Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/df0b7a-68b3-47d5-b671-df27f10c7097/1/QuwmQsL5YEwZdA9ovcb8JBxT2e0.roa
File:                     QuwmQsL5YEwZdA9ovcb8JBxT2e0.roa (raw, json)
Hash identifier:          YFZuZ3AQPnLs3LoLklGkqqy0earEv0wMzF4E11bE2wQ=
Subject key identifier:   42:EC:26:42:C2:F9:60:4C:19:74:0F:68:BD:C6:FC:24:1C:53:D9:ED
Certificate issuer:       /CN=5f5ed9921c63bf10db084bad332ea9ff9f8199e6
Certificate serial:       018C8CFAD66D26C5D7550EE3C52531891C58
Authority key identifier: 5F:5E:D9:92:1C:63:BF:10:DB:08:4B:AD:33:2E:A9:FF:9F:81:99:E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X17ZkhxjvxDbCEutMy6p_5-BmeY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/df0b7a-68b3-47d5-b671-df27f10c7097/1/QuwmQsL5YEwZdA9ovcb8JBxT2e0.roa
Signing time:             Thu 21 Dec 2023 15:24:58 +0000
ROA not before:           Thu 21 Dec 2023 15:24:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44529
IP address blocks:        2a14:4e80::/29 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:8c:fa:d6:6d:26:c5:d7:55:0e:e3:c5:25:31:89:1c:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f5ed9921c63bf10db084bad332ea9ff9f8199e6
        Validity
            Not Before: Dec 21 15:24:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=42ec2642c2f9604c19740f68bdc6fc241c53d9ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:81:f6:4a:26:6c:cb:2b:e1:e5:c7:4d:23:53:
                    b0:8b:60:2a:37:85:a9:f3:d6:94:04:14:1f:31:f8:
                    a9:57:d7:fc:c0:dc:66:0e:fa:02:2e:07:49:1f:93:
                    5a:9b:11:f8:81:d3:ae:fa:2d:9b:6e:c7:21:a0:0f:
                    cf:1a:5b:08:1b:8d:c0:de:97:fc:99:72:14:03:a2:
                    2f:d8:9e:31:ac:67:dd:f4:db:7b:e2:9c:cc:5f:43:
                    9d:bf:64:69:74:e3:ad:c5:60:10:17:e6:88:ea:9a:
                    4e:bf:c9:9a:1b:ce:f7:0a:01:81:29:ed:ce:04:56:
                    32:e4:3e:30:d9:b7:01:cd:2e:e1:d2:e3:57:9e:10:
                    c7:06:9a:21:14:bd:51:74:e0:ed:3f:50:17:5b:ed:
                    ee:fa:17:98:29:2d:d2:78:0c:03:9a:75:21:85:4d:
                    6e:e2:be:5d:ce:d9:0f:40:2b:8b:16:90:46:dc:71:
                    03:7b:45:b7:52:a7:45:9b:66:f2:17:a2:7c:81:1a:
                    8b:9a:4c:ce:cb:3c:33:7a:ca:d8:8e:8d:33:10:32:
                    da:d8:fc:c7:4c:bf:3d:14:04:4f:6d:b3:f3:5d:ff:
                    1a:22:15:c3:e9:57:f7:84:35:b0:61:52:b3:75:39:
                    9e:ec:0f:02:6e:3e:44:7e:9b:31:8c:27:28:6d:22:
                    4c:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:EC:26:42:C2:F9:60:4C:19:74:0F:68:BD:C6:FC:24:1C:53:D9:ED
            X509v3 Authority Key Identifier:
                keyid:5F:5E:D9:92:1C:63:BF:10:DB:08:4B:AD:33:2E:A9:FF:9F:81:99:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X17ZkhxjvxDbCEutMy6p_5-BmeY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/df0b7a-68b3-47d5-b671-df27f10c7097/1/QuwmQsL5YEwZdA9ovcb8JBxT2e0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/df0b7a-68b3-47d5-b671-df27f10c7097/1/X17ZkhxjvxDbCEutMy6p_5-BmeY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:4e80::/29

