Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/304a4f-2cc0-451a-b15f-cf99d5e257e9/1/0atm7ShJrimp0cfPwXuHj05m2Oo.roa
File:                     0atm7ShJrimp0cfPwXuHj05m2Oo.roa (raw, json)
Hash identifier:          ZMV7QPfyhifud50EbbNLiFWolheiHppDu26J585ul7I=
Subject key identifier:   D1:AB:66:ED:28:49:AE:29:A9:D1:C7:CF:C1:7B:87:8F:4E:66:D8:EA
Certificate issuer:       /CN=d5aa9c11657d8a2a54ce672814b6bdb979618830
Certificate serial:       018E5245B9E19F6A80B2F4803149588A4AAB
Authority key identifier: D5:AA:9C:11:65:7D:8A:2A:54:CE:67:28:14:B6:BD:B9:79:61:88:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1aqcEWV9iipUzmcoFLa9uXlhiDA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/304a4f-2cc0-451a-b15f-cf99d5e257e9/1/0atm7ShJrimp0cfPwXuHj05m2Oo.roa
Signing time:             Mon 18 Mar 2024 15:54:44 +0000
ROA not before:           Mon 18 Mar 2024 15:54:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215293
IP address blocks:        2a14:22c0::/29 maxlen: 48

Validation:               Failed, certificate revoked on Thu 21 Mar 2024 13:13:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:52:45:b9:e1:9f:6a:80:b2:f4:80:31:49:58:8a:4a:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5aa9c11657d8a2a54ce672814b6bdb979618830
        Validity
            Not Before: Mar 18 15:54:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d1ab66ed2849ae29a9d1c7cfc17b878f4e66d8ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:6d:ea:8f:2d:de:9f:8b:2b:1d:c4:85:68:7f:
                    9f:cb:c7:7b:9b:b2:84:56:57:49:08:8a:f2:10:d3:
                    d9:eb:62:2c:7b:d9:16:5a:01:19:48:f0:a7:5b:1a:
                    78:c5:b7:49:1e:0f:0a:71:a8:1e:0b:04:de:0e:04:
                    75:58:01:84:7a:18:6c:62:f4:a8:73:fb:fc:ec:0f:
                    d1:be:ac:04:41:f5:50:32:8f:db:8b:b6:8d:97:e6:
                    0f:d1:86:6b:f4:c4:c8:fa:f6:d3:3f:6d:c8:8b:55:
                    ff:7d:83:5d:cb:bf:58:92:48:c5:ad:b3:96:2f:7d:
                    5d:ea:e0:ca:f9:da:1d:b4:83:e9:b0:2f:76:33:92:
                    90:65:ef:f7:dc:f2:a7:b4:18:ff:35:02:f2:8a:e4:
                    48:71:40:42:36:a6:c6:a8:be:72:b0:71:69:50:e7:
                    7d:d5:d2:09:25:c0:a8:e0:81:a7:a2:2d:fa:d9:cf:
                    a9:46:68:28:44:77:2c:cd:e9:e8:f2:e4:aa:61:a7:
                    d4:ab:7b:9a:da:9f:73:9d:30:fa:ac:5c:ff:77:4a:
                    88:f6:c2:39:f5:9f:2f:23:cf:02:74:3d:b9:4a:fc:
                    4b:b4:7b:f2:1b:2d:a5:de:d3:8f:a1:85:9f:04:68:
                    ff:2b:f2:13:82:f7:f0:f9:67:91:6a:bd:1b:fb:44:
                    8c:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:AB:66:ED:28:49:AE:29:A9:D1:C7:CF:C1:7B:87:8F:4E:66:D8:EA
            X509v3 Authority Key Identifier:
