Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f615b0-4d98-4a3d-8bd2-4c93bee27d54/1/OxQ3tVTkDHe7y9pdu9sLcZzAIHc.roa
File:                     OxQ3tVTkDHe7y9pdu9sLcZzAIHc.roa (raw, json)
Hash identifier:          52lEbgI3ytfvDsFm7DeRj8wHgqkmy7dLmuR31PfoY/I=
Subject key identifier:   3B:14:37:B5:54:E4:0C:77:BB:CB:DA:5D:BB:DB:0B:71:9C:C0:20:77
Certificate issuer:       /CN=8405c07192a8106fedb0760b8945032ca1d3054b
Certificate serial:       01856D53C260CBCBDE5EA8371EB2ABD5CAA5
Authority key identifier: 84:05:C0:71:92:A8:10:6F:ED:B0:76:0B:89:45:03:2C:A1:D3:05:4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hAXAcZKoEG_tsHYLiUUDLKHTBUs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/f615b0-4d98-4a3d-8bd2-4c93bee27d54/1/OxQ3tVTkDHe7y9pdu9sLcZzAIHc.roa
Signing time:             Sun 01 Jan 2023 12:34:43 +0000
ROA not before:           Sun 01 Jan 2023 12:34:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51903
IP address blocks:        2a0c:3a81::/40 maxlen: 40

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:53:c2:60:cb:cb:de:5e:a8:37:1e:b2:ab:d5:ca:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8405c07192a8106fedb0760b8945032ca1d3054b
        Validity
            Not Before: Jan  1 12:34:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3b1437b554e40c77bbcbda5dbbdb0b719cc02077
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:8e:7e:ba:c0:c4:ca:fd:a1:5c:3a:b4:43:42:
                    25:97:01:a8:ff:f0:63:ae:45:4b:55:06:f2:f0:38:
                    15:1c:14:7d:a6:c3:6b:50:83:80:58:0a:4b:a4:34:
                    6b:22:4b:48:1d:17:50:10:93:71:e8:fd:c3:92:c5:
                    38:72:aa:2f:86:71:b4:ce:64:a4:d2:89:85:72:5f:
                    26:d0:1b:ec:bf:b4:22:ec:4b:19:30:78:9e:80:e6:
                    02:62:e6:b4:eb:61:94:b7:1d:71:34:2e:00:a7:a6:
                    d2:3e:46:23:18:0b:92:a8:ba:7a:f3:dc:87:ec:bb:
                    f3:5e:2d:92:15:2c:5c:2f:b4:10:ae:84:9b:e3:c4:
                    fb:63:e0:81:6c:f2:eb:28:1f:ba:03:2d:05:91:01:
                    16:d3:d6:82:27:26:68:94:b5:e3:83:7b:13:40:c5:
                    5c:27:bb:28:82:46:e4:a8:46:58:6f:25:a6:bc:44:
                    b8:fb:f7:d0:ca:4a:20:fc:43:14:89:61:02:97:16:
                    fd:52:29:35:86:a6:b7:8b:a3:b9:7b:5f:d6:51:75:
                    b0:40:18:ae:90:dd:30:f6:59:57:08:9b:a2:6b:ae:
                    a1:fd:66:70:0b:0f:bc:f0:0f:4d:bb:87:39:7e:fb:
                    01:99:1b:c0:0a:ee:97:0e:22:b8:eb:c4:52:53:bb:
                    cb:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:14:37:B5:54:E4:0C:77:BB:CB:DA:5D:BB:DB:0B:71:9C:C0:20:77
            X509v3 Authority Key Identifier:
                keyid:84:05:C0:71:92:A8:10:6F:ED:B0:76:0B:89:45:03:2C:A1:D3:05:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hAXAcZKoEG_tsHYLiUUDLKHTBUs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f615b0-4d98-4a3d-8bd2-4c93bee27d54/1/OxQ3tVTkDHe7y9pdu9sLcZzAIHc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f615b0-4d98-4a3d-8bd2-4c93bee27d54/1/hAXAcZKoEG_tsHYLiUUDLKHTBUs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:3a81::/40

