Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/3WV3LHNLScmpdIAPhjTaQ5imo44.roa
File:                     3WV3LHNLScmpdIAPhjTaQ5imo44.roa (raw, json)
Hash identifier:          UPZYuZz6vSb8+HlFUkKm/wbP6Fv5WXqxh0FLxn4Zrg4=
Subject key identifier:   DD:65:77:2C:73:4B:49:C9:A9:74:80:0F:86:34:DA:43:98:A6:A3:8E
Certificate issuer:       /CN=5403e5f8405d6085b8df4bfce1dd9bb3e78c2199
Certificate serial:       0189D92C7C7C6160318C6D0BBD5518F67ED5
Authority key identifier: 54:03:E5:F8:40:5D:60:85:B8:DF:4B:FC:E1:DD:9B:B3:E7:8C:21:99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VAPl-EBdYIW430v84d2bs-eMIZk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/3WV3LHNLScmpdIAPhjTaQ5imo44.roa
Signing time:             Wed 09 Aug 2023 07:21:58 +0000
ROA not before:           Wed 09 Aug 2023 07:21:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213023
IP address blocks:        2a0b:f380:a::/48 maxlen: 48

Validation:               Failed, certificate revoked on Fri 25 Aug 2023 17:42:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:d9:2c:7c:7c:61:60:31:8c:6d:0b:bd:55:18:f6:7e:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5403e5f8405d6085b8df4bfce1dd9bb3e78c2199
        Validity
            Not Before: Aug  9 07:21:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dd65772c734b49c9a974800f8634da4398a6a38e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:ec:13:d5:0f:06:f2:28:29:d9:cd:3c:10:5d:
                    7c:59:63:cc:9f:5e:73:17:cf:00:a7:ff:5c:9a:62:
                    bd:bd:75:2d:02:40:c1:25:96:9b:6f:a7:4a:ad:1d:
                    f1:68:6d:25:f0:ed:64:c6:1d:51:a7:49:ee:4b:fa:
                    1e:24:f1:2a:cf:eb:08:f7:5e:69:58:a6:fd:fa:9d:
                    9a:28:99:09:72:aa:d8:28:4a:96:78:a6:35:8c:a9:
                    03:52:1e:cd:3d:37:b6:ae:3f:ba:f3:af:f4:74:5e:
                    2c:3f:7e:c4:2b:75:87:d0:76:66:69:88:f8:d6:2e:
                    34:75:1c:39:c2:54:cd:a9:dd:22:4c:06:7a:34:c8:
                    b1:ce:4a:d9:05:78:6d:e7:98:95:3c:41:88:35:9f:
                    cc:65:73:10:25:1d:97:63:7a:11:8e:29:61:89:ea:
                    94:74:df:26:e3:36:01:e7:ce:79:2c:35:47:1a:b5:
                    59:c0:38:74:53:89:63:02:76:32:db:73:11:29:fb:
                    c8:a2:cc:5d:e5:da:91:06:0f:e9:9c:39:a2:41:17:
                    ad:f8:c4:51:c4:a4:6b:e1:e6:10:00:40:e6:37:31:
                    be:d7:39:02:74:61:df:ae:43:36:3e:ef:95:ca:5c:
                    22:8b:84:50:71:16:d6:0b:c3:c6:b4:cc:c7:93:1e:
                    d5:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:65:77:2C:73:4B:49:C9:A9:74:80:0F:86:34:DA:43:98:A6:A3:8E
            X509v3 Authority Key Identifier:
                keyid:54:03:E5:F8:40:5D:60:85:B8:DF:4B:FC:E1:DD:9B:B3:E7:8C:21:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VAPl-EBdYIW430v84d2bs-eMIZk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/3WV3LHNLScmpdIAPhjTaQ5imo44.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/VAPl-EBdYIW430v84d2bs-eMIZk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:f380:a::/48

