Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/izMaBM1iuT5lw9jjZj-1DFH0JFU.roa
File:                     izMaBM1iuT5lw9jjZj-1DFH0JFU.roa (raw, json)
Hash identifier:          LQeXUKAc6YO1eoZKt8W8wkmTMI6sr8HA1c2dOdy5/58=
Subject key identifier:   8B:33:1A:04:CD:62:B9:3E:65:C3:D8:E3:66:3F:B5:0C:51:F4:24:55
Certificate issuer:       /CN=b194f0304eedd363c6622fd91c59b10871aa3044
Certificate serial:       01856FCBA1F36C80FA33073C86BA42DACF02
Authority key identifier: B1:94:F0:30:4E:ED:D3:63:C6:62:2F:D9:1C:59:B1:08:71:AA:30:44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sZTwME7t02PGYi_ZHFmxCHGqMEQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/izMaBM1iuT5lw9jjZj-1DFH0JFU.roa
Signing time:             Mon 02 Jan 2023 00:04:54 +0000
ROA not before:           Mon 02 Jan 2023 00:04:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57685
IP address blocks:        2a06:4a80::/32 maxlen: 40

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 14:35:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:cb:a1:f3:6c:80:fa:33:07:3c:86:ba:42:da:cf:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b194f0304eedd363c6622fd91c59b10871aa3044
        Validity
            Not Before: Jan  2 00:04:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8b331a04cd62b93e65c3d8e3663fb50c51f42455
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:c7:c2:d1:11:08:4f:55:6f:e5:20:5e:51:35:
                    cb:ac:35:b3:ba:ee:0a:51:d4:c4:22:9f:b9:48:22:
                    02:5f:0d:54:4e:f7:79:20:33:bb:6e:e1:2b:90:7b:
                    15:68:08:71:a9:2d:2b:cc:89:9c:e8:32:bc:09:56:
                    e8:b8:00:43:bb:e7:e1:8d:9f:21:cb:4f:44:a9:eb:
                    6f:e7:b2:4b:c8:16:04:63:45:dd:2d:19:2e:65:26:
                    75:e3:43:a6:4b:3a:ba:66:de:3e:e1:03:b5:7c:40:
                    24:9c:0a:c7:da:d1:97:e5:ca:9d:32:6c:0c:d1:e2:
                    16:99:ea:e3:30:70:29:7a:56:35:84:13:97:32:b8:
                    79:21:da:92:50:2b:af:d7:fd:ba:c9:e9:ad:40:15:
                    91:10:e9:5d:b3:3f:d2:62:fb:da:ee:1d:6f:1a:fe:
                    ba:50:2d:6e:c0:a8:eb:9f:94:0f:ce:d6:fd:07:fb:
                    c0:3b:db:76:7f:27:fe:a5:fc:ff:e9:e4:28:dc:cd:
                    f4:f0:bf:2c:0d:0e:c2:fe:93:f5:87:1f:a2:2b:41:
                    3a:c1:51:dd:32:41:fd:6e:f9:d1:a3:a0:65:e1:31:
                    3a:21:33:df:56:1c:f1:16:e4:70:79:b9:87:41:53:
                    6d:89:22:45:0f:c6:cd:b4:ed:16:fa:22:b2:a0:68:
                    2c:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:33:1A:04:CD:62:B9:3E:65:C3:D8:E3:66:3F:B5:0C:51:F4:24:55
            X509v3 Authority Key Identifier:
                keyid:B1:94:F0:30:4E:ED:D3:63:C6:62:2F:D9:1C:59:B1:08:71:AA:30:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sZTwME7t02PGYi_ZHFmxCHGqMEQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/izMaBM1iuT5lw9jjZj-1DFH0JFU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/sZTwME7t02PGYi_ZHFmxCHGqMEQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:4a80::/32

