Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/0b2eef-75e9-43b2-9088-8303ad1371dd/1/_1IAJqDUP6w6RoluMHQ-TL9QQFk.roa
File:                     _1IAJqDUP6w6RoluMHQ-TL9QQFk.roa (raw, json)
Hash identifier:          UM9304AXiAdcflbHsPNr8qnedAiFUjAEtNhJHIhEU+M=
Subject key identifier:   FF:52:00:26:A0:D4:3F:AC:3A:46:89:6E:30:74:3E:4C:BF:50:40:59
Certificate issuer:       /CN=97bcbee44f4cef091985e546a6854f9ccb2ada8a
Certificate serial:       01856CEF18334043207A44DAD408DBA5DEFB
Authority key identifier: 97:BC:BE:E4:4F:4C:EF:09:19:85:E5:46:A6:85:4F:9C:CB:2A:DA:8A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l7y-5E9M7wkZheVGpoVPnMsq2oo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/0b2eef-75e9-43b2-9088-8303ad1371dd/1/_1IAJqDUP6w6RoluMHQ-TL9QQFk.roa
Signing time:             Sun 01 Jan 2023 10:44:46 +0000
ROA not before:           Sun 01 Jan 2023 10:44:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41179
IP address blocks:        2a05:a944::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:ef:18:33:40:43:20:7a:44:da:d4:08:db:a5:de:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97bcbee44f4cef091985e546a6854f9ccb2ada8a
        Validity
            Not Before: Jan  1 10:44:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ff520026a0d43fac3a46896e30743e4cbf504059
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:2a:26:c7:a8:7f:cd:95:6b:1e:90:4a:05:ac:
                    38:d0:a2:50:42:3c:57:8b:5d:65:74:68:f6:bf:62:
                    b5:eb:b8:3f:85:b2:57:b6:76:a0:10:3e:8b:ba:cf:
                    e2:f3:34:6f:7c:f4:89:78:96:fb:f2:bf:1d:65:84:
                    72:94:4a:39:2e:73:3d:31:a6:6d:29:de:6a:97:94:
                    d6:63:82:b4:8a:0f:8e:5a:b3:d3:c4:e3:8c:a8:e8:
                    e1:55:67:46:77:9a:50:34:0e:f0:76:df:3d:d6:66:
                    40:56:93:ff:f2:61:f8:41:96:41:53:03:d2:08:4f:
                    45:ee:9d:44:2a:02:73:48:50:5d:46:7b:88:1d:a1:
                    a4:4e:46:5d:ba:f5:94:50:12:4a:c7:3b:5a:ee:d5:
                    d1:a4:b3:9d:8f:cc:b0:c1:75:7d:3c:32:8c:95:0a:
                    34:71:e9:60:7d:9e:af:d2:07:41:82:21:08:09:b5:
                    7e:72:27:e9:0c:5f:68:10:4b:f0:88:82:f4:19:1c:
                    15:11:06:c5:02:de:11:14:b1:98:0d:9e:ba:18:a7:
                    b0:15:24:25:0c:20:74:4d:b2:f2:f5:4f:00:d8:9a:
                    20:ce:b3:fc:cd:03:45:6a:40:84:53:b7:f3:34:59:
                    b0:6a:41:91:18:6e:82:98:95:42:56:e1:44:a5:29:
                    48:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:52:00:26:A0:D4:3F:AC:3A:46:89:6E:30:74:3E:4C:BF:50:40:59
            X509v3 Authority Key Identifier:
                keyid:97:BC:BE:E4:4F:4C:EF:09:19:85:E5:46:A6:85:4F:9C:CB:2A:DA:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l7y-5E9M7wkZheVGpoVPnMsq2oo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/0b2eef-75e9-43b2-9088-8303ad1371dd/1/_1IAJqDUP6w6RoluMHQ-TL9QQFk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/0b2eef-75e9-43b2-9088-8303ad1371dd/1/l7y-5E9M7wkZheVGpoVPnMsq2oo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:a944::/48

