Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/O2JKOG2ETE0aL8pr_6Sr0OzAFzY.roa
File:                     O2JKOG2ETE0aL8pr_6Sr0OzAFzY.roa (raw, json)
Hash identifier:          WOhvbD80GkhE22HGJEu6UZ8mw2hoEKeKvpg4KTSvpUI=
Subject key identifier:   3B:62:4A:38:6D:84:4C:4D:1A:2F:CA:6B:FF:A4:AB:D0:EC:C0:17:36
Certificate issuer:       /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial:       018CAFD3BCE28BE117B80B5E95F23642B478
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/O2JKOG2ETE0aL8pr_6Sr0OzAFzY.roa
Signing time:             Thu 28 Dec 2023 09:48:58 +0000
ROA not before:           Thu 28 Dec 2023 09:48:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212165
IP address blocks:        2a02:eb00:2::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:31:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:af:d3:bc:e2:8b:e1:17:b8:0b:5e:95:f2:36:42:b4:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
        Validity
            Not Before: Dec 28 09:48:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3b624a386d844c4d1a2fca6bffa4abd0ecc01736
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:9a:b0:89:51:b3:0f:bb:91:ca:fe:85:1d:24:
                    fe:fb:cd:bb:fa:48:41:2b:9b:aa:9a:e8:27:3c:91:
                    3e:a7:66:34:5e:6f:5a:d1:d0:77:75:09:fd:fb:26:
                    cb:6c:38:62:87:6b:e2:01:e7:27:23:ac:b5:8d:7c:
                    9e:dd:93:e7:c8:a6:d5:24:65:c2:ac:a9:f3:98:9a:
                    d6:b0:21:c6:82:b0:3f:a0:15:7d:35:bb:fe:8b:7d:
                    3c:fc:b8:bd:31:e1:cc:f4:1e:f6:c9:4f:0c:5b:2a:
                    64:77:dd:e8:7a:c2:16:c4:24:94:bd:1b:91:c8:b5:
                    f1:a8:b3:a7:ac:d9:8d:2c:91:5b:72:5b:69:46:fb:
                    a7:d2:73:63:f8:16:b8:93:68:23:2b:e1:ca:45:f4:
                    0b:3e:1e:30:4b:88:6d:80:f8:67:29:be:57:8f:85:
                    e4:dd:10:da:0f:3e:aa:b4:b0:9d:fd:51:fc:9f:ff:
                    42:38:c3:1f:de:d1:e9:fc:4c:b1:b3:cd:3c:a7:95:
                    a5:43:86:35:d6:31:4d:27:1f:bf:d9:d0:53:69:f8:
                    77:49:a8:37:a7:92:26:e1:0f:1c:1f:6b:36:ae:8b:
                    54:20:f6:47:1a:ed:11:09:74:fa:b7:1a:18:cc:72:
                    9a:38:9d:85:2f:d8:39:db:0f:f6:70:f1:97:c3:a4:
                    59:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:62:4A:38:6D:84:4C:4D:1A:2F:CA:6B:FF:A4:AB:D0:EC:C0:17:36
            X509v3 Authority Key Identifier:
                keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/O2JKOG2ETE0aL8pr_6Sr0OzAFzY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a02:eb00:2::/48

    Signature Algorithm: sha256WithRSAEncryption
         0d:53:56:6e:e9:7e:5b:58:4c:1c:e0:bb:3b:42:1a:13:4e:c1:
         53:e5:15:03:e0:d9:e9:fe:1b:31:85:bd:cd:77:55:80:b7:fe:
         09:3d:2b:d3:e8:94:93:f6:40:92:09:92:ed:df:58:90:5d:16:
         2b:93:65:89:79:1f:4d:eb:64:2c:75:ff:a5:c3:72:d1:cd:53:
         98:42:b1:a7:ab:13:99:7e:ae:ca:b2:14:b5:fe:1b:ea:3d:9f:
         6a:a4:7a:90:d7:25:ee:73:da:76:43:25:17:b3:4f:5e:dc:41:
         73:71:41:f7:ce:fc:5e:6e:08:56:0c:44:db:e8:b3:2d:e4:e1:
         70:92:5c:97:39:02:d2:22:a2:a5:ab:34:8a:2c:58:da:75:89:
         fc:de:5f:23:a0:04:b0:84:d9:2e:c0:91:ee:c5:fe:b4:69:07:
         5a:eb:8f:7b:59:f0:00:f1:79:f1:6c:06:3d:33:2c:9d:dd:42:
         4a:0b:5a:9b:73:6d:5d:62:3c:80:20:c7:71:f2:2c:f8:7d:c1:
         e4:43:37:eb:54:e6:4a:bd:d2:be:6c:86:e9:8b:74:20:60:9b:
         8a:00:f3:29:64:58:27:4c:c2:6c:18:c1:61:e3:91:aa:b4:86:
         8c:bc:17:97:8d:73:95:ec:dd:bc:cf:26:8a:e1:4e:14:78:74:
         0b:38:ac:d0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYyv07zii+EXuAtelfI2QrR4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjMxMjI4MDk0ODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjYyNGEzODZkODQ0YzRkMWEyZmNhNmJmZmE0YWJkMGVjYzAxNzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5qwiVGzD7uRyv6FHST++827+khB
K5uqmugnPJE+p2Y0Xm9a0dB3dQn9+ybLbDhih2viAecnI6y1jXye3ZPnyKbVJGXC
rKnzmJrWsCHGgrA/oBV9Nbv+i308/Li9MeHM9B72yU8MWypkd93oesIWxCSUvRuR
yLXxqLOnrNmNLJFbcltpRvun0nNj+Ba4k2gjK+HKRfQLPh4wS4htgPhnKb5Xj4Xk
3RDaDz6qtLCd/VH8n/9COMMf3tHp/Eyxs808p5WlQ4Y11jFNJx+/2dBTafh3Sag3
p5Im4Q8cH2s2rotUIPZHGu0RCXT6txoYzHKaOJ2FL9g52w/2cPGXw6RZywIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDtiSjhthExNGi/Ka/+kq9DswBc2MB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvTzJKS09HMkVURTBhTDhwcl82U3IwT3pBRnpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgLrAAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQANU1Zu6X5bWEwc4Ls7QhoTTsFT5RUD4Nnp/hsx
hb3Nd1WAt/4JPSvT6JST9kCSCZLt31iQXRYrk2WJeR9N62Qsdf+lw3LRzVOYQrGn
qxOZfq7KshS1/hvqPZ9qpHqQ1yXuc9p2QyUXs09e3EFzcUH3zvxebghWDETb6LMt
5OFwklyXOQLSIqKlqzSKLFjadYn83l8joASwhNkuwJHuxf60aQda6497WfAA8Xnx
bAY9Myyd3UJKC1qbc21dYjyAIMdx8iz4fcHkQzfrVOZKvdK+bIbpi3QgYJuKAPMp
ZFgnTMJsGMFh45GqtIaMvBeXjXOV7N28zyaK4U4UeHQLOKzQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:34 2024 by rpki-client on console-fra.rpki-client.org