Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/MpRqvZtt91NjEf_tFI1ionlxig4.roa
File:                     MpRqvZtt91NjEf_tFI1ionlxig4.roa (raw, json)
Hash identifier:          Yz5NztbCOnXTIBzGhDiFNdqIzz8o/LlSXCcEqXiFdCQ=
Subject key identifier:   32:94:6A:BD:9B:6D:F7:53:63:11:FF:ED:14:8D:62:A2:79:71:8A:0E
Certificate issuer:       /CN=746395c12672ad958921b62b9dc9b2bcd8a68a9f
Certificate serial:       01856ED4A921DC6B5CE0CE197303F1A0D83E
Authority key identifier: 74:63:95:C1:26:72:AD:95:89:21:B6:2B:9D:C9:B2:BC:D8:A6:8A:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dGOVwSZyrZWJIbYrncmyvNimip8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/MpRqvZtt91NjEf_tFI1ionlxig4.roa
Signing time:             Sun 01 Jan 2023 19:35:08 +0000
ROA not before:           Sun 01 Jan 2023 19:35:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212123
IP address blocks:        2a12:4944::/32 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:d4:a9:21:dc:6b:5c:e0:ce:19:73:03:f1:a0:d8:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=746395c12672ad958921b62b9dc9b2bcd8a68a9f
        Validity
            Not Before: Jan  1 19:35:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=32946abd9b6df7536311ffed148d62a279718a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:9e:29:ab:37:03:81:19:54:fc:53:54:46:ef:
                    98:51:22:41:30:3b:b1:21:b3:4b:94:a4:34:e3:e9:
                    43:bf:02:36:be:01:10:5d:ab:9b:80:a0:59:0b:5e:
                    66:54:25:50:d5:91:44:bd:96:5e:b7:3c:71:09:b8:
                    06:0d:72:95:8d:e5:6e:4f:cb:ba:ea:b5:03:ff:62:
                    3e:76:8c:1c:ac:dc:7a:f5:9a:a4:6e:b8:4a:d5:94:
                    54:1a:c5:d6:0d:7c:fa:e7:9b:11:ce:97:93:1c:5c:
                    a8:e0:f1:49:71:6b:76:49:1a:e1:a7:26:df:cf:49:
                    06:2e:15:19:f1:ea:50:9d:17:d9:ea:fe:7f:be:d8:
                    ce:60:16:46:6a:ac:de:ad:7d:20:43:71:fd:7f:98:
                    17:e7:06:4a:14:3d:8b:56:d3:ec:54:80:1d:b3:ee:
                    a6:51:91:0a:96:5c:c0:4d:ce:c9:e2:ae:c4:0f:8a:
                    14:b9:1d:d7:cc:0f:eb:5d:7a:6a:29:f4:62:f1:a3:
                    bf:3c:08:70:f7:04:34:7b:d6:ad:ee:9a:f3:04:29:
                    58:36:c6:6b:1e:c7:fa:42:b9:c9:a8:d9:11:44:90:
                    16:be:91:64:66:ad:96:15:60:1b:80:1a:8e:26:7d:
                    51:b9:44:71:79:94:4a:17:ba:9b:14:81:c4:7e:81:
                    34:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:94:6A:BD:9B:6D:F7:53:63:11:FF:ED:14:8D:62:A2:79:71:8A:0E
            X509v3 Authority Key Identifier:
                keyid:74:63:95:C1:26:72:AD:95:89:21:B6:2B:9D:C9:B2:BC:D8:A6:8A:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGOVwSZyrZWJIbYrncmyvNimip8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/MpRqvZtt91NjEf_tFI1ionlxig4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/dGOVwSZyrZWJIbYrncmyvNimip8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:4944::/32

