Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/LfoL0Br9Io9Uggl3Dcc3oYZRiCY.roa
File:                     LfoL0Br9Io9Uggl3Dcc3oYZRiCY.roa (raw, json)
Hash identifier:          FMS7WZBBZxM/ICl2YYwelvIrO2l4BY6h35fWYhUsibc=
Subject key identifier:   2D:FA:0B:D0:1A:FD:22:8F:54:82:09:77:0D:C7:37:A1:86:51:88:26
Certificate issuer:       /CN=e14ac611614dd165d94557296ed7ed46c8fc025f
Certificate serial:       01856C2ECC7130D1E72798AE8F0CE7434281
Authority key identifier: E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/LfoL0Br9Io9Uggl3Dcc3oYZRiCY.roa
Signing time:             Sun 01 Jan 2023 07:14:44 +0000
ROA not before:           Sun 01 Jan 2023 07:14:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39702
IP address blocks:        2a0d:2146:bf00::/40 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:2e:cc:71:30:d1:e7:27:98:ae:8f:0c:e7:43:42:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e14ac611614dd165d94557296ed7ed46c8fc025f
        Validity
            Not Before: Jan  1 07:14:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2dfa0bd01afd228f548209770dc737a186518826
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:f3:85:17:54:95:57:b5:e2:40:4d:d9:b4:de:
                    e0:cf:69:2f:f0:a6:ef:ba:3c:94:d8:f2:ea:08:4f:
                    05:7b:ff:80:5e:e7:04:56:9c:4a:37:e1:09:0b:87:
                    71:eb:c1:61:27:07:56:56:59:c7:e7:4e:2f:87:b4:
                    1d:ea:82:39:0f:5b:e4:1b:d0:27:c8:cd:28:d1:ca:
                    5b:4f:d1:2b:df:dd:2c:20:a9:09:81:3d:07:2a:2e:
                    68:8e:01:08:a5:38:7b:6e:3b:30:ba:93:f4:00:d3:
                    7a:9a:ba:55:74:5b:f3:63:1e:34:51:37:19:ff:ae:
                    35:69:4d:40:46:20:a4:57:6f:9c:11:c3:80:87:e9:
                    0f:e6:00:df:1f:fe:25:90:dd:74:b0:bb:0a:53:87:
                    85:09:e8:5f:6d:64:44:fb:ab:c9:45:d8:b2:fd:e7:
                    83:9a:05:64:3c:a9:47:79:1a:df:91:4d:d4:e0:d2:
                    7b:76:8a:0e:b2:12:3c:34:40:e2:51:f7:c7:68:8c:
                    9b:fb:14:b4:b4:d5:76:af:bf:19:e1:ef:ad:ce:97:
                    93:c9:2d:d0:f2:0d:03:9b:fb:50:1b:5a:d0:94:83:
                    cb:aa:c7:89:73:ba:5f:ce:c4:f8:e9:68:21:69:28:
                    3e:88:dd:b7:e2:be:21:5a:e2:12:b6:bb:b7:61:33:
                    ff:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:FA:0B:D0:1A:FD:22:8F:54:82:09:77:0D:C7:37:A1:86:51:88:26
            X509v3 Authority Key Identifier:
                keyid:E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/LfoL0Br9Io9Uggl3Dcc3oYZRiCY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/4UrGEWFN0WXZRVcpbtftRsj8Al8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:2146:bf00::/40

