Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/sEgSqWcXtQvay501nLTI7PYQulM.roa
File:                     sEgSqWcXtQvay501nLTI7PYQulM.roa (raw, json)
Hash identifier:          BU+CbYp7mQ5AatdLZURTVwfQe22wULwWM2KnlBqptCg=
Subject key identifier:   B0:48:12:A9:67:17:B5:0B:DA:CB:9D:35:9C:B4:C8:EC:F6:10:BA:53
Certificate issuer:       /CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Certificate serial:       018571D7B6802439609C54A3DD2E463539C2
Authority key identifier: 57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/sEgSqWcXtQvay501nLTI7PYQulM.roa
Signing time:             Mon 02 Jan 2023 09:37:20 +0000
ROA not before:           Mon 02 Jan 2023 09:37:20 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        2a02:1140:200::/40 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:d7:b6:80:24:39:60:9c:54:a3:dd:2e:46:35:39:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57182aab5ad9efa380a6c6f06c016e158be977bc
        Validity
            Not Before: Jan  2 09:37:20 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b04812a96717b50bdacb9d359cb4c8ecf610ba53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:bf:10:b0:39:9a:83:bd:17:c7:6a:98:24:d4:
                    f8:d8:a1:55:13:79:f5:4f:be:d7:e0:3f:17:df:44:
                    bd:57:a6:56:d5:e1:b6:39:48:ee:ba:e6:a3:a4:31:
                    5f:8a:47:36:13:4c:56:14:3a:64:1a:ea:cc:98:ce:
                    b8:c7:6e:9e:97:9d:be:58:8a:dc:7c:fb:f1:47:fa:
                    29:72:b4:32:3a:26:9c:3d:21:c2:2b:b3:c9:4b:16:
                    82:47:78:4a:6c:87:29:92:4b:eb:54:34:24:c2:fd:
                    b9:5a:2c:9d:31:b8:25:86:f5:2b:9d:c7:28:ed:15:
                    8a:9e:82:1a:ff:4e:3d:7d:5e:73:88:98:b4:e3:74:
                    02:c9:42:26:75:82:d0:8a:d9:32:93:55:75:c7:cc:
                    33:e4:34:31:26:92:22:cb:e8:6f:f5:ed:94:4f:37:
                    80:c6:a7:e3:70:60:89:85:35:d5:33:2d:6c:dd:9c:
                    9b:ab:3e:29:a8:75:82:ab:bd:1f:95:85:5a:ca:53:
                    5d:33:b4:15:a7:43:80:69:03:02:30:b3:1d:83:ed:
                    46:f3:4e:f0:d3:21:f7:2f:5a:25:69:0a:5e:9a:d8:
                    e5:4e:71:36:db:b4:2d:75:76:17:db:07:37:6d:be:
                    02:39:4d:7a:9b:a2:b8:da:ea:fb:74:69:9c:c3:1c:
                    92:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:48:12:A9:67:17:B5:0B:DA:CB:9D:35:9C:B4:C8:EC:F6:10:BA:53
            X509v3 Authority Key Identifier:
                keyid:57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/sEgSqWcXtQvay501nLTI7PYQulM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a02:1140:200::/40

    Signature Algorithm: sha256WithRSAEncryption
