Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/a2TXsJm4JNFu5Y98aYZ7ug0T7hc.roa
File:                     a2TXsJm4JNFu5Y98aYZ7ug0T7hc.roa (raw, json)
Hash identifier:          V4YAJCJEYndv6kM9WWwBC/eBrfqTxYlOER0m/x7ubK0=
Subject key identifier:   6B:64:D7:B0:99:B8:24:D1:6E:E5:8F:7C:69:86:7B:BA:0D:13:EE:17
Certificate issuer:       /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial:       01856BAED2B01D3EC9CBA194795C53436A6F
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/a2TXsJm4JNFu5Y98aYZ7ug0T7hc.roa
Signing time:             Sun 01 Jan 2023 04:54:57 +0000
ROA not before:           Sun 01 Jan 2023 04:54:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57351
IP address blocks:        2a12:8fc6:400::/40 maxlen: 40

Validation:               Failed, certificate revoked on Fri 03 Mar 2023 14:44:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:ae:d2:b0:1d:3e:c9:cb:a1:94:79:5c:53:43:6a:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
        Validity
            Not Before: Jan  1 04:54:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6b64d7b099b824d16ee58f7c69867bba0d13ee17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:60:18:19:5d:f0:6d:67:d1:2c:21:b5:14:16:
                    36:7d:b0:42:1c:ca:71:de:f2:03:43:eb:1e:06:07:
                    d5:2d:4b:3e:bc:f2:99:57:70:15:61:12:c0:31:19:
                    e4:ae:7c:ba:4d:a3:bd:47:b5:3d:ed:45:87:46:8e:
                    d0:2f:d3:36:1d:2c:3a:5e:9f:20:fb:ea:45:1f:76:
                    46:94:01:e6:84:26:05:e7:90:ad:c9:97:d7:b1:07:
                    0a:fb:68:d9:70:5f:15:b4:e9:85:09:50:3f:13:71:
                    9c:76:2b:9c:a6:54:0c:e2:dd:f9:86:c3:f4:eb:56:
                    2a:2a:9f:90:1f:5e:b6:a4:fe:a1:f3:75:e0:d3:c2:
                    da:c7:28:e1:d5:31:d3:36:dd:31:72:7c:1d:f3:05:
                    04:df:be:fd:3a:e9:39:36:08:0c:a6:6e:79:7a:f5:
                    fc:c5:ca:11:58:03:f6:da:05:01:eb:82:3b:6f:ff:
                    65:f5:92:9d:53:7e:0a:e3:03:68:34:2a:47:bf:9b:
                    48:04:07:6a:7f:55:c1:ec:ec:c5:ad:64:85:10:e9:
                    5e:e1:1f:1b:45:77:c7:63:a3:4d:d9:b0:da:0e:01:
                    ee:ff:fc:3e:43:cc:86:0f:ff:87:13:f9:b6:74:cc:
                    20:0a:76:4e:58:d2:77:e1:31:ad:3a:e9:f6:db:0a:
                    3e:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:64:D7:B0:99:B8:24:D1:6E:E5:8F:7C:69:86:7B:BA:0D:13:EE:17
            X509v3 Authority Key Identifier:
                keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/a2TXsJm4JNFu5Y98aYZ7ug0T7hc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:8fc6:400::/40

    Signature Algorithm: sha256WithRSAEncryption
         1c:ae:e1:cb:5a:fc:2f:13:7d:1c:aa:27:46:b2:81:41:06:13:
         8a:cb:71:34:9f:21:5a:85:71:9c:b4:05:48:c4:f4:8d:62:77:
         9a:40:f8:57:03:d8:0c:f6:df:62:0e:17:df:d1:1f:85:3e:91:
         78:c4:a3:a5:23:c4:58:f9:d5:36:41:fb:d3:e3:54:05:85:b7:
         56:c4:65:6c:d6:4c:a5:98:a6:d3:73:c5:67:fd:ba:7b:d4:eb:
         2e:8c:85:2b:53:60:04:01:d5:ce:85:70:13:08:44:1f:0f:74:
         2f:45:68:64:3a:fd:0e:75:b7:f8:df:96:f6:b4:b3:93:40:85:
         c1:c7:0c:5e:e6:19:d3:4f:7a:75:e0:d7:98:77:8d:2f:c2:2b:
         8e:50:4e:8a:09:c4:22:da:ee:fa:07:5e:81:c3:be:99:50:24:
         7a:00:46:2f:aa:06:68:32:40:12:7b:bd:40:48:d2:a2:a0:62:
         ef:da:e7:05:26:82:a8:60:78:49:70:5f:fc:a6:a7:59:76:7e:
         c1:39:26:ca:33:e2:a9:96:51:2c:f8:a9:e8:25:39:5d:ff:81:
         15:f7:7d:ae:fc:b2:9b:be:b6:7a:ea:58:3a:96:70:16:50:58:
         34:1f:b7:e8:44:5a:12:4d:b1:62:0e:46:88:59:5e:e4:92:84:
         22:d0:6a:79
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVrrtKwHT7Jy6GUeVxTQ2pvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjMwMTAxMDQ1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjY0ZDdiMDk5YjgyNGQxNmVlNThmN2M2OTg2N2JiYTBkMTNlZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3mAYGV3wbWfRLCG1FBY2fbBCHMpx
3vIDQ+seBgfVLUs+vPKZV3AVYRLAMRnkrny6TaO9R7U97UWHRo7QL9M2HSw6Xp8g
++pFH3ZGlAHmhCYF55CtyZfXsQcK+2jZcF8VtOmFCVA/E3GcdiucplQM4t35hsP0
61YqKp+QH162pP6h83Xg08Laxyjh1THTNt0xcnwd8wUE3779Ouk5NggMpm55evX8
xcoRWAP22gUB64I7b/9l9ZKdU34K4wNoNCpHv5tIBAdqf1XB7OzFrWSFEOle4R8b
RXfHY6NN2bDaDgHu//w+Q8yGD/+HE/m2dMwgCnZOWNJ34TGtOun22wo+OwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGtk17CZuCTRbuWPfGmGe7oNE+4XMB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEvYTJUWHNKbTRKTkZ1NVk5OGFZWjd1ZzBUN2hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhKPxgQw
DQYJKoZIhvcNAQELBQADggEBAByu4cta/C8TfRyqJ0aygUEGE4rLcTSfIVqFcZy0
BUjE9I1id5pA+FcD2Az232IOF9/RH4U+kXjEo6UjxFj51TZB+9PjVAWFt1bEZWzW
TKWYptNzxWf9unvU6y6MhStTYAQB1c6FcBMIRB8PdC9FaGQ6/Q51t/jflva0s5NA
hcHHDF7mGdNPenXg15h3jS/CK45QTooJxCLa7voHXoHDvplQJHoARi+qBmgyQBJ7
vUBI0qKgYu/a5wUmgqhgeElwX/ymp1l2fsE5Jsoz4qmWUSz4qeglOV3/gRX3fa78
spu+tnrqWDqWcBZQWDQft+hEWhJNsWIORohZXuSShCLQank=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:13 2024 by rpki-client on console-fra.rpki-client.org