Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/_aGjIFpn2A3ZcbJI8x2Lm6Xkfe8.roa
File:                     _aGjIFpn2A3ZcbJI8x2Lm6Xkfe8.roa (raw, json)
Hash identifier:          mOQ0+vq47ikaWMDl9yyJA3MJL3JmfC4kDvXqmFDgJYg=
Subject key identifier:   FD:A1:A3:20:5A:67:D8:0D:D9:71:B2:48:F3:1D:8B:9B:A5:E4:7D:EF
Certificate issuer:       /CN=7d502e2d24b1f216913088207a268e6626b0ce39
Certificate serial:       018CCA2A45554749546D77BB27FCE00B2C7D
Authority key identifier: 7D:50:2E:2D:24:B1:F2:16:91:30:88:20:7A:26:8E:66:26:B0:CE:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fVAuLSSx8haRMIggeiaOZiawzjk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/_aGjIFpn2A3ZcbJI8x2Lm6Xkfe8.roa
Signing time:             Tue 02 Jan 2024 12:33:37 +0000
ROA not before:           Tue 02 Jan 2024 12:33:37 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     42330
IP address blocks:        2a0b:9400:1001::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 06 Mar 2024 23:44:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:45:55:47:49:54:6d:77:bb:27:fc:e0:0b:2c:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d502e2d24b1f216913088207a268e6626b0ce39
        Validity
            Not Before: Jan  2 12:33:37 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fda1a3205a67d80dd971b248f31d8b9ba5e47def
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:b3:fc:2e:11:d5:9b:80:48:fa:68:6b:37:cf:
                    e6:9e:09:05:f6:bb:cf:42:e8:c1:88:23:08:3c:6f:
                    51:7f:60:a9:76:fb:26:b0:28:b5:26:78:17:7f:cb:
                    d2:35:60:0e:c5:91:5a:d1:32:d9:4c:05:f6:99:d0:
                    84:53:31:ee:1e:c7:39:cc:6b:7d:2a:41:1d:a2:ad:
                    3a:84:01:cc:40:fc:05:a8:03:2e:44:44:b9:60:45:
                    b7:e9:4a:52:cb:23:ad:20:95:71:82:aa:92:ab:c5:
                    ae:af:a8:f2:0c:e1:79:da:b8:62:ca:8d:99:b6:08:
                    54:18:ab:a8:9b:99:e3:fb:5a:58:a9:dd:5b:67:f0:
                    3a:b5:ed:5b:c6:6d:d6:d8:40:a9:c9:dd:79:38:30:
                    53:75:77:b6:a7:5d:3a:b3:47:97:65:cf:ab:82:21:
                    80:0c:7b:4d:32:a0:2b:05:05:17:56:90:c9:49:f3:
                    a6:ab:ae:ef:55:85:bb:09:44:d8:63:71:da:33:05:
                    15:81:b1:3e:6f:fe:68:7a:09:4b:71:62:c7:51:06:
                    0a:35:43:9b:83:bf:3b:af:d8:f2:e3:8b:bc:cd:f7:
                    e5:16:c6:af:c1:b3:27:36:25:71:49:c3:3c:25:bc:
                    b1:e6:29:28:9b:6a:9d:d5:ed:e9:df:b7:b6:3a:f5:
                    9c:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:A1:A3:20:5A:67:D8:0D:D9:71:B2:48:F3:1D:8B:9B:A5:E4:7D:EF
            X509v3 Authority Key Identifier:
                keyid:7D:50:2E:2D:24:B1:F2:16:91:30:88:20:7A:26:8E:66:26:B0:CE:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVAuLSSx8haRMIggeiaOZiawzjk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/_aGjIFpn2A3ZcbJI8x2Lm6Xkfe8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/fVAuLSSx8haRMIggeiaOZiawzjk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:9400:1001::/48

