Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/affz58MMHzp4TnC7Bfo8KYYtLvU.roa
File:                     affz58MMHzp4TnC7Bfo8KYYtLvU.roa (raw, json)
Hash identifier:          +A8Dq2vogqImTzJY6ZeqNBp4bzjnbweHhor49cNogs4=
Subject key identifier:   69:F7:F3:E7:C3:0C:1F:3A:78:4E:70:BB:05:FA:3C:29:86:2D:2E:F5
Certificate issuer:       /CN=f6c3e027d2d1c2d36d7c954867226c83b65eb56f
Certificate serial:       01857321CBD21C02915254EB44D6DFFA1630
Authority key identifier: F6:C3:E0:27:D2:D1:C2:D3:6D:7C:95:48:67:22:6C:83:B6:5E:B5:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/affz58MMHzp4TnC7Bfo8KYYtLvU.roa
Signing time:             Mon 02 Jan 2023 15:37:52 +0000
ROA not before:           Mon 02 Jan 2023 15:37:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212104
IP address blocks:        2a12:5844:1110::/44 maxlen: 44
                          2a12:5844:1111::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sun 07 May 2023 16:05:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:21:cb:d2:1c:02:91:52:54:eb:44:d6:df:fa:16:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f6c3e027d2d1c2d36d7c954867226c83b65eb56f
        Validity
            Not Before: Jan  2 15:37:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=69f7f3e7c30c1f3a784e70bb05fa3c29862d2ef5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:0d:e3:a9:9f:f0:6c:ad:39:fc:e5:e0:a0:7f:
                    1f:66:16:05:e0:73:f9:9d:b7:0a:9d:9c:f5:13:55:
                    81:b5:db:f2:4b:c9:73:05:33:a9:d4:ff:86:52:a2:
                    5f:bd:b0:90:71:d9:95:9f:a6:41:f6:25:3d:0c:0c:
                    d4:ab:dd:fa:34:77:a8:8e:17:05:58:9b:10:8d:e0:
                    4f:99:77:b8:7c:2c:2a:8f:9a:09:c3:45:05:87:a7:
                    a1:1a:6b:a7:3c:2a:24:a6:56:20:58:f3:7f:a8:fd:
                    de:52:26:99:56:32:2c:a8:5e:b1:b2:fb:36:6d:df:
                    cc:f5:10:24:45:88:9e:da:a8:38:1c:55:bd:34:dc:
                    40:c9:78:96:7e:69:5c:c7:b6:a1:61:53:19:86:87:
                    e0:14:5b:79:98:f7:f2:b3:9b:b0:55:eb:64:52:c6:
                    1d:9d:8f:c2:12:95:82:85:87:70:4a:9b:5d:c8:46:
                    34:65:06:26:82:0a:ee:ec:42:c0:65:cf:26:bc:ed:
                    46:61:a2:b3:49:c7:ed:76:d7:13:c1:31:43:30:88:
                    53:75:7b:39:77:09:0d:23:02:95:ad:fe:0c:bf:a1:
                    42:0f:4e:a8:6b:69:51:d0:d3:63:5e:1a:f9:be:da:
                    16:61:41:ab:59:3f:4e:fa:3e:a9:a0:97:ed:7f:95:
                    85:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:F7:F3:E7:C3:0C:1F:3A:78:4E:70:BB:05:FA:3C:29:86:2D:2E:F5
            X509v3 Authority Key Identifier:
                keyid:F6:C3:E0:27:D2:D1:C2:D3:6D:7C:95:48:67:22:6C:83:B6:5E:B5:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/affz58MMHzp4TnC7Bfo8KYYtLvU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:5844:1110::/44

