Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/_LaDrzKLbjp1w_Azj57T8YZUbHE.roa
File:                     _LaDrzKLbjp1w_Azj57T8YZUbHE.roa (raw, json)
Hash identifier:          VOWFZsRjzr7S4lHbasIGJIUITAmvWRp54IPXq3CUhys=
Subject key identifier:   FC:B6:83:AF:32:8B:6E:3A:75:C3:F0:33:8F:9E:D3:F1:86:54:6C:71
Certificate issuer:       /CN=a2074339bb216b85bdc83d61778821adf9149d56
Certificate serial:       01856DC1ACC4C2B52668272DE84761C6D479
Authority key identifier: A2:07:43:39:BB:21:6B:85:BD:C8:3D:61:77:88:21:AD:F9:14:9D:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ogdDObsha4W9yD1hd4ghrfkUnVY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/_LaDrzKLbjp1w_Azj57T8YZUbHE.roa
Signing time:             Sun 01 Jan 2023 14:34:47 +0000
ROA not before:           Sun 01 Jan 2023 14:34:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12581
IP address blocks:        2a01:b1c7::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:c1:ac:c4:c2:b5:26:68:27:2d:e8:47:61:c6:d4:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2074339bb216b85bdc83d61778821adf9149d56
        Validity
            Not Before: Jan  1 14:34:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fcb683af328b6e3a75c3f0338f9ed3f186546c71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:41:21:fb:8a:bd:9c:ff:fa:1e:73:6c:53:bb:
                    0f:38:9e:3d:2b:39:16:12:b7:89:67:37:85:2d:10:
                    73:67:92:fb:f9:bf:dd:da:f6:5c:00:9b:6a:1f:1d:
                    07:a7:a3:3e:fe:27:0e:0a:48:48:bd:11:d3:8e:9c:
                    cd:70:2f:75:d7:70:58:a7:cd:62:ea:17:f4:61:0f:
                    34:30:e0:04:e1:66:cc:29:07:7c:e6:60:13:3b:e7:
                    e9:d5:c5:26:7e:91:1c:0a:07:9b:e7:e7:87:b2:54:
                    ed:7b:f0:8c:01:ec:cd:16:1a:5c:41:20:0b:a6:89:
                    12:ae:b6:2c:6e:cb:f4:4a:3c:f2:c9:65:f2:84:78:
                    cf:1b:a0:9c:c6:04:8c:87:ff:99:a9:90:bf:1d:c6:
                    0c:05:8f:ed:ce:f4:3c:5d:30:1f:4c:7f:c2:1d:5e:
                    9a:f9:39:74:2d:e5:83:80:60:e4:2c:a6:fa:a9:2d:
                    19:25:94:9d:52:fb:d4:2f:7c:3c:73:2e:43:99:d9:
                    b0:fc:97:67:a5:13:9a:43:48:95:58:f7:19:d0:13:
                    c1:fe:09:6d:52:7c:72:bf:89:e6:ef:20:e8:f1:07:
                    fe:dc:b2:fb:be:c9:a0:a1:f7:5b:47:a5:7a:31:02:
                    1a:b1:0b:58:52:33:af:5e:07:b8:d9:e9:7f:8f:44:
                    59:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:B6:83:AF:32:8B:6E:3A:75:C3:F0:33:8F:9E:D3:F1:86:54:6C:71
            X509v3 Authority Key Identifier:
                keyid:A2:07:43:39:BB:21:6B:85:BD:C8:3D:61:77:88:21:AD:F9:14:9D:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogdDObsha4W9yD1hd4ghrfkUnVY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/_LaDrzKLbjp1w_Azj57T8YZUbHE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/ogdDObsha4W9yD1hd4ghrfkUnVY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a01:b1c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         b7:4e:dd:fb:41:9f:0e:ee:b4:1f:41:98:de:fe:94:d1:2e:a1:
