Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/f55757-5965-4270-beab-a0d6dbfac6eb/1/GLyyxxOo4NM3tF0T09ZJALPp7zU.roa
File:                     GLyyxxOo4NM3tF0T09ZJALPp7zU.roa (raw, json)
Hash identifier:          Pbxe3s7oVI8xLko+bqt6CIBy1h8ir86eLNm6h/bD2IM=
Subject key identifier:   18:BC:B2:C7:13:A8:E0:D3:37:B4:5D:13:D3:D6:49:00:B3:E9:EF:35
Certificate issuer:       /CN=3f3bf511774b6e1d706bb2727b3d3125775a912f
Certificate serial:       0185711E4374015B2F673B8D07FFB1DE301F
Authority key identifier: 3F:3B:F5:11:77:4B:6E:1D:70:6B:B2:72:7B:3D:31:25:77:5A:91:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pzv1EXdLbh1wa7Jyez0xJXdakS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/f55757-5965-4270-beab-a0d6dbfac6eb/1/GLyyxxOo4NM3tF0T09ZJALPp7zU.roa
Signing time:             Mon 02 Jan 2023 06:14:46 +0000
ROA not before:           Mon 02 Jan 2023 06:14:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        2a0a:144::/35 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:1e:43:74:01:5b:2f:67:3b:8d:07:ff:b1:de:30:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f3bf511774b6e1d706bb2727b3d3125775a912f
        Validity
            Not Before: Jan  2 06:14:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=18bcb2c713a8e0d337b45d13d3d64900b3e9ef35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:8c:83:e2:5e:af:86:43:aa:83:35:17:70:bf:
                    d2:7b:b6:a6:b7:06:b6:33:6f:60:4a:cf:fb:84:60:
                    c7:f2:a2:d3:8d:75:8c:aa:9d:02:ad:1d:7a:e8:5f:
                    af:6f:23:38:c1:7a:a4:20:1b:53:f4:87:b4:70:74:
                    e2:d6:11:fe:c8:d9:ac:02:e1:00:72:94:fc:e4:3e:
                    44:5b:4c:4a:db:80:da:82:36:37:66:c1:84:f0:0d:
                    2f:f4:47:9f:21:14:c4:50:76:8f:6f:66:71:9a:32:
                    03:11:73:e5:e1:59:8e:72:a4:67:f9:bc:35:3d:74:
                    04:56:53:58:e7:5d:79:b3:53:89:b1:98:52:9b:91:
                    be:fc:3f:44:d9:58:83:21:51:07:f7:2d:c3:0c:fc:
                    f4:81:37:14:49:0b:b1:ff:1e:c4:4b:5c:14:d6:5f:
                    e3:eb:0e:ef:cc:89:8e:7e:f7:d8:52:1f:c7:fb:14:
                    1a:c3:1c:ee:f7:88:af:38:78:c7:4d:e0:c6:7e:40:
                    7c:e0:bd:1c:70:2b:e6:87:bc:88:6b:1d:36:87:54:
                    48:15:38:5e:95:90:da:2c:da:8c:ca:a5:83:09:83:
                    a4:96:7e:26:b5:16:70:69:1b:7d:e0:ed:d6:61:0a:
                    55:e1:b3:3f:64:1a:cb:1c:b2:32:f2:3e:82:54:ca:
                    7d:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:BC:B2:C7:13:A8:E0:D3:37:B4:5D:13:D3:D6:49:00:B3:E9:EF:35
            X509v3 Authority Key Identifier:
                keyid:3F:3B:F5:11:77:4B:6E:1D:70:6B:B2:72:7B:3D:31:25:77:5A:91:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pzv1EXdLbh1wa7Jyez0xJXdakS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f55757-5965-4270-beab-a0d6dbfac6eb/1/GLyyxxOo4NM3tF0T09ZJALPp7zU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f55757-5965-4270-beab-a0d6dbfac6eb/1/Pzv1EXdLbh1wa7Jyez0xJXdakS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:144::/35

