Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/727015-e14e-4d41-b05b-8d94553b75e1/1/tXwqsCx2oJ6jyHu_8ctd03LhaLI.roa
File:                     tXwqsCx2oJ6jyHu_8ctd03LhaLI.roa (raw, json)
Hash identifier:          w9TZ4Utsz19pTACaZ1aF22ewbtqkegbZTx7IiO/KCiw=
Subject key identifier:   B5:7C:2A:B0:2C:76:A0:9E:A3:C8:7B:BF:F1:CB:5D:D3:72:E1:68:B2
Certificate issuer:       /CN=69dbe1e7d9e87d68701a4035a76c51bfecd88d81
Certificate serial:       01917A185C4E63354ACB363D8D671EB41EE1
Authority key identifier: 69:DB:E1:E7:D9:E8:7D:68:70:1A:40:35:A7:6C:51:BF:EC:D8:8D:81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/advh59nofWhwGkA1p2xRv-zYjYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/727015-e14e-4d41-b05b-8d94553b75e1/1/tXwqsCx2oJ6jyHu_8ctd03LhaLI.roa
Signing time:             Thu 22 Aug 2024 12:38:22 +0000
ROA not before:           Thu 22 Aug 2024 12:38:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211380
IP address blocks:        2a01:e280:b200::/40 maxlen: 48

Validation:               Failed, certificate revoked on Sun 25 Aug 2024 14:22:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:7a:18:5c:4e:63:35:4a:cb:36:3d:8d:67:1e:b4:1e:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69dbe1e7d9e87d68701a4035a76c51bfecd88d81
        Validity
            Not Before: Aug 22 12:38:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b57c2ab02c76a09ea3c87bbff1cb5dd372e168b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:20:3a:5a:f8:12:f0:15:4a:c5:ba:2d:8d:db:
                    a7:69:2b:7f:3a:5f:b3:48:05:7c:d8:37:17:b0:56:
                    48:c8:13:41:92:3c:13:4b:9e:5c:7c:dd:c5:bf:69:
                    2e:64:ca:9f:7b:a9:f2:07:56:05:b8:5f:db:64:7d:
                    c5:1b:fe:29:ce:08:4f:1d:ca:9d:42:a2:96:c8:cb:
                    89:f0:f6:0c:12:53:b7:b2:96:50:26:1e:45:48:b8:
                    bb:8d:e2:15:e9:56:4b:c8:61:a6:e6:a4:74:e4:69:
                    79:35:1e:ad:55:f8:aa:93:3f:38:a1:93:f9:87:a4:
                    c2:e7:47:23:3d:c4:7d:ac:51:43:ae:a7:f7:9c:0a:
                    9c:0f:53:28:81:91:55:52:c6:8e:b3:7e:ba:e0:ac:
                    86:e9:51:de:c4:a1:df:97:83:1d:f8:79:25:74:e3:
                    85:a0:d1:64:7e:3a:73:cd:00:11:e8:23:7c:6b:49:
                    76:fd:2a:f3:58:f9:88:20:a5:6d:4f:e5:0c:e2:ff:
                    a9:43:b0:fb:25:8e:79:b1:37:d1:c7:f8:8b:0d:34:
                    ac:3f:1e:1e:a4:41:17:da:c0:cf:5b:10:e0:61:95:
                    02:5f:f4:e5:05:eb:19:e9:e8:bb:3f:d4:95:04:3a:
                    fb:86:28:70:db:12:9e:96:11:80:10:97:12:66:d3:
                    fe:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:7C:2A:B0:2C:76:A0:9E:A3:C8:7B:BF:F1:CB:5D:D3:72:E1:68:B2
            X509v3 Authority Key Identifier:
