Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/x6VA-yuTUZxdwHX-YPB8cF9qLdI.roa
File:                     x6VA-yuTUZxdwHX-YPB8cF9qLdI.roa (raw, json)
Hash identifier:          lx7agyPyfuMNshSN9DxUvgdt6OKz703jtAXpnR1WkkI=
Subject key identifier:   C7:A5:40:FB:2B:93:51:9C:5D:C0:75:FE:60:F0:7C:70:5F:6A:2D:D2
Certificate issuer:       /CN=29be02dea0a086e9880f564c86872bbc597cc672
Certificate serial:       018C8122BBF6D29973DDB111624C013A463A
Authority key identifier: 29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/x6VA-yuTUZxdwHX-YPB8cF9qLdI.roa
Signing time:             Tue 19 Dec 2023 08:13:06 +0000
ROA not before:           Tue 19 Dec 2023 08:13:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     28886
IP address blocks:        217.28.48.0/20 maxlen: 20
                          2a02:2880::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:81:22:bb:f6:d2:99:73:dd:b1:11:62:4c:01:3a:46:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29be02dea0a086e9880f564c86872bbc597cc672
        Validity
            Not Before: Dec 19 08:13:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c7a540fb2b93519c5dc075fe60f07c705f6a2dd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:64:42:e3:6d:00:1d:14:b6:47:91:d3:60:6d:
                    15:75:af:40:51:b7:59:75:b8:13:84:99:4a:82:ce:
                    0f:0d:bf:6b:07:e5:df:4e:85:29:df:41:85:71:14:
                    ee:5c:3c:a1:2b:18:e8:cd:5e:84:e1:f4:7e:3c:27:
                    d6:f8:0b:04:8d:a5:4c:47:8f:da:86:97:af:e7:b4:
                    2e:e0:b5:c4:fb:c1:8b:51:fe:32:dd:aa:94:e8:88:
                    86:ec:96:95:b9:4d:46:4a:2a:8a:5c:3c:3e:97:90:
                    f2:31:e0:e8:8b:90:7d:c0:0c:63:b8:b3:11:79:3a:
                    03:94:20:06:b4:00:a8:40:a6:f4:2e:01:4f:60:da:
                    00:a5:f6:35:20:7c:e7:17:ea:5a:2d:c7:5b:0e:91:
                    ec:44:42:61:8f:a2:15:c8:81:00:8b:5c:5a:be:70:
                    85:e4:42:a7:d2:79:12:44:1f:65:ee:5b:0e:e9:96:
                    1d:58:7f:65:81:e3:ed:b9:30:98:c8:b2:d5:b5:74:
                    75:33:8e:24:db:a7:c3:65:59:9e:03:9c:41:d8:ac:
                    6d:fb:fe:44:3b:cd:e2:df:93:5f:37:36:5e:19:48:
                    0e:60:81:1e:23:3f:10:91:20:07:0e:84:a5:a5:e6:
                    a8:a4:71:9a:dc:83:35:d2:ad:c9:a8:e4:5b:3f:2a:
                    ce:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:A5:40:FB:2B:93:51:9C:5D:C0:75:FE:60:F0:7C:70:5F:6A:2D:D2
            X509v3 Authority Key Identifier:
                keyid:29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/x6VA-yuTUZxdwHX-YPB8cF9qLdI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.28.48.0/20
