Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/Pt4tCZ0pBJom2fDyLpC_a2NvEHg.roa
File:                     Pt4tCZ0pBJom2fDyLpC_a2NvEHg.roa (raw, json)
Hash identifier:          2dHJhG0sCCjfbdQx8d3CqItzQj5fuzn6CdlGabe53r4=
Subject key identifier:   3E:DE:2D:09:9D:29:04:9A:26:D9:F0:F2:2E:90:BF:6B:63:6F:10:78
Certificate issuer:       /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial:       01856F3004C4A8C2848303F66689A058EBA9
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/Pt4tCZ0pBJom2fDyLpC_a2NvEHg.roa
Signing time:             Sun 01 Jan 2023 21:14:55 +0000
ROA not before:           Sun 01 Jan 2023 21:14:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211158
IP address blocks:        2a0e:aa07:e021::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:30:04:c4:a8:c2:84:83:03:f6:66:89:a0:58:eb:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
        Validity
            Not Before: Jan  1 21:14:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3ede2d099d29049a26d9f0f22e90bf6b636f1078
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:fb:91:c6:af:07:3d:c0:7d:7d:76:47:52:fd:
                    79:4e:51:d6:c3:99:99:45:c4:32:da:2f:29:7c:92:
                    71:0a:5d:47:77:48:3b:6e:84:88:c9:65:6e:9a:69:
                    ff:af:89:8e:12:96:3e:4b:e3:8d:08:d9:e1:83:93:
                    af:af:42:87:1c:78:c2:d5:04:74:eb:1b:77:9f:f0:
                    3d:a6:7a:0d:ff:e9:d3:40:a1:7f:4e:20:63:e4:9d:
                    fa:bf:bc:1f:1c:61:e0:25:92:55:9c:23:ef:88:eb:
                    55:71:5b:e4:7b:0d:c2:08:3e:10:96:d9:5c:54:58:
                    f9:2c:e4:96:4a:96:1d:2f:18:0f:65:2e:68:a9:1b:
                    16:98:69:43:5b:6f:08:c5:df:52:be:be:f9:53:06:
                    1a:9b:53:ec:a7:aa:fc:0d:48:01:29:4c:b7:28:ee:
                    e4:06:d4:6b:15:c3:b7:63:f3:70:f2:b7:49:ae:c3:
                    75:61:b5:67:53:18:1f:60:88:f7:0f:ac:3f:dc:73:
                    3e:04:bb:0d:2c:bc:01:1c:55:dd:fe:57:8f:19:7e:
                    40:38:36:76:32:c6:27:60:e4:03:57:ce:52:ab:2d:
                    87:0f:e0:d2:1b:13:7b:22:1e:2f:d1:56:53:26:8a:
                    81:c3:e7:8f:8c:d8:90:17:c5:7a:18:40:65:d2:f9:
                    50:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:DE:2D:09:9D:29:04:9A:26:D9:F0:F2:2E:90:BF:6B:63:6F:10:78
            X509v3 Authority Key Identifier:
                keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/Pt4tCZ0pBJom2fDyLpC_a2NvEHg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:aa07:e021::/48

    Signature Algorithm: sha256WithRSAEncryption
         5b:07:90:c7:0d:f1:de:63:4b:40:72:3a:a8:ef:4f:9b:64:32:
         17:58:13:c5:2b:90:c0:26:1b:39:2f:c0:fd:c6:7a:0e:54:32:
         c1:80:70:28:5c:3a:60:4a:d5:40:94:1c:a0:b7:39:49:a9:95:
         76:19:cc:a3:b1:16:5e:1c:69:b0:70:14:2f:f1:c6:05:df:73:
         23:b3:89:79:41:21:ca:b0:fd:8d:9b:e2:06:fb:da:38:dd:1d:
         68:60:7a:0a:ad:4a:9e:43:12:bc:23:8d:3c:77:f2:bb:5c:3f:
         48:4e:46:10:08:45:98:36:da:e5:b3:ba:78:1d:da:d5:f7:8d:
         28:77:67:41:aa:d1:03:2d:b4:6c:03:6a:b8:7c:a5:46:01:a1:
         27:db:ea:05:d1:8c:a5:4a:92:af:97:51:35:db:44:c3:d8:19:
         74:24:d1:6c:36:31:04:8d:cb:81:4b:27:f3:90:24:6b:9e:f0:
         d5:69:23:bf:15:53:b6:bd:45:a0:57:3d:63:57:ca:6b:05:95:
         28:5f:a7:3b:d5:3c:e2:70:08:13:0c:be:21:b0:e5:f7:ba:0a:
         75:cc:ff:7a:cd:30:67:ab:0a:b2:69:db:b7:d9:54:f7:b6:d6:
         22:20:87:d7:ac:39:fb:93:ea:75:18:70:71:ec:51:67:ce:38:
         7f:45:00:d7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvMATEqMKEgwP2ZomgWOupMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwMTAxMjExNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWRlMmQwOTlkMjkwNDlhMjZkOWYwZjIyZTkwYmY2YjYzNmYxMDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPuRxq8HPcB9fXZHUv15TlHWw5mZ
RcQy2i8pfJJxCl1Hd0g7boSIyWVummn/r4mOEpY+S+ONCNnhg5Ovr0KHHHjC1QR0
6xt3n/A9pnoN/+nTQKF/TiBj5J36v7wfHGHgJZJVnCPviOtVcVvkew3CCD4Qltlc
VFj5LOSWSpYdLxgPZS5oqRsWmGlDW28Ixd9Svr75UwYam1Psp6r8DUgBKUy3KO7k
BtRrFcO3Y/Nw8rdJrsN1YbVnUxgfYIj3D6w/3HM+BLsNLLwBHFXd/lePGX5AODZ2
MsYnYOQDV85Sqy2HD+DSGxN7Ih4v0VZTJoqBw+ePjNiQF8V6GEBl0vlQuwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD7eLQmdKQSaJtnw8i6Qv2tjbxB4MB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvUHQ0dENaMHBCSm9tMmZEeUxwQ19hMk52RUhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6qB+Ah
MA0GCSqGSIb3DQEBCwUAA4IBAQBbB5DHDfHeY0tAcjqo70+bZDIXWBPFK5DAJhs5
L8D9xnoOVDLBgHAoXDpgStVAlBygtzlJqZV2GcyjsRZeHGmwcBQv8cYF33Mjs4l5
QSHKsP2Nm+IG+9o43R1oYHoKrUqeQxK8I408d/K7XD9ITkYQCEWYNtrls7p4HdrV
940od2dBqtEDLbRsA2q4fKVGAaEn2+oF0YylSpKvl1E120TD2Bl0JNFsNjEEjcuB
SyfzkCRrnvDVaSO/FVO2vUWgVz1jV8prBZUoX6c71TzicAgTDL4hsOX3ugp1zP96
zTBnqwqyadu32VT3ttYiIIfXrDn7k+p1GHBx7FFnzjh/RQDX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:37 2024 by rpki-client on console-fra.rpki-client.org