Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/ZpqRA380C2kpK9s0vi_vpDz_EZI.roa
File:                     ZpqRA380C2kpK9s0vi_vpDz_EZI.roa (raw, json)
Hash identifier:          R8mHCiBjq4zV60NrqdGgsKmzEmvArxraLgw8jplH4QM=
Subject key identifier:   66:9A:91:03:7F:34:0B:69:29:2B:DB:34:BE:2F:EF:A4:3C:FF:11:92
Certificate issuer:       /CN=746395c12672ad958921b62b9dc9b2bcd8a68a9f
Certificate serial:       01856ED4A5218A938684302DA9432EE7AA44
Authority key identifier: 74:63:95:C1:26:72:AD:95:89:21:B6:2B:9D:C9:B2:BC:D8:A6:8A:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dGOVwSZyrZWJIbYrncmyvNimip8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/ZpqRA380C2kpK9s0vi_vpDz_EZI.roa
Signing time:             Sun 01 Jan 2023 19:35:07 +0000
ROA not before:           Sun 01 Jan 2023 19:35:07 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202437
IP address blocks:        2a12:4946:4020::/44 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:d4:a5:21:8a:93:86:84:30:2d:a9:43:2e:e7:aa:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=746395c12672ad958921b62b9dc9b2bcd8a68a9f
        Validity
            Not Before: Jan  1 19:35:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=669a91037f340b69292bdb34be2fefa43cff1192
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:a1:39:87:84:ca:02:cb:83:24:a1:ab:b0:6e:
                    76:33:61:9c:0f:62:ba:51:22:02:d7:76:f2:24:ca:
                    d2:ea:e8:de:26:cd:d1:fd:20:cc:35:2a:53:39:d7:
                    bc:2f:f1:ff:de:ed:b5:d2:91:a6:f3:92:c0:5f:e8:
                    3a:b8:2a:a6:ad:59:d1:75:85:a4:6c:90:99:e4:4d:
                    16:d2:e2:bc:27:6d:34:ec:ac:aa:39:b5:50:7a:df:
                    d9:f9:02:38:de:c9:33:c5:f8:24:2d:d0:15:d7:ba:
                    db:3c:75:87:89:ac:ff:e1:c8:a2:5a:9e:e9:53:06:
                    79:7f:fc:04:39:5a:1c:4c:86:86:8e:5c:18:12:8e:
                    a8:da:14:3b:65:07:b1:15:a4:ea:55:b8:05:bb:eb:
                    b6:c4:15:33:04:f3:69:eb:8b:5c:3c:72:d5:a1:e7:
                    21:26:a1:a2:bf:b4:4f:10:8a:82:d4:ca:b7:dd:f7:
                    9d:26:21:d3:35:1d:6a:f6:bb:fe:25:54:bb:a2:35:
                    30:0f:2b:f9:df:76:2f:33:d4:32:fb:3e:fe:20:be:
                    32:96:e2:10:3e:a2:2f:43:97:8e:f3:9f:73:d2:3d:
                    a7:a2:b4:58:2d:f1:f8:29:45:ef:b8:91:e7:7b:ef:
                    0f:2a:5c:f7:d4:f5:b8:03:9a:c3:b7:de:a5:7c:31:
                    7e:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:9A:91:03:7F:34:0B:69:29:2B:DB:34:BE:2F:EF:A4:3C:FF:11:92
            X509v3 Authority Key Identifier:
                keyid:74:63:95:C1:26:72:AD:95:89:21:B6:2B:9D:C9:B2:BC:D8:A6:8A:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGOVwSZyrZWJIbYrncmyvNimip8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/ZpqRA380C2kpK9s0vi_vpDz_EZI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/dGOVwSZyrZWJIbYrncmyvNimip8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:4946:4020::/44

