Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/jJSeKgy1ECYB-uLqq0TRpmrIRgI.roa
File:                     jJSeKgy1ECYB-uLqq0TRpmrIRgI.roa (raw, json)
Hash identifier:          OV4ulvANF3lRl1WOjNJuiOScZQ3u6Mu1ERkS/kCDiIM=
Subject key identifier:   8C:94:9E:2A:0C:B5:10:26:01:FA:E2:EA:AB:44:D1:A6:6A:C8:46:02
Certificate issuer:       /CN=87210b34ce002e30a0a54fabfa2bcac46dfa7228
Certificate serial:       01905A127A00376656835F30BC54A07AB886
Authority key identifier: 87:21:0B:34:CE:00:2E:30:A0:A5:4F:AB:FA:2B:CA:C4:6D:FA:72:28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hyELNM4ALjCgpU-r-ivKxG36cig.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/jJSeKgy1ECYB-uLqq0TRpmrIRgI.roa
Signing time:             Thu 27 Jun 2024 14:21:18 +0000
ROA not before:           Thu 27 Jun 2024 14:21:18 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     50304
IP address blocks:        2a05:a00::/32 maxlen: 32

Validation:               Failed, certificate revoked on Fri 05 Jul 2024 16:21:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:5a:12:7a:00:37:66:56:83:5f:30:bc:54:a0:7a:b8:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87210b34ce002e30a0a54fabfa2bcac46dfa7228
        Validity
            Not Before: Jun 27 14:21:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8c949e2a0cb5102601fae2eaab44d1a66ac84602
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:98:41:8c:9d:b7:67:53:3e:87:07:1f:20:5b:
                    02:53:dd:b3:f9:b0:bb:45:9d:85:be:e2:06:e4:83:
                    53:4d:53:8d:92:fc:d5:c8:37:f5:40:b2:f8:4a:d1:
                    43:58:e8:ff:e0:a0:4b:cb:e2:01:bd:9c:41:e2:9c:
                    f0:86:a0:67:42:6e:c9:10:ef:c0:64:1f:51:56:07:
                    eb:6b:93:e2:92:f7:91:2c:78:3a:80:d7:24:33:b2:
                    5a:e0:a3:08:f6:06:eb:ca:99:25:8c:3c:94:65:6d:
                    b4:3b:6b:0e:ff:99:1f:ce:30:d1:4a:1c:ee:38:91:
                    67:ba:ad:76:e4:07:0d:21:7e:4c:8f:97:38:cd:53:
                    92:72:df:bf:a5:04:e1:fb:1e:46:77:64:2c:17:b4:
                    a5:1c:d1:56:87:3f:70:56:02:67:13:1f:8b:51:d2:
                    04:b0:62:f5:21:72:f2:78:eb:03:f6:b3:54:b1:8f:
                    5f:3c:1b:a9:9f:00:a2:2f:4e:dd:af:cd:32:e5:c0:
                    a3:1b:ad:12:05:94:5d:82:65:21:d2:a6:d8:27:a0:
                    d3:eb:5f:f5:93:72:db:8b:0a:53:66:76:cc:38:08:
                    db:4f:0c:97:48:48:69:56:12:0c:5d:f4:e5:aa:a5:
                    fb:63:72:9d:2b:6a:b0:6f:89:31:85:7f:ee:21:8c:
                    0c:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:94:9E:2A:0C:B5:10:26:01:FA:E2:EA:AB:44:D1:A6:6A:C8:46:02
            X509v3 Authority Key Identifier:
                keyid:87:21:0B:34:CE:00:2E:30:A0:A5:4F:AB:FA:2B:CA:C4:6D:FA:72:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyELNM4ALjCgpU-r-ivKxG36cig.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/jJSeKgy1ECYB-uLqq0TRpmrIRgI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/hyELNM4ALjCgpU-r-ivKxG36cig.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:a00::/32

