Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/1-u2Ec37RZKVULAGlSCLxwEuPzKI.roa
File:                     1-u2Ec37RZKVULAGlSCLxwEuPzKI.roa (raw, json)
Hash identifier:          3bM6A8pREU5A+74naci8+7ySO11jJsqVrdgqjFL4SqI=
Subject key identifier:   FA:ED:84:73:7E:D1:64:A5:54:2C:01:A5:48:22:F1:C0:4B:8F:CC:A2
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       01856ED4D1FDB6A72A22202D20D04BE2C0F1
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/1-u2Ec37RZKVULAGlSCLxwEuPzKI.roa
Signing time:             Sun 01 Jan 2023 19:35:19 +0000
ROA not before:           Sun 01 Jan 2023 19:35:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204628
IP address blocks:        2001:4030::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:d4:d1:fd:b6:a7:2a:22:20:2d:20:d0:4b:e2:c0:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jan  1 19:35:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=faed84737ed164a5542c01a54822f1c04b8fcca2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:65:5b:da:93:5f:1d:7a:5f:e8:a9:fc:9d:c0:
                    69:a5:d7:ef:e3:5f:0b:fd:2e:31:cc:d1:2e:63:6d:
                    6a:47:dc:9b:30:92:37:1f:12:1c:99:72:27:6c:50:
                    5a:73:70:ed:b7:e7:84:c8:62:dc:73:6f:55:78:5e:
                    1c:1e:f0:36:9f:7a:a1:59:df:50:f7:29:ae:90:bd:
                    80:82:a0:75:9b:dd:99:1e:1f:67:5f:9f:d3:1f:47:
                    ef:e6:9b:b1:52:0a:c2:7c:4c:7b:04:69:43:c0:0c:
                    76:f8:0e:28:10:f3:0e:61:78:ee:7d:72:11:aa:14:
                    56:b1:84:82:3a:98:54:5d:a1:bb:4a:dd:b4:2e:6d:
                    b2:55:8b:50:15:00:a0:c0:17:1d:b7:c6:21:dc:5b:
                    8f:63:cf:29:38:e0:19:39:91:0c:09:62:2f:29:30:
                    8e:50:c8:a8:61:25:8d:f6:b3:c3:e8:23:43:53:20:
                    fa:d0:7b:89:38:83:42:35:40:26:39:1d:7d:6c:4e:
                    6f:10:75:77:db:39:ae:5c:17:24:74:dd:e5:6a:36:
                    07:91:0c:c2:5f:be:bb:a1:e4:df:8a:f3:93:36:1f:
                    45:44:41:aa:05:a4:ea:54:76:0f:61:0d:49:f3:ce:
                    91:5a:bc:b1:68:20:e3:d7:a6:03:f9:d3:3a:ae:d6:
                    cf:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:ED:84:73:7E:D1:64:A5:54:2C:01:A5:48:22:F1:C0:4B:8F:CC:A2
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/1-u2Ec37RZKVULAGlSCLxwEuPzKI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:4030::/32

    Signature Algorithm: sha256WithRSAEncryption
         81:42:46:2d:d0:02:9b:d2:35:5a:84:31:f2:11:da:43:7b:42:
         ee:d6:19:e4:ce:3e:bf:0c:32:c4:08:ee:a5:f7:8d:3c:ac:c2:
         69:8f:4b:b3:80:50:c7:20:ad:c0:3c:60:8c:19:06:b4:86:ac:
         5b:99:e7:3f:4d:ea:23:c3:72:fc:fb:70:30:78:14:1c:f8:b4:
         d3:16:84:44:70:c2:ae:5c:6f:53:c1:f9:49:1d:cc:34:e9:2c:
         bd:75:a1:b7:b5:58:e0:9c:85:14:73:b6:49:8f:15:22:b3:e4:
         7c:49:f1:30:5f:51:75:89:01:80:ed:b9:f7:56:7a:fe:b9:e1:
         72:f5:3c:a1:65:3b:62:0b:02:b7:3b:30:26:0e:0f:2c:7d:b0:
         86:04:17:83:94:2e:23:3e:ee:28:c0:4c:b7:60:29:ba:06:c9:
         c5:d5:dc:46:af:5c:da:02:60:50:d1:dd:96:a3:1f:72:6e:70:
         16:ca:e6:08:9f:0c:f4:af:72:11:e4:63:3f:8d:8e:0d:3e:6b:
         2b:52:7a:e9:40:93:cd:85:1b:ab:b7:8b:b6:87:ea:5c:a7:ef:
         f6:c0:16:fe:b4:ac:e5:52:cb:33:7f:eb:ef:ba:b6:84:10:ed:
         50:dd:e0:f9:38:e7:ae:91:a7:24:49:11:05:d4:74:c3:5e:3a:
         08:60:27:ee
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVu1NH9tqcqIiAtINBL4sDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwMTAxMTkzNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWVkODQ3MzdlZDE2NGE1NTQyYzAxYTU0ODIyZjFjMDRiOGZjY2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA62Vb2pNfHXpf6Kn8ncBppdfv418L
/S4xzNEuY21qR9ybMJI3HxIcmXInbFBac3Dtt+eEyGLcc29VeF4cHvA2n3qhWd9Q
9ymukL2AgqB1m92ZHh9nX5/TH0fv5puxUgrCfEx7BGlDwAx2+A4oEPMOYXjufXIR
qhRWsYSCOphUXaG7St20Lm2yVYtQFQCgwBcdt8Yh3FuPY88pOOAZOZEMCWIvKTCO
UMioYSWN9rPD6CNDUyD60HuJOINCNUAmOR19bE5vEHV32zmuXBckdN3lajYHkQzC
X767oeTfivOTNh9FREGqBaTqVHYPYQ1J886RWryxaCDj16YD+dM6rtbPnQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPrthHN+0WSlVCwBpUgi8cBLj8yiMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvMS11MkVjMzdSWktWVUxBR2xTQ0x4d0V1UHpLSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWEvMGNjYmRhLWQ2ZjEtNDUyNy04MTA2LWNkN2UwNmNiYjUz
MS8xL0JUVEVuOC1vcEZCQjJWN1UyTlQ4YWNjbnBHYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACABQDAw
DQYJKoZIhvcNAQELBQADggEBAIFCRi3QApvSNVqEMfIR2kN7Qu7WGeTOPr8MMsQI
7qX3jTyswmmPS7OAUMcgrcA8YIwZBrSGrFuZ5z9N6iPDcvz7cDB4FBz4tNMWhERw
wq5cb1PB+UkdzDTpLL11obe1WOCchRRztkmPFSKz5HxJ8TBfUXWJAYDtufdWev65
4XL1PKFlO2ILArc7MCYODyx9sIYEF4OULiM+7ijATLdgKboGycXV3EavXNoCYFDR
3ZajH3JucBbK5gifDPSvchHkYz+Njg0+aytSeulAk82FG6u3i7aH6lyn7/bAFv60
rOVSyzN/6++6toQQ7VDd4Pk4566RpyRJEQXUdMNeOghgJ+4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:34 2024 by rpki-client on console-ams.rpki-client.org