         cd:6d:1f:68:03:d9:de:16:51:cf:54:c6:8b:b0:00:30:11:29:
         e3:41:3f:b6:e2:98:88:97:7b:3a:8e:cd:e3:aa:c5:97:a0:06:
         5c:3f:0d:f7:d8:da:ed:4d:9f:1f:39:9f:ce:77:4f:ff:55:a6:
         3c:08:42:b1:3f:b8:4a:f5:7f:4c:62:cc:99:b4:1e:09:89:1b:
         b5:eb:30:7d:19:2c:5a:ef:52:de:73:dd:7c:5f:f9:06:b5:65:
         54:b1:c1:57:0e:83:de:a0:b6:10:ca:1a:d2:96:dd:a4:9c:97:
         31:09:34:ee:23:74:53:20:c1:f3:cd:c6:35:a4:17:33:8e:54:
         c8:6a:dd:f6:12:c4:75:5e:60:99:c7:a9:46:7b:52:5c:95:e7:
         0d:fa:ae:86:18:4b:5d:8e:fb:84:b1:ae:d0:d5:a6:09:2d:88:
         b2:fb:20:76:ed:98:15:0b:e7:e1:43:41:2f:9f:0f:36:1c:31:
         2f:37:c1:e2:b8:13:92:42:07:19:59:34:26:8c:b7:55:b1:97:
         a9:16:de:9f:01:0b:69:c0:50:ad:17:e5:09:ba:04:84:fb:31:
         f6:86:6d:ae:b1:23:eb:9b:a7:d8:71:2b:79:5f:58:85:91:fc:
         d1:7a:5b:f9:bc:72:a6:ef:8c:f1:f9:50:5c:d3:f3:6d:9d:df:
         48:ca:d2:b6
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVx17aAJDlgnFSj3S5GNTnCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MTgyYWFiNWFkOWVmYTM4MGE2YzZmMDZjMDE2ZTE1OGJl
OTc3YmMwHhcNMjMwMTAyMDkzNzIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDQ4MTJhOTY3MTdiNTBiZGFjYjlkMzU5Y2I0YzhlY2Y2MTBiYTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs78QsDmag70Xx2qYJNT42KFVE3n1
T77X4D8X30S9V6ZW1eG2OUjuuuajpDFfikc2E0xWFDpkGurMmM64x26el52+WIrc
fPvxR/opcrQyOiacPSHCK7PJSxaCR3hKbIcpkkvrVDQkwv25WiydMbglhvUrncco
7RWKnoIa/049fV5ziJi043QCyUImdYLQitkyk1V1x8wz5DQxJpIiy+hv9e2UTzeA
xqfjcGCJhTXVMy1s3Zybqz4pqHWCq70flYVaylNdM7QVp0OAaQMCMLMdg+1G807w
0yH3L1olaQpemtjlTnE227QtdXYX2wc3bb4COU16m6K42ur7dGmcwxySmQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLBIEqlnF7UL2sudNZy0yOz2ELpTMB8GA1UdIwQY
MBaAFFcYKqta2e+jgKbG8GwBbhWL6Xe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnhncXExclo3Nk9BcHNid2JBRnVGWXZwZDd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84YzUxY2ItYTNiZC00NzZkLTg4MGYt
YTk2YzYyNjZhYmRiLzEvc0VnU3FXY1h0UXZheTUwMW5MVEk3UFlRdWxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84YzUxY2ItYTNiZC00NzZkLTg4MGYtYTk2YzYyNjZhYmRi
LzEvVnhncXExclo3Nk9BcHNid2JBRnVGWXZwZDd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgIRQAIw
DQYJKoZIhvcNAQELBQADggEBAM1tH2gD2d4WUc9UxouwADARKeNBP7bimIiXezqO
zeOqxZegBlw/DffY2u1Nnx85n853T/9VpjwIQrE/uEr1f0xizJm0HgmJG7XrMH0Z
LFrvUt5z3Xxf+Qa1ZVSxwVcOg96gthDKGtKW3aSclzEJNO4jdFMgwfPNxjWkFzOO
VMhq3fYSxHVeYJnHqUZ7UlyV5w36roYYS12O+4SxrtDVpgktiLL7IHbtmBUL5+FD
QS+fDzYcMS83weK4E5JCBxlZNCaMt1Wxl6kW3p8BC2nAUK0X5Qm6BIT7MfaGba6x
I+ubp9hxK3lfWIWR/NF6W/m8cqbvjPH5UFzT822d30jK0rY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:20 2024 by rpki-client on console-fra.rpki-client.org