Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/aaxOvCUAiyQ0bRgahWPGwP0wRKY.roa
File:                     aaxOvCUAiyQ0bRgahWPGwP0wRKY.roa (raw, json)
Hash identifier:          7S0GPKWPSDkGp3DsWhlaJNmCnwyr+1Hezoo1Z7T0/jQ=
Subject key identifier:   69:AC:4E:BC:25:00:8B:24:34:6D:18:1A:85:63:C6:C0:FD:30:44:A6
Certificate issuer:       /CN=e32bcd40c6774677d2c3702ef59edf49d0b36c6c
Certificate serial:       018AB7B5C3BE7F6AD5CD47A9B361166A5014
Authority key identifier: E3:2B:CD:40:C6:77:46:77:D2:C3:70:2E:F5:9E:DF:49:D0:B3:6C:6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4yvNQMZ3RnfSw3Au9Z7fSdCzbGw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/aaxOvCUAiyQ0bRgahWPGwP0wRKY.roa
Signing time:             Thu 21 Sep 2023 12:27:37 +0000
ROA not before:           Thu 21 Sep 2023 12:27:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     416
IP address blocks:        2001:1a40:1004::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 25 Sep 2023 08:19:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:b7:b5:c3:be:7f:6a:d5:cd:47:a9:b3:61:16:6a:50:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e32bcd40c6774677d2c3702ef59edf49d0b36c6c
        Validity
            Not Before: Sep 21 12:27:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=69ac4ebc25008b24346d181a8563c6c0fd3044a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:20:94:a5:f5:7f:9d:58:7a:03:ef:95:52:69:
                    76:42:17:de:a4:3e:d6:ef:34:95:b0:86:77:77:3b:
                    7e:14:7e:c8:4f:c3:0c:08:5e:8d:af:a3:85:59:c9:
                    9b:70:e7:b2:1f:e7:47:3b:0a:82:8f:86:d9:5c:d7:
                    9c:47:1e:f1:3e:13:31:b0:4e:90:40:0c:9d:25:9b:
                    a7:48:f3:86:b2:2d:0a:fd:5f:e0:e1:63:7e:54:76:
                    65:05:82:ed:a5:18:14:71:30:cf:fd:c2:68:0a:12:
                    96:1b:72:63:f2:fa:30:0e:6c:13:2f:40:d1:4c:da:
                    57:54:ae:49:d1:75:64:c7:dd:e6:24:e2:29:da:f2:
                    8f:5c:74:1e:8d:74:a2:95:f7:30:7a:aa:8e:e3:e9:
                    6e:e4:1f:a3:b5:83:b2:eb:36:21:b9:fa:7e:a8:a6:
                    39:dd:19:a8:bb:6a:ce:cc:84:61:bb:ea:d2:02:b9:
                    65:ce:13:32:f8:04:fc:8c:8e:b9:3c:a8:d4:40:6c:
                    0a:99:b3:30:d6:d8:03:2a:47:42:8a:60:da:5b:2c:
                    71:94:44:10:cb:ec:b8:12:07:76:c4:cb:3a:d5:00:
                    a1:e2:0c:46:da:8e:05:d8:da:73:03:12:44:c8:56:
                    fd:37:b8:79:9d:8b:01:85:4e:f8:96:40:08:f2:a3:
                    3e:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:AC:4E:BC:25:00:8B:24:34:6D:18:1A:85:63:C6:C0:FD:30:44:A6
            X509v3 Authority Key Identifier:
                keyid:E3:2B:CD:40:C6:77:46:77:D2:C3:70:2E:F5:9E:DF:49:D0:B3:6C:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4yvNQMZ3RnfSw3Au9Z7fSdCzbGw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/aaxOvCUAiyQ0bRgahWPGwP0wRKY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/4yvNQMZ3RnfSw3Au9Z7fSdCzbGw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:1a40:1004::/48

