Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/kuKjz0UPK90qCD4rc8sSJCs_tTQ.roa
File:                     kuKjz0UPK90qCD4rc8sSJCs_tTQ.roa (raw, json)
Hash identifier:          Cw6ck8dSbBM++RZF1xnrlj+dy4k6sR+yVNSpoFNKEm8=
Subject key identifier:   92:E2:A3:CF:45:0F:2B:DD:2A:08:3E:2B:73:CB:12:24:2B:3F:B5:34
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       01856EA6B6173555361BB163FCBB4E423DDC
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/kuKjz0UPK90qCD4rc8sSJCs_tTQ.roa
Signing time:             Sun 01 Jan 2023 18:44:57 +0000
ROA not before:           Sun 01 Jan 2023 18:44:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     33823
IP address blocks:        2a05:b680::/48 maxlen: 56

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:a6:b6:17:35:55:36:1b:b1:63:fc:bb:4e:42:3d:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Jan  1 18:44:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=92e2a3cf450f2bdd2a083e2b73cb12242b3fb534
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:c8:9d:f5:6e:43:84:32:1f:96:80:74:64:fe:
                    db:b5:3e:6f:72:e7:d0:41:b3:76:80:fb:d4:8b:97:
                    f5:73:54:ce:c0:55:7a:1e:e5:74:81:ee:7f:59:d1:
                    31:a6:fd:e8:90:bb:c8:bd:3c:ad:36:ef:43:1e:2d:
                    b7:d0:ef:47:2c:d4:1f:ea:3e:b5:bd:a9:0b:2e:19:
                    c1:57:b7:e1:a6:81:7d:25:ec:b0:5b:58:b6:c4:16:
                    13:c0:b0:76:dd:ad:3f:60:27:49:66:59:f0:a2:d1:
                    a7:aa:d3:61:49:42:e3:f2:13:af:31:72:63:31:45:
                    82:97:14:a2:49:ca:a5:31:fb:3c:6e:d6:1e:3e:21:
                    b4:50:74:4b:48:2f:75:1d:97:eb:57:67:2b:87:a4:
                    cc:be:e9:44:73:84:a8:9b:b2:c7:a4:a0:5d:2a:08:
                    b6:9c:48:5b:93:03:45:9e:89:52:46:2c:a4:97:13:
                    70:36:23:1e:3e:98:78:21:be:09:65:57:26:21:25:
                    c1:25:47:37:bf:b7:7d:e1:98:ce:ee:d4:10:e6:98:
                    ef:61:35:d6:a6:f9:59:41:97:bb:41:d0:50:41:2d:
                    11:a4:d2:67:56:1f:07:0b:44:80:59:1c:73:1c:47:
                    d7:d6:c7:66:e7:b5:63:a4:45:a0:49:bc:d2:68:38:
                    af:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:E2:A3:CF:45:0F:2B:DD:2A:08:3E:2B:73:CB:12:24:2B:3F:B5:34
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/kuKjz0UPK90qCD4rc8sSJCs_tTQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:b680::/48

    Signature Algorithm: sha256WithRSAEncryption
         3f:e8:7e:0a:3b:3e:22:fc:1a:35:b9:11:dc:03:bc:53:ba:90:
         2d:89:83:43:0a:c3:22:17:0d:ec:01:34:66:1f:53:3f:2a:f8:
         24:62:ca:1e:3b:ae:24:b8:95:d9:b7:87:34:1e:d2:9e:92:89:
         f4:3a:df:ea:82:57:56:b4:c7:2c:9c:f2:91:66:00:ca:0d:ec:
         01:4f:d0:38:4c:24:e9:70:ea:1a:41:58:5e:bc:19:7c:5f:ec:
         7d:fd:49:e0:1f:16:5c:71:f8:64:ab:5f:f3:23:35:f0:ea:16:
         ef:38:ea:c6:f2:7d:9d:84:f8:4d:3e:55:c5:ee:65:95:26:35:
         56:40:81:4d:5a:d5:80:b9:8b:5c:bd:37:4f:15:21:31:b8:32:
         74:e4:00:7a:17:57:4f:40:6d:e0:73:b5:56:25:3c:23:8f:50:
         f0:bc:a7:5a:c5:8c:b1:5b:55:02:d4:51:60:2a:d3:a9:af:3f:
         e6:44:13:e1:0e:fd:07:ad:13:73:0c:ca:97:c8:3f:6c:8e:d5:
         00:50:fc:34:26:9a:7c:11:36:8a:2d:eb:15:6d:6a:4f:88:22:
         e5:36:61:6b:8c:b1:39:92:fa:ae:a7:c7:b0:83:5c:33:b7:99:
         21:d3:db:25:83:7d:20:35:73:2e:98:e8:b5:ff:89:78:d5:47:
         5e:f1:92:24
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuprYXNVU2G7Fj/LtOQj3cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwMTAxMTg0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmUyYTNjZjQ1MGYyYmRkMmEwODNlMmI3M2NiMTIyNDJiM2ZiNTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5sid9W5DhDIfloB0ZP7btT5vcufQ
QbN2gPvUi5f1c1TOwFV6HuV0ge5/WdExpv3okLvIvTytNu9DHi230O9HLNQf6j61
vakLLhnBV7fhpoF9JeywW1i2xBYTwLB23a0/YCdJZlnwotGnqtNhSULj8hOvMXJj
MUWClxSiScqlMfs8btYePiG0UHRLSC91HZfrV2crh6TMvulEc4Som7LHpKBdKgi2
nEhbkwNFnolSRiyklxNwNiMePph4Ib4JZVcmISXBJUc3v7d94ZjO7tQQ5pjvYTXW
pvlZQZe7QdBQQS0RpNJnVh8HC0SAWRxzHEfX1sdm57VjpEWgSbzSaDiv3wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJLio89FDyvdKgg+K3PLEiQrP7U0MB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEva3VLanowVVBLOTBxQ0Q0cmM4c1NKQ3NfdFRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgW2gAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQA/6H4KOz4i/Bo1uRHcA7xTupAtiYNDCsMiFw3s
ATRmH1M/KvgkYsoeO64kuJXZt4c0HtKekon0Ot/qgldWtMcsnPKRZgDKDewBT9A4
TCTpcOoaQVhevBl8X+x9/UngHxZccfhkq1/zIzXw6hbvOOrG8n2dhPhNPlXF7mWV
JjVWQIFNWtWAuYtcvTdPFSExuDJ05AB6F1dPQG3gc7VWJTwjj1DwvKdaxYyxW1UC
1FFgKtOprz/mRBPhDv0HrRNzDMqXyD9sjtUAUPw0Jpp8ETaKLesVbWpPiCLlNmFr
jLE5kvqup8ewg1wzt5kh09slg30gNXMumOi1/4l41Ude8ZIk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:29 2024 by rpki-client on console-fra.rpki-client.org