Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b716ad-ed04-4de4-b994-4aab2d68fa5a/1/twpwxYOZP13k4qwcy-fOLAvV00M.roa
File:                     twpwxYOZP13k4qwcy-fOLAvV00M.roa (raw, json)
Hash identifier:          HJsjQ7L7SvJZXo8dZQHyyH6fOOx9uHVNZrLViy2nG4A=
Subject key identifier:   B7:0A:70:C5:83:99:3F:5D:E4:E2:AC:1C:CB:E7:CE:2C:0B:D5:D3:43
Certificate issuer:       /CN=8d1bef730527aae1ecf8fb3085659d6fdfeed797
Certificate serial:       018C80FFF155A64DBECDE8AFA06FD6F77D1C
Authority key identifier: 8D:1B:EF:73:05:27:AA:E1:EC:F8:FB:30:85:65:9D:6F:DF:EE:D7:97
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRvvcwUnquHs-PswhWWdb9_u15c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/b716ad-ed04-4de4-b994-4aab2d68fa5a/1/twpwxYOZP13k4qwcy-fOLAvV00M.roa
Signing time:             Tue 19 Dec 2023 07:35:06 +0000
ROA not before:           Tue 19 Dec 2023 07:35:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216285
IP address blocks:        2a14:4280::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:80:ff:f1:55:a6:4d:be:cd:e8:af:a0:6f:d6:f7:7d:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1bef730527aae1ecf8fb3085659d6fdfeed797
        Validity
            Not Before: Dec 19 07:35:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b70a70c583993f5de4e2ac1ccbe7ce2c0bd5d343
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:55:96:91:86:b3:e9:02:ad:52:ff:f4:d4:2a:
                    29:a3:a6:e6:b9:d0:00:8a:16:3b:8a:b6:59:43:0c:
                    91:f7:50:19:0c:79:39:05:30:5c:18:5c:6d:5a:f2:
                    d2:66:0e:e0:4b:96:fb:b4:62:24:dc:93:d2:72:2e:
                    84:77:e1:37:df:03:2e:03:2a:05:83:1b:32:34:15:
                    22:24:97:b1:36:7a:e5:f0:f2:1b:86:84:1f:f5:94:
                    42:c2:2c:37:82:5c:bd:6f:18:f8:aa:db:8f:9a:f6:
                    3b:17:fa:40:ac:15:03:62:9b:82:3b:5e:b3:7b:c8:
                    4a:43:84:64:55:47:34:fe:df:24:ff:49:f9:d6:1a:
                    9f:0e:9c:6b:85:e7:fb:89:ee:91:a5:53:de:5e:a6:
                    23:f5:6a:bb:b7:25:7c:1f:80:5c:c7:09:79:fd:e9:
                    dd:90:65:67:cf:02:08:8a:0c:25:6f:06:5e:7e:1c:
                    fe:31:f9:c3:9c:be:d0:be:06:18:93:2d:c2:58:6d:
                    c4:18:71:7b:13:d2:c0:65:9c:6c:be:42:8d:50:ae:
                    d1:cc:6b:81:26:96:18:33:57:46:64:cd:03:bb:3f:
                    0b:11:5f:f5:3b:7f:68:c4:af:6c:c9:b1:5d:d2:22:
                    35:06:55:e7:34:41:9a:f1:be:3c:ca:f4:d1:51:43:
                    75:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:0A:70:C5:83:99:3F:5D:E4:E2:AC:1C:CB:E7:CE:2C:0B:D5:D3:43
            X509v3 Authority Key Identifier:
                keyid:8D:1B:EF:73:05:27:AA:E1:EC:F8:FB:30:85:65:9D:6F:DF:EE:D7:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRvvcwUnquHs-PswhWWdb9_u15c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b716ad-ed04-4de4-b994-4aab2d68fa5a/1/twpwxYOZP13k4qwcy-fOLAvV00M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b716ad-ed04-4de4-b994-4aab2d68fa5a/1/jRvvcwUnquHs-PswhWWdb9_u15c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:4280::/32