    Signature Algorithm: sha256WithRSAEncryption
         bc:f7:ba:7b:e5:82:33:d4:d4:82:d2:24:3a:9a:7b:8c:60:9a:
         9b:79:59:d4:61:df:32:0b:78:b8:de:37:68:66:bc:95:ab:98:
         d8:7f:77:ff:70:a6:50:7c:65:29:a7:ca:ed:bd:5f:a6:58:fd:
         5e:ea:03:1b:f4:1b:91:0b:b1:2e:8e:a5:c4:07:88:b0:46:b5:
         5e:08:37:7e:70:35:b3:e7:a4:b0:be:fc:9a:1e:c0:62:65:15:
         69:ce:3b:83:18:bf:67:3a:56:d6:57:6e:7a:fe:02:00:8e:bc:
         e3:92:f5:2d:f2:c9:73:03:b5:10:7d:c8:eb:ab:91:74:4c:f7:
         84:29:aa:af:50:51:2a:c2:a7:54:18:d8:97:a5:d7:cb:98:2f:
         b0:97:8d:7a:b7:71:77:ef:fb:20:53:c3:b6:a8:94:6e:39:b2:
         27:e7:7f:f1:78:59:02:d9:ab:e2:26:80:d4:85:13:a3:71:9f:
         8c:1c:eb:4d:48:9d:16:fc:ba:b7:b7:7c:de:36:e7:9f:8a:57:
         6a:d4:ab:ce:48:37:11:3a:ad:97:c7:32:41:f0:1e:03:44:70:
         19:98:36:bc:69:18:48:08:d1:14:31:ee:5d:fc:24:c7:31:6d:
         c5:d4:1f:75:75:02:e9:90:01:10:97:24:11:fa:b4:d6:23:4c:
         4e:7e:12:06
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvy6HzbID6Mwc8hrpC2s8CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxOTRmMDMwNGVlZGQzNjNjNjYyMmZkOTFjNTliMTA4NzFh
YTMwNDQwHhcNMjMwMTAyMDAwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjMzMWEwNGNkNjJiOTNlNjVjM2Q4ZTM2NjNmYjUwYzUxZjQyNDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sfC0REIT1Vv5SBeUTXLrDWzuu4K
UdTEIp+5SCICXw1UTvd5IDO7buErkHsVaAhxqS0rzImc6DK8CVbouABDu+fhjZ8h
y09Eqetv57JLyBYEY0XdLRkuZSZ140OmSzq6Zt4+4QO1fEAknArH2tGX5cqdMmwM
0eIWmerjMHApelY1hBOXMrh5IdqSUCuv1/26yemtQBWREOldsz/SYvva7h1vGv66
UC1uwKjrn5QPztb9B/vAO9t2fyf+pfz/6eQo3M308L8sDQ7C/pP1hx+iK0E6wVHd
MkH9bvnRo6Bl4TE6ITPfVhzxFuRwebmHQVNtiSJFD8bNtO0W+iKyoGgsiwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIszGgTNYrk+ZcPY42Y/tQxR9CRVMB8GA1UdIwQY
MBaAFLGU8DBO7dNjxmIv2RxZsQhxqjBEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1pUd01FN3QwMlBHWWlfWkhGbXhDSEdxTUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9kZjg0YTctNzJjOS00YTJmLTgxMTUt
YWZiZGJkYWQ1OGE1LzEvaXpNYUJNMWl1VDVsdzlqalpqLTFERkgwSkZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9kZjg0YTctNzJjOS00YTJmLTgxMTUtYWZiZGJkYWQ1OGE1
LzEvc1pUd01FN3QwMlBHWWlfWkhGbXhDSEdxTUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgZKgDAN
BgkqhkiG9w0BAQsFAAOCAQEAvPe6e+WCM9TUgtIkOpp7jGCam3lZ1GHfMgt4uN43
aGa8lauY2H93/3CmUHxlKafK7b1fplj9XuoDG/QbkQuxLo6lxAeIsEa1Xgg3fnA1
s+eksL78mh7AYmUVac47gxi/ZzpW1lduev4CAI6845L1LfLJcwO1EH3I66uRdEz3
hCmqr1BRKsKnVBjYl6XXy5gvsJeNerdxd+/7IFPDtqiUbjmyJ+d/8XhZAtmr4iaA
1IUTo3GfjBzrTUidFvy6t7d83jbnn4pXatSrzkg3ETqtl8cyQfAeA0RwGZg2vGkY
SAjRFDHuXfwkxzFtxdQfdXUC6ZABEJckEfq01iNMTn4SBg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:48 2024 by rpki-client on console-ams.rpki-client.org