    Signature Algorithm: sha256WithRSAEncryption
         1c:1f:6c:25:73:58:c0:17:72:64:6b:58:03:42:91:c9:3e:51:
         be:fa:f4:ed:54:0f:87:75:d6:da:ed:48:b9:2f:10:e5:5a:2e:
         93:6b:d1:7d:fc:2f:1b:bb:35:12:e7:0b:1b:4f:ce:22:e2:1e:
         be:cd:e2:0c:c0:81:b7:55:59:25:3e:5a:4f:ae:99:b1:1a:2b:
         f4:49:0e:12:1f:89:53:a2:26:3f:06:ea:00:eb:40:22:25:51:
         ff:5a:d9:7b:b7:8c:cc:55:c0:31:12:c4:a0:2f:44:64:33:37:
         9a:7c:6a:e5:aa:d4:1d:68:60:e9:79:aa:e5:8f:bb:fd:6a:a2:
         f0:dd:77:b9:eb:45:43:b8:a6:3b:69:4c:ca:12:06:34:15:38:
         b3:9c:da:f7:b3:7d:57:fa:19:4f:fb:b2:a1:4f:54:21:4b:ea:
         91:e7:12:7b:c5:a8:60:b8:c4:31:7e:d0:0a:94:49:c0:1d:53:
         32:03:f9:b9:47:47:d1:cc:cd:d8:c8:c2:0d:86:2d:ab:7c:db:
         e4:9b:b4:42:43:2c:d7:a8:3e:bc:32:3e:d2:9a:de:3c:70:f4:
         8c:75:eb:33:fc:8d:08:19:38:eb:4e:01:17:73:88:5b:72:f6:
         87:6d:95:88:2c:b9:38:a4:98:12:f6:3b:be:12:92:2b:2e:0f:
         a9:2d:6e:e0
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVxHkN0AVsvZzuNB/+x3jAfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmM2JmNTExNzc0YjZlMWQ3MDZiYjI3MjdiM2QzMTI1Nzc1
YTkxMmYwHhcNMjMwMTAyMDYxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGJjYjJjNzEzYThlMGQzMzdiNDVkMTNkM2Q2NDkwMGIzZTllZjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoyD4l6vhkOqgzUXcL/Se7amtwa2
M29gSs/7hGDH8qLTjXWMqp0CrR166F+vbyM4wXqkIBtT9Ie0cHTi1hH+yNmsAuEA
cpT85D5EW0xK24DagjY3ZsGE8A0v9EefIRTEUHaPb2ZxmjIDEXPl4VmOcqRn+bw1
PXQEVlNY5115s1OJsZhSm5G+/D9E2ViDIVEH9y3DDPz0gTcUSQux/x7ES1wU1l/j
6w7vzImOfvfYUh/H+xQawxzu94ivOHjHTeDGfkB84L0ccCvmh7yIax02h1RIFThe
lZDaLNqMyqWDCYOkln4mtRZwaRt94O3WYQpV4bM/ZBrLHLIy8j6CVMp9iwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFBi8sscTqODTN7RdE9PWSQCz6e81MB8GA1UdIwQY
MBaAFD879RF3S24dcGuycns9MSV3WpEvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHp2MUVYZExiaDF3YTdKeWV6MHhKWGRha1M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9mNTU3NTctNTk2NS00MjcwLWJlYWIt
YTBkNmRiZmFjNmViLzEvR0x5eXh4T280Tk0zdEYwVDA5WkpBTFBwN3pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9mNTU3NTctNTk2NS00MjcwLWJlYWItYTBkNmRiZmFjNmVi
LzEvUHp2MUVYZExiaDF3YTdKeWV6MHhKWGRha1M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYFKgoBRAAw
DQYJKoZIhvcNAQELBQADggEBABwfbCVzWMAXcmRrWANCkck+Ub769O1UD4d11trt
SLkvEOVaLpNr0X38Lxu7NRLnCxtPziLiHr7N4gzAgbdVWSU+Wk+umbEaK/RJDhIf
iVOiJj8G6gDrQCIlUf9a2Xu3jMxVwDESxKAvRGQzN5p8auWq1B1oYOl5quWPu/1q
ovDdd7nrRUO4pjtpTMoSBjQVOLOc2vezfVf6GU/7sqFPVCFL6pHnEnvFqGC4xDF+
0AqUScAdUzID+blHR9HMzdjIwg2GLat82+SbtEJDLNeoPrwyPtKa3jxw9Ix16zP8
jQgZOOtOARdziFty9odtlYgsuTikmBL2O74SkisuD6ktbuA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:03 2024 by rpki-client on console-fra.rpki-client.org