Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/kBKV3dvmUAki5Cc73pWxVxZ6KuQ.roa
File:                     kBKV3dvmUAki5Cc73pWxVxZ6KuQ.roa (raw, json)
Hash identifier:          Wzf4YPQiPD7npfewkwHKZ2avQRuN0iLa+20kMCbR16I=
Subject key identifier:   90:12:95:DD:DB:E6:50:09:22:E4:27:3B:DE:95:B1:57:16:7A:2A:E4
Certificate issuer:       /CN=e14ac611614dd165d94557296ed7ed46c8fc025f
Certificate serial:       01856C2ECFF057017143988181C80DB02060
Authority key identifier: E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/kBKV3dvmUAki5Cc73pWxVxZ6KuQ.roa
Signing time:             Sun 01 Jan 2023 07:14:45 +0000
ROA not before:           Sun 01 Jan 2023 07:14:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56894
IP address blocks:        2a0d:2146:9900::/40 maxlen: 48

Validation:               Failed, certificate revoked on Sun 05 Nov 2023 16:54:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:2e:cf:f0:57:01:71:43:98:81:81:c8:0d:b0:20:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e14ac611614dd165d94557296ed7ed46c8fc025f
        Validity
            Not Before: Jan  1 07:14:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=901295dddbe6500922e4273bde95b157167a2ae4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:24:08:0b:17:47:29:5b:9f:d2:91:0e:81:6d:
                    59:d5:d3:cb:d7:75:b8:07:b1:45:43:c8:4e:db:4a:
                    47:21:29:5c:f6:3d:f7:39:f0:86:cc:90:62:0d:61:
                    e8:d7:7b:8e:7a:94:67:22:4e:1f:31:70:9b:30:44:
                    4e:82:b5:f1:9b:63:97:ea:84:23:1b:15:e5:44:53:
                    f5:e8:9c:19:7f:46:eb:f2:dd:dc:4d:f6:fb:fa:88:
                    5b:5e:72:6d:a3:ad:96:cc:3a:78:74:91:7b:61:22:
                    27:ac:f5:88:64:bf:44:8a:0d:f9:06:12:68:2a:b5:
                    4c:a2:15:51:a1:ef:23:36:dc:61:ee:e9:22:9d:bb:
                    27:e6:f3:ee:64:c3:42:0c:33:a2:bc:52:b7:87:29:
                    05:1f:5c:5e:e5:53:41:76:96:6c:47:fb:11:1b:53:
                    31:c4:4b:7c:0c:c9:95:7a:51:06:f4:74:39:18:c7:
                    bc:a2:0c:ad:1b:48:b8:69:e9:8b:7e:63:3a:e4:18:
                    a4:1e:25:b8:a6:62:03:ab:09:6d:3a:19:07:4a:37:
                    3e:62:41:73:e6:39:5e:66:e8:d6:b5:09:09:21:22:
                    df:24:03:9c:04:42:e6:6b:80:cb:fd:44:68:04:8e:
                    9d:74:94:cd:16:50:12:4a:85:50:04:44:3f:2d:1e:
                    03:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:12:95:DD:DB:E6:50:09:22:E4:27:3B:DE:95:B1:57:16:7A:2A:E4
            X509v3 Authority Key Identifier:
                keyid:E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/kBKV3dvmUAki5Cc73pWxVxZ6KuQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/4UrGEWFN0WXZRVcpbtftRsj8Al8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:2146:9900::/40

