Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/vd3jLX4NYKd84rf4IeSdSeY-SKQ.roa
File:                     vd3jLX4NYKd84rf4IeSdSeY-SKQ.roa (raw, json)
Hash identifier:          SyB3v97SZZHQzn9zNKzDU8BU3DUwKA9nj3kew3MzZQk=
Subject key identifier:   BD:DD:E3:2D:7E:0D:60:A7:7C:E2:B7:F8:21:E4:9D:49:E6:3E:48:A4
Certificate issuer:       /CN=7d502e2d24b1f216913088207a268e6626b0ce39
Certificate serial:       01884E0DC2C93557B16FE70ECAF6D8638CAF
Authority key identifier: 7D:50:2E:2D:24:B1:F2:16:91:30:88:20:7A:26:8E:66:26:B0:CE:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fVAuLSSx8haRMIggeiaOZiawzjk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/vd3jLX4NYKd84rf4IeSdSeY-SKQ.roa
Signing time:             Wed 24 May 2023 13:58:24 +0000
ROA not before:           Wed 24 May 2023 13:58:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42330
IP address blocks:        2a0b:9400:1001::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:4e:0d:c2:c9:35:57:b1:6f:e7:0e:ca:f6:d8:63:8c:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d502e2d24b1f216913088207a268e6626b0ce39
        Validity
            Not Before: May 24 13:58:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bddde32d7e0d60a77ce2b7f821e49d49e63e48a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:fd:cf:c2:a8:e5:48:e4:bb:1f:ac:07:a1:f9:
                    05:22:e2:db:5f:1e:ca:f1:a4:5a:ec:49:85:a7:cb:
                    09:f8:b4:34:09:e3:3e:85:69:42:48:86:6a:80:44:
                    61:9c:94:92:9f:e6:47:ae:dc:d4:3a:c7:5b:57:01:
                    a4:33:05:2a:02:ed:7a:4b:5c:7a:2a:6d:06:0a:fa:
                    17:4f:b7:31:97:c8:c3:d7:50:e2:88:83:11:9e:aa:
                    54:04:c9:91:51:87:d2:4d:d3:1f:73:a0:58:e8:de:
                    ce:2b:b8:5e:6a:d0:27:be:c0:0f:1d:7f:13:95:f9:
                    d4:bf:9f:f0:ec:a8:ad:70:0c:f0:b5:e1:63:06:f9:
                    5b:33:87:52:5f:d4:97:8d:98:95:c5:8f:e5:d1:eb:
                    f0:dc:67:07:36:e6:99:2b:b6:f9:b8:fb:c6:c2:0a:
                    2b:d2:9d:ac:1d:a1:9f:8f:c7:81:ef:64:d0:25:87:
                    e4:39:b5:18:e6:f3:53:27:a1:09:de:ed:0e:5a:5a:
                    b8:7d:d7:c9:a4:96:db:ac:af:aa:cd:7c:b9:d6:a0:
                    b6:74:e5:22:0b:5a:9b:17:2f:07:3a:5d:65:e0:e0:
                    63:ee:c6:08:ab:af:eb:ca:3e:70:7d:96:0e:75:1f:
                    ed:fa:95:7b:76:69:1f:fa:b4:dd:a5:55:3c:2f:19:
                    15:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:DD:E3:2D:7E:0D:60:A7:7C:E2:B7:F8:21:E4:9D:49:E6:3E:48:A4
            X509v3 Authority Key Identifier:
                keyid:7D:50:2E:2D:24:B1:F2:16:91:30:88:20:7A:26:8E:66:26:B0:CE:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVAuLSSx8haRMIggeiaOZiawzjk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/vd3jLX4NYKd84rf4IeSdSeY-SKQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/fVAuLSSx8haRMIggeiaOZiawzjk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:9400:1001::/48

