Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/zMuumvmJWekohe5EV-a7oBVD-oM.roa
File:                     zMuumvmJWekohe5EV-a7oBVD-oM.roa (raw, json)
Hash identifier:          nukl38sQcMM9gTLJVE+4IyfMV6kaDjeFC2zo7hfXpew=
Subject key identifier:   CC:CB:AE:9A:F9:89:59:E9:28:85:EE:44:57:E6:BB:A0:15:43:FA:83
Certificate issuer:       /CN=5403e5f8405d6085b8df4bfce1dd9bb3e78c2199
Certificate serial:       018A2F636C20D5A064B6101066EEED4D1175
Authority key identifier: 54:03:E5:F8:40:5D:60:85:B8:DF:4B:FC:E1:DD:9B:B3:E7:8C:21:99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VAPl-EBdYIW430v84d2bs-eMIZk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/zMuumvmJWekohe5EV-a7oBVD-oM.roa
Signing time:             Sat 26 Aug 2023 01:09:19 +0000
ROA not before:           Sat 26 Aug 2023 01:09:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213023
IP address blocks:        2a0b:f380:a::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:2f:63:6c:20:d5:a0:64:b6:10:10:66:ee:ed:4d:11:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5403e5f8405d6085b8df4bfce1dd9bb3e78c2199
        Validity
            Not Before: Aug 26 01:09:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cccbae9af98959e92885ee4457e6bba01543fa83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:cf:7e:31:3b:1b:8f:2a:13:3b:bd:f7:f2:cf:
                    3b:34:9f:f5:13:fb:6d:34:46:67:31:7d:e4:d4:fa:
                    c2:f8:d5:c7:6c:8f:1c:7b:58:d2:65:7f:1b:79:d7:
                    76:cd:d5:ca:a2:53:6f:55:c7:61:b6:67:14:13:bf:
                    36:4e:82:4b:f4:70:bf:a4:da:a4:15:e0:85:e8:b9:
                    85:1a:c6:9d:93:bc:4b:87:9b:cf:ef:c4:1e:f6:fe:
                    aa:c0:8f:5e:ea:7b:59:3d:f4:23:24:47:8c:67:47:
                    c0:a2:fc:01:ca:5c:4a:11:d1:aa:c8:85:51:a5:12:
                    1c:8c:e8:5e:0d:7f:f1:1c:46:5c:31:52:61:13:61:
                    b7:97:af:57:4d:82:c5:91:02:dd:29:72:04:52:9a:
                    cf:2a:89:de:ae:07:8b:43:34:9c:d2:e6:9e:df:45:
                    c3:0c:7c:94:a6:17:25:37:40:9e:77:b0:be:5f:fe:
                    69:66:89:a1:38:65:ef:cb:9d:e5:43:bc:9b:bc:21:
                    68:64:05:41:37:e9:fe:c2:70:58:47:58:bc:a6:4b:
                    0b:49:1e:80:be:11:00:d1:8a:12:65:8a:69:bb:5b:
                    90:70:f8:79:73:ca:55:30:ad:ee:f4:52:1f:ec:52:
                    d9:42:7f:bd:f4:7e:8c:dd:86:99:cb:9b:90:e1:72:
                    6c:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:CB:AE:9A:F9:89:59:E9:28:85:EE:44:57:E6:BB:A0:15:43:FA:83
            X509v3 Authority Key Identifier:
                keyid:54:03:E5:F8:40:5D:60:85:B8:DF:4B:FC:E1:DD:9B:B3:E7:8C:21:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VAPl-EBdYIW430v84d2bs-eMIZk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/zMuumvmJWekohe5EV-a7oBVD-oM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/VAPl-EBdYIW430v84d2bs-eMIZk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:f380:a::/48