    Signature Algorithm: sha256WithRSAEncryption
         01:ff:ed:51:38:44:16:08:a9:3a:14:c9:bd:5f:b8:74:8d:a7:
         0e:bd:e2:c7:4d:02:a4:1b:26:d6:d1:88:5f:df:bb:56:5d:2f:
         13:b7:6a:b1:23:3b:59:59:ec:a8:61:11:1a:8b:81:ea:f9:81:
         f4:12:04:bf:4f:42:95:71:13:98:83:18:2b:42:a5:19:c0:23:
         d8:f1:c8:b4:af:4d:42:4e:aa:5b:f2:a9:fb:2c:47:47:4b:2a:
         31:ce:e6:7b:99:8b:b3:5d:8d:55:d3:19:65:9a:99:13:ba:76:
         9c:4a:a2:f0:49:52:b0:ce:37:8b:f7:47:69:f7:7c:d7:86:7a:
         f5:fd:e0:e1:2a:37:a7:d4:5d:5b:50:dd:ba:19:94:f3:ed:15:
         18:c0:8f:b5:30:72:1c:40:a8:13:85:30:40:62:25:8f:e9:91:
         a9:eb:46:89:65:53:e6:f9:90:75:5e:c1:c2:60:66:cc:a5:dd:
         bb:14:e2:aa:0d:73:65:d4:70:f5:ba:74:21:ca:0b:e0:4d:94:
         b3:6f:b6:0e:ef:b9:ba:b8:33:6d:19:5e:df:df:60:b7:37:65:
         b3:0e:69:5d:95:a7:1f:7d:2c:42:79:c4:9d:55:d1:81:b6:7b:
         d7:f7:be:8d:3e:b2:b6:33:c7:28:c5:8d:65:b6:d0:de:da:65:
         4a:d3:33:d3
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVsLsxxMNHnJ5iujwznQ0KBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNGFjNjExNjE0ZGQxNjVkOTQ1NTcyOTZlZDdlZDQ2Yzhm
YzAyNWYwHhcNMjMwMTAxMDcxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGZhMGJkMDFhZmQyMjhmNTQ4MjA5NzcwZGM3MzdhMTg2NTE4ODI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vOFF1SVV7XiQE3ZtN7gz2kv8Kbv
ujyU2PLqCE8Fe/+AXucEVpxKN+EJC4dx68FhJwdWVlnH504vh7Qd6oI5D1vkG9An
yM0o0cpbT9Er390sIKkJgT0HKi5ojgEIpTh7bjswupP0ANN6mrpVdFvzYx40UTcZ
/641aU1ARiCkV2+cEcOAh+kP5gDfH/4lkN10sLsKU4eFCehfbWRE+6vJRdiy/eeD
mgVkPKlHeRrfkU3U4NJ7dooOshI8NEDiUffHaIyb+xS0tNV2r78Z4e+tzpeTyS3Q
8g0Dm/tQG1rQlIPLqseJc7pfzsT46WghaSg+iN234r4hWuIStru3YTP/6QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFC36C9Aa/SKPVIIJdw3HN6GGUYgmMB8GA1UdIwQY
MBaAFOFKxhFhTdFl2UVXKW7X7UbI/AJfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFVyR0VXRk4wV1haUlZjcGJ0ZnRSc2o4QWw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS82ZTc5YjgtMmI4Zi00ZWNjLTlhNmUt
NzBlODk4YmIzOGRkLzEvTGZvTDBCcjlJbzlVZ2dsM0RjYzNvWVpSaUNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS82ZTc5YjgtMmI4Zi00ZWNjLTlhNmUtNzBlODk4YmIzOGRk
LzEvNFVyR0VXRk4wV1haUlZjcGJ0ZnRSc2o4QWw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg0hRr8w
DQYJKoZIhvcNAQELBQADggEBAAH/7VE4RBYIqToUyb1fuHSNpw694sdNAqQbJtbR
iF/fu1ZdLxO3arEjO1lZ7KhhERqLger5gfQSBL9PQpVxE5iDGCtCpRnAI9jxyLSv
TUJOqlvyqfssR0dLKjHO5nuZi7NdjVXTGWWamRO6dpxKovBJUrDON4v3R2n3fNeG
evX94OEqN6fUXVtQ3boZlPPtFRjAj7UwchxAqBOFMEBiJY/pkanrRollU+b5kHVe
wcJgZsyl3bsU4qoNc2XUcPW6dCHKC+BNlLNvtg7vubq4M20ZXt/fYLc3ZbMOaV2V
px99LEJ5xJ1V0YG2e9f3vo0+srYzxyjFjWW20N7aZUrTM9M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:59 2024 by rpki-client on console-fra.rpki-client.org