Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/FmFtHdBVCBQyirJ1op_ZDNe57-8.roa
File:                     FmFtHdBVCBQyirJ1op_ZDNe57-8.roa (raw, json)
Hash identifier:          JQ2kDxXahqTVXEgcXdShx30U69ieYD9FVLAPtyxXh0s=
Subject key identifier:   16:61:6D:1D:D0:55:08:14:32:8A:B2:75:A2:9F:D9:0C:D7:B9:EF:EF
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018F11879312A1A5F036CEEF1676ED17EC1D
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/FmFtHdBVCBQyirJ1op_ZDNe57-8.roa
Signing time:             Wed 24 Apr 2024 19:14:08 +0000
ROA not before:           Wed 24 Apr 2024 19:14:08 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215158
IP address blocks:        2a12:3c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Sat 27 Apr 2024 17:19:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:11:87:93:12:a1:a5:f0:36:ce:ef:16:76:ed:17:ec:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Apr 24 19:14:08 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=16616d1dd0550814328ab275a29fd90cd7b9efef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:29:88:6b:5f:42:32:85:f2:d9:3c:fb:78:c6:
                    7b:e0:6c:ac:58:69:00:01:be:f3:41:b3:a5:ba:2a:
                    88:ee:af:5b:6c:bf:24:df:d5:92:c4:de:b8:36:55:
                    74:47:c8:60:5c:cb:29:bb:c0:cc:64:ff:f7:e7:34:
                    a0:37:5f:f8:7b:7c:76:be:e6:34:72:be:01:1e:70:
                    91:8f:e2:1e:5b:b3:35:26:20:98:63:b1:44:3f:b1:
                    4e:b0:c0:24:e7:db:ad:f0:bb:a7:0d:97:44:55:99:
                    d8:03:13:e4:ef:da:46:29:8f:a0:e0:84:18:4f:80:
                    c0:e9:31:70:ef:19:2e:01:6b:4a:42:44:95:b6:f9:
                    77:75:97:62:c2:e8:96:e0:19:52:03:69:c1:70:c9:
                    3c:76:62:46:72:a9:41:ba:05:70:a9:58:f3:74:4e:
                    1f:9f:c1:0a:a0:96:ed:5b:98:a3:17:06:25:7d:46:
                    b6:4d:52:79:fd:c6:94:93:b9:32:e8:56:0f:a6:e4:
                    56:e7:fe:7a:c3:bf:b6:d0:f8:af:5c:70:c9:60:4b:
                    b2:b4:1c:37:c8:d3:b5:2d:0f:c6:14:44:89:ba:9e:
                    17:82:ba:79:8d:ca:ff:bb:19:82:2d:61:5e:be:6d:
                    8e:a5:95:9f:b4:ef:10:dc:4a:1f:07:7e:d7:28:dc:
                    e5:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:61:6D:1D:D0:55:08:14:32:8A:B2:75:A2:9F:D9:0C:D7:B9:EF:EF
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/FmFtHdBVCBQyirJ1op_ZDNe57-8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:3c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         34:b8:0c:8d:a1:85:c6:09:f7:07:a5:c5:98:5e:3b:b3:1b:39:
         66:f8:8a:67:15:bb:de:ed:78:d3:04:37:37:24:ee:80:3c:57:
         d9:e8:e1:ec:f8:e0:60:26:b8:1b:b7:c3:f0:07:ca:d3:ee:08:
         b2:e9:7c:ca:6e:4f:b6:b2:c6:0d:82:cb:42:d1:c2:f1:d0:aa:
         13:fd:b0:bd:54:a5:66:e3:a2:8b:f9:13:da:73:f0:ef:a4:9d:
         b0:1e:68:38:6c:2c:49:2e:97:9b:24:20:fb:48:3a:77:38:ae:
         21:f2:58:a1:7e:fa:3d:9a:0c:39:f4:e1:58:76:b1:40:63:0e:
         1c:9c:c3:87:08:53:b9:03:f4:88:af:bd:d2:c9:46:b4:8e:a0:
         4c:89:74:c3:e0:db:85:6b:c7:ec:d5:25:3d:81:17:f9:d9:23:
         b1:9e:fc:78:e0:82:bd:46:eb:8f:de:a8:ab:26:cf:6f:fd:88:
         d6:20:00:52:0f:d0:72:fd:f6:e9:14:5f:aa:e0:a8:bf:1d:aa:
         dc:45:d7:fd:36:21:b2:6e:84:78:20:38:bc:5d:0b:03:25:2d:
         ad:51:ae:4d:ec:e2:4a:cf:33:96:bf:8c:e0:aa:7b:2e:bb:08:
         4f:73:bb:e3:16:da:00:94:b0:51:6b:ed:5b:d7:64:de:da:7d:
         e7:a1:b5:de
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY8Rh5MSoaXwNs7vFnbtF+wdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwNDI0MTkxNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjYxNmQxZGQwNTUwODE0MzI4YWIyNzVhMjlmZDkwY2Q3YjllZmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzymIa19CMoXy2Tz7eMZ74GysWGkA
Ab7zQbOluiqI7q9bbL8k39WSxN64NlV0R8hgXMspu8DMZP/35zSgN1/4e3x2vuY0
cr4BHnCRj+IeW7M1JiCYY7FEP7FOsMAk59ut8LunDZdEVZnYAxPk79pGKY+g4IQY
T4DA6TFw7xkuAWtKQkSVtvl3dZdiwuiW4BlSA2nBcMk8dmJGcqlBugVwqVjzdE4f
n8EKoJbtW5ijFwYlfUa2TVJ5/caUk7ky6FYPpuRW5/56w7+20PivXHDJYEuytBw3
yNO1LQ/GFESJup4Xgrp5jcr/uxmCLWFevm2OpZWftO8Q3EofB37XKNzlLQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBZhbR3QVQgUMoqydaKf2QzXue/vMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvRm1GdEhkQlZDQlF5aXJKMW9wX1pETmU1Ny04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhIDwDAN
BgkqhkiG9w0BAQsFAAOCAQEANLgMjaGFxgn3B6XFmF47sxs5ZviKZxW73u140wQ3
NyTugDxX2ejh7PjgYCa4G7fD8AfK0+4Isul8ym5PtrLGDYLLQtHC8dCqE/2wvVSl
ZuOii/kT2nPw76SdsB5oOGwsSS6XmyQg+0g6dziuIfJYoX76PZoMOfThWHaxQGMO
HJzDhwhTuQP0iK+90slGtI6gTIl0w+DbhWvH7NUlPYEX+dkjsZ78eOCCvUbrj96o
qybPb/2I1iAAUg/Qcv326RRfquCovx2q3EXX/TYhsm6EeCA4vF0LAyUtrVGuTezi
Ss8zlr+M4Kp7LrsIT3O74xbaAJSwUWvtW9dk3tp956G13g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org