                IPv6:
                  2a02:2880::/32

    Signature Algorithm: sha256WithRSAEncryption
         3a:7f:1c:9f:7b:4a:8f:6a:d6:6f:3a:54:f7:d9:0b:90:7d:d5:
         da:7a:46:3d:88:60:7a:61:5e:2f:94:d0:90:de:5c:94:e7:22:
         21:53:a1:3d:1d:85:21:17:73:88:54:fa:19:67:ac:64:76:40:
         2d:27:9b:93:9f:d3:4b:b3:57:25:53:38:b2:cc:d0:5a:45:4a:
         3f:a9:2f:bc:53:5e:bd:f0:04:4a:01:c3:08:58:69:09:6c:83:
         07:7a:b3:c6:b9:42:78:d1:c5:0d:6d:a7:ed:8e:78:af:49:73:
         58:f3:8e:16:00:54:87:0b:d9:bc:04:55:9d:0b:4f:ed:c9:70:
         73:3b:b8:e6:c7:78:53:01:10:67:ff:c3:3a:6d:7a:15:ff:95:
         a0:84:91:3e:6b:e1:c8:ca:80:ef:85:ab:e6:31:ce:7b:a2:11:
         30:a6:b5:ab:d7:99:9f:1d:87:fe:3b:50:ca:ad:cf:2a:3d:99:
         93:c1:4c:b3:f6:77:31:da:69:57:04:76:58:ea:4a:2f:bb:8b:
         c5:7c:80:5d:60:56:96:0b:c1:af:8f:0b:2c:87:b6:d1:76:9e:
         ec:73:2e:d5:13:2d:30:5a:4f:61:d2:1e:6e:73:2f:28:21:bd:
         9f:ce:50:b2:0b:f5:78:61:a6:71:8a:7a:83:0c:c0:ca:ef:c7:
         62:94:d0:27
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYyBIrv20plz3bERYkwBOkY6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YmUwMmRlYTBhMDg2ZTk4ODBmNTY0Yzg2ODcyYmJjNTk3
Y2M2NzIwHhcNMjMxMjE5MDgxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2E1NDBmYjJiOTM1MTljNWRjMDc1ZmU2MGYwN2M3MDVmNmEyZGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGRC420AHRS2R5HTYG0Vda9AUbdZ
dbgThJlKgs4PDb9rB+XfToUp30GFcRTuXDyhKxjozV6E4fR+PCfW+AsEjaVMR4/a
hpev57Qu4LXE+8GLUf4y3aqU6IiG7JaVuU1GSiqKXDw+l5DyMeDoi5B9wAxjuLMR
eToDlCAGtACoQKb0LgFPYNoApfY1IHznF+paLcdbDpHsREJhj6IVyIEAi1xavnCF
5EKn0nkSRB9l7lsO6ZYdWH9lgePtuTCYyLLVtXR1M44k26fDZVmeA5xB2Kxt+/5E
O83i35NfNzZeGUgOYIEeIz8QkSAHDoSlpeaopHGa3IM10q3JqORbPyrOmQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMelQPsrk1GcXcB1/mDwfHBfai3SMB8GA1UdIwQY
MBaAFCm+At6goIbpiA9WTIaHK7xZfMZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMt
MDAzYTE1NjhiZjNmLzEveDZWQS15dVRVWnhkd0hYLVlQQjhjRjlxTGRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMtMDAzYTE1NjhiZjNm
LzEvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2RwwMA0E
AgACMAcDBQAqAiiAMA0GCSqGSIb3DQEBCwUAA4IBAQA6fxyfe0qPatZvOlT32QuQ
fdXaekY9iGB6YV4vlNCQ3lyU5yIhU6E9HYUhF3OIVPoZZ6xkdkAtJ5uTn9NLs1cl
UziyzNBaRUo/qS+8U1698ARKAcMIWGkJbIMHerPGuUJ40cUNbaftjnivSXNY844W
AFSHC9m8BFWdC0/tyXBzO7jmx3hTARBn/8M6bXoV/5WghJE+a+HIyoDvhavmMc57
ohEwprWr15mfHYf+O1DKrc8qPZmTwUyz9ncx2mlXBHZY6kovu4vFfIBdYFaWC8Gv
jwssh7bRdp7scy7VEy0wWk9h0h5ucy8oIb2fzlCyC/V4YaZxinqDDMDK78dilNAn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:09 2024 by rpki-client on console-ams.rpki-client.org