    Signature Algorithm: sha256WithRSAEncryption
         92:f4:f3:fb:d9:f5:f8:6f:f0:41:a5:79:11:54:04:8d:b8:4d:
         65:17:3a:d0:49:32:02:75:64:35:b4:d5:27:9f:7e:59:8d:fe:
         e0:9e:62:5a:d3:21:54:46:91:39:ce:d3:bc:53:e0:b9:ba:6b:
         56:0d:32:69:67:93:70:79:df:cf:b1:38:65:66:eb:67:39:63:
         23:92:44:0c:f4:e4:b1:d2:dc:20:6b:01:0a:13:0b:7d:cd:79:
         66:52:31:80:88:91:a0:3a:65:42:2f:32:51:49:fc:2a:0e:57:
         a9:9f:79:fe:19:93:75:0e:7c:f3:4d:c3:a8:f9:fa:73:b9:67:
         24:b2:dc:ce:53:66:11:69:ba:91:86:54:b7:79:d7:d4:e6:8a:
         78:46:f5:1b:35:0b:77:96:29:1c:2e:0e:fa:80:69:40:35:bd:
         9d:9b:5b:2d:be:eb:11:c3:10:10:66:45:00:35:c3:4f:d7:ab:
         e1:56:6f:f0:74:6c:46:ce:bc:72:95:42:39:e6:e2:c5:e1:9b:
         88:94:77:d5:b2:11:cd:5f:aa:10:bd:86:80:9c:62:3b:d5:e0:
         72:0f:6b:da:55:0f:50:cd:6a:40:42:4b:f6:49:7c:cd:ca:c1:
         a0:e7:be:82:46:2f:46:ae:f3:82:00:8a:e2:05:81:4d:9a:96:
         88:14:5f:a6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVs7xgzQEMgekTa1Ajbpd77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3YmNiZWU0NGY0Y2VmMDkxOTg1ZTU0NmE2ODU0ZjljY2Iy
YWRhOGEwHhcNMjMwMTAxMTA0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjUyMDAyNmEwZDQzZmFjM2E0Njg5NmUzMDc0M2U0Y2JmNTA0MDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriomx6h/zZVrHpBKBaw40KJQQjxX
i11ldGj2v2K167g/hbJXtnagED6Lus/i8zRvfPSJeJb78r8dZYRylEo5LnM9MaZt
Kd5ql5TWY4K0ig+OWrPTxOOMqOjhVWdGd5pQNA7wdt891mZAVpP/8mH4QZZBUwPS
CE9F7p1EKgJzSFBdRnuIHaGkTkZduvWUUBJKxzta7tXRpLOdj8ywwXV9PDKMlQo0
celgfZ6v0gdBgiEICbV+cifpDF9oEEvwiIL0GRwVEQbFAt4RFLGYDZ66GKewFSQl
DCB0TbLy9U8A2JogzrP8zQNFakCEU7fzNFmwakGRGG6CmJVCVuFEpSlI/wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFP9SACag1D+sOkaJbjB0Pky/UEBZMB8GA1UdIwQY
MBaAFJe8vuRPTO8JGYXlRqaFT5zLKtqKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDd5LTVFOU03d2taaGVWR3BvVlBuTXNxMm9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8wYjJlZWYtNzVlOS00M2IyLTkwODgt
ODMwM2FkMTM3MWRkLzEvXzFJQUpxRFVQNnc2Um9sdU1IUS1UTDlRUUZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8wYjJlZWYtNzVlOS00M2IyLTkwODgtODMwM2FkMTM3MWRk
LzEvbDd5LTVFOU03d2taaGVWR3BvVlBuTXNxMm9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgWpRAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCS9PP72fX4b/BBpXkRVASNuE1lFzrQSTICdWQ1
tNUnn35Zjf7gnmJa0yFURpE5ztO8U+C5umtWDTJpZ5Nwed/PsThlZutnOWMjkkQM
9OSx0twgawEKEwt9zXlmUjGAiJGgOmVCLzJRSfwqDlepn3n+GZN1DnzzTcOo+fpz
uWckstzOU2YRabqRhlS3edfU5op4RvUbNQt3likcLg76gGlANb2dm1stvusRwxAQ
ZkUANcNP16vhVm/wdGxGzrxylUI55uLF4ZuIlHfVshHNX6oQvYaAnGI71eByD2va
VQ9QzWpAQkv2SXzNysGg576CRi9GrvOCAIriBYFNmpaIFF+m
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:48 2024 by rpki-client on console-fra.rpki-client.org