Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/EWbp1xOQn-7M9QR8byipfzpfBUY.roa
File:                     EWbp1xOQn-7M9QR8byipfzpfBUY.roa (raw, json)
Hash identifier:          nWUZYc/cqEbirJKp//aecEY32YkqUhx2t2Uh1jI4sj0=
Subject key identifier:   11:66:E9:D7:13:90:9F:EE:CC:F5:04:7C:6F:28:A9:7F:3A:5F:05:46
Certificate issuer:       /CN=29be02dea0a086e9880f564c86872bbc597cc672
Certificate serial:       018857558F059D49FD030B00438BA4E14B70
Authority key identifier: 29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/EWbp1xOQn-7M9QR8byipfzpfBUY.roa
Signing time:             Fri 26 May 2023 09:13:24 +0000
ROA not before:           Fri 26 May 2023 09:13:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57304
IP address blocks:        2a02:2d9::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:57:55:8f:05:9d:49:fd:03:0b:00:43:8b:a4:e1:4b:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29be02dea0a086e9880f564c86872bbc597cc672
        Validity
            Not Before: May 26 09:13:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1166e9d713909feeccf5047c6f28a97f3a5f0546
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:31:bf:4e:ba:e7:26:f4:1b:32:cd:5b:29:e0:
                    3b:e2:ae:86:45:a7:a8:11:81:31:f5:6f:bf:20:c0:
                    a1:cd:97:fb:75:12:02:d9:73:0e:b5:63:b3:0a:cd:
                    dc:2f:3d:cc:21:29:35:df:52:8a:33:e1:5d:84:f5:
                    d6:23:4e:40:79:0c:e0:a0:3c:e4:30:c9:5e:10:8b:
                    9a:4d:f1:26:fe:53:cd:11:75:e9:9c:0b:a0:cd:1d:
                    79:f7:1f:69:92:f9:17:eb:c5:d6:64:66:b2:dd:12:
                    0a:42:1b:3e:72:29:cc:51:3a:87:f4:7b:36:5f:a6:
                    b6:ad:64:d8:c0:b8:7a:d4:b0:59:c8:9d:c0:82:f5:
                    e6:1d:4a:23:44:e1:3a:f0:95:c7:f7:9d:16:c3:de:
                    65:8f:22:c0:d8:fc:0a:98:2b:c4:fd:e0:00:a6:9a:
                    53:d7:08:bc:86:36:09:18:2a:bc:52:96:0f:50:8f:
                    d7:97:66:76:9d:77:2e:98:fd:e8:5f:cd:41:9d:9a:
                    0f:07:cd:cf:06:2d:48:ca:bf:aa:6e:38:3d:00:b4:
                    78:f7:38:19:ba:8f:51:6c:d2:2c:f2:a8:6d:bd:b2:
                    bb:ff:27:2f:81:0e:e8:e8:77:2c:85:34:ff:02:9e:
                    f7:d8:40:0f:8a:66:48:b1:bb:d0:a7:ff:43:01:b2:
                    bf:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:66:E9:D7:13:90:9F:EE:CC:F5:04:7C:6F:28:A9:7F:3A:5F:05:46
            X509v3 Authority Key Identifier:
                keyid:29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/EWbp1xOQn-7M9QR8byipfzpfBUY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a02:2d9::/32

    Signature Algorithm: sha256WithRSAEncryption
         24:6e:8e:43:d9:8e:09:0b:0b:6f:ec:7d:86:7d:df:7a:3e:36:
         80:f8:66:a2:fc:df:2e:35:a2:28:1d:7f:73:73:30:05:2f:51:
         1e:32:44:d5:af:99:79:8c:15:a8:6d:76:6d:d6:e6:c6:92:ee:
         12:c1:39:b3:a6:1f:6e:c7:14:c4:b0:88:3e:2a:17:6c:40:22:
         b5:8b:23:46:c0:e0:f9:ab:ea:dd:8c:cd:93:8e:d1:02:f7:83:
         b4:6f:51:66:cf:bc:17:41:2b:ff:b9:7b:1e:13:c6:94:5e:08:
         68:6b:44:27:a5:a9:a8:71:d2:02:1c:e8:f8:56:0c:d2:97:96:
         3b:cd:cf:64:fb:55:10:70:95:7f:13:f9:9b:3f:1a:d8:2d:1f:
         c1:0c:4b:d1:47:c5:5d:6d:50:e5:fd:21:6e:2d:8f:c4:4c:54:
         fb:37:e5:09:a6:57:64:fb:6e:22:3e:1e:e3:e6:87:fb:73:08:
         cc:50:5d:e9:b6:a5:15:fc:cd:07:94:47:86:3c:76:5c:37:49:
         5a:cb:f4:9e:0d:e7:a1:5e:b2:17:33:1a:ac:ad:db:1a:77:e5:
         89:ce:f7:b9:ec:7c:a3:d4:17:5c:8d:af:e3:c5:ad:87:b0:7e:
         20:a1:eb:22:f7:49:90:da:c4:91:4a:09:63:ea:69:fc:92:a0:
         16:1a:d2:a4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYhXVY8FnUn9AwsAQ4uk4UtwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YmUwMmRlYTBhMDg2ZTk4ODBmNTY0Yzg2ODcyYmJjNTk3
Y2M2NzIwHhcNMjMwNTI2MDkxMzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTY2ZTlkNzEzOTA5ZmVlY2NmNTA0N2M2ZjI4YTk3ZjNhNWYwNTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTG/TrrnJvQbMs1bKeA74q6GRaeo
EYEx9W+/IMChzZf7dRIC2XMOtWOzCs3cLz3MISk131KKM+FdhPXWI05AeQzgoDzk
MMleEIuaTfEm/lPNEXXpnAugzR159x9pkvkX68XWZGay3RIKQhs+cinMUTqH9Hs2
X6a2rWTYwLh61LBZyJ3AgvXmHUojROE68JXH950Ww95ljyLA2PwKmCvE/eAApppT
1wi8hjYJGCq8UpYPUI/Xl2Z2nXcumP3oX81BnZoPB83PBi1Iyr+qbjg9ALR49zgZ
uo9RbNIs8qhtvbK7/ycvgQ7o6HcshTT/Ap732EAPimZIsbvQp/9DAbK/SQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBFm6dcTkJ/uzPUEfG8oqX86XwVGMB8GA1UdIwQY
MBaAFCm+At6goIbpiA9WTIaHK7xZfMZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMt
MDAzYTE1NjhiZjNmLzEvRVdicDF4T1FuLTdNOVFSOGJ5aXBmenBmQlVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMtMDAzYTE1NjhiZjNm
LzEvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgIC2TAN
BgkqhkiG9w0BAQsFAAOCAQEAJG6OQ9mOCQsLb+x9hn3fej42gPhmovzfLjWiKB1/
c3MwBS9RHjJE1a+ZeYwVqG12bdbmxpLuEsE5s6YfbscUxLCIPioXbEAitYsjRsDg
+avq3YzNk47RAveDtG9RZs+8F0Er/7l7HhPGlF4IaGtEJ6WpqHHSAhzo+FYM0peW
O83PZPtVEHCVfxP5mz8a2C0fwQxL0UfFXW1Q5f0hbi2PxExU+zflCaZXZPtuIj4e
4+aH+3MIzFBd6balFfzNB5RHhjx2XDdJWsv0ng3noV6yFzMarK3bGnflic73uex8
o9QXXI2v48Wth7B+IKHrIvdJkNrEkUoJY+pp/JKgFhrSpA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:09 2024 by rpki-client on console-ams.rpki-client.org