Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/ab7a04-ffe1-4a05-a5ef-8f539b64b8db/1/Vzi0hrHUvkSc54ARcPR377ib5mw.roa
File:                     Vzi0hrHUvkSc54ARcPR377ib5mw.roa (raw, json)
Hash identifier:          leQfA8xj+nHL7b1O7Rj6YCeoqlJLtwwHvk45lkGvbOU=
Subject key identifier:   57:38:B4:86:B1:D4:BE:44:9C:E7:80:11:70:F4:77:EF:B8:9B:E6:6C
Certificate issuer:       /CN=7b8254253dc0213fe58a7aff4b82463e47978063
Certificate serial:       0186DBDC9F90FD6E01D20ABC243230521077
Authority key identifier: 7B:82:54:25:3D:C0:21:3F:E5:8A:7A:FF:4B:82:46:3E:47:97:80:63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e4JUJT3AIT_linr_S4JGPkeXgGM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/ab7a04-ffe1-4a05-a5ef-8f539b64b8db/1/Vzi0hrHUvkSc54ARcPR377ib5mw.roa
Signing time:             Mon 13 Mar 2023 16:45:14 +0000
ROA not before:           Mon 13 Mar 2023 16:45:14 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8220
IP address blocks:        2a11:fd40:1000::/36 maxlen: 36

Validation:               Failed, certificate revoked on Thu 28 Sep 2023 07:31:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:db:dc:9f:90:fd:6e:01:d2:0a:bc:24:32:30:52:10:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b8254253dc0213fe58a7aff4b82463e47978063
        Validity
            Not Before: Mar 13 16:45:14 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5738b486b1d4be449ce7801170f477efb89be66c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:07:e4:30:ca:2c:20:4d:92:80:51:6f:95:3e:
                    01:84:f8:a3:a5:c1:4b:42:ec:6d:ac:ac:cb:06:90:
                    66:d0:69:1b:5e:49:10:b0:40:4a:e2:d8:0e:74:c5:
                    66:49:17:36:9c:7b:39:b0:3b:0e:b5:65:6b:9a:91:
                    fc:f0:70:af:d8:01:ad:5a:15:c4:2e:d8:7d:60:e1:
                    c2:f1:d4:0b:d8:80:b2:04:18:e4:55:dc:97:46:d4:
                    97:30:69:d1:ad:48:54:94:d4:b6:02:7e:59:5c:d4:
                    ad:5e:fb:4c:8c:30:ed:78:6e:78:92:9a:ef:23:56:
                    94:39:24:06:69:65:f1:9d:c5:fe:04:c4:80:be:4b:
                    b9:d9:b5:5b:d0:3b:16:50:5d:4f:59:56:c3:32:ef:
                    fd:1f:d9:7e:da:7f:a0:6f:69:89:fd:05:c7:63:0d:
                    48:74:60:4c:95:35:d6:ad:5d:32:9a:f9:6b:d2:fb:
                    0c:9c:70:bd:9d:3f:b2:5d:c7:6a:21:c6:d1:fd:5f:
                    06:26:1e:cd:fd:44:60:65:26:54:4b:eb:fb:6e:4b:
                    d9:45:4a:94:8d:72:fc:0d:1f:f2:df:ad:77:fb:c4:
                    19:9a:32:33:80:56:15:34:eb:87:33:c3:bf:b7:5b:
                    60:0a:45:07:eb:ba:17:3d:da:26:47:2d:e6:cb:fe:
                    f0:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:38:B4:86:B1:D4:BE:44:9C:E7:80:11:70:F4:77:EF:B8:9B:E6:6C
            X509v3 Authority Key Identifier:
