                    39:f7:07:33:2e:5d:77:3d:a7:63:40:0b:76:e5:0f:
                    b0:25:38:c7:22:08:22:28:5f:41:15:d1:6d:a3:25:
                    bc:4a:20:82:c6:35:0b:66:55:ec:cb:a6:22:2d:00:
                    2a:f1:35:4f:8c:7e:ba:49:75:fa:8d:ac:3a:37:48:
                    c0:26:11:bd:e2:4d:ec:21:5c:e2:64:3c:14:27:06:
                    a1:08:3a:4c:43:3c:f1:b0:25:1b:a7:02:d4:97:e9:
                    6e:5e:62:05:8e:ec:3f:1f:d8:86:5b:cb:22:17:09:
                    6d:3f:19:92:cd:28:fc:37:ec:b1:68:8a:32:d9:52:
                    1a:00:a7:a2:45:6f:4e:f7:ec:bd:39:d6:3d:aa:21:
                    74:cf:26:7f:39:d0:1c:8b:77:51:98:a5:d2:b9:dd:
                    44:1d:a3:f0:98:34:76:61:95:1e:00:20:38:43:3d:
                    79:ba:3d:a8:89:2c:5a:52:4d:0e:42:8f:39:24:81:
                    0e:b2:99:fd:62:cb:73:97:a8:7e:58:c6:77:dc:7a:
                    03:25:22:90:23:79:74:25:ee:79:f8:84:cd:27:e3:
                    b6:57:01:f6:09:98:94:7f:2c:e0:b6:b8:31:d8:11:
                    d7:73:5a:79:da:28:be:cc:c4:de:f1:35:ec:b8:4f:
                    9c:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:30:2D:32:F9:E0:47:2B:90:F1:65:7B:15:B1:42:63:35:8E:D7:A8
            X509v3 Authority Key Identifier:
                keyid:E9:AA:B1:44:61:00:A8:FC:E0:3D:F1:9D:75:5E:06:32:9E:E2:47:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/oTAtMvngRyuQ8WV7FbFCYzWO16g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/6aqxRGEAqPzgPfGddV4GMp7iRxM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:1a28:1106::/48

    Signature Algorithm: sha256WithRSAEncryption
         1e:67:92:c7:4a:a9:f9:9b:c2:18:6a:18:1e:e3:9b:93:09:e0:
         45:c2:c3:35:a2:70:cc:53:5a:09:ba:a4:c5:6c:52:88:aa:5c:
         39:f5:1f:24:01:2c:be:2b:2c:b2:7e:4f:0c:f8:0a:13:e9:e9:
         3d:4c:cd:bd:05:ec:05:73:89:b2:59:82:b0:61:cb:08:60:34:
         f6:68:0d:65:48:b8:c6:68:88:10:62:c2:9a:f8:f8:96:eb:6a:
         b6:80:c7:8d:5f:14:3e:73:0b:8d:35:08:e2:3c:30:40:91:3a:
         d5:5c:d2:5c:b2:ac:44:31:92:20:ca:1b:83:91:0f:2c:1f:fb:
         9c:87:00:74:e5:9b:45:cd:4d:c9:a7:33:5d:82:0d:9a:72:7f:
         17:3a:99:8c:6f:da:da:dc:5b:f4:3e:88:63:ab:8e:e2:76:1c:
         7a:ef:fd:57:52:22:a4:48:80:b1:ab:f6:33:d9:1e:11:00:2b:
         80:f4:30:a2:1e:a4:8f:0f:a9:77:c9:07:cc:ac:6f:17:11:fa:
         52:7c:58:48:10:cb:eb:d8:b6:1b:9d:77:3e:72:b4:d9:3a:48:
         96:f4:00:98:c5:5f:18:27:e3:83:64:58:cd:c7:0e:77:6a:ed:
         40:7b:e6:59:46:06:b4:ee:ae:9e:91:46:8a:35:56:39:8f:59:
         e7:54:9e:98
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVx1+aGjDGpCZTbqAkyBGXWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YWFiMTQ0NjEwMGE4ZmNlMDNkZjE5ZDc1NWUwNjMyOWVl
MjQ3MTMwHhcNMjMwMTAyMDkzNzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTMwMmQzMmY5ZTA0NzJiOTBmMTY1N2IxNWIxNDI2MzM1OGVkN2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinbwFwIt9eaIARs2BXU59wczLl13
PadjQAt25Q+wJTjHIggiKF9BFdFtoyW8SiCCxjULZlXsy6YiLQAq8TVPjH66SXX6
jaw6N0jAJhG94k3sIVziZDwUJwahCDpMQzzxsCUbpwLUl+luXmIFjuw/H9iGW8si
FwltPxmSzSj8N+yxaIoy2VIaAKeiRW9O9+y9OdY9qiF0zyZ/OdAci3dRmKXSud1E
HaPwmDR2YZUeACA4Qz15uj2oiSxaUk0OQo85JIEOspn9Ystzl6h+WMZ33HoDJSKQ
I3l0Je55+ITNJ+O2VwH2CZiUfyzgtrgx2BHXc1p52ii+zMTe8TXsuE+cIQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKEwLTL54EcrkPFlexWxQmM1jteoMB8GA1UdIwQY
MBaAFOmqsURhAKj84D3xnXVeBjKe4kcTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmFxeFJHRUFxUHpnUGZHZGRWNEdNcDdpUnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83MWUwOWMtMjhmMy00ODI1LTgwNmYt
YTBkYzM1NGY0Y2EzLzEvb1RBdE12bmdSeXVROFdWN0ZiRkNZeldPMTZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83MWUwOWMtMjhmMy00ODI1LTgwNmYtYTBkYzM1NGY0Y2Ez
LzEvNmFxeFJHRUFxUHpnUGZHZGRWNEdNcDdpUnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgAaKBEG
MA0GCSqGSIb3DQEBCwUAA4IBAQAeZ5LHSqn5m8IYahge45uTCeBFwsM1onDMU1oJ
uqTFbFKIqlw59R8kASy+Kyyyfk8M+AoT6ek9TM29BewFc4myWYKwYcsIYDT2aA1l
SLjGaIgQYsKa+PiW62q2gMeNXxQ+cwuNNQjiPDBAkTrVXNJcsqxEMZIgyhuDkQ8s
H/uchwB05ZtFzU3JpzNdgg2acn8XOpmMb9ra3Fv0Pohjq47idhx67/1XUiKkSICx
q/Yz2R4RACuA9DCiHqSPD6l3yQfMrG8XEfpSfFhIEMvr2LYbnXc+crTZOkiW9ACY
xV8YJ+ODZFjNxw53au1Ae+ZZRga07q6ekUaKNVY5j1nnVJ6Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:17 2024 by rpki-client on console-fra.rpki-client.org