Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/FtCgiL2KzKKtASUs1Oe_ZiDMLlo.roa
File:                     FtCgiL2KzKKtASUs1Oe_ZiDMLlo.roa (raw, json)
Hash identifier:          /2t90sbdKwtgUSVKj8kjInkGR8uwIXnmGk5ClGkp6Aw=
Subject key identifier:   16:D0:A0:88:BD:8A:CC:A2:AD:01:25:2C:D4:E7:BF:66:20:CC:2E:5A
Certificate issuer:       /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial:       018D4142C64A8AB852AC82A586B3298A60EB
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/FtCgiL2KzKKtASUs1Oe_ZiDMLlo.roa
Signing time:             Thu 25 Jan 2024 15:35:11 +0000
ROA not before:           Thu 25 Jan 2024 15:35:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     45027
IP address blocks:        2a0f:6fc1::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 09 May 2024 19:09:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:41:42:c6:4a:8a:b8:52:ac:82:a5:86:b3:29:8a:60:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
        Validity
            Not Before: Jan 25 15:35:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=16d0a088bd8acca2ad01252cd4e7bf6620cc2e5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:e2:e0:6c:2a:fd:97:14:a5:27:35:cd:ef:24:
                    a4:bb:ea:17:c5:cd:91:54:13:21:75:95:3f:b1:34:
                    f0:53:73:1b:39:db:d9:be:34:e5:12:d0:56:9c:4b:
                    8c:ec:0e:2e:5b:29:97:51:a8:1f:69:94:29:20:84:
                    62:12:1a:48:39:c4:50:86:c8:7a:c3:c4:cb:ce:1e:
                    ea:09:46:b0:1f:43:ca:9a:77:20:4a:6a:2f:a1:ca:
                    2e:a5:f8:3f:79:34:4f:66:4f:93:db:8b:5e:a3:fb:
                    f0:6d:7b:4d:3c:7a:54:eb:6a:9a:26:2a:5c:5b:de:
                    d1:3f:74:b6:e5:3d:4b:aa:14:75:d4:b2:a5:74:fc:
                    75:1c:32:50:73:eb:e8:a7:18:2f:e6:d4:7c:10:53:
                    7c:29:9e:05:80:b2:a8:da:06:50:88:b7:08:3f:7a:
                    4e:4a:54:0c:6b:b4:ec:60:4a:05:24:10:31:07:db:
                    a9:fa:5e:73:77:0a:76:80:4c:20:32:8c:ab:60:8c:
                    0e:9c:29:bf:b0:36:69:d5:ab:81:78:24:54:ff:46:
                    36:7f:c7:1a:35:75:66:70:fb:70:5d:c8:d7:2c:38:
                    3e:e6:96:de:cc:79:c3:3f:64:cb:98:a2:f9:78:ed:
                    93:52:9a:4f:26:bf:d6:84:79:37:06:22:42:2c:b1:
                    64:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:D0:A0:88:BD:8A:CC:A2:AD:01:25:2C:D4:E7:BF:66:20:CC:2E:5A
            X509v3 Authority Key Identifier:
                keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/FtCgiL2KzKKtASUs1Oe_ZiDMLlo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:6fc1::/32

    Signature Algorithm: sha256WithRSAEncryption
         33:c4:28:f0:c2:c3:f2:d2:c7:68:c1:9a:de:40:51:57:0a:1a:
         87:f5:e7:42:b2:e2:4b:87:bf:d7:bd:87:b8:4d:29:ca:c7:fc:
         a6:d1:5b:24:a6:50:75:6b:64:39:da:0c:1e:79:82:c1:de:46:
         7c:8a:8e:f1:e7:00:4e:b8:b7:f4:db:b9:1d:50:dd:c0:db:9d:
         07:f0:c2:69:ce:ed:bf:d7:f4:f9:17:4a:dc:cb:3f:c8:00:1f:
         b7:c9:26:a7:d1:07:bf:14:c1:4b:38:f2:c0:db:aa:ab:21:a4:
         fe:ba:23:29:4a:9c:b4:8d:f3:bf:b2:db:c4:d3:82:9e:de:c6:
         4c:b0:62:5f:56:6b:93:07:34:bf:3d:8d:8e:0a:c4:8d:fc:cf:
         cc:7c:16:b3:6e:c2:13:9a:31:2b:03:16:76:c4:86:a8:e8:9d:
         3f:19:29:df:f3:8b:7d:a8:91:9c:4c:63:2d:c9:23:99:33:0c:
         07:bc:67:08:e2:13:1d:c9:d1:f9:44:0a:a8:45:e2:ff:a4:f3:
         d4:b7:94:be:88:e6:21:ee:af:b1:b3:e5:64:8e:a0:80:26:84:
         02:79:e6:29:27:83:a2:c3:59:03:fa:25:d8:d8:fb:d6:8c:fc:
         51:1b:97:85:ed:42:71:21:03:77:7b:44:20:be:17:0c:f9:c3:
         0e:53:86:5d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY1BQsZKirhSrIKlhrMpimDrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjQwMTI1MTUzNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmQwYTA4OGJkOGFjY2EyYWQwMTI1MmNkNGU3YmY2NjIwY2MyZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+LgbCr9lxSlJzXN7ySku+oXxc2R
VBMhdZU/sTTwU3MbOdvZvjTlEtBWnEuM7A4uWymXUagfaZQpIIRiEhpIOcRQhsh6
w8TLzh7qCUawH0PKmncgSmovocoupfg/eTRPZk+T24teo/vwbXtNPHpU62qaJipc
W97RP3S25T1LqhR11LKldPx1HDJQc+vopxgv5tR8EFN8KZ4FgLKo2gZQiLcIP3pO
SlQMa7TsYEoFJBAxB9up+l5zdwp2gEwgMoyrYIwOnCm/sDZp1auBeCRU/0Y2f8ca
NXVmcPtwXcjXLDg+5pbezHnDP2TLmKL5eO2TUppPJr/WhHk3BiJCLLFkhQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBbQoIi9isyirQElLNTnv2YgzC5aMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvRnRDZ2lMMkt6S0t0QVNVczFPZV9aaURNTGxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg9vwTAN
BgkqhkiG9w0BAQsFAAOCAQEAM8Qo8MLD8tLHaMGa3kBRVwoah/XnQrLiS4e/172H
uE0pysf8ptFbJKZQdWtkOdoMHnmCwd5GfIqO8ecATri39Nu5HVDdwNudB/DCac7t
v9f0+RdK3Ms/yAAft8kmp9EHvxTBSzjywNuqqyGk/rojKUqctI3zv7LbxNOCnt7G
TLBiX1Zrkwc0vz2NjgrEjfzPzHwWs27CE5oxKwMWdsSGqOidPxkp3/OLfaiRnExj
LckjmTMMB7xnCOITHcnR+UQKqEXi/6Tz1LeUvojmIe6vsbPlZI6ggCaEAnnmKSeD
osNZA/ol2Nj71oz8URuXhe1CcSEDd3tEIL4XDPnDDlOGXQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org