    Signature Algorithm: sha256WithRSAEncryption
         20:c8:ca:d8:29:5c:a3:03:5e:5e:7b:8a:6f:3d:70:69:cc:de:
         6b:dd:04:60:2f:6d:df:be:93:cc:58:3e:c0:c0:fe:aa:3c:0a:
         b6:2b:70:93:95:80:02:fe:5f:4b:b6:b2:27:6e:ba:c6:16:bd:
         b3:42:13:01:c1:51:d1:47:13:2e:99:f1:9e:a9:6e:9a:c7:0c:
         d6:ad:b0:39:40:09:4e:bc:d4:53:c3:30:d5:1c:6e:ab:28:2e:
         26:78:f0:3d:1a:0f:cb:29:52:63:15:4c:23:84:ee:a2:97:04:
         fd:2e:8b:0c:d5:3e:5d:b7:12:33:c8:ab:5d:31:33:99:59:d9:
         9f:75:73:e1:4e:9e:13:d1:96:c8:27:3e:21:70:c7:74:08:f7:
         8a:e8:40:33:7f:30:0a:1b:68:74:de:0f:36:b1:fe:15:fe:d4:
         64:97:af:43:7d:f4:34:c4:21:63:05:55:a5:9a:72:f7:91:cb:
         f0:a5:5b:23:ca:4e:18:46:e9:d5:a8:18:c7:74:83:1f:22:b6:
         d0:b2:02:b7:2f:06:d2:de:8b:3d:10:91:93:fd:9e:17:3d:1b:
         be:ad:b1:a7:c6:99:73:20:b6:48:ac:82:72:d5:1d:a6:28:dc:
         18:6e:0d:cc:11:53:fb:5b:33:8e:a7:f8:25:6c:ce:e5:19:ee:
         60:df:b3:4d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZBaEnoAN2ZWg18wvFSgeriGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MjEwYjM0Y2UwMDJlMzBhMGE1NGZhYmZhMmJjYWM0NmRm
YTcyMjgwHhcNMjQwNjI3MTQyMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yzk0OWUyYTBjYjUxMDI2MDFmYWUyZWFhYjQ0ZDFhNjZhYzg0NjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZhBjJ23Z1M+hwcfIFsCU92z+bC7
RZ2FvuIG5INTTVONkvzVyDf1QLL4StFDWOj/4KBLy+IBvZxB4pzwhqBnQm7JEO/A
ZB9RVgfra5PikveRLHg6gNckM7Ja4KMI9gbrypkljDyUZW20O2sO/5kfzjDRShzu
OJFnuq125AcNIX5Mj5c4zVOSct+/pQTh+x5Gd2QsF7SlHNFWhz9wVgJnEx+LUdIE
sGL1IXLyeOsD9rNUsY9fPBupnwCiL07dr80y5cCjG60SBZRdgmUh0qbYJ6DT61/1
k3LbiwpTZnbMOAjbTwyXSEhpVhIMXfTlqqX7Y3KdK2qwb4kxhX/uIYwMNwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIyUnioMtRAmAfri6qtE0aZqyEYCMB8GA1UdIwQY
MBaAFIchCzTOAC4woKVPq/orysRt+nIoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHlFTE5NNEFMakNncFUtci1pdkt4RzM2Y2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8yOWEwZGMtMjBhZi00MzdlLTk4NzAt
MzY2OWQxYjU2OWQ2LzEvakpTZUtneTFFQ1lCLXVMcXEwVFJwbXJJUmdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8yOWEwZGMtMjBhZi00MzdlLTk4NzAtMzY2OWQxYjU2OWQ2
LzEvaHlFTE5NNEFMakNncFUtci1pdkt4RzM2Y2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgUKADAN
BgkqhkiG9w0BAQsFAAOCAQEAIMjK2ClcowNeXnuKbz1waczea90EYC9t376TzFg+
wMD+qjwKtitwk5WAAv5fS7ayJ266xha9s0ITAcFR0UcTLpnxnqlumscM1q2wOUAJ
TrzUU8Mw1RxuqyguJnjwPRoPyylSYxVMI4TuopcE/S6LDNU+XbcSM8irXTEzmVnZ
n3Vz4U6eE9GWyCc+IXDHdAj3iuhAM38wChtodN4PNrH+Ff7UZJevQ330NMQhYwVV
pZpy95HL8KVbI8pOGEbp1agYx3SDHyK20LICty8G0t6LPRCRk/2eFz0bvq2xp8aZ
cyC2SKyCctUdpijcGG4NzBFT+1szjqf4JWzO5RnuYN+zTQ==
-----END CERTIFICATE-----
Generated at Fri Jul 5 17:25:51 2024 by rpki-client on console-fra.rpki-client.org