Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/IUou3n__ACeGN0M43zkgonvHngo.roa
File:                     IUou3n__ACeGN0M43zkgonvHngo.roa (raw, json)
Hash identifier:          dK846PVm+yNYF3+U0ZZUd76wcPX/wx6vnprTS/W8UoY=
Subject key identifier:   21:4A:2E:DE:7F:FF:00:27:86:37:43:38:DF:39:20:A2:7B:C7:9E:0A
Certificate issuer:       /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial:       018843B17ADA90DB2B6DCF8CBF0AFA021FFF
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/IUou3n__ACeGN0M43zkgonvHngo.roa
Signing time:             Mon 22 May 2023 13:41:24 +0000
ROA not before:           Mon 22 May 2023 13:41:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     151338
IP address blocks:        2a12:8fc5:190::/44 maxlen: 44

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:43:b1:7a:da:90:db:2b:6d:cf:8c:bf:0a:fa:02:1f:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
        Validity
            Not Before: May 22 13:41:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=214a2ede7fff002786374338df3920a27bc79e0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:f4:62:04:e2:5c:4c:59:0a:19:ab:08:eb:9a:
                    42:43:28:6d:40:9c:ab:17:6d:5b:f9:1d:0f:a6:f2:
                    8d:9e:30:84:bb:54:34:0b:db:c3:62:e1:db:37:e2:
                    8d:f0:fc:92:fd:26:a3:f9:77:af:19:84:e1:1c:77:
                    5c:68:e3:6a:23:24:52:e7:de:20:a1:f0:3c:75:81:
                    ce:36:b1:7e:bb:48:32:1f:78:9b:00:70:5d:ca:ed:
                    39:93:a4:19:a2:e9:55:1f:c2:1f:69:1d:e0:a9:5a:
                    71:de:f6:6e:58:16:82:c9:f6:8d:f2:f9:b5:c4:e8:
                    66:c2:11:07:48:dc:dc:28:38:c9:d1:a5:92:3b:6d:
                    56:32:07:cf:66:54:4e:e0:2c:18:bc:68:71:2c:00:
                    e6:ad:6e:1e:66:f9:dd:95:61:ca:55:6b:69:ed:fb:
                    44:2b:9c:31:56:e9:72:54:eb:89:af:0d:94:4e:f2:
                    bf:93:68:32:b2:00:d9:05:4e:47:78:50:8c:4a:9e:
                    0d:73:b5:b2:ec:53:5d:c3:0f:fb:b0:19:f6:be:76:
                    58:aa:d4:3d:a4:19:7a:f8:8d:01:14:c3:0c:68:e6:
                    ec:48:d3:cd:22:45:11:8e:85:0e:90:67:9f:99:31:
                    28:ce:25:37:f8:ac:ad:37:61:af:f3:88:7e:a0:c7:
                    ed:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:4A:2E:DE:7F:FF:00:27:86:37:43:38:DF:39:20:A2:7B:C7:9E:0A
            X509v3 Authority Key Identifier:
                keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/IUou3n__ACeGN0M43zkgonvHngo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:8fc5:190::/44

    Signature Algorithm: sha256WithRSAEncryption
         4f:c0:0b:02:53:12:cd:4e:21:50:8e:c2:a9:c4:b6:bc:22:af:
         d0:87:37:3a:a1:93:ea:46:5a:d8:8a:be:a3:4c:39:2c:1d:a5:
         77:7a:c6:d8:04:75:6b:41:7e:08:41:1a:71:ee:2b:8a:18:08:
         9c:79:53:b1:63:20:2e:89:9d:62:d7:d8:f3:08:c0:aa:44:48:
         92:bc:66:12:22:9c:e2:87:56:e1:3c:2a:37:06:02:d0:a2:47:
         c3:7d:c0:f0:89:15:a5:0e:96:ca:6f:80:22:bf:11:86:4f:dc:
         f7:84:6a:c1:6d:1d:2b:53:16:3b:bf:d9:c6:b2:78:89:a9:e5:
         c0:cc:68:c0:30:64:53:7c:80:28:1b:53:5d:6e:bd:11:11:3f:
         96:24:25:63:f8:ac:fd:08:1f:cd:b2:49:e4:37:60:04:b0:ec:
         a6:0d:6a:df:7c:13:ac:8c:8a:26:38:95:75:f9:76:51:f7:0e:
         7d:4b:9f:49:d1:17:c5:be:b6:44:1e:f3:54:01:6c:b8:ee:a6:
         95:cc:98:5e:9c:e7:cb:5e:5c:d6:d9:b5:04:3e:d4:7f:27:e6:
         4f:22:64:c3:65:5c:45:5c:cc:9f:d5:32:43:77:ab:1b:4d:07:
         60:81:cb:a4:1c:bf:4b:b2:e1:42:6a:a7:f4:f1:ce:ff:1f:c8:
         7b:2d:41:93
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYhDsXrakNsrbc+Mvwr6Ah//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjMwNTIyMTM0MTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTRhMmVkZTdmZmYwMDI3ODYzNzQzMzhkZjM5MjBhMjdiYzc5ZTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/RiBOJcTFkKGasI65pCQyhtQJyr
F21b+R0PpvKNnjCEu1Q0C9vDYuHbN+KN8PyS/Saj+XevGYThHHdcaONqIyRS594g
ofA8dYHONrF+u0gyH3ibAHBdyu05k6QZoulVH8IfaR3gqVpx3vZuWBaCyfaN8vm1
xOhmwhEHSNzcKDjJ0aWSO21WMgfPZlRO4CwYvGhxLADmrW4eZvndlWHKVWtp7ftE
K5wxVulyVOuJrw2UTvK/k2gysgDZBU5HeFCMSp4Nc7Wy7FNdww/7sBn2vnZYqtQ9
pBl6+I0BFMMMaObsSNPNIkURjoUOkGefmTEoziU3+KytN2Gv84h+oMftYQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCFKLt5//wAnhjdDON85IKJ7x54KMB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEvSVVvdTNuX19BQ2VHTjBNNDN6a2dvbnZIbmdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhKPxQGQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBPwAsCUxLNTiFQjsKpxLa8Iq/Qhzc6oZPqRlrY
ir6jTDksHaV3esbYBHVrQX4IQRpx7iuKGAiceVOxYyAuiZ1i19jzCMCqREiSvGYS
Ipzih1bhPCo3BgLQokfDfcDwiRWlDpbKb4AivxGGT9z3hGrBbR0rUxY7v9nGsniJ
qeXAzGjAMGRTfIAoG1Ndbr0RET+WJCVj+Kz9CB/NsknkN2AEsOymDWrffBOsjIom
OJV1+XZR9w59S59J0RfFvrZEHvNUAWy47qaVzJhenOfLXlzW2bUEPtR/J+ZPImTD
ZVxFXMyf1TJDd6sbTQdggcukHL9LsuFCaqf08c7/H8h7LUGT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:13 2024 by rpki-client on console-fra.rpki-client.org