    Signature Algorithm: sha256WithRSAEncryption
         79:f7:81:75:83:35:b7:23:33:fb:ec:13:b7:5f:94:8a:f6:d8:
         a7:98:de:09:e4:83:25:8d:48:b0:e9:48:51:48:7b:8f:04:39:
         58:e2:c6:fe:98:be:47:03:fb:fa:a2:76:8a:0d:ca:e1:40:b2:
         38:e4:02:63:1c:95:87:cf:c7:42:4f:76:cf:c1:fd:f6:14:09:
         5a:67:78:be:aa:13:2a:9b:fe:ed:20:c7:9a:bc:54:c5:5b:15:
         1d:75:7f:5e:f6:e3:7f:7f:30:87:83:6d:ca:bd:a3:e9:09:75:
         49:5b:2d:3c:59:cd:9b:0b:20:e4:f8:ac:7e:e8:2a:aa:82:5e:
         64:5c:89:a6:ac:b1:72:11:c9:75:50:50:0e:ac:06:14:d2:f3:
         8b:a2:a9:b7:3c:ab:0a:d3:02:c8:9f:c7:49:38:03:8d:2c:aa:
         23:87:a4:9d:06:23:3a:f4:41:8e:fc:dd:76:3b:7b:fa:b5:9c:
         b2:fb:fe:23:64:57:f7:43:36:0b:e9:55:76:4c:0d:8f:31:fb:
         a9:49:bc:5b:22:12:00:ba:59:4b:d2:69:dc:ec:27:5f:92:94:
         a4:f6:78:e5:32:4b:fd:57:61:d0:31:b6:1c:c2:3b:1b:f6:7d:
         51:78:3a:b5:f1:a8:ab:0a:cc:45:fa:71:a5:b5:ee:b0:8c:d8:
         98:6a:63:4c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYhODcLJNVexb+cOyvbYY4yvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTAyZTJkMjRiMWYyMTY5MTMwODgyMDdhMjY4ZTY2MjZi
MGNlMzkwHhcNMjMwNTI0MTM1ODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGRkZTMyZDdlMGQ2MGE3N2NlMmI3ZjgyMWU0OWQ0OWU2M2U0OGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuf3PwqjlSOS7H6wHofkFIuLbXx7K
8aRa7EmFp8sJ+LQ0CeM+hWlCSIZqgERhnJSSn+ZHrtzUOsdbVwGkMwUqAu16S1x6
Km0GCvoXT7cxl8jD11DiiIMRnqpUBMmRUYfSTdMfc6BY6N7OK7heatAnvsAPHX8T
lfnUv5/w7KitcAzwteFjBvlbM4dSX9SXjZiVxY/l0evw3GcHNuaZK7b5uPvGwgor
0p2sHaGfj8eB72TQJYfkObUY5vNTJ6EJ3u0OWlq4fdfJpJbbrK+qzXy51qC2dOUi
C1qbFy8HOl1l4OBj7sYIq6/ryj5wfZYOdR/t+pV7dmkf+rTdpVU8LxkV9wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFL3d4y1+DWCnfOK3+CHknUnmPkikMB8GA1UdIwQY
MBaAFH1QLi0ksfIWkTCIIHomjmYmsM45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZBdUxTU3g4aGFSTUlnZ2VpYU9aaWF3emprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9hYTUzY2YtZjk4OC00MGViLTgwODMt
NTFkNzU1NjhhOWUzLzEvdmQzakxYNE5ZS2Q4NHJmNEllU2RTZVktU0tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9hYTUzY2YtZjk4OC00MGViLTgwODMtNTFkNzU1NjhhOWUz
LzEvZlZBdUxTU3g4aGFSTUlnZ2VpYU9aaWF3emprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKguUABAB
MA0GCSqGSIb3DQEBCwUAA4IBAQB594F1gzW3IzP77BO3X5SK9tinmN4J5IMljUiw
6UhRSHuPBDlY4sb+mL5HA/v6onaKDcrhQLI45AJjHJWHz8dCT3bPwf32FAlaZ3i+
qhMqm/7tIMeavFTFWxUddX9e9uN/fzCHg23KvaPpCXVJWy08Wc2bCyDk+Kx+6Cqq
gl5kXImmrLFyEcl1UFAOrAYU0vOLoqm3PKsK0wLIn8dJOAONLKojh6SdBiM69EGO
/N12O3v6tZyy+/4jZFf3QzYL6VV2TA2PMfupSbxbIhIAullL0mnc7CdfkpSk9njl
Mkv9V2HQMbYcwjsb9n1ReDq18airCsxF+nGlte6wjNiYamNM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:46 2024 by rpki-client on console-ams.rpki-client.org