Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/X6XmPvCNbFkDrW0y_bthK20ekbQ.roa
File:                     X6XmPvCNbFkDrW0y_bthK20ekbQ.roa (raw, json)
Hash identifier:          zHgDxV8qY1UKUPfzHA9Iv1bp4tDt/w4K8ZKuqROAk0Q=
Subject key identifier:   5F:A5:E6:3E:F0:8D:6C:59:03:AD:6D:32:FD:BB:61:2B:6D:1E:91:B4
Certificate issuer:       /CN=d43b22130aa9a7734254769ec13bfe171fa1e28b
Certificate serial:       0185B206CD3D530D86B8DCF2635D26344487
Authority key identifier: D4:3B:22:13:0A:A9:A7:73:42:54:76:9E:C1:3B:FE:17:1F:A1:E2:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1DsiEwqpp3NCVHaewTv-Fx-h4os.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/X6XmPvCNbFkDrW0y_bthK20ekbQ.roa
Signing time:             Sat 14 Jan 2023 20:44:28 +0000
ROA not before:           Sat 14 Jan 2023 20:44:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211603
IP address blocks:        2a0f:4d00:1::/48 maxlen: 48
                          2a0f:4d00::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:b2:06:cd:3d:53:0d:86:b8:dc:f2:63:5d:26:34:44:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d43b22130aa9a7734254769ec13bfe171fa1e28b
        Validity
            Not Before: Jan 14 20:44:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5fa5e63ef08d6c5903ad6d32fdbb612b6d1e91b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:9c:3c:1d:d5:86:fb:5c:ed:19:53:20:00:43:
                    1e:35:83:eb:f8:8e:7f:da:25:1e:a1:a2:c6:8b:00:
                    81:6b:72:18:e4:1b:6c:13:2e:88:f6:31:63:80:4e:
                    ac:89:ba:b9:3b:c6:90:51:e2:8f:52:dd:39:5b:17:
                    70:95:b2:e3:1c:26:26:62:23:a3:54:a1:02:bb:8b:
                    22:b9:04:5e:70:c1:8a:67:99:05:1a:87:66:2e:41:
                    65:f2:aa:f0:11:f6:24:ca:13:6b:57:cf:a5:3a:f3:
                    16:b2:9b:0c:96:18:91:f0:ff:35:39:ea:7b:cb:e2:
                    e2:ef:4a:28:03:fe:e0:8b:d4:79:0e:f6:33:c5:e6:
                    96:26:9c:ad:3e:03:5a:bf:a2:30:43:0a:e8:5c:fd:
                    04:3a:db:06:b4:f3:12:81:4c:d1:2d:58:b1:f2:16:
                    ac:f4:4b:40:5f:1e:97:5b:a8:1e:e2:14:9d:9f:9c:
                    83:ee:ec:ba:f5:d0:17:50:cc:ef:ab:92:b4:44:cd:
                    72:ee:44:9d:97:da:82:c6:0c:30:43:62:de:34:34:
                    ce:3a:7a:5d:1a:43:8f:cd:52:3a:a9:c4:20:47:38:
                    c4:0d:78:cd:66:1b:fa:35:a9:42:19:b3:99:9e:bd:
                    35:97:43:b1:c0:eb:b0:aa:28:4b:c5:cf:67:d0:86:
                    2b:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:A5:E6:3E:F0:8D:6C:59:03:AD:6D:32:FD:BB:61:2B:6D:1E:91:B4
            X509v3 Authority Key Identifier:
                keyid:D4:3B:22:13:0A:A9:A7:73:42:54:76:9E:C1:3B:FE:17:1F:A1:E2:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DsiEwqpp3NCVHaewTv-Fx-h4os.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/X6XmPvCNbFkDrW0y_bthK20ekbQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/1DsiEwqpp3NCVHaewTv-Fx-h4os.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:4d00::/29

