Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/BMQoKpV1lYvwRiU7jaJXq_LANeU.roa
File:                     BMQoKpV1lYvwRiU7jaJXq_LANeU.roa (raw, json)
Hash identifier:          FKWJ5irh3qlps9fq8r5Py0DSRxCaZ6r5xeCrGKfS/JA=
Subject key identifier:   04:C4:28:2A:95:75:95:8B:F0:46:25:3B:8D:A2:57:AB:F2:C0:35:E5
Certificate issuer:       /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial:       01856E38CCD4E07067BCAF5A12895FE4642A
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/BMQoKpV1lYvwRiU7jaJXq_LANeU.roa
Signing time:             Sun 01 Jan 2023 16:44:54 +0000
ROA not before:           Sun 01 Jan 2023 16:44:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203323
IP address blocks:        2a01:5c40:c000::/64 maxlen: 64

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:38:cc:d4:e0:70:67:bc:af:5a:12:89:5f:e4:64:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19426325acb8ce609a686fa655b058968809b346
        Validity
            Not Before: Jan  1 16:44:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=04c4282a9575958bf046253b8da257abf2c035e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:0e:f8:e6:e0:bc:95:41:c2:78:ab:2e:da:db:
                    72:34:23:b8:a6:a2:0e:ad:c1:cc:53:0c:7b:7b:a9:
                    32:0a:ae:59:f8:f8:28:bf:2f:eb:97:58:a6:72:98:
                    79:87:ab:b5:d5:54:71:11:5f:b9:bc:d1:79:d6:48:
                    40:d2:f5:c4:d9:ed:d9:bb:e9:08:45:86:d9:24:36:
                    d3:96:11:fc:a3:d2:cd:88:96:e4:6e:45:dd:22:f9:
                    ff:31:ee:95:ff:39:b5:ee:a0:7d:56:38:de:3e:f6:
                    51:76:d9:25:d8:c3:87:a2:ed:0b:97:7d:80:6c:f1:
                    c6:06:0e:e4:f5:59:99:a4:e8:68:46:71:56:81:85:
                    d1:85:12:93:c9:fe:4b:f8:4f:af:60:23:e1:fd:8b:
                    f0:62:11:dd:b2:82:1d:98:89:c2:fd:ec:fb:80:6c:
                    da:c8:25:04:59:09:de:9c:6b:65:af:b2:5e:96:7c:
                    cc:0e:e6:e6:20:4e:86:90:e3:83:33:77:e0:ba:84:
                    b8:3a:ce:1a:8c:97:9b:91:8b:99:69:99:5a:11:4e:
                    3c:f9:68:ed:3c:5f:09:55:db:f7:58:c3:a9:a7:0e:
                    f5:70:a0:dd:e1:86:e5:7f:7c:65:4c:ff:bf:fe:00:
                    84:98:42:ed:01:64:e0:d4:91:9c:5f:4c:81:52:6b:
                    a0:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:C4:28:2A:95:75:95:8B:F0:46:25:3B:8D:A2:57:AB:F2:C0:35:E5
            X509v3 Authority Key Identifier:
                keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/BMQoKpV1lYvwRiU7jaJXq_LANeU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a01:5c40:c000::/64

    Signature Algorithm: sha256WithRSAEncryption
         82:fc:54:4f:38:8b:68:75:87:97:c5:8f:cd:e5:37:4c:a5:54:
         78:ed:e1:c0:c3:36:a5:7e:1a:1f:41:87:b3:57:bd:07:85:53:
         1d:82:b4:42:9c:3b:d3:83:3c:4e:31:c5:95:b0:1e:0e:a8:ed:
         a3:f6:58:ef:74:a6:80:58:e6:11:e0:d9:66:4b:c6:a9:e2:2a:
         27:00:09:56:b5:e0:fa:84:89:eb:e6:6e:ea:6f:d3:19:b2:01:
         ed:ae:93:ad:13:56:46:04:65:e1:cb:ec:25:f8:2d:7e:07:8a:
         89:ad:71:31:73:2a:47:71:c5:3a:f3:38:1a:3a:c8:cd:85:18:
         1d:91:9a:ba:5f:9e:cf:fc:08:a2:56:2c:c8:a0:ac:19:c5:50:
         08:57:53:6b:0e:35:9f:8e:80:d7:04:60:1a:27:a3:08:b6:e8:
         ca:9e:80:74:4f:60:7c:04:9c:b5:89:c6:5e:7a:5f:c1:57:16:
         3a:32:1e:24:24:68:ce:71:07:1a:f5:89:e2:a7:11:74:de:99:
         25:5a:62:7c:08:a1:07:ac:1f:02:39:93:f7:25:4f:57:c7:93:
         cc:c8:96:06:a7:9f:de:5d:34:c9:d3:1e:7e:aa:b9:5c:79:ce:
         08:2d:bc:ce:0d:05:9a:3f:19:1d:33:b8:35:ee:ae:9c:6d:35:
         65:e0:f3:a0
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYVuOMzU4HBnvK9aEolf5GQqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjMwMTAxMTY0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGM0MjgyYTk1NzU5NThiZjA0NjI1M2I4ZGEyNTdhYmYyYzAzNWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxw745uC8lUHCeKsu2ttyNCO4pqIO
rcHMUwx7e6kyCq5Z+Pgovy/rl1imcph5h6u11VRxEV+5vNF51khA0vXE2e3Zu+kI
RYbZJDbTlhH8o9LNiJbkbkXdIvn/Me6V/zm17qB9VjjePvZRdtkl2MOHou0Ll32A
bPHGBg7k9VmZpOhoRnFWgYXRhRKTyf5L+E+vYCPh/YvwYhHdsoIdmInC/ez7gGza
yCUEWQnenGtlr7JelnzMDubmIE6GkOODM3fguoS4Os4ajJebkYuZaZlaEU48+Wjt
PF8JVdv3WMOppw71cKDd4Yblf3xlTP+//gCEmELtAWTg1JGcX0yBUmugPwIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFATEKCqVdZWL8EYlO42iV6vywDXlMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvQk1Rb0twVjFsWXZ3UmlVN2phSlhxX0xBTmVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAAjALAwkAKgFcQMAA
AAAwDQYJKoZIhvcNAQELBQADggEBAIL8VE84i2h1h5fFj83lN0ylVHjt4cDDNqV+
Gh9Bh7NXvQeFUx2CtEKcO9ODPE4xxZWwHg6o7aP2WO90poBY5hHg2WZLxqniKicA
CVa14PqEievmbupv0xmyAe2uk60TVkYEZeHL7CX4LX4HiomtcTFzKkdxxTrzOBo6
yM2FGB2Rmrpfns/8CKJWLMigrBnFUAhXU2sONZ+OgNcEYBonowi26MqegHRPYHwE
nLWJxl56X8FXFjoyHiQkaM5xBxr1ieKnEXTemSVaYnwIoQesHwI5k/clT1fHk8zI
lgann95dNMnTHn6quVx5zggtvM4NBZo/GR0zuDXurpxtNWXg86A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:38 2024 by rpki-client on console-ams.rpki-client.org