    Signature Algorithm: sha256WithRSAEncryption
         45:2d:c3:63:27:c5:46:9e:91:3f:4b:2d:72:b7:d6:ed:18:eb:
         b0:41:7e:1b:d6:90:5e:68:e0:81:46:6d:e3:ea:c1:f3:c6:7b:
         c2:ba:a2:be:41:c5:2b:2f:10:79:44:58:84:61:2b:ef:48:60:
         73:3e:b0:f0:db:ac:8c:f3:bf:41:97:55:89:74:ca:d9:1f:16:
         5f:82:07:f8:1a:45:61:94:77:bc:dd:fa:4c:3a:61:ee:53:b2:
         c5:d8:cf:b9:e6:80:c0:ce:52:5d:6c:42:8c:48:af:2a:82:f7:
         bb:11:a9:06:6f:94:a3:91:90:8b:b6:d5:34:c5:33:ce:b4:f9:
         04:47:55:7a:80:48:1e:76:4f:e4:7b:35:f0:e7:47:96:a6:64:
         d6:2c:31:45:cb:bb:3d:18:38:22:c7:fc:09:9a:1d:6a:93:51:
         ab:86:e4:3a:03:37:52:ed:e4:da:8f:83:dd:65:d1:86:04:dc:
         bd:15:30:74:3b:91:75:01:88:37:02:e9:f5:10:da:68:b9:9e:
         7e:d9:f4:54:66:a9:11:1b:21:fe:03:50:48:17:99:6a:16:a7:
         15:cc:02:07:2d:05:bb:9c:fe:b2:5c:19:37:03:35:fa:79:57:
         91:db:51:7b:57:97:a6:d7:41:f0:bc:98:4c:d4:f4:77:91:35:
         3d:19:1e:75
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYyM+tZtJsXXVQ7jxSUxiRxYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNWVkOTkyMWM2M2JmMTBkYjA4NGJhZDMzMmVhOWZmOWY4
MTk5ZTYwHhcNMjMxMjIxMTUyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmVjMjY0MmMyZjk2MDRjMTk3NDBmNjhiZGM2ZmMyNDFjNTNkOWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYH2SiZsyyvh5cdNI1Owi2AqN4Wp
89aUBBQfMfipV9f8wNxmDvoCLgdJH5NamxH4gdOu+i2bbschoA/PGlsIG43A3pf8
mXIUA6Iv2J4xrGfd9Nt74pzMX0Odv2RpdOOtxWAQF+aI6ppOv8maG873CgGBKe3O
BFYy5D4w2bcBzS7h0uNXnhDHBpohFL1RdODtP1AXW+3u+heYKS3SeAwDmnUhhU1u
4r5dztkPQCuLFpBG3HEDe0W3UqdFm2byF6J8gRqLmkzOyzwzesrYjo0zEDLa2PzH
TL89FARPbbPzXf8aIhXD6Vf3hDWwYVKzdTme7A8Cbj5EfpsxjCcobSJMHQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFELsJkLC+WBMGXQPaL3G/CQcU9ntMB8GA1UdIwQY
MBaAFF9e2ZIcY78Q2whLrTMuqf+fgZnmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDE3WmtoeGp2eERiQ0V1dE15NnBfNS1CbWVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9kZjBiN2EtNjhiMy00N2Q1LWI2NzEt
ZGYyN2YxMGM3MDk3LzEvUXV3bVFzTDVZRXdaZEE5b3ZjYjhKQnhUMmUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9kZjBiN2EtNjhiMy00N2Q1LWI2NzEtZGYyN2YxMGM3MDk3
LzEvWDE3WmtoeGp2eERiQ0V1dE15NnBfNS1CbWVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhROgDAN
BgkqhkiG9w0BAQsFAAOCAQEARS3DYyfFRp6RP0stcrfW7RjrsEF+G9aQXmjggUZt
4+rB88Z7wrqivkHFKy8QeURYhGEr70hgcz6w8NusjPO/QZdViXTK2R8WX4IH+BpF
YZR3vN36TDph7lOyxdjPueaAwM5SXWxCjEivKoL3uxGpBm+Uo5GQi7bVNMUzzrT5
BEdVeoBIHnZP5Hs18OdHlqZk1iwxRcu7PRg4Isf8CZodapNRq4bkOgM3Uu3k2o+D
3WXRhgTcvRUwdDuRdQGINwLp9RDaaLmeftn0VGapERsh/gNQSBeZahanFcwCBy0F
u5z+slwZNwM1+nlXkdtRe1eXptdB8LyYTNT0d5E1PRkedQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:26 2024 by rpki-client on console-fra.rpki-client.org