Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/00XNqGQ0VSM2OFDyIv2Nxdaj5bc.roa
File:                     00XNqGQ0VSM2OFDyIv2Nxdaj5bc.roa (raw, json)
Hash identifier:          SVcE5MYR7Z5Vzwg0zs4Jnut0QyvVOdvFJpbJDr7baVg=
Subject key identifier:   D3:45:CD:A8:64:34:55:23:36:38:50:F2:22:FD:8D:C5:D6:A3:E5:B7
Certificate issuer:       /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial:       018CF5B13648C1C073ED8DFFFE524E76E0D3
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/00XNqGQ0VSM2OFDyIv2Nxdaj5bc.roa
Signing time:             Wed 10 Jan 2024 23:24:40 +0000
ROA not before:           Wed 10 Jan 2024 23:24:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     206873
IP address blocks:        2a0e:ccc4::/32 maxlen: 32
                          2a0e:4bc3::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 21 Mar 2024 08:52:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:f5:b1:36:48:c1:c0:73:ed:8d:ff:fe:52:4e:76:e0:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
        Validity
            Not Before: Jan 10 23:24:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d345cda864345523363850f222fd8dc5d6a3e5b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:d0:da:85:50:a2:b1:e6:d7:2e:c5:ab:2c:36:
                    ff:37:88:72:c7:c9:e7:e4:bd:8f:c2:a7:15:ca:be:
                    5f:d4:bd:54:14:79:f0:b0:c8:3e:57:0d:3a:8d:83:
                    63:86:1f:56:f7:f7:a3:b4:22:9c:4a:27:17:08:fd:
                    b4:f5:0f:fb:9b:4e:67:e0:6d:c5:5b:97:d7:d0:89:
                    7f:80:40:31:21:f0:c9:6f:a0:4b:78:c4:1c:07:48:
                    3d:90:47:53:3e:f0:b0:ca:2a:a3:76:9d:95:4b:74:
                    8a:ec:06:e3:2e:54:33:85:79:ee:bb:47:7e:4d:69:
                    fa:7c:da:72:67:44:a3:69:12:df:fc:e8:c4:1e:af:
                    65:7c:1a:e4:ae:38:b9:4b:9d:ff:9e:80:5c:b3:ad:
                    f4:9f:13:93:9c:83:2a:b1:bd:f2:0f:b5:a2:d7:2f:
                    6a:05:03:f2:e8:37:23:17:ff:07:c2:dc:60:62:62:
                    50:31:7f:09:47:e0:6f:02:49:26:24:7d:12:1b:75:
                    29:f0:43:e3:65:8e:b5:0f:fc:da:47:88:38:87:8b:
                    a9:c6:2f:ea:18:a8:bf:3b:26:53:d3:91:88:22:f3:
                    07:e3:7a:f2:78:54:11:44:26:1e:11:6b:fc:77:33:
                    a5:04:11:86:89:e3:de:dd:f2:09:67:36:ef:de:8d:
                    a3:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:45:CD:A8:64:34:55:23:36:38:50:F2:22:FD:8D:C5:D6:A3:E5:B7
            X509v3 Authority Key Identifier:
                keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/00XNqGQ0VSM2OFDyIv2Nxdaj5bc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:4bc3::/32
                  2a0e:ccc4::/32

    Signature Algorithm: sha256WithRSAEncryption
         ab:05:7c:78:c5:f6:a2:ff:0c:69:b3:f1:9b:13:2f:a7:58:86:
         76:41:ef:49:5a:c6:fe:7b:5b:56:1d:3a:18:64:fd:43:dd:c6:
         58:33:80:8b:14:a6:ab:55:39:f2:9e:5f:85:bc:c8:23:aa:12:
         e1:03:f9:79:8b:d6:f6:2c:cd:17:5c:3f:36:3f:26:5f:9e:e6:
         62:4b:83:46:7e:ba:6a:8a:a0:7f:c5:0f:5f:40:70:fb:5b:52:
         a6:4b:a5:a1:13:d5:d7:d7:5c:b8:d7:0c:9c:9d:99:70:c8:50:
         47:dc:03:15:c7:b1:b7:07:0f:3c:fe:e8:c9:80:6e:f8:3e:df:
         5d:54:0f:ce:e3:53:dc:33:4a:7f:64:a7:5c:61:bf:82:04:43:
         5a:bb:77:fd:4f:6f:3c:a1:bf:9d:9c:d6:42:92:45:c6:6d:53:
         d5:8f:1e:30:7f:e6:21:74:61:97:24:27:33:a4:02:4b:05:fe:
         87:03:df:a7:7f:18:18:de:f5:a9:b1:f1:44:fc:3a:e6:4a:c1:
         a6:a5:23:9f:72:1d:92:90:1f:66:52:33:d9:d7:c1:5b:0d:c3:
         bb:01:00:f6:32:c3:e0:a7:85:fc:08:79:34:48:43:d1:ec:c1:
         c9:d7:c2:d5:d4:fa:47:c2:8e:da:9a:e6:7c:83:36:2a:2c:41:
         a5:62:84:d7
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYz1sTZIwcBz7Y3//lJOduDTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjQwMTEwMjMyNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzQ1Y2RhODY0MzQ1NTIzMzYzODUwZjIyMmZkOGRjNWQ2YTNlNWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdDahVCisebXLsWrLDb/N4hyx8nn
5L2PwqcVyr5f1L1UFHnwsMg+Vw06jYNjhh9W9/ejtCKcSicXCP209Q/7m05n4G3F
W5fX0Il/gEAxIfDJb6BLeMQcB0g9kEdTPvCwyiqjdp2VS3SK7AbjLlQzhXnuu0d+
TWn6fNpyZ0SjaRLf/OjEHq9lfBrkrji5S53/noBcs630nxOTnIMqsb3yD7Wi1y9q
BQPy6DcjF/8HwtxgYmJQMX8JR+BvAkkmJH0SG3Up8EPjZY61D/zaR4g4h4upxi/q
GKi/OyZT05GIIvMH43ryeFQRRCYeEWv8dzOlBBGGiePe3fIJZzbv3o2jvwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNNFzahkNFUjNjhQ8iL9jcXWo+W3MB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvMDBYTnFHUTBWU00yT0ZEeUl2Mk54ZGFqNWJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg5LwwMF
ACoOzMQwDQYJKoZIhvcNAQELBQADggEBAKsFfHjF9qL/DGmz8ZsTL6dYhnZB70la
xv57W1YdOhhk/UPdxlgzgIsUpqtVOfKeX4W8yCOqEuED+XmL1vYszRdcPzY/Jl+e
5mJLg0Z+umqKoH/FD19AcPtbUqZLpaET1dfXXLjXDJydmXDIUEfcAxXHsbcHDzz+
6MmAbvg+311UD87jU9wzSn9kp1xhv4IEQ1q7d/1Pbzyhv52c1kKSRcZtU9WPHjB/
5iF0YZckJzOkAksF/ocD36d/GBje9amx8UT8OuZKwaalI59yHZKQH2ZSM9nXwVsN
w7sBAPYyw+CnhfwIeTRIQ9HswcnXwtXU+kfCjtqa5nyDNiosQaVihNc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org