Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/mKvBHBmUtVXeujx9Q71frxYLZ3A.roa
File:                     mKvBHBmUtVXeujx9Q71frxYLZ3A.roa (raw, json)
Hash identifier:          gfK6HX9OGhv74/DzJZd+ykmPZeC0ia50i3Zx1LHNCFE=
Subject key identifier:   98:AB:C1:1C:19:94:B5:55:DE:BA:3C:7D:43:BD:5F:AF:16:0B:67:70
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018FA54F8305D780D5983BFD9951FDB78C11
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/mKvBHBmUtVXeujx9Q71frxYLZ3A.roa
Signing time:             Thu 23 May 2024 11:56:42 +0000
ROA not before:           Thu 23 May 2024 11:56:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215158
IP address blocks:        2a12:ed80::/29 maxlen: 29

Validation:               Failed, certificate revoked on Fri 24 May 2024 12:23:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:a5:4f:83:05:d7:80:d5:98:3b:fd:99:51:fd:b7:8c:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: May 23 11:56:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=98abc11c1994b555deba3c7d43bd5faf160b6770
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:8f:4a:a1:5f:9e:ee:ad:47:47:a5:6e:50:ff:
                    6e:ab:aa:eb:d9:4f:5b:97:88:14:5a:16:3d:a9:a6:
                    d6:1a:11:0b:27:6e:10:f7:a0:c0:a7:81:77:d0:46:
                    d0:22:3c:e2:ed:98:65:22:c8:8a:9e:98:cf:50:f9:
                    93:c0:22:48:48:3d:b3:e8:5a:c2:17:52:32:0c:0d:
                    b5:2f:86:05:11:4a:59:d0:1e:b8:f7:69:b9:7c:43:
                    29:27:90:9e:fd:af:d1:db:81:36:62:ef:3c:5b:51:
                    8e:b8:9b:06:a9:ae:5b:53:92:ea:0f:a4:4c:e8:98:
                    0f:54:56:48:36:48:0d:4b:3b:d8:8c:a3:d4:cb:51:
                    53:d8:56:0d:a3:42:ac:93:15:f3:7f:a3:0e:73:a1:
                    bf:52:5c:2d:f0:12:29:68:6c:1d:70:bb:7a:7f:84:
                    31:09:88:ed:bd:9a:61:81:16:61:b6:6f:31:ee:f5:
                    10:2a:18:cd:d9:4b:1a:0e:73:22:4a:b4:ed:76:fa:
                    7f:14:bf:c7:b1:b9:03:06:74:81:53:59:02:6d:70:
                    0d:46:f8:b0:26:d6:73:41:6d:aa:8e:c6:26:a2:96:
                    a8:31:1f:4b:b3:e5:fd:0a:cd:c9:3c:74:19:1e:b4:
                    2e:d7:4c:04:70:3e:63:7e:50:d9:c9:15:1d:2d:13:
                    5b:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:AB:C1:1C:19:94:B5:55:DE:BA:3C:7D:43:BD:5F:AF:16:0B:67:70
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/mKvBHBmUtVXeujx9Q71frxYLZ3A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:ed80::/29

    Signature Algorithm: sha256WithRSAEncryption
         33:d2:12:c2:69:4b:e4:2d:0b:04:8b:ed:53:ba:e9:cd:38:3b:
         c7:09:db:77:e8:41:85:f0:e4:5e:0c:7a:ba:85:84:0a:9a:45:
         b5:f6:77:d0:18:a8:b6:46:69:1f:50:5c:02:19:de:5b:58:13:
         71:f4:f4:f2:3a:6c:46:a9:c0:28:99:67:18:8f:b8:20:b2:2b:
         54:be:bf:d4:b2:19:8e:17:04:f5:a2:49:6e:1c:c5:d1:ef:5a:
         30:e2:29:2b:72:3c:62:0a:3c:c8:aa:0d:cf:2f:4c:da:9a:d1:
         c0:d2:ae:41:a4:8a:8a:0e:ef:9d:dd:8d:20:67:88:67:63:58:
         67:2f:73:df:c8:64:50:17:72:d1:dd:11:85:b4:22:87:ca:28:
         6b:bf:69:e3:8b:4b:8f:9c:93:88:54:9b:61:18:73:5d:33:af:
         93:03:ee:88:55:2c:f4:04:d2:d1:19:7b:1d:7a:5c:5e:ba:fd:
         be:04:3e:dd:45:d8:cd:5f:a7:7d:07:73:2f:c0:43:60:b6:85:
         ee:ca:e3:7b:e3:20:67:4c:96:b1:25:1d:5d:ae:21:80:c3:fa:
         2d:da:d4:3c:ee:d0:8c:77:24:29:84:4a:fb:b6:32:5b:b8:2a:
         d5:cd:3e:44:9e:f9:76:84:9d:8a:f2:4b:77:ca:ca:a0:4e:9c:
         2c:05:1c:08
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY+lT4MF14DVmDv9mVH9t4wRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwNTIzMTE1NjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGFiYzExYzE5OTRiNTU1ZGViYTNjN2Q0M2JkNWZhZjE2MGI2NzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Y9KoV+e7q1HR6VuUP9uq6rr2U9b
l4gUWhY9qabWGhELJ24Q96DAp4F30EbQIjzi7ZhlIsiKnpjPUPmTwCJISD2z6FrC
F1IyDA21L4YFEUpZ0B6492m5fEMpJ5Ce/a/R24E2Yu88W1GOuJsGqa5bU5LqD6RM
6JgPVFZINkgNSzvYjKPUy1FT2FYNo0KskxXzf6MOc6G/Ulwt8BIpaGwdcLt6f4Qx
CYjtvZphgRZhtm8x7vUQKhjN2UsaDnMiSrTtdvp/FL/HsbkDBnSBU1kCbXANRviw
JtZzQW2qjsYmopaoMR9Ls+X9Cs3JPHQZHrQu10wEcD5jflDZyRUdLRNbQQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJirwRwZlLVV3ro8fUO9X68WC2dwMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvbUt2QkhCbVV0VlhldWp4OVE3MWZyeFlMWjNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhLtgDAN
BgkqhkiG9w0BAQsFAAOCAQEAM9ISwmlL5C0LBIvtU7rpzTg7xwnbd+hBhfDkXgx6
uoWECppFtfZ30BiotkZpH1BcAhneW1gTcfT08jpsRqnAKJlnGI+4ILIrVL6/1LIZ
jhcE9aJJbhzF0e9aMOIpK3I8Ygo8yKoNzy9M2prRwNKuQaSKig7vnd2NIGeIZ2NY
Zy9z38hkUBdy0d0RhbQih8ooa79p44tLj5yTiFSbYRhzXTOvkwPuiFUs9ATS0Rl7
HXpcXrr9vgQ+3UXYzV+nfQdzL8BDYLaF7srje+MgZ0yWsSUdXa4hgMP6LdrUPO7Q
jHckKYRK+7YyW7gq1c0+RJ75doSdivJLd8rKoE6cLAUcCA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org