    Signature Algorithm: sha256WithRSAEncryption
         62:91:62:39:57:a7:e9:3a:4d:89:c5:5d:47:1c:09:ec:1c:d9:
         ea:da:29:ec:d1:23:d6:8d:4a:a6:84:ce:27:df:8d:94:51:39:
         e6:8d:e0:4c:12:09:61:72:13:cf:73:2b:22:c8:4e:3e:aa:56:
         b7:27:a4:7e:c8:a3:48:a0:ad:f5:72:9d:53:4b:b6:ce:2d:5f:
         2b:b3:e7:e4:22:6d:71:5a:5c:2b:8e:66:b2:95:dd:c5:e7:77:
         1d:25:fd:90:82:76:c8:bc:8a:29:a1:cf:c1:3f:1f:e8:83:9c:
         b5:34:e2:58:b0:ad:61:ec:a4:6e:8c:e6:aa:f1:88:51:78:05:
         81:ba:d7:bc:a7:4e:44:7a:90:47:eb:18:96:f6:fc:a0:dc:de:
         ea:93:d5:84:68:84:98:a5:16:f3:26:b4:e3:b5:6b:07:28:a1:
         ff:6e:ae:e7:18:d1:49:0b:5f:8a:df:97:a3:9b:e5:0d:a3:46:
         3e:a4:a2:c3:18:db:97:30:ea:0c:83:a6:f7:41:f5:36:48:2a:
         0f:46:89:55:8a:65:e1:72:9a:4a:b2:fc:4b:99:ba:3c:81:42:
         07:02:4c:10:ca:dc:d6:2b:62:52:0a:1f:f7:90:56:ad:0a:f9:
         1e:b1:0d:f1:0f:10:88:c1:ea:a2:d7:bb:e4:85:3c:c1:73:c5:
         d3:8d:15:35
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYnZLHx8YWAxjG0LvVUY9n7VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MDNlNWY4NDA1ZDYwODViOGRmNGJmY2UxZGQ5YmIzZTc4
YzIxOTkwHhcNMjMwODA5MDcyMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDY1NzcyYzczNGI0OWM5YTk3NDgwMGY4NjM0ZGE0Mzk4YTZhMzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+wT1Q8G8igp2c08EF18WWPMn15z
F88Ap/9cmmK9vXUtAkDBJZabb6dKrR3xaG0l8O1kxh1Rp0nuS/oeJPEqz+sI915p
WKb9+p2aKJkJcqrYKEqWeKY1jKkDUh7NPTe2rj+686/0dF4sP37EK3WH0HZmaYj4
1i40dRw5wlTNqd0iTAZ6NMixzkrZBXht55iVPEGINZ/MZXMQJR2XY3oRjilhieqU
dN8m4zYB5855LDVHGrVZwDh0U4ljAnYy23MRKfvIosxd5dqRBg/pnDmiQRet+MRR
xKRr4eYQAEDmNzG+1zkCdGHfrkM2Pu+Vylwii4RQcRbWC8PGtMzHkx7VSwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN1ldyxzS0nJqXSAD4Y02kOYpqOOMB8GA1UdIwQY
MBaAFFQD5fhAXWCFuN9L/OHdm7PnjCGZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkFQbC1FQmRZSVc0MzB2ODRkMmJzLWVNSVprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hZWU4ZDktMjFlZC00ZGI3LWJkNzAt
MTVhNDJhYzllZmE4LzEvM1dWM0xITkxTY21wZElBUGhqVGFRNWltbzQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hZWU4ZDktMjFlZC00ZGI3LWJkNzAtMTVhNDJhYzllZmE4
LzEvVkFQbC1FQmRZSVc0MzB2ODRkMmJzLWVNSVprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgvzgAAK
MA0GCSqGSIb3DQEBCwUAA4IBAQBikWI5V6fpOk2JxV1HHAnsHNnq2ins0SPWjUqm
hM4n342UUTnmjeBMEglhchPPcysiyE4+qla3J6R+yKNIoK31cp1TS7bOLV8rs+fk
Im1xWlwrjmayld3F53cdJf2QgnbIvIopoc/BPx/og5y1NOJYsK1h7KRujOaq8YhR
eAWBute8p05EepBH6xiW9vyg3N7qk9WEaISYpRbzJrTjtWsHKKH/bq7nGNFJC1+K
35ejm+UNo0Y+pKLDGNuXMOoMg6b3QfU2SCoPRolVimXhcppKsvxLmbo8gUIHAkwQ
ytzWK2JSCh/3kFatCvkesQ3xDxCIweqi17vkhTzBc8XTjRU1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:21 2024 by rpki-client on console-fra.rpki-client.org