                keyid:69:DB:E1:E7:D9:E8:7D:68:70:1A:40:35:A7:6C:51:BF:EC:D8:8D:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/advh59nofWhwGkA1p2xRv-zYjYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/727015-e14e-4d41-b05b-8d94553b75e1/1/tXwqsCx2oJ6jyHu_8ctd03LhaLI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/727015-e14e-4d41-b05b-8d94553b75e1/1/advh59nofWhwGkA1p2xRv-zYjYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a01:e280:b200::/40

    Signature Algorithm: sha256WithRSAEncryption
         2d:9d:3e:77:88:00:e5:01:9d:49:9f:c1:99:38:f4:e0:e9:58:
         57:e6:2b:7f:b8:2a:8a:99:53:ed:e2:76:3d:dd:ba:04:45:3a:
         5e:0a:fb:70:b9:7d:5a:ff:94:32:7b:1e:63:6c:98:71:d8:df:
         fb:31:ca:84:11:51:d6:60:15:86:92:36:c7:a9:2f:bf:e4:2b:
         59:8e:56:6c:3b:cf:d7:d0:1d:20:38:48:30:51:40:14:51:65:
         fb:e6:94:0a:5d:7c:44:1e:5d:3e:a9:d1:ad:a5:15:69:7a:e1:
         64:83:8a:48:5a:85:81:73:cb:1c:c0:01:e9:ef:a2:52:11:3e:
         b4:b1:ea:14:55:03:28:1e:21:bb:e7:13:ef:2b:67:c7:ea:96:
         7d:62:d6:73:01:dd:ce:00:f5:69:21:cf:82:46:1b:3f:da:f0:
         5d:3b:7e:d3:e2:0b:61:b3:ac:e4:78:fb:2c:67:cb:37:5c:4d:
         b0:0d:0f:31:d5:52:5c:d2:74:53:74:e8:7c:be:a0:2a:06:5b:
         99:37:21:7a:fa:c9:1b:d0:b3:45:08:47:87:e6:24:1f:52:68:
         54:94:06:5b:89:bb:83:34:73:c7:57:76:2b:e4:6c:c9:16:82:
         43:7c:16:66:c6:71:27:dc:88:76:a5:da:1f:76:98:e4:37:b4:
         fc:05:1d:26
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZF6GFxOYzVKyzY9jWcetB7hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZGJlMWU3ZDllODdkNjg3MDFhNDAzNWE3NmM1MWJmZWNk
ODhkODEwHhcNMjQwODIyMTIzODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTdjMmFiMDJjNzZhMDllYTNjODdiYmZmMWNiNWRkMzcyZTE2OGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3yA6WvgS8BVKxbotjdunaSt/Ol+z
SAV82DcXsFZIyBNBkjwTS55cfN3Fv2kuZMqfe6nyB1YFuF/bZH3FG/4pzghPHcqd
QqKWyMuJ8PYMElO3spZQJh5FSLi7jeIV6VZLyGGm5qR05Gl5NR6tVfiqkz84oZP5
h6TC50cjPcR9rFFDrqf3nAqcD1MogZFVUsaOs3664KyG6VHexKHfl4Md+HkldOOF
oNFkfjpzzQAR6CN8a0l2/SrzWPmIIKVtT+UM4v+pQ7D7JY55sTfRx/iLDTSsPx4e
pEEX2sDPWxDgYZUCX/TlBesZ6ei7P9SVBDr7hihw2xKelhGAEJcSZtP+SQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLV8KrAsdqCeo8h7v/HLXdNy4WiyMB8GA1UdIwQY
MBaAFGnb4efZ6H1ocBpANadsUb/s2I2BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWR2aDU5bm9mV2h3R2tBMXAyeFJ2LXpZallFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC83MjcwMTUtZTE0ZS00ZDQxLWIwNWIt
OGQ5NDU1M2I3NWUxLzEvdFh3cXNDeDJvSjZqeUh1XzhjdGQwM0xoYUxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC83MjcwMTUtZTE0ZS00ZDQxLWIwNWItOGQ5NDU1M2I3NWUx
LzEvYWR2aDU5bm9mV2h3R2tBMXAyeFJ2LXpZallFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgHigLIw
DQYJKoZIhvcNAQELBQADggEBAC2dPneIAOUBnUmfwZk49ODpWFfmK3+4KoqZU+3i
dj3dugRFOl4K+3C5fVr/lDJ7HmNsmHHY3/sxyoQRUdZgFYaSNsepL7/kK1mOVmw7
z9fQHSA4SDBRQBRRZfvmlApdfEQeXT6p0a2lFWl64WSDikhahYFzyxzAAenvolIR
PrSx6hRVAygeIbvnE+8rZ8fqln1i1nMB3c4A9Wkhz4JGGz/a8F07ftPiC2GzrOR4
+yxnyzdcTbANDzHVUlzSdFN06Hy+oCoGW5k3IXr6yRvQs0UIR4fmJB9SaFSUBluJ
u4M0c8dXdivkbMkWgkN8FmbGcSfciHal2h92mOQ3tPwFHSY=
-----END CERTIFICATE-----
Generated at Sun Aug 25 17:13:54 2024 by rpki-client on console-fra.rpki-client.org