Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/qvqLGo0CsQTZCMpTfbrahPjii_M.roa
File:                     qvqLGo0CsQTZCMpTfbrahPjii_M.roa (raw, json)
Hash identifier:          JpdA6LAxy+wcNpUxWmHqyz1StpoHyCfVdcf2HoZbYw4=
Subject key identifier:   AA:FA:8B:1A:8D:02:B1:04:D9:08:CA:53:7D:BA:DA:84:F8:E2:8B:F3
Certificate issuer:       /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial:       0186BD9B0C3D4F5C02B80C7E52807CA084C3
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/qvqLGo0CsQTZCMpTfbrahPjii_M.roa
Signing time:             Tue 07 Mar 2023 19:45:00 +0000
ROA not before:           Tue 07 Mar 2023 19:45:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200132
IP address blocks:        2a12:8fc6:600::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:bd:9b:0c:3d:4f:5c:02:b8:0c:7e:52:80:7c:a0:84:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
        Validity
            Not Before: Mar  7 19:45:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aafa8b1a8d02b104d908ca537dbada84f8e28bf3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:17:ee:d8:f7:78:3e:25:24:b1:b5:c9:9c:ae:
                    b1:5b:f4:95:84:1f:4a:a3:94:be:2c:01:e0:ba:39:
                    c7:13:74:29:33:40:6d:78:15:28:b3:55:7e:fc:33:
                    9b:35:88:7f:6b:69:7f:b1:97:4b:d1:49:8d:60:a1:
                    b1:30:68:68:52:1d:4c:53:3f:b1:2c:e8:49:33:ec:
                    b0:24:c6:06:c9:1d:0f:ec:93:32:d9:90:73:1e:a0:
                    06:d1:cd:d3:21:48:b9:2f:95:05:1a:ae:26:8f:69:
                    ea:a5:83:fc:49:da:25:6c:13:b4:00:f3:59:15:ec:
                    65:6e:bc:65:ab:91:26:21:67:1d:60:f0:ea:62:a3:
                    17:62:b0:a7:d4:b3:b7:ef:dd:a5:a4:a4:3e:ae:6f:
                    54:40:5d:fb:89:6b:dc:66:a1:be:ef:48:56:bc:2b:
                    92:16:2c:d6:07:97:a8:9e:52:dc:ca:bc:f5:34:02:
                    ac:51:75:c3:b2:f4:12:ba:83:d9:44:7d:6f:bd:fa:
                    f9:c7:0a:85:5b:24:cc:16:eb:3b:02:3a:b9:d3:68:
                    33:0e:88:3d:09:ac:c8:7a:f3:40:dc:e3:9e:9f:5c:
                    34:80:3b:02:fa:b1:95:bb:00:01:04:c7:9b:61:19:
                    3c:f5:6c:b6:fa:48:84:75:e1:2b:ea:1b:99:7f:85:
                    c1:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:FA:8B:1A:8D:02:B1:04:D9:08:CA:53:7D:BA:DA:84:F8:E2:8B:F3
            X509v3 Authority Key Identifier:
                keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/qvqLGo0CsQTZCMpTfbrahPjii_M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:8fc6:600::/48

    Signature Algorithm: sha256WithRSAEncryption
         65:1f:a4:30:0d:90:40:29:9e:c9:15:1d:c7:d6:53:44:5b:2b:
         7a:df:92:6d:2f:47:2f:26:ad:99:e9:c0:fd:e7:21:60:56:e3:
         ed:e3:58:f3:08:78:43:64:83:b5:e2:7e:c4:a5:77:23:82:8d:
         6d:02:cb:73:6d:ed:2d:8f:91:92:e1:d2:b9:55:3d:81:62:3b:
         20:ac:9d:ea:d7:65:4d:bb:4f:d9:41:40:81:26:da:3a:fc:05:
         24:3d:25:40:7c:ed:af:09:8f:80:3b:75:c4:b5:5e:86:00:1f:
         19:32:2f:24:e7:d4:a6:35:25:4d:8f:be:7b:26:7d:95:ac:94:
         78:ed:7d:fd:8f:18:24:3f:c7:38:d0:10:b3:de:c5:a4:de:31:
         9b:67:51:98:52:32:57:12:e5:5f:7a:2b:19:8e:a1:0e:d9:ce:
         53:f1:c7:3e:31:2c:01:e7:da:d5:65:fe:c1:06:b0:31:3b:7c:
         4c:9b:d3:1f:98:a1:56:4d:03:1c:b3:75:0b:55:1e:61:7d:df:
         e6:d0:49:d5:a6:94:54:61:ea:f3:01:75:c6:d6:6f:5c:de:43:
         2c:2c:5a:2b:27:91:3c:db:5d:d1:47:d9:10:2d:97:d1:a4:1e:
         f0:59:0f:ec:d7:e4:59:d8:8b:ad:e3:bf:9c:81:aa:f6:76:30:
         c9:b2:45:8f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYa9mww9T1wCuAx+UoB8oITDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjMwMzA3MTk0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWZhOGIxYThkMDJiMTA0ZDkwOGNhNTM3ZGJhZGE4NGY4ZTI4YmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBfu2Pd4PiUksbXJnK6xW/SVhB9K
o5S+LAHgujnHE3QpM0BteBUos1V+/DObNYh/a2l/sZdL0UmNYKGxMGhoUh1MUz+x
LOhJM+ywJMYGyR0P7JMy2ZBzHqAG0c3TIUi5L5UFGq4mj2nqpYP8SdolbBO0APNZ
Fexlbrxlq5EmIWcdYPDqYqMXYrCn1LO3792lpKQ+rm9UQF37iWvcZqG+70hWvCuS
FizWB5eonlLcyrz1NAKsUXXDsvQSuoPZRH1vvfr5xwqFWyTMFus7Ajq502gzDog9
CazIevNA3OOen1w0gDsC+rGVuwABBMebYRk89Wy2+kiEdeEr6huZf4XBpwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKr6ixqNArEE2QjKU3262oT44ovzMB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEvcXZxTEdvMENzUVRaQ01wVGZicmFoUGppaV9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhKPxgYA
MA0GCSqGSIb3DQEBCwUAA4IBAQBlH6QwDZBAKZ7JFR3H1lNEWyt635JtL0cvJq2Z
6cD95yFgVuPt41jzCHhDZIO14n7EpXcjgo1tAstzbe0tj5GS4dK5VT2BYjsgrJ3q
12VNu0/ZQUCBJto6/AUkPSVAfO2vCY+AO3XEtV6GAB8ZMi8k59SmNSVNj757Jn2V
rJR47X39jxgkP8c40BCz3sWk3jGbZ1GYUjJXEuVfeisZjqEO2c5T8cc+MSwB59rV
Zf7BBrAxO3xMm9MfmKFWTQMcs3ULVR5hfd/m0EnVppRUYerzAXXG1m9c3kMsLFor
J5E8213RR9kQLZfRpB7wWQ/s1+RZ2Iut47+cgar2djDJskWP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:13 2024 by rpki-client on console-fra.rpki-client.org