Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/ZaELYc3zzlz4f7ODF4hhYbdWROo.roa
File:                     ZaELYc3zzlz4f7ODF4hhYbdWROo.roa (raw, json)
Hash identifier:          y72xGmQt03qK0I1rp7bcgsfyyMOXCOsH7m661dqXGbo=
Subject key identifier:   65:A1:0B:61:CD:F3:CE:5C:F8:7F:B3:83:17:88:61:61:B7:56:44:EA
Certificate issuer:       /CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Certificate serial:       0186C1C6BEAAA4C1BD6DD3AB5C8838A9F87A
Authority key identifier: 25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/ZaELYc3zzlz4f7ODF4hhYbdWROo.roa
Signing time:             Wed 08 Mar 2023 15:11:13 +0000
ROA not before:           Wed 08 Mar 2023 15:11:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        2a0e:ec01::/32 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:c1:c6:be:aa:a4:c1:bd:6d:d3:ab:5c:88:38:a9:f8:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=259490c5dbcfbf590da33bfbd37970a0763469c9
        Validity
            Not Before: Mar  8 15:11:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=65a10b61cdf3ce5cf87fb38317886161b75644ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:21:e7:c4:60:1a:c9:bb:8e:84:fe:a0:9b:ba:
                    4a:51:c2:d3:bb:7d:55:06:05:66:42:6a:f0:a3:07:
                    04:02:25:8d:24:80:34:a0:db:b6:00:6f:e4:4a:19:
                    cd:e9:9c:c4:c0:d7:a9:d1:6e:7c:1a:f6:a1:e2:22:
                    18:18:af:7e:26:e5:0c:a3:96:7d:ba:ac:35:85:ff:
                    9d:4a:86:5b:f2:48:5a:17:6c:b7:25:8c:1e:d1:29:
                    98:2f:a2:04:72:91:99:cf:c3:09:76:a3:47:ac:e4:
                    23:d6:35:8a:41:1d:4e:bc:c7:45:a1:0a:03:6e:30:
                    70:0a:5f:ee:dc:32:91:1c:9c:d4:2c:2c:0f:5b:6e:
                    6c:1e:8e:9e:04:4e:fc:d9:59:26:6e:01:1e:58:ba:
                    d4:19:76:96:0b:40:e2:fb:fc:92:91:4c:3f:75:7d:
                    24:1f:83:54:6a:d6:4d:f6:ee:ff:ab:d9:23:94:44:
                    f3:e8:92:1a:0c:5d:1a:26:59:d0:7f:61:c6:7b:83:
                    b2:dd:53:d2:53:f6:04:47:ce:68:55:30:36:9f:f1:
                    36:22:05:cc:6a:4c:12:c2:ab:6f:bb:86:8f:f0:0c:
                    6f:57:c4:b3:83:10:b1:02:e4:ff:01:2c:34:89:16:
                    da:ad:fd:99:df:d6:c3:6b:c7:d9:1a:48:a2:df:d7:
                    a2:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:A1:0B:61:CD:F3:CE:5C:F8:7F:B3:83:17:88:61:61:B7:56:44:EA
            X509v3 Authority Key Identifier:
                keyid:25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/ZaELYc3zzlz4f7ODF4hhYbdWROo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:ec01::/32

    Signature Algorithm: sha256WithRSAEncryption
         65:41:03:c2:09:6b:34:c4:e2:08:fd:8e:d6:40:88:39:04:7b:
         cc:3f:fa:a3:4c:11:3b:e0:14:c2:30:f7:c2:e9:13:16:07:d7:
         06:cd:e2:3d:05:1c:06:de:ea:70:51:4e:ef:85:1f:d3:8e:7f:
         c0:75:ec:28:84:9b:3b:60:26:16:8f:66:60:75:fb:24:67:01:
         7a:8e:e5:7f:f1:9f:99:e9:1a:4d:50:9c:91:3e:d6:53:0f:23:
         37:45:32:73:f9:a1:85:45:9a:a8:1e:fd:c5:05:6f:6c:2c:81:
         9a:a2:4c:d1:97:4f:9f:24:9b:9f:08:74:ad:df:5c:5e:ad:40:
         48:23:52:69:4a:ef:e5:3d:8a:dc:42:fa:41:a7:6d:d6:29:49:
         d0:01:5c:35:23:40:fe:46:cf:51:5a:8d:bb:c9:da:e1:d3:1c:
         66:13:a6:40:8a:e1:fa:fb:e4:c1:33:74:c6:16:c9:29:fa:e8:
         f3:ba:35:42:b7:dc:b2:e8:9c:0e:03:6e:b0:03:c7:0f:36:7d:
         c4:09:29:f8:af:21:9d:4f:46:d4:13:3e:27:f4:9b:75:5c:6f:
         5f:a8:e2:1d:f2:bb:ab:5e:8f:23:d4:4d:dc:09:4f:ef:52:f8:
         06:ea:2c:46:f1:0a:5f:2e:df:0f:c5:a5:16:17:00:51:f7:e6:
         9f:81:db:fd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYbBxr6qpMG9bdOrXIg4qfh6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OTQ5MGM1ZGJjZmJmNTkwZGEzM2JmYmQzNzk3MGEwNzYz
NDY5YzkwHhcNMjMwMzA4MTUxMTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWExMGI2MWNkZjNjZTVjZjg3ZmIzODMxNzg4NjE2MWI3NTY0NGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiHnxGAaybuOhP6gm7pKUcLTu31V
BgVmQmrwowcEAiWNJIA0oNu2AG/kShnN6ZzEwNep0W58Gvah4iIYGK9+JuUMo5Z9
uqw1hf+dSoZb8khaF2y3JYwe0SmYL6IEcpGZz8MJdqNHrOQj1jWKQR1OvMdFoQoD
bjBwCl/u3DKRHJzULCwPW25sHo6eBE782VkmbgEeWLrUGXaWC0Di+/ySkUw/dX0k
H4NUatZN9u7/q9kjlETz6JIaDF0aJlnQf2HGe4Oy3VPSU/YER85oVTA2n/E2IgXM
akwSwqtvu4aP8AxvV8SzgxCxAuT/ASw0iRbarf2Z39bDa8fZGkii39ei6wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGWhC2HN885c+H+zgxeIYWG3VkTqMB8GA1UdIwQY
MBaAFCWUkMXbz79ZDaM7+9N5cKB2NGnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQt
M2NlM2NmOGIxYzQ5LzEvWmFFTFljM3p6bHo0ZjdPREY0aGhZYmRXUk9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQtM2NlM2NmOGIxYzQ5
LzEvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg7sATAN
BgkqhkiG9w0BAQsFAAOCAQEAZUEDwglrNMTiCP2O1kCIOQR7zD/6o0wRO+AUwjD3
wukTFgfXBs3iPQUcBt7qcFFO74Uf045/wHXsKISbO2AmFo9mYHX7JGcBeo7lf/Gf
mekaTVCckT7WUw8jN0Uyc/mhhUWaqB79xQVvbCyBmqJM0ZdPnySbnwh0rd9cXq1A
SCNSaUrv5T2K3EL6Qadt1ilJ0AFcNSNA/kbPUVqNu8na4dMcZhOmQIrh+vvkwTN0
xhbJKfro87o1QrfcsuicDgNusAPHDzZ9xAkp+K8hnU9G1BM+J/SbdVxvX6jiHfK7
q16PI9RN3AlP71L4BuosRvEKXy7fD8WlFhcAUffmn4Hb/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:26 2024 by rpki-client on console-ams.rpki-client.org