Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/DsfBNEn0ccz7-pG1OBJKnzIfxcE.roa
File:                     DsfBNEn0ccz7-pG1OBJKnzIfxcE.roa (raw, json)
Hash identifier:          UShOhdm9E9mXA2z19qctJnGNpLlP71DHSFkgIBoVYm4=
Subject key identifier:   0E:C7:C1:34:49:F4:71:CC:FB:FA:91:B5:38:12:4A:9F:32:1F:C5:C1
Certificate issuer:       /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial:       018B89FAEDD8605D3F7247A4A77F50242551
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/DsfBNEn0ccz7-pG1OBJKnzIfxcE.roa
Signing time:             Wed 01 Nov 2023 08:23:25 +0000
ROA not before:           Wed 01 Nov 2023 08:23:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204916
IP address blocks:        2a0f:6fc1::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:89:fa:ed:d8:60:5d:3f:72:47:a4:a7:7f:50:24:25:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
        Validity
            Not Before: Nov  1 08:23:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0ec7c13449f471ccfbfa91b538124a9f321fc5c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:4f:a7:83:86:d1:e1:1e:9d:47:a0:ef:7a:07:
                    65:e9:83:bf:b1:b0:d8:de:fd:75:24:b7:8c:49:1d:
                    8a:91:db:79:4e:86:2e:80:d2:69:6e:e7:f0:4f:7e:
                    53:92:e2:dd:bc:d8:97:55:2a:ef:6d:f4:9e:5e:6b:
                    5e:1f:6c:0f:e5:ed:aa:6a:3b:5b:f3:57:72:ed:ed:
                    10:82:b8:2d:e9:0f:d3:c4:82:9f:1d:52:b4:cf:38:
                    94:ea:47:bb:6e:5d:cc:f2:6d:16:c5:1d:e0:19:4c:
                    34:3d:1c:87:19:c9:26:f1:83:d2:68:3d:c8:53:04:
                    88:9f:b0:bb:6b:2b:a0:89:60:45:81:58:be:e4:f7:
                    f9:73:39:51:a5:2f:48:02:05:b5:99:9a:bb:47:fd:
                    f0:5a:f8:a9:19:3a:91:a1:d0:ab:14:3f:77:f8:eb:
                    9b:c8:93:2d:89:59:63:bf:31:a5:5a:37:84:d4:73:
                    4c:fe:7b:6f:bd:57:f6:c9:78:69:39:09:9c:2f:ac:
                    6e:00:e7:18:41:d4:bb:e9:65:44:a2:c1:28:47:6f:
                    a0:dd:8b:65:a5:da:f1:6c:74:99:30:44:31:c5:c2:
                    9a:7c:62:55:ad:5f:34:81:ac:65:e3:1c:e1:c7:36:
                    98:ec:d5:a5:a8:dd:db:28:df:65:64:73:7d:92:3e:
                    bc:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:C7:C1:34:49:F4:71:CC:FB:FA:91:B5:38:12:4A:9F:32:1F:C5:C1
            X509v3 Authority Key Identifier:
                keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/DsfBNEn0ccz7-pG1OBJKnzIfxcE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:6fc1::/32

    Signature Algorithm: sha256WithRSAEncryption
         39:01:d7:4a:28:ed:9d:dc:d7:ec:89:b5:16:ab:86:ce:8f:a9:
         e4:f1:47:d5:80:09:ca:70:19:c8:f0:78:c3:74:11:53:4e:86:
         6d:5c:8b:ee:93:20:fe:47:a9:92:ea:8c:92:97:f0:ed:e1:c1:
         39:e9:cc:b6:b7:98:e7:de:c0:a4:1b:88:0b:35:a4:0e:9b:c6:
         5e:db:d5:51:c3:a4:a9:87:14:66:48:b5:d9:38:5c:e7:23:73:
         01:82:ac:73:88:92:c5:63:e9:98:dc:35:ff:80:6d:05:71:78:
         31:f0:e5:bf:20:c2:f9:34:42:b9:80:cd:d0:72:35:1e:ba:5a:
         51:70:95:15:d7:33:77:4c:84:f9:2e:53:f3:4a:72:87:9b:53:
         49:77:b9:27:d1:40:cd:73:96:6c:67:7b:13:6c:8d:16:ad:7b:
         cb:3f:c3:bc:d1:70:fd:92:f4:4a:58:6c:2a:4e:17:76:a6:2e:
         85:80:f0:eb:d4:82:ff:3c:ff:17:04:d3:14:9a:5f:81:64:7f:
         c3:69:14:d4:08:a8:c6:f5:d6:2f:58:85:8c:05:8a:f6:5f:48:
         c6:f4:79:9e:8a:52:3e:d3:6a:60:87:43:96:95:6c:cd:32:57:
         73:e1:3b:3f:e8:d3:da:52:a0:77:dc:f1:91:6a:98:69:27:82:
         2e:e8:f5:a1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYuJ+u3YYF0/ckekp39QJCVRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMxMTAxMDgyMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWM3YzEzNDQ5ZjQ3MWNjZmJmYTkxYjUzODEyNGE5ZjMyMWZjNWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0+ng4bR4R6dR6Dvegdl6YO/sbDY
3v11JLeMSR2Kkdt5ToYugNJpbufwT35TkuLdvNiXVSrvbfSeXmteH2wP5e2qajtb
81dy7e0Qgrgt6Q/TxIKfHVK0zziU6ke7bl3M8m0WxR3gGUw0PRyHGckm8YPSaD3I
UwSIn7C7ayugiWBFgVi+5Pf5czlRpS9IAgW1mZq7R/3wWvipGTqRodCrFD93+Oub
yJMtiVljvzGlWjeE1HNM/ntvvVf2yXhpOQmcL6xuAOcYQdS76WVEosEoR2+g3Ytl
pdrxbHSZMEQxxcKafGJVrV80gaxl4xzhxzaY7NWlqN3bKN9lZHN9kj68dQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFA7HwTRJ9HHM+/qRtTgSSp8yH8XBMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvRHNmQk5FbjBjY3o3LXBHMU9CSktueklmeGNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg9vwTAN
BgkqhkiG9w0BAQsFAAOCAQEAOQHXSijtndzX7Im1FquGzo+p5PFH1YAJynAZyPB4
w3QRU06GbVyL7pMg/kepkuqMkpfw7eHBOenMtreY597ApBuICzWkDpvGXtvVUcOk
qYcUZki12Thc5yNzAYKsc4iSxWPpmNw1/4BtBXF4MfDlvyDC+TRCuYDN0HI1Hrpa
UXCVFdczd0yE+S5T80pyh5tTSXe5J9FAzXOWbGd7E2yNFq17yz/DvNFw/ZL0Slhs
Kk4XdqYuhYDw69SC/zz/FwTTFJpfgWR/w2kU1AioxvXWL1iFjAWK9l9IxvR5nopS
PtNqYIdDlpVszTJXc+E7P+jT2lKgd9zxkWqYaSeCLuj1oQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org