Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/mLzVd84_d0z0Hkamfu2pHw04k_g.roa
File:                     mLzVd84_d0z0Hkamfu2pHw04k_g.roa (raw, json)
Hash identifier:          VdCivDFF59Ta1VCdGY/Vemfud/DBOc4AAwWe+tburZs=
Subject key identifier:   98:BC:D5:77:CE:3F:77:4C:F4:1E:46:A6:7E:ED:A9:1F:0D:38:93:F8
Certificate issuer:       /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial:       01857002783ECD66C3479BF42272E0753737
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/mLzVd84_d0z0Hkamfu2pHw04k_g.roa
Signing time:             Mon 02 Jan 2023 01:04:48 +0000
ROA not before:           Mon 02 Jan 2023 01:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42087
IP address blocks:        2a00:1fa2:ba00::/40 maxlen: 40

Validation:               Failed, certificate revoked on Tue 05 Dec 2023 16:02:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:02:78:3e:cd:66:c3:47:9b:f4:22:72:e0:75:37:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
        Validity
            Not Before: Jan  2 01:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=98bcd577ce3f774cf41e46a67eeda91f0d3893f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:90:92:4e:88:00:50:a7:c3:b1:f5:3e:18:7d:
                    7e:0b:7c:dc:f0:be:e7:5b:9f:53:c3:87:14:e4:04:
                    3a:46:65:99:f5:8a:4c:e8:7b:48:72:f7:6d:a6:32:
                    18:38:99:f9:44:d6:91:b5:f9:21:79:e2:38:6c:41:
                    45:97:84:a2:3a:bb:4b:5b:38:61:35:07:0b:f3:ee:
                    ca:13:d1:61:ba:d3:d8:6c:f7:b7:fb:93:d6:f1:6f:
                    40:a1:8e:46:45:11:08:d0:e8:17:d8:57:86:5c:8b:
                    2d:f0:a9:a9:ec:2a:56:d8:50:3d:23:0f:5a:72:3b:
                    ad:c1:f9:8f:d1:11:14:34:8e:34:69:b1:2a:c4:2a:
                    e6:fc:d4:68:0d:ab:35:64:94:1e:3e:46:34:94:aa:
                    a5:d0:dc:90:21:e5:f0:92:37:cd:05:14:6d:dc:f1:
                    23:71:d2:d6:b7:3f:76:08:0d:ce:50:40:4f:08:a3:
                    74:ae:ec:67:d2:7b:7e:8e:07:fd:27:7f:7a:73:5e:
                    41:6a:8d:cc:be:78:b7:ed:c2:76:09:0b:ed:c6:53:
                    0a:3e:70:a4:af:ab:e6:30:35:bc:52:c5:2d:94:96:
                    6c:7c:aa:ae:51:7f:92:4e:0e:cd:8e:9e:6f:31:d5:
                    c4:18:99:1c:e5:66:60:d9:cd:26:fc:86:fb:a1:d6:
                    fb:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:BC:D5:77:CE:3F:77:4C:F4:1E:46:A6:7E:ED:A9:1F:0D:38:93:F8
            X509v3 Authority Key Identifier:
                keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/mLzVd84_d0z0Hkamfu2pHw04k_g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:1fa2:ba00::/40

    Signature Algorithm: sha256WithRSAEncryption
         7e:06:d2:07:00:89:aa:03:3e:1e:bb:45:fc:f0:75:47:91:85:
         1a:5f:ab:48:f7:db:f4:52:4b:50:54:5a:46:ed:37:b9:c6:35:
         ca:65:bb:1f:ff:fb:7b:31:df:cb:86:74:d9:41:e8:e6:b1:ac:
         7f:08:7f:88:e0:f2:56:8f:a7:c8:0d:fb:f6:3e:9a:a5:20:ef:
         c9:be:c4:1d:eb:c0:94:4a:85:fc:4e:33:c4:ca:c6:05:e1:43:
         e4:83:13:71:45:09:55:37:f8:e4:21:b7:35:c8:85:2c:23:54:
         44:98:bd:cb:19:d7:e7:6e:11:bd:25:c1:74:97:4f:e9:fe:9a:
         1b:66:e4:54:44:20:b9:51:f2:73:48:1a:8f:af:3e:11:69:6a:
         d6:2c:e2:6e:e2:6f:8e:81:11:cf:67:45:da:2c:a7:c6:30:87:
         4c:de:87:b5:58:59:63:5c:fc:ef:e1:5b:4f:6d:05:70:cd:84:
         4b:fe:37:76:fd:27:6d:f0:65:54:9f:4f:2e:30:8a:ec:d3:5e:
         08:1a:ae:63:12:c2:60:fc:07:f4:ae:fa:f6:96:5d:ea:08:ac:
         ec:26:af:a4:49:f1:9a:0a:db:cc:d2:70:f0:80:99:98:71:75:
         db:6a:c5:ac:0d:ab:4b:23:e7:bf:39:ab:a5:90:e9:24:fe:81:
         5f:f4:83:2c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVwAng+zWbDR5v0InLgdTc3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjMwMTAyMDEwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGJjZDU3N2NlM2Y3NzRjZjQxZTQ2YTY3ZWVkYTkxZjBkMzg5M2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpCSTogAUKfDsfU+GH1+C3zc8L7n
W59Tw4cU5AQ6RmWZ9YpM6HtIcvdtpjIYOJn5RNaRtfkheeI4bEFFl4SiOrtLWzhh
NQcL8+7KE9FhutPYbPe3+5PW8W9AoY5GRREI0OgX2FeGXIst8Kmp7CpW2FA9Iw9a
cjutwfmP0REUNI40abEqxCrm/NRoDas1ZJQePkY0lKql0NyQIeXwkjfNBRRt3PEj
cdLWtz92CA3OUEBPCKN0ruxn0nt+jgf9J396c15Bao3Mvni37cJ2CQvtxlMKPnCk
r6vmMDW8UsUtlJZsfKquUX+STg7Njp5vMdXEGJkc5WZg2c0m/Ib7odb7iwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJi81XfOP3dM9B5Gpn7tqR8NOJP4MB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvbUx6VmQ4NF9kMHowSGthbWZ1MnBIdzA0a19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgAforow
DQYJKoZIhvcNAQELBQADggEBAH4G0gcAiaoDPh67RfzwdUeRhRpfq0j32/RSS1BU
WkbtN7nGNcplux//+3sx38uGdNlB6OaxrH8If4jg8laPp8gN+/Y+mqUg78m+xB3r
wJRKhfxOM8TKxgXhQ+SDE3FFCVU3+OQhtzXIhSwjVESYvcsZ1+duEb0lwXSXT+n+
mhtm5FREILlR8nNIGo+vPhFpatYs4m7ib46BEc9nRdosp8Ywh0zeh7VYWWNc/O/h
W09tBXDNhEv+N3b9J23wZVSfTy4wiuzTXggarmMSwmD8B/Su+vaWXeoIrOwmr6RJ
8ZoK28zScPCAmZhxddtqxawNq0sj5785q6WQ6ST+gV/0gyw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:45 2024 by rpki-client on console-fra.rpki-client.org