Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/kv2viy5dewUiYY1WlO3-F6u9AZg.roa
File:                     kv2viy5dewUiYY1WlO3-F6u9AZg.roa (raw, json)
Hash identifier:          mj8I3IwNM+z1E7cKSd3fI/d6TowJI/yPo2RyIlSULbM=
Subject key identifier:   92:FD:AF:8B:2E:5D:7B:05:22:61:8D:56:94:ED:FE:17:AB:BD:01:98
Certificate issuer:       /CN=5f7da568ad027b9e249c13e223d322769881a29f
Certificate serial:       0185719E6A064EC5947D49810E771D3B2494
Authority key identifier: 5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/kv2viy5dewUiYY1WlO3-F6u9AZg.roa
Signing time:             Mon 02 Jan 2023 08:34:45 +0000
ROA not before:           Mon 02 Jan 2023 08:34:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58321
IP address blocks:        2a06:1980::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:9e:6a:06:4e:c5:94:7d:49:81:0e:77:1d:3b:24:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f7da568ad027b9e249c13e223d322769881a29f
        Validity
            Not Before: Jan  2 08:34:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=92fdaf8b2e5d7b0522618d5694edfe17abbd0198
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:f7:c1:59:03:fb:61:1f:a5:57:c3:3e:66:31:
                    12:0f:f4:57:cf:ee:a7:ff:db:ac:6b:16:c0:a0:f2:
                    00:d7:c1:20:bf:6d:49:f7:4e:29:3e:5c:86:07:b7:
                    5e:d4:4e:20:de:3a:1f:25:26:3c:c4:9b:34:29:2f:
                    88:93:35:77:bd:99:32:8d:46:8a:26:f7:32:1a:09:
                    40:47:ab:36:5f:38:d9:3b:45:88:40:af:28:51:60:
                    ee:49:0d:d2:77:d3:79:76:4b:17:f4:e8:61:cc:f8:
                    a3:cc:9d:d4:24:36:a7:b8:2b:73:d4:e6:fd:2a:59:
                    cd:e0:cb:e3:99:60:8c:36:ea:2b:8f:79:4e:b1:3a:
                    eb:5c:35:1c:0b:0e:c9:a1:c6:a7:9e:71:2f:31:be:
                    37:9d:ff:93:5c:19:f4:40:05:c3:03:00:b4:a3:49:
                    aa:96:77:14:23:ea:2a:2f:70:0b:d0:d8:65:fb:8e:
                    1b:b1:f5:8b:65:0f:9c:c6:9e:0a:4a:9c:6f:2b:64:
                    51:b2:27:51:d6:25:cd:2e:eb:9b:dc:bf:58:69:86:
                    9a:18:29:3a:0e:17:a4:9d:d7:71:bb:bb:b2:15:59:
                    0b:7c:30:2d:dc:54:5a:18:8a:22:80:16:85:13:fe:
                    04:57:c2:e4:d5:b8:2d:5c:ae:d7:b8:fc:7d:cc:4f:
                    cc:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:FD:AF:8B:2E:5D:7B:05:22:61:8D:56:94:ED:FE:17:AB:BD:01:98
            X509v3 Authority Key Identifier:
                keyid:5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/kv2viy5dewUiYY1WlO3-F6u9AZg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:1980::/48

    Signature Algorithm: sha256WithRSAEncryption
         2b:12:33:64:f6:f7:32:5a:cd:ba:6d:69:11:f6:9b:5e:9c:c4:
         fb:22:b7:b4:70:36:26:88:60:ee:80:ae:33:4c:19:27:72:5b:
         ed:d4:ea:41:be:70:40:54:bf:46:25:0a:9a:92:4a:21:0d:c8:
         46:8d:c0:e6:66:ed:d1:f4:49:7d:13:bc:9a:04:96:9e:b0:19:
         71:44:07:7a:ec:b0:a0:80:7c:d0:e4:7d:2d:11:98:ce:8d:93:
         b9:3d:0d:67:a4:a8:20:bd:7a:a5:c1:3e:52:81:37:1f:be:11:
         60:ba:ae:d2:84:55:76:86:23:23:3d:5b:6a:b8:8d:66:f8:2a:
         d8:7c:92:60:40:f9:62:80:6a:bd:14:3d:f8:1f:1e:6a:4e:3f:
         ca:d8:1b:3c:99:b8:4a:87:67:be:95:0e:92:7d:a1:8e:6f:e4:
         69:16:3a:2b:4b:db:9c:ba:cd:49:10:d7:60:12:de:6d:6a:ad:
         6f:38:07:f9:6b:7c:35:3a:8d:ca:18:db:1c:5c:55:fc:4b:f5:
         0d:a2:f9:ab:9a:ee:23:2a:f5:6d:66:80:dc:35:40:ee:67:77:
         80:7d:47:97:7b:ed:a6:94:2b:c4:64:a3:ea:b6:94:05:d1:9d:
         4c:eb:59:59:28:ac:cb:cc:74:7b:61:37:91:fb:4e:73:88:40:
         ab:43:0a:f0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxnmoGTsWUfUmBDncdOySUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmN2RhNTY4YWQwMjdiOWUyNDljMTNlMjIzZDMyMjc2OTg4
MWEyOWYwHhcNMjMwMTAyMDgzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmZkYWY4YjJlNWQ3YjA1MjI2MThkNTY5NGVkZmUxN2FiYmQwMTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvfBWQP7YR+lV8M+ZjESD/RXz+6n
/9usaxbAoPIA18Egv21J904pPlyGB7de1E4g3jofJSY8xJs0KS+IkzV3vZkyjUaK
JvcyGglAR6s2XzjZO0WIQK8oUWDuSQ3Sd9N5dksX9OhhzPijzJ3UJDanuCtz1Ob9
KlnN4MvjmWCMNuorj3lOsTrrXDUcCw7JocannnEvMb43nf+TXBn0QAXDAwC0o0mq
lncUI+oqL3AL0Nhl+44bsfWLZQ+cxp4KSpxvK2RRsidR1iXNLuub3L9YaYaaGCk6
Dheknddxu7uyFVkLfDAt3FRaGIoigBaFE/4EV8Lk1bgtXK7XuPx9zE/MDQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJL9r4suXXsFImGNVpTt/hervQGYMB8GA1UdIwQY
MBaAFF99pWitAnueJJwT4iPTInaYgaKfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUt
Mzc1NzUzOWMyYWM5LzEva3Yydml5NWRld1VpWVkxV2xPMy1GNnU5QVpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUtMzc1NzUzOWMyYWM5
LzEvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgYZgAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQArEjNk9vcyWs26bWkR9ptenMT7Ire0cDYmiGDu
gK4zTBknclvt1OpBvnBAVL9GJQqakkohDchGjcDmZu3R9El9E7yaBJaesBlxRAd6
7LCggHzQ5H0tEZjOjZO5PQ1npKggvXqlwT5SgTcfvhFguq7ShFV2hiMjPVtquI1m
+CrYfJJgQPligGq9FD34Hx5qTj/K2Bs8mbhKh2e+lQ6SfaGOb+RpFjorS9ucus1J
ENdgEt5taq1vOAf5a3w1Oo3KGNscXFX8S/UNovmrmu4jKvVtZoDcNUDuZ3eAfUeX
e+2mlCvEZKPqtpQF0Z1M61lZKKzLzHR7YTeR+05ziECrQwrw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:50 2024 by rpki-client on console-ams.rpki-client.org