         5b:cd:5e:65:06:0d:a7:c4:1c:0b:4e:f5:bf:e5:df:42:a3:47:
         e1:fc:21:8b:c7:4e:fb:7b:62:75:f5:3c:4f:7d:98:ac:70:4f:
         d1:28:db:bc:05:75:55:c6:14:72:38:8a:24:51:e3:2d:ba:bb:
         2c:18:f8:41:67:36:11:d7:1b:1a:5f:2c:e1:8c:98:67:ac:f4:
         d0:11:50:63:ce:eb:06:f7:6f:9b:7c:f2:d9:10:9a:6b:48:23:
         7c:4d:e6:a1:52:55:5e:32:69:10:33:f3:f5:cc:dd:35:db:c6:
         02:db:05:53:cc:8a:b7:3a:a7:1a:e7:ae:e3:be:31:8d:24:a7:
         a1:7d:15:bc:6f:78:08:6d:25:b3:5b:3d:40:19:a5:97:ce:1d:
         ea:c8:d5:74:e1:d5:fe:7f:a6:ce:c0:a2:be:01:ee:3e:45:13:
         a4:3f:50:fe:ad:5c:73:27:85:cc:0a:2d:24:6f:68:88:cd:0b:
         48:2b:92:8d:58:50:fb:e2:ec:5c:48:47:21:d9:74:af:e2:8d:
         e4:dd:45:20:dd:f3:09:a9:ec:b3:bb:37:34:7f:8b:23:7a:7c:
         19:ee:a2:10:e7:c8:7b:43:88:3a:2f:64:76:f3:c2:bb:46:87:
         e1:78:1e:42
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtwazEwrUmaCct6EdhxtR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDc0MzM5YmIyMTZiODViZGM4M2Q2MTc3ODgyMWFkZjkx
NDlkNTYwHhcNMjMwMTAxMTQzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2I2ODNhZjMyOGI2ZTNhNzVjM2YwMzM4ZjllZDNmMTg2NTQ2YzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEEh+4q9nP/6HnNsU7sPOJ49KzkW
EreJZzeFLRBzZ5L7+b/d2vZcAJtqHx0Hp6M+/icOCkhIvRHTjpzNcC9113BYp81i
6hf0YQ80MOAE4WbMKQd85mATO+fp1cUmfpEcCgeb5+eHslTte/CMAezNFhpcQSAL
pokSrrYsbsv0SjzyyWXyhHjPG6CcxgSMh/+ZqZC/HcYMBY/tzvQ8XTAfTH/CHV6a
+Tl0LeWDgGDkLKb6qS0ZJZSdUvvUL3w8cy5Dmdmw/JdnpROaQ0iVWPcZ0BPB/glt
Unxyv4nm7yDo8Qf+3LL7vsmgofdbR6V6MQIasQtYUjOvXge42el/j0RZnwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPy2g68yi246dcPwM4+e0/GGVGxxMB8GA1UdIwQY
MBaAFKIHQzm7IWuFvcg9YXeIIa35FJ1WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dkRE9ic2hhNFc5eUQxaGQ0Z2hyZmtVblZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy81NzFiMzQtYWNmOS00ZWJmLTk4OGIt
MGZlYjY2ZTdmMjhhLzEvX0xhRHJ6S0xianAxd19Bemo1N1Q4WVpVYkhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy81NzFiMzQtYWNmOS00ZWJmLTk4OGItMGZlYjY2ZTdmMjhh
LzEvb2dkRE9ic2hhNFc5eUQxaGQ0Z2hyZmtVblZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgGxxzAN
BgkqhkiG9w0BAQsFAAOCAQEAt07d+0GfDu60H0GY3v6U0S6hW81eZQYNp8QcC071
v+XfQqNH4fwhi8dO+3tidfU8T32YrHBP0SjbvAV1VcYUcjiKJFHjLbq7LBj4QWc2
EdcbGl8s4YyYZ6z00BFQY87rBvdvm3zy2RCaa0gjfE3moVJVXjJpEDPz9czdNdvG
AtsFU8yKtzqnGueu474xjSSnoX0VvG94CG0ls1s9QBmll84d6sjVdOHV/n+mzsCi
vgHuPkUTpD9Q/q1ccyeFzAotJG9oiM0LSCuSjVhQ++LsXEhHIdl0r+KN5N1FIN3z
Canss7s3NH+LI3p8Ge6iEOfIe0OIOi9kdvPCu0aH4XgeQg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:13 2024 by rpki-client on console-fra.rpki-client.org