    Signature Algorithm: sha256WithRSAEncryption
         7d:07:74:c3:82:f9:3b:56:58:ab:68:5c:4a:2e:eb:86:30:85:
         f7:1d:e5:ff:a7:38:65:82:5d:44:6f:33:26:d6:38:52:36:f8:
         e4:27:d6:c0:82:68:7c:ef:12:4e:ce:83:7b:61:69:85:db:18:
         66:04:66:bb:8f:1b:05:eb:3e:96:c0:3c:ad:8c:a2:65:0f:3a:
         39:b3:48:1f:58:7e:69:9e:e5:5c:ff:3f:25:52:49:b9:48:6d:
         94:22:07:9a:dc:04:a0:44:8f:4f:83:79:b7:58:74:f5:63:7e:
         56:60:19:c4:67:c6:a4:2a:c7:42:ee:db:d1:a9:3c:dc:05:ad:
         8b:8d:98:4c:b6:77:0d:9a:9a:10:94:b6:11:a3:a3:00:03:fd:
         2e:f9:01:d5:23:f7:10:e5:46:48:7e:40:f0:a8:87:1f:ef:7f:
         6f:eb:6b:09:11:bf:a4:9d:69:73:15:a0:52:83:c8:f4:29:f8:
         92:73:41:db:06:ac:b5:e5:f7:69:a1:69:fe:54:a4:51:60:9c:
         70:ea:f9:a2:36:71:b6:d2:06:b2:8d:bd:ee:ac:a1:47:1e:62:
         eb:f5:40:68:36:87:7b:75:b3:4d:23:94:20:b4:4c:e9:30:c8:
         91:f6:f2:86:2a:c8:9d:ab:da:a7:ca:59:17:14:db:09:43:fa:
         39:17:0e:4f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYovY2wg1aBkthAQZu7tTRF1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MDNlNWY4NDA1ZDYwODViOGRmNGJmY2UxZGQ5YmIzZTc4
YzIxOTkwHhcNMjMwODI2MDEwOTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2NiYWU5YWY5ODk1OWU5Mjg4NWVlNDQ1N2U2YmJhMDE1NDNmYTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3s9+MTsbjyoTO7338s87NJ/1E/tt
NEZnMX3k1PrC+NXHbI8ce1jSZX8bedd2zdXKolNvVcdhtmcUE782ToJL9HC/pNqk
FeCF6LmFGsadk7xLh5vP78Qe9v6qwI9e6ntZPfQjJEeMZ0fAovwBylxKEdGqyIVR
pRIcjOheDX/xHEZcMVJhE2G3l69XTYLFkQLdKXIEUprPKonergeLQzSc0uae30XD
DHyUphclN0Ced7C+X/5pZomhOGXvy53lQ7ybvCFoZAVBN+n+wnBYR1i8pksLSR6A
vhEA0YoSZYppu1uQcPh5c8pVMK3u9FIf7FLZQn+99H6M3YaZy5uQ4XJskQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMzLrpr5iVnpKIXuRFfmu6AVQ/qDMB8GA1UdIwQY
MBaAFFQD5fhAXWCFuN9L/OHdm7PnjCGZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkFQbC1FQmRZSVc0MzB2ODRkMmJzLWVNSVprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hZWU4ZDktMjFlZC00ZGI3LWJkNzAt
MTVhNDJhYzllZmE4LzEvek11dW12bUpXZWtvaGU1RVYtYTdvQlZELW9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hZWU4ZDktMjFlZC00ZGI3LWJkNzAtMTVhNDJhYzllZmE4
LzEvVkFQbC1FQmRZSVc0MzB2ODRkMmJzLWVNSVprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgvzgAAK
MA0GCSqGSIb3DQEBCwUAA4IBAQB9B3TDgvk7VliraFxKLuuGMIX3HeX/pzhlgl1E
bzMm1jhSNvjkJ9bAgmh87xJOzoN7YWmF2xhmBGa7jxsF6z6WwDytjKJlDzo5s0gf
WH5pnuVc/z8lUkm5SG2UIgea3ASgRI9Pg3m3WHT1Y35WYBnEZ8akKsdC7tvRqTzc
Ba2LjZhMtncNmpoQlLYRo6MAA/0u+QHVI/cQ5UZIfkDwqIcf739v62sJEb+knWlz
FaBSg8j0KfiSc0HbBqy15fdpoWn+VKRRYJxw6vmiNnG20gayjb3urKFHHmLr9UBo
Nod7dbNNI5QgtEzpMMiR9vKGKsidq9qnylkXFNsJQ/o5Fw5P
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:21 2024 by rpki-client on console-fra.rpki-client.org