    Signature Algorithm: sha256WithRSAEncryption
         46:a5:71:7b:25:63:58:37:c7:08:db:53:88:80:79:a6:6b:53:
         cf:5b:cd:cf:ff:a0:33:b2:10:3e:02:69:0d:9d:fa:40:eb:83:
         e6:32:75:d5:63:2b:1e:a7:bc:0f:6b:43:ea:d9:f7:64:04:f7:
         4a:7e:35:ef:f3:c3:1c:56:94:4f:af:39:23:79:74:29:23:6a:
         b2:19:75:ac:a4:70:eb:f4:06:b1:ad:43:96:3b:8c:cf:54:15:
         2b:45:39:33:4f:ae:f7:49:c4:5f:78:10:f5:7a:72:92:9d:b6:
         18:fb:aa:b7:a4:47:6f:6c:6e:fe:8d:c7:b6:3c:3e:55:de:a3:
         28:89:fa:97:d3:0d:ef:c5:b8:65:e6:ff:ff:2d:3a:52:d4:04:
         17:71:27:96:da:bc:f2:40:57:c2:e6:83:7d:82:a4:de:58:eb:
         9f:73:f0:4f:cf:29:03:6b:9c:4d:19:b7:13:e8:27:61:43:ca:
         12:e7:29:8d:d0:9e:cb:31:a6:ca:0f:49:97:f4:2d:ae:c1:8d:
         ef:53:42:43:4f:30:7c:fa:fd:78:cb:c5:b6:dc:9b:ac:d0:14:
         cf:98:21:e3:12:0f:34:75:35:fe:bc:25:7d:5f:b3:4c:47:73:
         30:3a:7f:51:44:0c:8f:62:3e:aa:fd:13:41:08:7d:65:3e:92:
         f4:39:9d:c7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYq3tcO+f2rVzUeps2EWalAUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMmJjZDQwYzY3NzQ2NzdkMmMzNzAyZWY1OWVkZjQ5ZDBi
MzZjNmMwHhcNMjMwOTIxMTIyNzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWFjNGViYzI1MDA4YjI0MzQ2ZDE4MWE4NTYzYzZjMGZkMzA0NGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSCUpfV/nVh6A++VUml2QhfepD7W
7zSVsIZ3dzt+FH7IT8MMCF6Nr6OFWcmbcOeyH+dHOwqCj4bZXNecRx7xPhMxsE6Q
QAydJZunSPOGsi0K/V/g4WN+VHZlBYLtpRgUcTDP/cJoChKWG3Jj8vowDmwTL0DR
TNpXVK5J0XVkx93mJOIp2vKPXHQejXSilfcweqqO4+lu5B+jtYOy6zYhufp+qKY5
3Rmou2rOzIRhu+rSArllzhMy+AT8jI65PKjUQGwKmbMw1tgDKkdCimDaWyxxlEQQ
y+y4Egd2xMs61QCh4gxG2o4F2NpzAxJEyFb9N7h5nYsBhU74lkAI8qM+dwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGmsTrwlAIskNG0YGoVjxsD9MESmMB8GA1UdIwQY
MBaAFOMrzUDGd0Z30sNwLvWe30nQs2xsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHl2TlFNWjNSbmZTdzNBdTlaN2ZTZEN6Ykd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi80YjdlZjgtODY0My00ZGJiLTkyYWEt
MDc0MDExNWI1YTUyLzEvYWF4T3ZDVUFpeVEwYlJnYWhXUEd3UDB3UktZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi80YjdlZjgtODY0My00ZGJiLTkyYWEtMDc0MDExNWI1YTUy
LzEvNHl2TlFNWjNSbmZTdzNBdTlaN2ZTZEN6Ykd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEaQBAE
MA0GCSqGSIb3DQEBCwUAA4IBAQBGpXF7JWNYN8cI21OIgHmma1PPW83P/6AzshA+
AmkNnfpA64PmMnXVYysep7wPa0Pq2fdkBPdKfjXv88McVpRPrzkjeXQpI2qyGXWs
pHDr9AaxrUOWO4zPVBUrRTkzT673ScRfeBD1enKSnbYY+6q3pEdvbG7+jce2PD5V
3qMoifqX0w3vxbhl5v//LTpS1AQXcSeW2rzyQFfC5oN9gqTeWOufc/BPzykDa5xN
GbcT6CdhQ8oS5ymN0J7LMabKD0mX9C2uwY3vU0JDTzB8+v14y8W23Jus0BTPmCHj
Eg80dTX+vCV9X7NMR3MwOn9RRAyPYj6q/RNBCH1lPpL0OZ3H
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:04 2024 by rpki-client on console-ams.rpki-client.org