Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/MwiPSOxTZPJHMqAWeEolUl_AyMU.roa
File:                     MwiPSOxTZPJHMqAWeEolUl_AyMU.roa (raw, json)
Hash identifier:          TljOUhbaM6I9L8QNMKdFmwS2mG3cWgLRfWEXYcIXZBo=
Subject key identifier:   33:08:8F:48:EC:53:64:F2:47:32:A0:16:78:4A:25:52:5F:C0:C8:C5
Certificate issuer:       /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial:       018C5BC80D6A6112AE1CFE26E77A5815D440
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/MwiPSOxTZPJHMqAWeEolUl_AyMU.roa
Signing time:             Tue 12 Dec 2023 02:08:06 +0000
ROA not before:           Tue 12 Dec 2023 02:08:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211013
IP address blocks:        2a05:1082:f000::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:5b:c8:0d:6a:61:12:ae:1c:fe:26:e7:7a:58:15:d4:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
        Validity
            Not Before: Dec 12 02:08:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=33088f48ec5364f24732a016784a25525fc0c8c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:65:42:86:85:da:1e:fe:d2:94:4f:d1:49:0d:
                    0c:f3:cd:3c:06:e6:b2:cd:09:a3:8f:5b:b5:2e:4f:
                    5d:bb:18:4c:9a:5a:e8:f6:7d:3b:bc:8f:c6:34:73:
                    2c:15:99:a1:46:2f:15:36:95:1b:1a:73:38:bc:51:
                    44:87:65:74:62:e8:9a:57:07:d6:27:ee:96:f1:d0:
                    48:0a:94:67:db:e8:73:27:85:b7:16:df:fe:07:0b:
                    20:6c:1c:38:63:f6:44:9b:66:68:51:ee:dd:80:bf:
                    c2:1f:05:d4:80:d3:39:81:27:bd:cb:b9:b8:2f:8d:
                    cd:da:75:cf:14:d9:1b:b4:f7:a4:c8:17:88:8f:44:
                    2e:53:35:f3:de:6c:cf:7c:e6:74:a9:07:07:c9:2d:
                    19:86:0d:cd:9c:5b:e5:0b:40:3b:eb:43:d8:61:81:
                    5c:e9:3c:be:e0:80:34:6f:0e:ac:c9:61:4d:ee:9f:
                    98:c5:b4:06:56:69:bd:d2:31:9f:79:eb:d7:0c:ce:
                    f5:08:8a:a4:13:d3:85:4e:05:a1:7f:b8:10:32:e9:
                    99:91:af:0f:77:c3:cc:6b:64:4c:23:33:04:e1:29:
                    ba:fd:e7:c5:eb:bc:47:33:39:bd:a9:65:cc:a1:f6:
                    38:7f:f1:8e:07:04:85:02:1d:4d:49:0f:80:f0:c5:
                    f6:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:08:8F:48:EC:53:64:F2:47:32:A0:16:78:4A:25:52:5F:C0:C8:C5
            X509v3 Authority Key Identifier:
                keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/MwiPSOxTZPJHMqAWeEolUl_AyMU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:1082:f000::/48

    Signature Algorithm: sha256WithRSAEncryption
         72:a0:1c:98:e6:2c:43:41:7a:c6:b6:ff:21:0b:49:11:7f:d4:
         48:b2:fb:70:ee:42:90:2b:2e:8f:c3:fc:ae:bc:07:bd:5b:15:
         3e:0d:ee:58:ab:a7:e2:f6:97:c8:5f:cb:6b:20:68:d6:c4:e0:
         59:7b:18:ad:63:dc:de:93:ee:4d:7c:46:cf:05:e5:d4:46:7e:
         da:f8:db:5f:8c:c2:77:a3:dd:e1:4c:ff:c0:1b:06:1b:9c:5b:
         7e:75:11:ac:b4:61:10:69:80:f2:c9:90:be:7f:4c:44:8f:b6:
         77:d9:ea:57:73:4e:96:b0:a3:4a:3e:dc:26:a3:a3:c8:18:9b:
         2b:6e:0c:b1:9c:30:6e:59:57:c0:27:83:b9:cb:05:82:3b:ae:
         9c:0e:a5:80:98:70:fe:d2:c7:ea:d2:5a:50:ca:57:93:a2:35:
         b4:38:db:19:d0:c5:05:c1:7a:ae:95:e0:98:5b:6a:ce:98:7d:
         bd:cc:0a:10:9e:18:db:68:83:a5:d5:4c:bb:34:6c:c0:d0:da:
         7e:44:84:61:cb:0c:79:db:c3:18:07:c7:60:d5:b3:7a:44:6b:
         6e:52:76:2d:54:ef:2b:a2:83:d2:ff:2f:01:53:56:3d:46:0b:
         54:c5:68:46:f8:52:23:06:df:26:6d:97:3b:14:ae:3b:00:4b:
         9c:7e:5c:da
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYxbyA1qYRKuHP4m53pYFdRAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYzY5ZDA0NTgzNTAwYzVlZjgxMTM2ODMxMjM3NTkzZTBi
Yjg2Y2UwHhcNMjMxMjEyMDIwODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzA4OGY0OGVjNTM2NGYyNDczMmEwMTY3ODRhMjU1MjVmYzBjOGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2VChoXaHv7SlE/RSQ0M8808Buay
zQmjj1u1Lk9duxhMmlro9n07vI/GNHMsFZmhRi8VNpUbGnM4vFFEh2V0YuiaVwfW
J+6W8dBICpRn2+hzJ4W3Ft/+BwsgbBw4Y/ZEm2ZoUe7dgL/CHwXUgNM5gSe9y7m4
L43N2nXPFNkbtPekyBeIj0QuUzXz3mzPfOZ0qQcHyS0Zhg3NnFvlC0A760PYYYFc
6Ty+4IA0bw6syWFN7p+YxbQGVmm90jGfeevXDM71CIqkE9OFTgWhf7gQMumZka8P
d8PMa2RMIzME4Sm6/efF67xHMzm9qWXMofY4f/GOBwSFAh1NSQ+A8MX2NQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDMIj0jsU2TyRzKgFnhKJVJfwMjFMB8GA1UdIwQY
MBaAFHPGnQRYNQDF74ETaDEjdZPgu4bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQt
ZjljYjBhN2IyMDZjLzEvTXdpUFNPeFRaUEpITXFBV2VFb2xVbF9BeU1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQtZjljYjBhN2IyMDZj
LzEvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgUQgvAA
MA0GCSqGSIb3DQEBCwUAA4IBAQByoByY5ixDQXrGtv8hC0kRf9RIsvtw7kKQKy6P
w/yuvAe9WxU+De5Yq6fi9pfIX8trIGjWxOBZexitY9zek+5NfEbPBeXURn7a+Ntf
jMJ3o93hTP/AGwYbnFt+dRGstGEQaYDyyZC+f0xEj7Z32epXc06WsKNKPtwmo6PI
GJsrbgyxnDBuWVfAJ4O5ywWCO66cDqWAmHD+0sfq0lpQyleTojW0ONsZ0MUFwXqu
leCYW2rOmH29zAoQnhjbaIOl1Uy7NGzA0Np+RIRhywx528MYB8dg1bN6RGtuUnYt
VO8rooPS/y8BU1Y9RgtUxWhG+FIjBt8mbZc7FK47AEucflza
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:39 2024 by rpki-client on console-fra.rpki-client.org