    Signature Algorithm: sha256WithRSAEncryption
         93:7a:13:4d:fe:f0:b4:d2:8a:2b:e4:56:09:6e:bd:19:a3:8b:
         2f:0e:54:2c:90:e5:23:d1:6b:4a:0d:f1:ea:b1:45:c6:2d:3d:
         4a:0f:df:2f:e0:65:ea:cd:78:cb:e0:4b:a6:cf:9f:22:4d:fe:
         48:69:ae:d7:f4:c9:8b:1f:62:88:5a:62:61:c3:9b:f2:06:07:
         70:cd:0b:b2:41:8c:b1:e6:7b:77:5c:61:f6:af:49:0d:18:5d:
         03:8a:98:4c:f3:03:15:3a:fd:7f:7c:8d:51:0b:97:f8:71:95:
         17:24:7e:b0:e4:3d:ce:ad:ee:a7:b0:1d:55:6b:82:3e:26:2d:
         fc:e3:00:7b:1c:df:73:10:77:a7:9b:7f:a4:7c:73:7f:11:b3:
         9f:49:f6:a9:89:6d:e9:7a:8e:65:ac:97:ca:de:a8:e9:a7:58:
         fd:b8:9b:d3:ed:45:ae:3c:fa:50:a5:74:c8:d1:2f:d5:eb:99:
         c8:31:bb:1b:bc:b7:b9:3c:41:d1:b8:8c:30:39:4b:55:4d:c9:
         c1:1c:37:ec:5e:ee:36:e5:d7:6a:e3:fc:f2:f6:b5:86:d8:bf:
         02:9b:f9:37:28:66:e7:db:e5:5e:60:30:e8:56:a7:28:b2:e9:
         1a:f8:ea:37:24:d6:93:f6:da:4f:e1:fb:00:a8:74:9c:3e:bb:
         14:f9:dd:37
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtU8Jgy8veXqg3HrKr1cqlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MDVjMDcxOTJhODEwNmZlZGIwNzYwYjg5NDUwMzJjYTFk
MzA1NGIwHhcNMjMwMTAxMTIzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjE0MzdiNTU0ZTQwYzc3YmJjYmRhNWRiYmRiMGI3MTljYzAyMDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoY5+usDEyv2hXDq0Q0IllwGo//Bj
rkVLVQby8DgVHBR9psNrUIOAWApLpDRrIktIHRdQEJNx6P3DksU4cqovhnG0zmSk
0omFcl8m0Bvsv7Qi7EsZMHiegOYCYua062GUtx1xNC4Ap6bSPkYjGAuSqLp689yH
7LvzXi2SFSxcL7QQroSb48T7Y+CBbPLrKB+6Ay0FkQEW09aCJyZolLXjg3sTQMVc
J7sogkbkqEZYbyWmvES4+/fQykog/EMUiWEClxb9Uik1hqa3i6O5e1/WUXWwQBiu
kN0w9llXCJuia66h/WZwCw+88A9Nu4c5fvsBmRvACu6XDiK468RSU7vLbwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDsUN7VU5Ax3u8vaXbvbC3GcwCB3MB8GA1UdIwQY
MBaAFIQFwHGSqBBv7bB2C4lFAyyh0wVLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEFYQWNaS29FR190c0hZTGlVVURMS0hUQlVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mNjE1YjAtNGQ5OC00YTNkLThiZDIt
NGM5M2JlZTI3ZDU0LzEvT3hRM3RWVGtESGU3eTlwZHU5c0xjWnpBSUhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9mNjE1YjAtNGQ5OC00YTNkLThiZDItNGM5M2JlZTI3ZDU0
LzEvaEFYQWNaS29FR190c0hZTGlVVURMS0hUQlVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgw6gQAw
DQYJKoZIhvcNAQELBQADggEBAJN6E03+8LTSiivkVgluvRmjiy8OVCyQ5SPRa0oN
8eqxRcYtPUoP3y/gZerNeMvgS6bPnyJN/khprtf0yYsfYohaYmHDm/IGB3DNC7JB
jLHme3dcYfavSQ0YXQOKmEzzAxU6/X98jVELl/hxlRckfrDkPc6t7qewHVVrgj4m
LfzjAHsc33MQd6ebf6R8c38Rs59J9qmJbel6jmWsl8reqOmnWP24m9PtRa48+lCl
dMjRL9Xrmcgxuxu8t7k8QdG4jDA5S1VNycEcN+xe7jbl12rj/PL2tYbYvwKb+Tco
Zufb5V5gMOhWpyiy6Rr46jck1pP22k/h+wCodJw+uxT53Tc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:23 2024 by rpki-client on console-fra.rpki-client.org