                keyid:7B:82:54:25:3D:C0:21:3F:E5:8A:7A:FF:4B:82:46:3E:47:97:80:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4JUJT3AIT_linr_S4JGPkeXgGM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/ab7a04-ffe1-4a05-a5ef-8f539b64b8db/1/Vzi0hrHUvkSc54ARcPR377ib5mw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/ab7a04-ffe1-4a05-a5ef-8f539b64b8db/1/e4JUJT3AIT_linr_S4JGPkeXgGM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:fd40:1000::/36

    Signature Algorithm: sha256WithRSAEncryption
         64:1f:2b:24:a2:39:1c:12:02:ce:f2:f7:8b:c8:13:6d:37:4d:
         8c:95:3b:86:f1:24:59:68:af:b5:d8:9d:e6:e0:35:f1:c5:0a:
         74:29:24:c1:ae:93:02:c0:ce:54:47:87:23:67:98:ad:42:66:
         62:8d:a6:de:3b:bd:c8:f6:c6:f6:21:85:59:f7:65:c0:11:1f:
         5a:41:b1:22:e9:51:de:a1:2d:98:a5:bf:a6:e5:ac:cf:17:0d:
         ec:71:e7:05:a7:58:54:31:e3:89:51:c8:19:a2:4c:a4:80:10:
         7b:92:68:9c:d8:83:04:21:32:a7:61:d6:7b:7e:5c:d8:cd:f9:
         db:09:c7:11:52:c8:ee:3f:9c:ed:b3:ee:15:ab:10:f7:a5:7d:
         f6:4d:c8:e1:54:d2:a3:0d:5b:9f:ab:8a:a1:35:85:0b:15:08:
         35:ae:6c:10:c4:a3:0f:4d:38:29:75:b3:63:99:7f:4c:0a:be:
         da:7c:65:60:f5:24:10:90:a5:3a:d9:d4:5f:35:df:74:95:ee:
         4c:e8:a5:95:ec:63:d3:0f:bc:30:df:82:54:62:c7:50:90:22:
         1f:13:4a:37:2d:f0:eb:6b:5f:ee:79:81:b8:bd:1c:61:d5:7a:
         fd:32:dc:7b:ef:4b:77:5a:15:86:f4:ec:2a:40:7c:3f:f4:49:
         d0:37:9a:a5
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYbb3J+Q/W4B0gq8JDIwUhB3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiODI1NDI1M2RjMDIxM2ZlNThhN2FmZjRiODI0NjNlNDc5
NzgwNjMwHhcNMjMwMzEzMTY0NTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzM4YjQ4NmIxZDRiZTQ0OWNlNzgwMTE3MGY0NzdlZmI4OWJlNjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAfkMMosIE2SgFFvlT4BhPijpcFL
QuxtrKzLBpBm0GkbXkkQsEBK4tgOdMVmSRc2nHs5sDsOtWVrmpH88HCv2AGtWhXE
Lth9YOHC8dQL2ICyBBjkVdyXRtSXMGnRrUhUlNS2An5ZXNStXvtMjDDteG54kprv
I1aUOSQGaWXxncX+BMSAvku52bVb0DsWUF1PWVbDMu/9H9l+2n+gb2mJ/QXHYw1I
dGBMlTXWrV0ymvlr0vsMnHC9nT+yXcdqIcbR/V8GJh7N/URgZSZUS+v7bkvZRUqU
jXL8DR/y3613+8QZmjIzgFYVNOuHM8O/t1tgCkUH67oXPdomRy3my/7wPwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFc4tIax1L5EnOeAEXD0d++4m+ZsMB8GA1UdIwQY
MBaAFHuCVCU9wCE/5Yp6/0uCRj5Hl4BjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTRKVUpUM0FJVF9saW5yX1M0SkdQa2VYZ0dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9hYjdhMDQtZmZlMS00YTA1LWE1ZWYt
OGY1MzliNjRiOGRiLzEvVnppMGhySFV2a1NjNTRBUmNQUjM3N2liNW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9hYjdhMDQtZmZlMS00YTA1LWE1ZWYtOGY1MzliNjRiOGRi
LzEvZTRKVUpUM0FJVF9saW5yX1M0SkdQa2VYZ0dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKhH9QBAw
DQYJKoZIhvcNAQELBQADggEBAGQfKySiORwSAs7y94vIE203TYyVO4bxJFlor7XY
nebgNfHFCnQpJMGukwLAzlRHhyNnmK1CZmKNpt47vcj2xvYhhVn3ZcARH1pBsSLp
Ud6hLZilv6blrM8XDexx5wWnWFQx44lRyBmiTKSAEHuSaJzYgwQhMqdh1nt+XNjN
+dsJxxFSyO4/nO2z7hWrEPelffZNyOFU0qMNW5+riqE1hQsVCDWubBDEow9NOCl1
s2OZf0wKvtp8ZWD1JBCQpTrZ1F8133SV7kzopZXsY9MPvDDfglRix1CQIh8TSjct
8OtrX+55gbi9HGHVev0y3HvvS3daFYb07CpAfD/0SdA3mqU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:48 2024 by rpki-client on console-fra.rpki-client.org