    Signature Algorithm: sha256WithRSAEncryption
         7e:81:8a:8c:b2:82:58:9f:44:38:f0:90:92:4b:d7:c2:4d:79:
         a9:74:da:33:45:d8:d4:21:17:c4:35:b5:23:8e:b2:8e:e6:90:
         ac:7a:ed:05:36:2e:53:fd:64:5b:54:48:6e:61:cb:de:b4:ab:
         d2:cf:58:d6:bb:43:18:01:8e:63:ec:92:fd:71:fb:da:ef:82:
         8e:b1:36:d5:1b:6c:d0:44:59:1c:61:b1:6b:67:bc:2b:a8:e6:
         a8:4c:11:db:b7:2c:8a:2e:4f:63:eb:dd:45:ae:ae:07:53:b1:
         be:c0:be:c8:ca:5d:bf:7b:f2:29:9d:71:b7:cc:cc:77:ad:55:
         e9:7c:d9:94:12:6a:3d:50:34:64:40:0f:41:a9:e5:f3:0c:7d:
         d0:2f:b9:bd:1a:27:a6:63:34:e8:ed:c4:18:63:6d:59:c5:07:
         19:69:7a:a0:53:d9:dd:d4:02:39:de:20:17:39:fc:7b:4e:91:
         23:43:ac:a9:63:b8:c2:53:05:e6:44:54:7f:77:82:a5:6c:9d:
         51:cf:be:7e:dd:d8:20:c3:43:ed:db:c7:60:44:6f:55:e2:d3:
         99:f6:c1:ba:34:51:ba:94:fd:a1:75:6a:15:76:18:92:0d:7b:
         67:e6:aa:c9:5b:ee:2e:9e:ff:28:59:4a:d9:f1:d9:c5:24:54:
         30:77:2a:93
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVu1Kkh3Gtc4M4ZcwPxoNg+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM5NWMxMjY3MmFkOTU4OTIxYjYyYjlkYzliMmJjZDhh
NjhhOWYwHhcNMjMwMTAxMTkzNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjk0NmFiZDliNmRmNzUzNjMxMWZmZWQxNDhkNjJhMjc5NzE4YTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo54pqzcDgRlU/FNURu+YUSJBMDux
IbNLlKQ04+lDvwI2vgEQXaubgKBZC15mVCVQ1ZFEvZZetzxxCbgGDXKVjeVuT8u6
6rUD/2I+dowcrNx69ZqkbrhK1ZRUGsXWDXz655sRzpeTHFyo4PFJcWt2SRrhpybf
z0kGLhUZ8epQnRfZ6v5/vtjOYBZGaqzerX0gQ3H9f5gX5wZKFD2LVtPsVIAds+6m
UZEKllzATc7J4q7ED4oUuR3XzA/rXXpqKfRi8aO/PAhw9wQ0e9at7przBClYNsZr
Hsf6QrnJqNkRRJAWvpFkZq2WFWAbgBqOJn1RuURxeZRKF7qbFIHEfoE0VwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDKUar2bbfdTYxH/7RSNYqJ5cYoOMB8GA1UdIwQY
MBaAFHRjlcEmcq2ViSG2K53JsrzYpoqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdPVndTWnlyWldKSWJZcm5jbXl2TmltaXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi85ZTIzNTEtOGRkMC00YjcwLWE1ZmMt
ZmI3NzRhYmRmYWMyLzEvTXBScXZadHQ5MU5qRWZfdEZJMWlvbmx4aWc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi85ZTIzNTEtOGRkMC00YjcwLWE1ZmMtZmI3NzRhYmRmYWMy
LzEvZEdPVndTWnlyWldKSWJZcm5jbXl2TmltaXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhJJRDAN
BgkqhkiG9w0BAQsFAAOCAQEAfoGKjLKCWJ9EOPCQkkvXwk15qXTaM0XY1CEXxDW1
I46yjuaQrHrtBTYuU/1kW1RIbmHL3rSr0s9Y1rtDGAGOY+yS/XH72u+CjrE21Rts
0ERZHGGxa2e8K6jmqEwR27csii5PY+vdRa6uB1OxvsC+yMpdv3vyKZ1xt8zMd61V
6XzZlBJqPVA0ZEAPQanl8wx90C+5vRonpmM06O3EGGNtWcUHGWl6oFPZ3dQCOd4g
Fzn8e06RI0OsqWO4wlMF5kRUf3eCpWydUc++ft3YIMND7dvHYERvVeLTmfbBujRR
upT9oXVqFXYYkg17Z+aqyVvuLp7/KFlK2fHZxSRUMHcqkw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:29 2024 by rpki-client on console-ams.rpki-client.org