                keyid:D5:AA:9C:11:65:7D:8A:2A:54:CE:67:28:14:B6:BD:B9:79:61:88:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1aqcEWV9iipUzmcoFLa9uXlhiDA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/304a4f-2cc0-451a-b15f-cf99d5e257e9/1/0atm7ShJrimp0cfPwXuHj05m2Oo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/304a4f-2cc0-451a-b15f-cf99d5e257e9/1/1aqcEWV9iipUzmcoFLa9uXlhiDA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:22c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         62:8c:6b:69:8c:9a:1b:20:08:8d:1c:4e:6a:c3:2d:b6:fd:8c:
         ea:e6:24:a4:ec:e7:c2:0e:79:f2:7c:94:ef:e3:73:bc:28:43:
         b1:50:41:a3:20:a7:1c:da:3c:e6:f7:9d:e9:13:53:c0:03:a6:
         e5:2e:af:d5:56:dd:1d:3b:84:35:fe:d3:0b:a6:cc:6e:0b:1e:
         14:cb:3f:f7:8c:55:94:29:cd:4c:c3:aa:81:db:d4:ee:08:7d:
         3e:ed:45:3a:1c:8e:91:0d:ce:e1:78:6e:38:6f:ae:76:62:c9:
         4e:95:90:4a:94:5b:65:b6:8d:31:62:01:31:04:df:19:54:3d:
         e8:09:79:90:af:d3:87:3d:cb:f4:f3:47:5e:37:0d:3b:d0:1f:
         83:12:23:c1:c0:cd:d2:e5:a7:f3:1a:f4:b6:11:d9:83:83:e2:
         bc:b3:dc:45:fc:94:90:c8:4d:91:7b:f8:da:2e:9a:ae:26:49:
         ca:50:cc:08:ad:4c:04:1a:31:1b:40:4f:27:40:88:a8:7a:9b:
         50:a5:dd:de:de:39:dd:8d:93:c0:c8:24:ba:b8:c4:98:ed:ac:
         c5:ee:f5:e7:1d:bf:d1:89:71:9d:81:1d:a4:7d:47:d3:f1:b8:
         51:3e:0f:28:07:48:2d:86:87:29:4b:6b:ab:5a:9d:4c:4f:d5:
         f0:23:c9:1c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY5SRbnhn2qAsvSAMUlYikqrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1YWE5YzExNjU3ZDhhMmE1NGNlNjcyODE0YjZiZGI5Nzk2
MTg4MzAwHhcNMjQwMzE4MTU1NDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWFiNjZlZDI4NDlhZTI5YTlkMWM3Y2ZjMTdiODc4ZjRlNjZkOGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlW3qjy3en4srHcSFaH+fy8d7m7KE
VldJCIryENPZ62Ise9kWWgEZSPCnWxp4xbdJHg8KcageCwTeDgR1WAGEehhsYvSo
c/v87A/RvqwEQfVQMo/bi7aNl+YP0YZr9MTI+vbTP23Ii1X/fYNdy79YkkjFrbOW
L31d6uDK+dodtIPpsC92M5KQZe/33PKntBj/NQLyiuRIcUBCNqbGqL5ysHFpUOd9
1dIJJcCo4IGnoi362c+pRmgoRHcszeno8uSqYafUq3ua2p9znTD6rFz/d0qI9sI5
9Z8vI88CdD25SvxLtHvyGy2l3tOPoYWfBGj/K/ITgvfw+WeRar0b+0SMSwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNGrZu0oSa4pqdHHz8F7h49OZtjqMB8GA1UdIwQY
MBaAFNWqnBFlfYoqVM5nKBS2vbl5YYgwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWFxY0VXVjlpaXBVem1jb0ZMYTl1WGxoaURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8zMDRhNGYtMmNjMC00NTFhLWIxNWYt
Y2Y5OWQ1ZTI1N2U5LzEvMGF0bTdTaEpyaW1wMGNmUHdYdUhqMDVtMk9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8zMDRhNGYtMmNjMC00NTFhLWIxNWYtY2Y5OWQ1ZTI1N2U5
LzEvMWFxY0VXVjlpaXBVem1jb0ZMYTl1WGxoaURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhQiwDAN
BgkqhkiG9w0BAQsFAAOCAQEAYoxraYyaGyAIjRxOasMttv2M6uYkpOznwg558nyU
7+NzvChDsVBBoyCnHNo85ved6RNTwAOm5S6v1VbdHTuENf7TC6bMbgseFMs/94xV
lCnNTMOqgdvU7gh9Pu1FOhyOkQ3O4XhuOG+udmLJTpWQSpRbZbaNMWIBMQTfGVQ9
6Al5kK/Thz3L9PNHXjcNO9AfgxIjwcDN0uWn8xr0thHZg4PivLPcRfyUkMhNkXv4
2i6ariZJylDMCK1MBBoxG0BPJ0CIqHqbUKXd3t453Y2TwMgkurjEmO2sxe715x2/
0YlxnYEdpH1H0/G4UT4PKAdILYaHKUtrq1qdTE/V8CPJHA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:10 2024 by rpki-client on console-fra.rpki-client.org