Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/2pCoTco--6ZUebWN-tTJtiMGc-Y.roa
File:                     2pCoTco--6ZUebWN-tTJtiMGc-Y.roa (raw, json)
Hash identifier:          nXrAP82LEIMQOhlV1MzvrGnBTIamQKO+q0D0ewHfwnU=
Subject key identifier:   DA:90:A8:4D:CA:3E:FB:A6:54:79:B5:8D:FA:D4:C9:B6:23:06:73:E6
Certificate issuer:       /CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Certificate serial:       01856D81B1BF78BD4406BC2802865E80B238
Authority key identifier: 25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/2pCoTco--6ZUebWN-tTJtiMGc-Y.roa
Signing time:             Sun 01 Jan 2023 13:24:54 +0000
ROA not before:           Sun 01 Jan 2023 13:24:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7018
IP address blocks:        2a0e:ec01::/32 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:81:b1:bf:78:bd:44:06:bc:28:02:86:5e:80:b2:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=259490c5dbcfbf590da33bfbd37970a0763469c9
        Validity
            Not Before: Jan  1 13:24:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=da90a84dca3efba65479b58dfad4c9b6230673e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:4b:48:ae:e6:5b:68:6e:d1:4a:30:f7:1e:ba:
                    07:87:32:a4:e0:47:55:58:8c:eb:d9:8e:10:fa:e7:
                    0b:e8:60:23:20:76:7b:7b:b6:64:0c:f3:51:a0:26:
                    c7:fc:03:6e:75:36:08:31:c7:28:92:2c:a2:76:ec:
                    06:a9:bd:28:29:2f:09:c0:d0:d2:1b:80:63:dd:cc:
                    42:10:f0:6d:78:92:9c:f3:8b:1e:a7:39:3f:24:cc:
                    5f:b2:92:ca:fd:74:a2:93:c8:37:da:5f:c3:c7:5f:
                    e0:da:87:29:2f:ec:23:64:ab:94:16:61:2b:26:da:
                    bd:c7:a6:4f:7e:f6:db:cd:b7:dc:f9:cf:79:a4:a5:
                    e9:89:12:3a:f2:d8:05:1f:68:50:25:0e:28:66:43:
                    f5:0e:04:22:d1:ba:d3:2e:11:32:13:fd:e6:dc:1a:
                    bc:64:34:cd:3c:51:e5:69:b3:cb:ac:83:45:2d:67:
                    e9:91:fa:69:35:16:c4:df:3d:fb:47:33:44:18:c2:
                    f7:d2:f9:15:a5:1f:c1:17:b4:33:2e:11:66:e6:d8:
                    52:e9:bf:ff:fd:4e:91:6c:41:dd:ec:79:d1:af:f0:
                    a8:62:a5:93:75:94:f4:d2:d8:4b:14:b8:22:fb:e8:
                    08:24:3e:a2:93:28:33:3f:39:4b:43:72:64:a5:d9:
                    c0:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:90:A8:4D:CA:3E:FB:A6:54:79:B5:8D:FA:D4:C9:B6:23:06:73:E6
            X509v3 Authority Key Identifier:
                keyid:25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/2pCoTco--6ZUebWN-tTJtiMGc-Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:ec01::/32

    Signature Algorithm: sha256WithRSAEncryption
         48:ff:53:15:97:98:6f:38:bd:5d:48:69:47:f6:56:77:fd:f4:
         f0:d7:d9:b4:e0:77:ac:d2:a2:29:ac:13:af:86:85:6e:a6:8f:
         25:76:3a:63:0f:46:68:68:69:b9:a7:c4:76:f0:34:b4:c8:58:
         98:56:4f:d6:fe:39:a0:ee:03:b2:f7:c1:eb:7f:29:58:1c:59:
         07:66:90:c7:7a:b5:ce:69:19:36:0d:e1:b6:6e:51:f7:81:50:
         c6:20:a4:43:c2:7b:66:7f:9a:20:1e:a4:66:2d:38:aa:11:fb:
         74:00:0c:23:eb:a8:30:3a:d8:cd:01:5e:1e:d0:01:43:38:f5:
         61:a7:97:b5:bb:62:34:65:e6:50:be:90:22:53:34:4b:15:d4:
         dd:11:dd:5d:51:2a:bb:d8:98:59:76:2b:24:4c:5c:6d:39:3f:
         9f:52:b3:ff:1b:c6:69:f8:90:c6:4f:8e:35:da:cc:fa:3b:e2:
         9d:33:c6:13:75:4c:41:ea:0f:fc:21:bc:b2:43:a7:ad:65:bb:
         92:7c:5c:c3:8d:d4:23:4f:47:5b:65:83:9a:ee:2c:42:8d:cc:
         5b:3d:af:63:bb:58:0f:8a:36:bc:b7:d5:a0:8f:20:cf:02:4b:
         e3:a0:fc:aa:01:81:c9:f6:2c:b8:f8:68:0d:77:57:b8:0d:94:
         c2:00:d8:b5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtgbG/eL1EBrwoAoZegLI4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OTQ5MGM1ZGJjZmJmNTkwZGEzM2JmYmQzNzk3MGEwNzYz
NDY5YzkwHhcNMjMwMTAxMTMyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTkwYTg0ZGNhM2VmYmE2NTQ3OWI1OGRmYWQ0YzliNjIzMDY3M2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0tIruZbaG7RSjD3HroHhzKk4EdV
WIzr2Y4Q+ucL6GAjIHZ7e7ZkDPNRoCbH/ANudTYIMccokiyiduwGqb0oKS8JwNDS
G4Bj3cxCEPBteJKc84sepzk/JMxfspLK/XSik8g32l/Dx1/g2ocpL+wjZKuUFmEr
Jtq9x6ZPfvbbzbfc+c95pKXpiRI68tgFH2hQJQ4oZkP1DgQi0brTLhEyE/3m3Bq8
ZDTNPFHlabPLrINFLWfpkfppNRbE3z37RzNEGML30vkVpR/BF7QzLhFm5thS6b//
/U6RbEHd7HnRr/CoYqWTdZT00thLFLgi++gIJD6ikygzPzlLQ3JkpdnAZwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNqQqE3KPvumVHm1jfrUybYjBnPmMB8GA1UdIwQY
MBaAFCWUkMXbz79ZDaM7+9N5cKB2NGnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQt
M2NlM2NmOGIxYzQ5LzEvMnBDb1Rjby0tNlpVZWJXTi10VEp0aU1HYy1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQtM2NlM2NmOGIxYzQ5
LzEvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg7sATAN
BgkqhkiG9w0BAQsFAAOCAQEASP9TFZeYbzi9XUhpR/ZWd/308NfZtOB3rNKiKawT
r4aFbqaPJXY6Yw9GaGhpuafEdvA0tMhYmFZP1v45oO4DsvfB638pWBxZB2aQx3q1
zmkZNg3htm5R94FQxiCkQ8J7Zn+aIB6kZi04qhH7dAAMI+uoMDrYzQFeHtABQzj1
YaeXtbtiNGXmUL6QIlM0SxXU3RHdXVEqu9iYWXYrJExcbTk/n1Kz/xvGafiQxk+O
NdrM+jvinTPGE3VMQeoP/CG8skOnrWW7knxcw43UI09HW2WDmu4sQo3MWz2vY7tY
D4o2vLfVoI8gzwJL46D8qgGByfYsuPhoDXdXuA2UwgDYtQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:50 2024 by rpki-client on console-fra.rpki-client.org