Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/g_VJoIBc4kTYEeFdaMqzSZ3Ec5I.roa
File:                     g_VJoIBc4kTYEeFdaMqzSZ3Ec5I.roa (raw, json)
Hash identifier:          Tr+XccgbzzmrMb08q8T3C4nj52AdII1bKHYnEQ1VHSw=
Subject key identifier:   83:F5:49:A0:80:5C:E2:44:D8:11:E1:5D:68:CA:B3:49:9D:C4:73:92
Certificate issuer:       /CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
Certificate serial:       018CC801A2576EC6BF53B5F414DF30BFEDDA
Authority key identifier: 48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/g_VJoIBc4kTYEeFdaMqzSZ3Ec5I.roa
Signing time:             Tue 02 Jan 2024 02:29:59 +0000
ROA not before:           Tue 02 Jan 2024 02:29:59 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216344
IP address blocks:        2a11:8a80:9000::/36 maxlen: 36

Validation:               Failed, certificate revoked on Sat 01 Jun 2024 18:04:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:a2:57:6e:c6:bf:53:b5:f4:14:df:30:bf:ed:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
        Validity
            Not Before: Jan  2 02:29:59 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=83f549a0805ce244d811e15d68cab3499dc47392
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:13:22:9e:9f:9d:d7:97:23:dd:06:1a:56:51:
                    43:5f:51:6e:76:6d:08:c8:16:56:9b:99:1f:3c:92:
                    69:36:23:34:d8:79:89:b0:81:4c:9c:1a:d0:35:e0:
                    de:84:63:73:35:95:6a:fc:28:f9:bf:43:54:2b:b5:
                    e8:b6:ef:1b:d8:6e:0b:40:61:a1:0a:34:42:cd:60:
                    4e:31:56:87:12:f9:eb:8e:34:57:58:c0:c1:2b:f9:
                    9d:8d:5c:df:91:c9:99:04:8a:78:23:bc:db:f6:17:
                    d2:d3:79:ed:61:3c:1e:35:21:1a:95:56:af:8d:01:
                    e7:92:2a:59:18:75:84:33:b3:4c:f0:94:30:b2:3e:
                    b7:ce:f7:0a:bf:ff:a2:3c:ff:2a:8e:4a:2f:27:3d:
                    30:a6:0c:da:4b:06:9f:ae:e9:f0:41:db:53:85:24:
                    54:8e:62:6a:a4:04:fc:e5:f5:c8:24:07:ec:2a:72:
                    f1:95:da:47:8c:4b:bf:65:ea:4d:b3:9b:28:bb:31:
                    6a:cc:23:fa:73:d6:e5:be:1c:67:a0:7a:95:bf:01:
                    fd:f4:19:50:e9:a1:47:c2:8c:d4:03:54:69:3c:4b:
                    af:60:f3:69:a9:6f:d9:26:49:fb:d5:4d:63:16:1f:
                    01:e2:69:6f:18:b2:cb:e0:30:4d:16:b7:77:3c:d8:
                    79:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:F5:49:A0:80:5C:E2:44:D8:11:E1:5D:68:CA:B3:49:9D:C4:73:92
            X509v3 Authority Key Identifier:
                keyid:48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/g_VJoIBc4kTYEeFdaMqzSZ3Ec5I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/SKvyn974VwUC9LUb5f_AXE2bNGU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:8a80:9000::/36

