Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/cM5YbYB7nfb0UWvrqltJhlW4NTw.roa
File:                     cM5YbYB7nfb0UWvrqltJhlW4NTw.roa (raw, json)
Hash identifier:          3hVOyUfIeQgDBAKZWrfZGl4hqXHd5NQ8cp6fJ7YUgJ4=
Subject key identifier:   70:CE:58:6D:80:7B:9D:F6:F4:51:6B:EB:AA:5B:49:86:55:B8:35:3C
Certificate issuer:       /CN=e14ac611614dd165d94557296ed7ed46c8fc025f
Certificate serial:       018CC49373F99711249CCC73CE245451603D
Authority key identifier: E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/cM5YbYB7nfb0UWvrqltJhlW4NTw.roa
Signing time:             Mon 01 Jan 2024 10:30:46 +0000
ROA not before:           Mon 01 Jan 2024 10:30:46 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210285
IP address blocks:        2a0d:2146:8460::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 12 Mar 2024 13:47:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:93:73:f9:97:11:24:9c:cc:73:ce:24:54:51:60:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e14ac611614dd165d94557296ed7ed46c8fc025f
        Validity
            Not Before: Jan  1 10:30:46 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=70ce586d807b9df6f4516bebaa5b498655b8353c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:7c:11:ca:8a:30:ab:43:93:3c:32:86:6b:68:
                    71:1e:2a:62:64:03:93:e1:9e:76:99:b3:08:c2:ed:
                    f6:72:4d:7b:86:ca:7c:d9:5e:8e:36:15:5e:60:9b:
                    1d:8f:cc:87:85:bb:a2:0d:8b:19:90:0b:14:d5:20:
                    2d:32:b4:90:41:05:a0:52:6b:b6:7d:84:3e:d0:b2:
                    c8:6c:6b:40:8a:97:55:dc:65:db:9c:f6:e4:eb:12:
                    65:d7:35:22:4e:ad:e4:5b:e1:3f:11:cc:3c:f3:b1:
                    8a:ab:96:81:50:4c:58:56:aa:52:91:54:09:24:ce:
                    fb:51:25:77:01:43:ec:0e:85:6e:f0:07:05:22:b0:
                    dd:ee:54:c6:ce:dc:d4:e1:b0:58:6c:5a:20:d4:12:
                    ca:c8:4e:24:2d:7a:57:0d:82:4d:0b:fe:a7:aa:8d:
                    14:34:b8:5b:9b:92:e0:46:e7:f2:f0:77:e3:46:89:
                    17:56:2e:14:06:0f:61:ef:2e:5a:8e:90:a0:8a:c7:
                    22:85:e6:08:c0:7b:49:28:e5:2f:cd:f0:37:50:66:
                    9a:73:ee:24:fe:ed:d0:7b:b7:68:d8:2f:30:14:00:
                    d4:3b:eb:96:fc:61:7a:a2:e4:e6:31:3e:b8:e0:92:
                    36:65:94:76:43:1e:b8:c0:e9:d0:f8:68:9e:e5:37:
                    7d:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:CE:58:6D:80:7B:9D:F6:F4:51:6B:EB:AA:5B:49:86:55:B8:35:3C
            X509v3 Authority Key Identifier:
                keyid:E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/cM5YbYB7nfb0UWvrqltJhlW4NTw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/4UrGEWFN0WXZRVcpbtftRsj8Al8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:2146:8460::/44