    Signature Algorithm: sha256WithRSAEncryption
         1b:51:d0:c5:4c:2b:44:23:b3:66:20:9b:04:68:5d:0e:81:1c:
         fe:4d:fe:45:68:93:44:92:59:3c:3d:d4:2a:d7:43:70:da:6b:
         93:3f:26:3f:6e:76:85:1a:ae:ba:8e:44:d1:36:b1:d0:13:1d:
         e4:e1:29:21:85:34:ba:89:93:4e:b6:46:7a:30:9b:a8:dd:63:
         08:1f:eb:7a:2f:8b:be:d2:60:8f:96:4e:48:92:cf:eb:eb:1b:
         4f:c3:ac:a0:ab:81:ec:ce:54:d0:6f:7e:7f:c9:03:9a:04:14:
         42:37:1b:87:9e:8f:44:92:8a:0e:10:35:3c:45:dc:3b:1d:93:
         81:89:24:82:18:b4:93:bd:5f:bc:ba:6d:5e:ec:25:b9:bd:e8:
         28:d6:93:84:74:a6:31:82:5f:cf:2c:25:7b:ff:de:41:fd:d4:
         87:75:57:b0:ba:34:ae:0e:0a:f2:cc:b0:16:b6:bd:55:17:e0:
         8e:e9:ec:1e:c8:ce:06:16:89:07:ec:8e:42:f3:77:e6:77:1f:
         1f:25:36:94:8d:d4:96:3a:e2:35:8d:fa:42:3c:23:54:a9:fe:
         87:00:a9:cb:f8:e5:79:e2:28:ed:bb:45:8c:a7:b1:ff:2e:7b:
         ec:5e:99:10:aa:6f:6b:eb:d1:99:d8:2d:ad:70:2c:47:04:d6:
         7a:93:f4:a5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVu1KUhipOGhDAtqUMu56pEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM5NWMxMjY3MmFkOTU4OTIxYjYyYjlkYzliMmJjZDhh
NjhhOWYwHhcNMjMwMTAxMTkzNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjlhOTEwMzdmMzQwYjY5MjkyYmRiMzRiZTJmZWZhNDNjZmYxMTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKE5h4TKAsuDJKGrsG52M2GcD2K6
USIC13byJMrS6ujeJs3R/SDMNSpTOde8L/H/3u210pGm85LAX+g6uCqmrVnRdYWk
bJCZ5E0W0uK8J2007KyqObVQet/Z+QI43skzxfgkLdAV17rbPHWHiaz/4ciiWp7p
UwZ5f/wEOVocTIaGjlwYEo6o2hQ7ZQexFaTqVbgFu+u2xBUzBPNp64tcPHLVoech
JqGiv7RPEIqC1Mq33fedJiHTNR1q9rv+JVS7ojUwDyv533YvM9Qy+z7+IL4yluIQ
PqIvQ5eO859z0j2norRYLfH4KUXvuJHne+8PKlz31PW4A5rDt96lfDF+lwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGaakQN/NAtpKSvbNL4v76Q8/xGSMB8GA1UdIwQY
MBaAFHRjlcEmcq2ViSG2K53JsrzYpoqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdPVndTWnlyWldKSWJZcm5jbXl2TmltaXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi85ZTIzNTEtOGRkMC00YjcwLWE1ZmMt
ZmI3NzRhYmRmYWMyLzEvWnBxUkEzODBDMmtwSzlzMHZpX3ZwRHpfRVpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi85ZTIzNTEtOGRkMC00YjcwLWE1ZmMtZmI3NzRhYmRmYWMy
LzEvZEdPVndTWnlyWldKSWJZcm5jbXl2TmltaXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhJJRkAg
MA0GCSqGSIb3DQEBCwUAA4IBAQAbUdDFTCtEI7NmIJsEaF0OgRz+Tf5FaJNEklk8
PdQq10Nw2muTPyY/bnaFGq66jkTRNrHQEx3k4SkhhTS6iZNOtkZ6MJuo3WMIH+t6
L4u+0mCPlk5Iks/r6xtPw6ygq4HszlTQb35/yQOaBBRCNxuHno9EkooOEDU8Rdw7
HZOBiSSCGLSTvV+8um1e7CW5vego1pOEdKYxgl/PLCV7/95B/dSHdVewujSuDgry
zLAWtr1VF+CO6eweyM4GFokH7I5C83fmdx8fJTaUjdSWOuI1jfpCPCNUqf6HAKnL
+OV54ijtu0WMp7H/LnvsXpkQqm9r69GZ2C2tcCxHBNZ6k/Sl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:29 2024 by rpki-client on console-ams.rpki-client.org