    Signature Algorithm: sha256WithRSAEncryption
         84:7b:62:e3:17:44:9b:9a:67:9d:f8:cb:ab:5c:37:0c:f0:e9:
         75:64:3a:a3:e0:16:09:07:cb:78:7b:c5:01:08:e6:2b:60:b1:
         ca:b2:64:86:98:fc:a1:10:c6:0e:e9:86:1a:03:63:8a:71:56:
         93:72:0b:f1:f6:9d:f2:9e:9d:ff:0c:82:27:3e:3a:26:82:99:
         8a:97:66:b7:40:ac:51:8b:97:f7:05:7d:bb:4a:06:9b:76:e5:
         b6:55:62:96:7a:a5:3a:bc:d7:53:f4:cd:cf:b6:ac:f5:ec:68:
         0a:66:52:56:9a:b3:95:66:15:22:d5:17:7d:ce:d7:64:6d:3f:
         e8:31:f2:c2:6c:d7:f3:52:91:05:9b:6b:2e:1f:8b:64:54:58:
         9a:86:fe:cf:4f:40:36:e6:4d:33:ac:1f:15:dc:0b:dd:50:e3:
         e1:e2:70:5d:23:ff:a5:35:3b:68:4a:b1:4c:e5:54:6f:85:30:
         99:69:6d:4f:1a:f6:3a:3d:e2:ad:d6:10:5f:59:ae:b7:3b:f0:
         38:f2:2b:f8:65:71:10:24:8f:98:65:ed:6c:d0:f4:24:83:58:
         2e:a1:01:fd:f3:cb:8f:37:fa:2d:32:d9:21:94:fc:75:42:9c:
         da:10:cc:4e:a3:48:31:9f:13:d5:3e:b6:33:50:f6:fc:17:83:
         a3:2a:2c:d2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzKKkVVR0lUbXe7J/zgCyx9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTAyZTJkMjRiMWYyMTY5MTMwODgyMDdhMjY4ZTY2MjZi
MGNlMzkwHhcNMjQwMTAyMTIzMzM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGExYTMyMDVhNjdkODBkZDk3MWIyNDhmMzFkOGI5YmE1ZTQ3ZGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbP8LhHVm4BI+mhrN8/mngkF9rvP
QujBiCMIPG9Rf2CpdvsmsCi1JngXf8vSNWAOxZFa0TLZTAX2mdCEUzHuHsc5zGt9
KkEdoq06hAHMQPwFqAMuRES5YEW36UpSyyOtIJVxgqqSq8Wur6jyDOF52rhiyo2Z
tghUGKuom5nj+1pYqd1bZ/A6te1bxm3W2ECpyd15ODBTdXe2p106s0eXZc+rgiGA
DHtNMqArBQUXVpDJSfOmq67vVYW7CUTYY3HaMwUVgbE+b/5oeglLcWLHUQYKNUOb
g787r9jy44u8zfflFsavwbMnNiVxScM8Jbyx5ikom2qd1e3p37e2OvWc8QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFP2hoyBaZ9gN2XGySPMdi5ul5H3vMB8GA1UdIwQY
MBaAFH1QLi0ksfIWkTCIIHomjmYmsM45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZBdUxTU3g4aGFSTUlnZ2VpYU9aaWF3emprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9hYTUzY2YtZjk4OC00MGViLTgwODMt
NTFkNzU1NjhhOWUzLzEvX2FHaklGcG4yQTNaY2JKSTh4MkxtNlhrZmU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9hYTUzY2YtZjk4OC00MGViLTgwODMtNTFkNzU1NjhhOWUz
LzEvZlZBdUxTU3g4aGFSTUlnZ2VpYU9aaWF3emprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKguUABAB
MA0GCSqGSIb3DQEBCwUAA4IBAQCEe2LjF0Sbmmed+MurXDcM8Ol1ZDqj4BYJB8t4
e8UBCOYrYLHKsmSGmPyhEMYO6YYaA2OKcVaTcgvx9p3ynp3/DIInPjomgpmKl2a3
QKxRi5f3BX27SgabduW2VWKWeqU6vNdT9M3Ptqz17GgKZlJWmrOVZhUi1Rd9ztdk
bT/oMfLCbNfzUpEFm2suH4tkVFiahv7PT0A25k0zrB8V3AvdUOPh4nBdI/+lNTto
SrFM5VRvhTCZaW1PGvY6PeKt1hBfWa63O/A48iv4ZXEQJI+YZe1s0PQkg1guoQH9
88uPN/otMtkhlPx1QpzaEMxOo0gxnxPVPrYzUPb8F4OjKizS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:46 2024 by rpki-client on console-ams.rpki-client.org