    Signature Algorithm: sha256WithRSAEncryption
         b2:72:98:65:03:82:b1:97:ed:61:e4:54:0c:ad:21:95:1e:5b:
         b5:e1:c0:5f:40:03:59:a2:33:f6:7f:08:f9:57:a3:df:36:4d:
         41:82:94:7e:64:2d:c4:49:55:71:36:6b:fe:19:1d:c8:a2:d3:
         b4:76:64:87:4c:0f:b3:86:44:f6:1a:eb:7b:ce:87:a3:c8:0c:
         20:cc:27:86:49:90:26:f3:67:85:e7:f5:e6:ce:5b:1b:49:b7:
         3b:3c:f8:e4:a8:ef:c2:c8:7b:8a:c1:ab:83:b0:51:79:0b:48:
         60:fa:e8:eb:92:06:d9:f5:01:61:f1:9a:d6:89:74:d7:df:26:
         14:94:9f:c3:dd:e0:66:0b:b6:07:08:1c:be:0e:57:49:76:33:
         11:c4:b3:0d:e4:63:09:64:f2:ca:ec:2b:bb:13:a4:03:9e:aa:
         89:ab:54:3b:0e:3a:36:de:17:6b:00:d9:18:14:50:7b:e8:fd:
         64:41:55:10:fb:3f:f3:93:a9:1b:57:97:62:55:e8:fb:b6:c8:
         d3:c9:49:53:31:9a:49:c6:9c:a1:c3:6a:88:4e:6f:ed:7f:15:
         18:aa:f3:0c:9c:53:f6:3f:89:60:0f:33:1c:9e:85:c2:7b:7c:
         90:e6:68:33:a7:c7:2b:b0:79:f4:76:d5:e4:0c:b4:3c:bb:ad:
         52:ad:f9:aa
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzEk3P5lxEknMxzziRUUWA9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNGFjNjExNjE0ZGQxNjVkOTQ1NTcyOTZlZDdlZDQ2Yzhm
YzAyNWYwHhcNMjQwMTAxMTAzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGNlNTg2ZDgwN2I5ZGY2ZjQ1MTZiZWJhYTViNDk4NjU1YjgzNTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3wRyoowq0OTPDKGa2hxHipiZAOT
4Z52mbMIwu32ck17hsp82V6ONhVeYJsdj8yHhbuiDYsZkAsU1SAtMrSQQQWgUmu2
fYQ+0LLIbGtAipdV3GXbnPbk6xJl1zUiTq3kW+E/Ecw887GKq5aBUExYVqpSkVQJ
JM77USV3AUPsDoVu8AcFIrDd7lTGztzU4bBYbFog1BLKyE4kLXpXDYJNC/6nqo0U
NLhbm5LgRufy8HfjRokXVi4UBg9h7y5ajpCgisciheYIwHtJKOUvzfA3UGaac+4k
/u3Qe7do2C8wFADUO+uW/GF6ouTmMT644JI2ZZR2Qx64wOnQ+Gie5Td9RQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHDOWG2Ae5329FFr66pbSYZVuDU8MB8GA1UdIwQY
MBaAFOFKxhFhTdFl2UVXKW7X7UbI/AJfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFVyR0VXRk4wV1haUlZjcGJ0ZnRSc2o4QWw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS82ZTc5YjgtMmI4Zi00ZWNjLTlhNmUt
NzBlODk4YmIzOGRkLzEvY001WWJZQjduZmIwVVd2cnFsdEpobFc0TlR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS82ZTc5YjgtMmI4Zi00ZWNjLTlhNmUtNzBlODk4YmIzOGRk
LzEvNFVyR0VXRk4wV1haUlZjcGJ0ZnRSc2o4QWw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg0hRoRg
MA0GCSqGSIb3DQEBCwUAA4IBAQCycphlA4Kxl+1h5FQMrSGVHlu14cBfQANZojP2
fwj5V6PfNk1BgpR+ZC3ESVVxNmv+GR3IotO0dmSHTA+zhkT2Gut7zoejyAwgzCeG
SZAm82eF5/XmzlsbSbc7PPjkqO/CyHuKwauDsFF5C0hg+ujrkgbZ9QFh8ZrWiXTX
3yYUlJ/D3eBmC7YHCBy+DldJdjMRxLMN5GMJZPLK7Cu7E6QDnqqJq1Q7Djo23hdr
ANkYFFB76P1kQVUQ+z/zk6kbV5diVej7tsjTyUlTMZpJxpyhw2qITm/tfxUYqvMM
nFP2P4lgDzMcnoXCe3yQ5mgzp8crsHn0dtXkDLQ8u61Srfmq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:59 2024 by rpki-client on console-fra.rpki-client.org