    Signature Algorithm: sha256WithRSAEncryption
         93:6c:eb:15:3c:95:cc:11:7c:f4:e3:f9:0e:40:8c:ab:87:6e:
         9d:ea:54:64:ba:fa:32:a3:cf:1c:5c:20:25:aa:9c:f9:30:01:
         23:67:77:02:dd:26:d9:b9:99:ca:fb:5b:f4:d2:80:9f:d5:d9:
         29:d6:a7:ba:2a:db:33:0a:86:c4:dd:23:e5:4b:3a:89:a4:fb:
         e7:ce:0e:01:b1:b7:4e:02:6b:a6:12:05:41:4c:01:02:98:4a:
         61:da:87:5b:4d:47:e7:0e:b7:73:c9:cb:fe:06:48:fa:52:4e:
         7a:06:8c:a3:0d:cc:5a:d5:b1:b2:48:04:64:a8:7f:2d:84:c8:
         70:46:94:3f:11:77:2c:20:91:50:5a:df:41:79:15:39:7e:77:
         1a:f4:1d:f7:78:29:c6:0d:54:04:33:e7:56:e2:4b:ad:04:c7:
         1c:e7:03:ae:c3:55:2d:ba:ef:aa:b2:ad:7a:65:38:bc:f4:fb:
         4e:cf:d8:da:73:6b:84:d2:6d:f4:cc:47:d9:9d:9d:ad:5e:51:
         82:fe:cc:23:56:f4:e2:07:9c:55:66:86:e2:88:d6:f1:5b:46:
         d5:99:c3:49:e8:21:13:c0:02:f2:73:bf:85:85:b8:9a:f6:98:
         aa:e8:3b:81:f9:90:c8:58:1b:ed:ff:b2:66:53:b6:be:74:36:
         17:cb:13:c2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYWyBs09Uw2GuNzyY10mNESHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0M2IyMjEzMGFhOWE3NzM0MjU0NzY5ZWMxM2JmZTE3MWZh
MWUyOGIwHhcNMjMwMTE0MjA0NDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmE1ZTYzZWYwOGQ2YzU5MDNhZDZkMzJmZGJiNjEyYjZkMWU5MWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZw8HdWG+1ztGVMgAEMeNYPr+I5/
2iUeoaLGiwCBa3IY5BtsEy6I9jFjgE6sibq5O8aQUeKPUt05WxdwlbLjHCYmYiOj
VKECu4siuQRecMGKZ5kFGodmLkFl8qrwEfYkyhNrV8+lOvMWspsMlhiR8P81Oep7
y+Li70ooA/7gi9R5DvYzxeaWJpytPgNav6IwQwroXP0EOtsGtPMSgUzRLVix8has
9EtAXx6XW6ge4hSdn5yD7uy69dAXUMzvq5K0RM1y7kSdl9qCxgwwQ2LeNDTOOnpd
GkOPzVI6qcQgRzjEDXjNZhv6NalCGbOZnr01l0OxwOuwqihLxc9n0IYrFwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFF+l5j7wjWxZA61tMv27YSttHpG0MB8GA1UdIwQY
MBaAFNQ7IhMKqadzQlR2nsE7/hcfoeKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURzaUV3cXBwM05DVkhhZXdUdi1GeC1oNG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wODA1NjktM2JiNS00NmRlLTgyYmEt
YTYzMGMyZWEyM2Y5LzEvWDZYbVB2Q05iRmtEclcweV9idGhLMjBla2JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wODA1NjktM2JiNS00NmRlLTgyYmEtYTYzMGMyZWEyM2Y5
LzEvMURzaUV3cXBwM05DVkhhZXdUdi1GeC1oNG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg9NADAN
BgkqhkiG9w0BAQsFAAOCAQEAk2zrFTyVzBF89OP5DkCMq4dunepUZLr6MqPPHFwg
Jaqc+TABI2d3At0m2bmZyvtb9NKAn9XZKdanuirbMwqGxN0j5Us6iaT7584OAbG3
TgJrphIFQUwBAphKYdqHW01H5w63c8nL/gZI+lJOegaMow3MWtWxskgEZKh/LYTI
cEaUPxF3LCCRUFrfQXkVOX53GvQd93gpxg1UBDPnVuJLrQTHHOcDrsNVLbrvqrKt
emU4vPT7Ts/Y2nNrhNJt9MxH2Z2drV5Rgv7MI1b04gecVWaG4ojW8VtG1ZnDSegh
E8AC8nO/hYW4mvaYqug7gfmQyFgb7f+yZlO2vnQ2F8sTwg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:02 2024 by rpki-client on console-ams.rpki-client.org