    Signature Algorithm: sha256WithRSAEncryption
         06:02:d8:b6:08:59:18:8b:8d:dc:51:37:42:2e:18:59:3b:72:
         5b:ca:2b:2c:83:29:ef:dc:47:ac:42:80:1f:a0:58:98:2d:64:
         e2:bf:26:f0:a9:2b:29:d3:83:f3:07:56:13:4a:b0:ee:ae:29:
         33:db:ac:6d:f5:e5:b8:cb:b5:2b:80:ac:c3:c2:08:5b:5a:fc:
         0a:f3:a2:75:4f:09:e9:6b:1c:c5:a9:b9:b0:d7:35:eb:ac:c0:
         f4:20:07:3f:a8:54:ec:ff:cb:25:00:8b:6b:2a:9a:b0:2c:69:
         a2:e7:e6:1c:98:0d:52:84:53:75:a6:3c:e7:87:c5:f5:8b:22:
         3d:b5:1d:dc:f1:7f:22:ab:27:63:6b:99:39:6b:81:e3:f7:aa:
         46:62:22:45:56:74:e4:e0:72:2b:b2:64:ec:9a:b3:28:2e:b9:
         4d:f6:8e:bc:de:92:d5:55:8b:3a:3a:93:49:a4:4a:1e:f7:10:
         46:f7:bc:b2:47:81:4a:47:c1:12:b0:e0:9f:6b:a3:51:9d:84:
         15:9c:af:18:9e:32:b5:3c:02:5b:04:12:32:6c:0c:b0:f7:8b:
         3d:56:ec:42:af:2d:88:d6:13:04:53:68:25:78:cb:e5:9b:72:
         62:f1:f8:93:8f:f5:95:fc:24:ff:b1:83:37:4a:48:20:73:92:
         a5:fb:ab:2c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzIAaJXbsa/U7X0FN8wv+3aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4YWJmMjlmZGVmODU3MDUwMmY0YjUxYmU1ZmZjMDVjNGQ5
YjM0NjUwHhcNMjQwMTAyMDIyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2Y1NDlhMDgwNWNlMjQ0ZDgxMWUxNWQ2OGNhYjM0OTlkYzQ3MzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBMinp+d15cj3QYaVlFDX1Fudm0I
yBZWm5kfPJJpNiM02HmJsIFMnBrQNeDehGNzNZVq/Cj5v0NUK7Xotu8b2G4LQGGh
CjRCzWBOMVaHEvnrjjRXWMDBK/mdjVzfkcmZBIp4I7zb9hfS03ntYTweNSEalVav
jQHnkipZGHWEM7NM8JQwsj63zvcKv/+iPP8qjkovJz0wpgzaSwafrunwQdtThSRU
jmJqpAT85fXIJAfsKnLxldpHjEu/ZepNs5souzFqzCP6c9blvhxnoHqVvwH99BlQ
6aFHwozUA1RpPEuvYPNpqW/ZJkn71U1jFh8B4mlvGLLL4DBNFrd3PNh5qwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIP1SaCAXOJE2BHhXWjKs0mdxHOSMB8GA1UdIwQY
MBaAFEir8p/e+FcFAvS1G+X/wFxNmzRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0t2eW45NzRWd1VDOUxVYjVmX0FYRTJiTkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjQxY2ItZmY5MS00NTljLTlhNjQt
YWJhMTEzZjNlM2FlLzEvZ19WSm9JQmM0a1RZRWVGZGFNcXpTWjNFYzVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjQxY2ItZmY5MS00NTljLTlhNjQtYWJhMTEzZjNlM2Fl
LzEvU0t2eW45NzRWd1VDOUxVYjVmX0FYRTJiTkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKhGKgJAw
DQYJKoZIhvcNAQELBQADggEBAAYC2LYIWRiLjdxRN0IuGFk7clvKKyyDKe/cR6xC
gB+gWJgtZOK/JvCpKynTg/MHVhNKsO6uKTPbrG315bjLtSuArMPCCFta/ArzonVP
CelrHMWpubDXNeuswPQgBz+oVOz/yyUAi2sqmrAsaaLn5hyYDVKEU3WmPOeHxfWL
Ij21HdzxfyKrJ2NrmTlrgeP3qkZiIkVWdOTgciuyZOyasyguuU32jrzektVVizo6
k0mkSh73EEb3vLJHgUpHwRKw4J9ro1GdhBWcrxieMrU8AlsEEjJsDLD3iz1W7EKv
LYjWEwRTaCV4y+WbcmLx+JOP9ZX8JP+xgzdKSCBzkqX7qyw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:19 2024 by rpki-client on console-fra.rpki-client.org