Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/SGgj3PucZi0wzvSp4yIpsf7EH3s.roa
File:                     SGgj3PucZi0wzvSp4yIpsf7EH3s.roa (raw, json)
Hash identifier:          7iMD+KZQ0VCexaet+B1MD75gmriJNZohnUxSgCOCPDY=
Subject key identifier:   48:68:23:DC:FB:9C:66:2D:30:CE:F4:A9:E3:22:29:B1:FE:C4:1F:7B
Certificate issuer:       /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial:       018CC871546DDF92EE4B8E3E7D2D1E6F5B1D
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/SGgj3PucZi0wzvSp4yIpsf7EH3s.roa
Signing time:             Tue 02 Jan 2024 04:31:59 +0000
ROA not before:           Tue 02 Jan 2024 04:31:59 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212165
IP address blocks:        2a02:eb00:2::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 09 Jan 2024 10:15:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:71:54:6d:df:92:ee:4b:8e:3e:7d:2d:1e:6f:5b:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
        Validity
            Not Before: Jan  2 04:31:59 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=486823dcfb9c662d30cef4a9e32229b1fec41f7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:88:22:79:6d:7a:15:84:64:cf:bc:b5:b3:e8:
                    47:fe:7b:a0:ba:f9:ff:b7:d2:3d:6b:f8:6e:8b:5c:
                    14:4f:4a:d4:a0:b8:19:b1:82:cb:ca:6a:4b:9f:90:
                    7d:7d:87:6e:d5:4a:85:69:6f:1e:98:29:47:e1:e9:
                    6e:95:98:33:86:9c:1e:63:32:1e:df:b7:43:e3:2e:
                    67:92:bd:c9:79:c5:61:c6:e4:54:29:35:6d:60:f6:
                    e6:9e:49:69:46:c7:39:e0:f2:22:27:0a:21:8e:14:
                    f5:69:82:f3:44:9e:12:6b:51:cc:0c:98:37:ec:f9:
                    1d:53:f1:c7:e1:7a:f1:fc:43:c8:2b:51:18:d9:19:
                    3c:27:40:ce:4a:a0:aa:d6:77:a6:29:2b:04:66:20:
                    e3:1b:17:c4:c3:6a:d1:b4:4e:f9:ae:34:b7:8c:ba:
                    f0:dc:24:f2:be:38:0f:ab:ed:e2:6e:a2:ad:01:43:
                    79:da:74:ba:82:c9:98:36:5e:d9:f3:fb:72:c3:7c:
                    98:b9:29:87:5e:9c:40:70:b2:85:d0:2d:7e:21:d0:
                    a2:75:66:af:bf:36:68:72:6c:65:ad:2e:68:30:82:
                    fd:d0:eb:9a:6c:59:4a:31:2e:71:ee:27:82:07:14:
                    9d:97:cd:07:4d:9f:d6:1e:34:44:d8:64:db:7e:1a:
                    ba:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:68:23:DC:FB:9C:66:2D:30:CE:F4:A9:E3:22:29:B1:FE:C4:1F:7B
            X509v3 Authority Key Identifier:
                keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/SGgj3PucZi0wzvSp4yIpsf7EH3s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a02:eb00:2::/48

    Signature Algorithm: sha256WithRSAEncryption
         45:c5:59:22:ae:73:4e:39:6f:76:86:7b:14:5f:67:8e:72:d7:
         9c:6f:3e:15:bc:a2:d4:ef:a4:bb:02:47:33:a7:da:28:2a:69:
         6a:10:6b:54:94:d1:39:80:31:5c:a4:bf:2c:f0:22:da:ef:c1:
         17:7e:d7:ec:38:ad:42:02:21:e5:9f:c3:e5:c7:2c:8d:c0:0c:
         83:24:26:20:8e:b2:f7:99:9d:71:7d:2b:de:4e:24:3e:d2:f1:
         12:ec:66:24:96:03:a1:c9:f1:05:90:9c:54:2a:59:c0:27:5d:
         0e:24:33:05:6e:a6:af:5c:a7:18:1c:cc:d0:ae:3c:53:ae:b5:
         a2:6c:41:60:e6:27:e4:20:76:4c:fe:d6:4f:57:77:bc:35:74:
         e2:64:d2:97:ff:bb:ab:70:18:b5:80:03:85:85:ed:44:01:f6:
         17:b0:b4:bf:62:6d:e7:c8:f7:13:a3:a1:5e:ff:76:83:83:be:
         6f:d8:5b:60:20:54:99:3d:5d:25:53:b8:94:07:20:66:2d:fa:
         2d:c3:c6:0a:99:15:9b:0e:9d:bf:4a:14:d9:4b:2c:d4:d4:f7:
         2e:4a:ae:1b:b5:fc:12:a6:1e:54:af:8d:5c:c3:22:d1:07:61:
         50:8f:b6:54:ec:04:81:ce:5f:24:27:4a:a4:04:22:8d:8e:6f:
         d9:69:d4:26
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIcVRt35LuS44+fS0eb1sdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjQwMTAyMDQzMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODY4MjNkY2ZiOWM2NjJkMzBjZWY0YTllMzIyMjliMWZlYzQxZjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYgieW16FYRkz7y1s+hH/nuguvn/
t9I9a/hui1wUT0rUoLgZsYLLympLn5B9fYdu1UqFaW8emClH4elulZgzhpweYzIe
37dD4y5nkr3JecVhxuRUKTVtYPbmnklpRsc54PIiJwohjhT1aYLzRJ4Sa1HMDJg3
7PkdU/HH4Xrx/EPIK1EY2Rk8J0DOSqCq1nemKSsEZiDjGxfEw2rRtE75rjS3jLrw
3CTyvjgPq+3ibqKtAUN52nS6gsmYNl7Z8/tyw3yYuSmHXpxAcLKF0C1+IdCidWav
vzZocmxlrS5oMIL90OuabFlKMS5x7ieCBxSdl80HTZ/WHjRE2GTbfhq6XwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEhoI9z7nGYtMM70qeMiKbH+xB97MB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvU0dnajNQdWNaaTB3enZTcDR5SXBzZjdFSDNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgLrAAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQBFxVkirnNOOW92hnsUX2eOctecbz4VvKLU76S7
Akczp9ooKmlqEGtUlNE5gDFcpL8s8CLa78EXftfsOK1CAiHln8PlxyyNwAyDJCYg
jrL3mZ1xfSveTiQ+0vES7GYklgOhyfEFkJxUKlnAJ10OJDMFbqavXKcYHMzQrjxT
rrWibEFg5ifkIHZM/tZPV3e8NXTiZNKX/7urcBi1gAOFhe1EAfYXsLS/Ym3nyPcT
o6Fe/3aDg75v2FtgIFSZPV0lU7iUByBmLfotw8YKmRWbDp2/ShTZSyzU1PcuSq4b
tfwSph5Ur41cwyLRB2FQj7ZU7ASBzl8kJ0qkBCKNjm/ZadQm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:34 2024 by rpki-client on console-fra.rpki-client.org