Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/ldvyiOD10UcoatLtqqplUdd0-Ro.roa
File:                     ldvyiOD10UcoatLtqqplUdd0-Ro.roa (raw, json)
Hash identifier:          3hEfctBqM9RvlVubQAIOrXckUjqDLRbHLfjU4fv32g4=
Subject key identifier:   95:DB:F2:88:E0:F5:D1:47:28:6A:D2:ED:AA:AA:65:51:D7:74:F9:1A
Certificate issuer:       /CN=29be02dea0a086e9880f564c86872bbc597cc672
Certificate serial:       01856F14D06584C13930E514518514F9EFE2
Authority key identifier: 29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/ldvyiOD10UcoatLtqqplUdd0-Ro.roa
Signing time:             Sun 01 Jan 2023 20:45:13 +0000
ROA not before:           Sun 01 Jan 2023 20:45:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29470
IP address blocks:        139.45.216.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:14:d0:65:84:c1:39:30:e5:14:51:85:14:f9:ef:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29be02dea0a086e9880f564c86872bbc597cc672
        Validity
            Not Before: Jan  1 20:45:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=95dbf288e0f5d147286ad2edaaaa6551d774f91a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:1b:99:b6:0b:fc:0a:ad:9f:34:20:e3:2b:8f:
                    a2:ea:21:65:29:df:cc:f9:fa:a3:bc:54:85:b7:2b:
                    da:0a:7f:a2:e7:61:ee:1e:21:60:ea:32:cc:ec:c0:
                    e5:c3:ab:3c:25:57:66:4d:1f:25:86:03:3a:63:81:
                    92:7f:12:65:1c:63:4a:5c:e6:f3:46:b5:f7:cd:ea:
                    43:cc:d5:7e:4f:36:c2:42:6d:57:38:63:de:d1:46:
                    8b:9e:c2:d3:36:46:1d:b4:45:3b:46:e9:9d:ac:b5:
                    cc:11:aa:1b:e9:80:34:e7:72:e8:97:20:d8:4f:e2:
                    c3:69:6d:a1:7c:36:97:e3:3b:a4:6a:e5:f0:d0:e2:
                    ac:5e:ee:e4:25:a5:9f:21:fe:c7:53:d3:80:e6:d3:
                    94:8f:92:7d:4e:30:3f:dc:4b:5f:e4:e3:cc:6c:30:
                    90:51:14:3d:7a:32:8f:ab:07:c1:42:bb:2f:77:6f:
                    c0:a3:81:87:14:c3:2b:f8:bf:c6:dc:57:bc:ab:93:
                    c0:45:74:15:79:63:ce:8d:cf:cb:de:32:29:4a:ea:
                    9c:5e:0e:f6:4b:af:b4:c2:43:b1:30:72:6c:fc:d6:
                    55:4c:51:bb:ce:9e:cb:5d:69:cc:a5:a6:08:1c:1a:
                    a7:39:11:6a:b3:24:c4:68:80:b1:66:6d:33:cb:13:
                    1e:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:DB:F2:88:E0:F5:D1:47:28:6A:D2:ED:AA:AA:65:51:D7:74:F9:1A
            X509v3 Authority Key Identifier:
                keyid:29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/ldvyiOD10UcoatLtqqplUdd0-Ro.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  139.45.216.0/21

    Signature Algorithm: sha256WithRSAEncryption
         34:d0:7f:69:2c:9f:fc:04:c6:2d:ba:8c:bc:ec:6a:68:ce:21:
         a7:79:96:5e:01:0b:7c:46:34:9c:9d:ec:b8:93:64:78:99:ff:
         e9:97:67:75:c6:04:20:29:da:c9:7c:c5:55:c5:da:f7:1b:10:
         1d:d3:d2:0c:84:91:b2:1b:50:85:11:d3:9e:34:3f:0a:a7:86:
         8a:f4:50:7c:e6:96:ce:4e:97:68:aa:06:26:72:5b:93:1e:da:
         bf:c3:36:4a:08:55:b0:3f:b9:10:8c:fa:17:fc:39:5a:23:af:
         98:94:6c:29:4c:35:51:83:4d:05:23:f5:34:68:fa:43:83:b6:
         f9:a5:31:bf:66:18:54:16:64:4d:e3:d7:4e:f8:02:c7:03:c2:
         bc:fd:62:77:e6:7f:81:3f:c4:ec:32:d9:60:c5:96:0b:4c:79:
         88:e0:2d:0f:c4:90:aa:8b:43:1c:de:f5:77:94:be:96:cd:d8:
         d4:23:fb:27:13:a6:27:2a:a3:7b:33:bf:a5:a0:44:43:c1:f5:
         cf:72:76:d2:da:77:c4:f2:46:af:e4:ca:68:60:6d:b5:34:0c:
         db:62:d5:2c:44:d9:09:93:14:c9:12:fe:ca:4e:9e:cd:84:2d:
         fe:49:a0:91:59:8c:ee:69:06:af:11:5d:ce:64:82:2d:da:81:
         71:08:72:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFNBlhME5MOUUUYUU+e/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YmUwMmRlYTBhMDg2ZTk4ODBmNTY0Yzg2ODcyYmJjNTk3
Y2M2NzIwHhcNMjMwMTAxMjA0NTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWRiZjI4OGUwZjVkMTQ3Mjg2YWQyZWRhYWFhNjU1MWQ3NzRmOTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhuZtgv8Cq2fNCDjK4+i6iFlKd/M
+fqjvFSFtyvaCn+i52HuHiFg6jLM7MDlw6s8JVdmTR8lhgM6Y4GSfxJlHGNKXObz
RrX3zepDzNV+TzbCQm1XOGPe0UaLnsLTNkYdtEU7RumdrLXMEaob6YA053LolyDY
T+LDaW2hfDaX4zukauXw0OKsXu7kJaWfIf7HU9OA5tOUj5J9TjA/3Etf5OPMbDCQ
URQ9ejKPqwfBQrsvd2/Ao4GHFMMr+L/G3Fe8q5PARXQVeWPOjc/L3jIpSuqcXg72
S6+0wkOxMHJs/NZVTFG7zp7LXWnMpaYIHBqnORFqsyTEaICxZm0zyxMeBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJXb8ojg9dFHKGrS7aqqZVHXdPkaMB8GA1UdIwQY
MBaAFCm+At6goIbpiA9WTIaHK7xZfMZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMt
MDAzYTE1NjhiZjNmLzEvbGR2eWlPRDEwVWNvYXRMdHFxcGxVZGQwLVJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMtMDAzYTE1NjhiZjNm
LzEvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDiy3YMA0G
CSqGSIb3DQEBCwUAA4IBAQA00H9pLJ/8BMYtuoy87GpoziGneZZeAQt8RjScney4
k2R4mf/pl2d1xgQgKdrJfMVVxdr3GxAd09IMhJGyG1CFEdOeND8Kp4aK9FB85pbO
TpdoqgYmcluTHtq/wzZKCFWwP7kQjPoX/DlaI6+YlGwpTDVRg00FI/U0aPpDg7b5
pTG/ZhhUFmRN49dO+ALHA8K8/WJ35n+BP8TsMtlgxZYLTHmI4C0PxJCqi0Mc3vV3
lL6WzdjUI/snE6YnKqN7M7+loERDwfXPcnbS2nfE8kav5MpoYG21NAzbYtUsRNkJ
kxTJEv7KTp7NhC3+SaCRWYzuaQavEV3OZIIt2oFxCHLT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:17 2024 by rpki-client on console-fra.rpki-client.org