    Signature Algorithm: sha256WithRSAEncryption
         c7:62:a4:3d:2a:c2:65:55:51:81:c5:3c:5a:4d:23:95:dc:ca:
         2c:52:52:27:a0:fe:b0:b9:91:2e:ad:3a:99:06:0f:e4:72:ed:
         cb:73:e4:f4:68:c2:e9:9f:1c:08:f4:fb:ed:63:46:5b:8b:da:
         12:95:63:50:0b:be:79:d9:f4:94:d1:04:a6:73:ff:4a:c1:a9:
         cc:4a:e7:69:89:8e:b6:6e:91:a2:e7:e4:25:b7:7d:ac:21:b5:
         03:c0:30:81:fd:da:5b:34:03:2d:b3:49:69:f1:db:5b:e5:eb:
         e9:b5:5b:0a:27:18:d1:16:a2:e9:7d:9c:61:19:1e:90:cc:3f:
         d8:a3:73:37:14:10:54:a2:19:31:56:d3:26:f2:e0:8d:7d:e7:
         e0:a1:d0:b0:a7:8e:c9:87:d6:2c:9d:77:dc:6d:99:b6:94:34:
         39:29:b7:ab:56:a0:b7:4b:d4:52:41:64:e2:1f:12:22:e4:0e:
         8a:1e:15:63:4c:9a:fc:4b:a8:ae:be:74:c1:64:c7:e4:f5:70:
         23:8d:29:68:03:c6:c9:05:4f:a1:6d:d5:f1:5a:6e:90:5c:cb:
         ea:82:9b:72:02:3c:b9:7e:3b:dd:5a:53:77:ce:f2:53:00:7c:
         ce:c0:6f:ce:7b:45:f1:bf:63:64:58:a5:83:84:f7:39:34:c8:
         3c:39:c3:20
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzIcvSHAKRUlTrRNbf+hYwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YzNlMDI3ZDJkMWMyZDM2ZDdjOTU0ODY3MjI2YzgzYjY1
ZWI1NmYwHhcNMjMwMTAyMTUzNzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWY3ZjNlN2MzMGMxZjNhNzg0ZTcwYmIwNWZhM2MyOTg2MmQyZWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtg3jqZ/wbK05/OXgoH8fZhYF4HP5
nbcKnZz1E1WBtdvyS8lzBTOp1P+GUqJfvbCQcdmVn6ZB9iU9DAzUq936NHeojhcF
WJsQjeBPmXe4fCwqj5oJw0UFh6ehGmunPCokplYgWPN/qP3eUiaZVjIsqF6xsvs2
bd/M9RAkRYie2qg4HFW9NNxAyXiWfmlcx7ahYVMZhofgFFt5mPfys5uwVetkUsYd
nY/CEpWChYdwSptdyEY0ZQYmggru7ELAZc8mvO1GYaKzScftdtcTwTFDMIhTdXs5
dwkNIwKVrf4Mv6FCD06oa2lR0NNjXhr5vtoWYUGrWT9O+j6poJftf5WFXQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGn38+fDDB86eE5wuwX6PCmGLS71MB8GA1UdIwQY
MBaAFPbD4CfS0cLTbXyVSGcibIO2XrVvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXNQZ0o5TFJ3dE50ZkpWSVp5SnNnN1pldFc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8yYjI4NzgtNWI3OS00MGY3LWI0YjUt
MzU2YzRkN2JiNDUyLzEvYWZmejU4TU1IenA0VG5DN0JmbzhLWVl0THZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8yYjI4NzgtNWI3OS00MGY3LWI0YjUtMzU2YzRkN2JiNDUy
LzEvOXNQZ0o5TFJ3dE50ZkpWSVp5SnNnN1pldFc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhJYRBEQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDHYqQ9KsJlVVGBxTxaTSOV3MosUlInoP6wuZEu
rTqZBg/kcu3Lc+T0aMLpnxwI9PvtY0Zbi9oSlWNQC7552fSU0QSmc/9KwanMSudp
iY62bpGi5+Qlt32sIbUDwDCB/dpbNAMts0lp8dtb5evptVsKJxjRFqLpfZxhGR6Q
zD/Yo3M3FBBUohkxVtMm8uCNfefgodCwp47Jh9YsnXfcbZm2lDQ5KberVqC3S9RS
QWTiHxIi5A6KHhVjTJr8S6iuvnTBZMfk9XAjjSloA8bJBU+hbdXxWm6QXMvqgpty
Ajy5fjvdWlN3zvJTAHzOwG/Oe0Xxv2NkWKWDhPc5NMg8OcMg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:35 2024 by rpki-client on console-fra.rpki-client.org