    Signature Algorithm: sha256WithRSAEncryption
         88:84:ff:09:ec:c6:d1:50:aa:49:7e:78:27:16:2d:de:bb:da:
         89:90:32:ee:38:a9:77:d0:91:f4:3c:ab:32:ca:1c:8a:74:a2:
         ba:d8:13:4e:2b:63:ba:87:09:8c:cc:b5:04:64:d2:aa:3f:7c:
         87:1c:31:c9:88:e8:1d:d6:f6:af:bd:bc:fc:58:b3:af:f8:80:
         66:1d:da:0d:03:89:8d:cd:9f:c7:13:cf:c5:2b:4b:8d:92:8c:
         21:b6:83:0a:38:97:1a:d7:2e:9c:3f:03:45:7a:e4:69:43:9d:
         48:ce:ba:8f:88:5c:fc:e2:1a:59:3c:6f:e4:0b:23:d5:05:3e:
         38:d5:f6:9a:c2:ac:5e:53:da:49:1c:a7:f3:a2:51:03:11:9a:
         21:c9:8e:d9:0d:7b:80:81:94:ad:63:da:b0:a4:a6:8d:1a:5e:
         b1:29:cb:c6:26:9c:bd:64:17:a0:5b:8a:f5:a2:6c:0e:99:00:
         7b:01:48:18:8e:f2:ad:0e:00:03:76:3a:8d:f6:28:28:c7:45:
         c0:d3:4f:65:41:c9:0c:bd:4f:be:f8:81:e3:21:a5:ef:f7:23:
         2f:4d:34:64:05:68:4c:d0:8e:16:13:60:f7:ec:62:b1:9f:38:
         23:de:e4:e0:43:d1:58:47:91:3b:26:84:2b:d5:29:a9:e7:07:
         1b:60:2e:d1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYyA//FVpk2+zeivoG/W930cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWJlZjczMDUyN2FhZTFlY2Y4ZmIzMDg1NjU5ZDZmZGZl
ZWQ3OTcwHhcNMjMxMjE5MDczNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzBhNzBjNTgzOTkzZjVkZTRlMmFjMWNjYmU3Y2UyYzBiZDVkMzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVWWkYaz6QKtUv/01Copo6bmudAA
ihY7irZZQwyR91AZDHk5BTBcGFxtWvLSZg7gS5b7tGIk3JPSci6Ed+E33wMuAyoF
gxsyNBUiJJexNnrl8PIbhoQf9ZRCwiw3gly9bxj4qtuPmvY7F/pArBUDYpuCO16z
e8hKQ4RkVUc0/t8k/0n51hqfDpxrhef7ie6RpVPeXqYj9Wq7tyV8H4Bcxwl5/end
kGVnzwIIigwlbwZefhz+MfnDnL7QvgYYky3CWG3EGHF7E9LAZZxsvkKNUK7RzGuB
JpYYM1dGZM0Duz8LEV/1O39oxK9sybFd0iI1BlXnNEGa8b48yvTRUUN1FQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLcKcMWDmT9d5OKsHMvnziwL1dNDMB8GA1UdIwQY
MBaAFI0b73MFJ6rh7Pj7MIVlnW/f7teXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJ2dmN3VW5xdUhzLVBzd2hXV2RiOV91MTVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iNzE2YWQtZWQwNC00ZGU0LWI5OTQt
NGFhYjJkNjhmYTVhLzEvdHdwd3hZT1pQMTNrNHF3Y3ktZk9MQXZWMDBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9iNzE2YWQtZWQwNC00ZGU0LWI5OTQtNGFhYjJkNjhmYTVh
LzEvalJ2dmN3VW5xdUhzLVBzd2hXV2RiOV91MTVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhRCgDAN
BgkqhkiG9w0BAQsFAAOCAQEAiIT/CezG0VCqSX54JxYt3rvaiZAy7jipd9CR9Dyr
MsocinSiutgTTitjuocJjMy1BGTSqj98hxwxyYjoHdb2r728/Fizr/iAZh3aDQOJ
jc2fxxPPxStLjZKMIbaDCjiXGtcunD8DRXrkaUOdSM66j4hc/OIaWTxv5Asj1QU+
ONX2msKsXlPaSRyn86JRAxGaIcmO2Q17gIGUrWPasKSmjRpesSnLxiacvWQXoFuK
9aJsDpkAewFIGI7yrQ4AA3Y6jfYoKMdFwNNPZUHJDL1PvviB4yGl7/cjL000ZAVo
TNCOFhNg9+xisZ84I97k4EPRWEeROyaEK9UpqecHG2Au0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:28 2024 by rpki-client on console-ams.rpki-client.org