    Signature Algorithm: sha256WithRSAEncryption
         6b:13:4d:e6:df:de:b1:75:f7:c2:ae:65:bb:a0:7e:1d:a4:42:
         90:c0:96:20:59:18:56:92:c9:3f:d3:30:f3:f4:5c:f6:e7:83:
         69:d4:7a:b5:61:cf:78:09:47:9d:18:32:b0:df:df:29:ad:a1:
         e1:40:8b:ac:f7:fa:ae:ee:10:e0:36:ad:71:59:47:72:55:ae:
         60:a5:73:89:ca:f2:1d:a3:c1:8d:b0:8e:3f:32:59:6b:23:ac:
         d1:fc:8f:61:a2:b6:94:14:33:c6:9a:49:5d:f4:c5:de:7c:97:
         b6:12:df:cd:ad:72:d9:f6:5b:d5:08:f0:62:c7:16:ef:b4:91:
         ae:f5:9d:18:d6:b6:c6:46:b8:dc:76:57:05:5d:d4:47:3e:b6:
         67:f9:ed:1b:e5:ef:28:d5:55:e0:18:42:84:91:30:73:c8:fe:
         3a:28:f4:c5:ab:80:1b:b4:5a:ae:7f:51:45:96:81:e2:64:69:
         10:10:c6:d0:11:51:d3:46:02:09:73:bc:af:65:18:76:9c:41:
         45:f8:2e:6a:92:a9:15:57:f3:fc:4d:08:d2:ae:c2:62:c6:66:
         9a:a2:75:dd:32:7b:b8:cf:df:49:48:47:27:ff:de:b5:f3:9a:
         fc:5c:e2:d4:24:eb:8b:4e:ee:0d:da:2c:56:db:71:c0:e8:d0:
         94:92:1c:87
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVsLs/wVwFxQ5iBgcgNsCBgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNGFjNjExNjE0ZGQxNjVkOTQ1NTcyOTZlZDdlZDQ2Yzhm
YzAyNWYwHhcNMjMwMTAxMDcxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDEyOTVkZGRiZTY1MDA5MjJlNDI3M2JkZTk1YjE1NzE2N2EyYWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSQICxdHKVuf0pEOgW1Z1dPL13W4
B7FFQ8hO20pHISlc9j33OfCGzJBiDWHo13uOepRnIk4fMXCbMEROgrXxm2OX6oQj
GxXlRFP16JwZf0br8t3cTfb7+ohbXnJto62WzDp4dJF7YSInrPWIZL9Eig35BhJo
KrVMohVRoe8jNtxh7ukinbsn5vPuZMNCDDOivFK3hykFH1xe5VNBdpZsR/sRG1Mx
xEt8DMmVelEG9HQ5GMe8ogytG0i4aemLfmM65BikHiW4pmIDqwltOhkHSjc+YkFz
5jleZujWtQkJISLfJAOcBELma4DL/URoBI6ddJTNFlASSoVQBEQ/LR4DBwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJASld3b5lAJIuQnO96VsVcWeirkMB8GA1UdIwQY
MBaAFOFKxhFhTdFl2UVXKW7X7UbI/AJfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFVyR0VXRk4wV1haUlZjcGJ0ZnRSc2o4QWw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS82ZTc5YjgtMmI4Zi00ZWNjLTlhNmUt
NzBlODk4YmIzOGRkLzEva0JLVjNkdm1VQWtpNUNjNzNwV3hWeFo2S3VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS82ZTc5YjgtMmI4Zi00ZWNjLTlhNmUtNzBlODk4YmIzOGRk
LzEvNFVyR0VXRk4wV1haUlZjcGJ0ZnRSc2o4QWw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg0hRpkw
DQYJKoZIhvcNAQELBQADggEBAGsTTebf3rF198KuZbugfh2kQpDAliBZGFaSyT/T
MPP0XPbng2nUerVhz3gJR50YMrDf3ymtoeFAi6z3+q7uEOA2rXFZR3JVrmClc4nK
8h2jwY2wjj8yWWsjrNH8j2GitpQUM8aaSV30xd58l7YS382tctn2W9UI8GLHFu+0
ka71nRjWtsZGuNx2VwVd1Ec+tmf57Rvl7yjVVeAYQoSRMHPI/joo9MWrgBu0Wq5/
UUWWgeJkaRAQxtARUdNGAglzvK9lGHacQUX4LmqSqRVX8/xNCNKuwmLGZpqidd0y
e7jP30lIRyf/3rXzmvxc4tQk64tO7g3aLFbbccDo0JSSHIc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:59 2024 by rpki-client on console-fra.rpki-client.org