Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/mQalTo2LGIgukpwbjTlLBUYU8NI.roa
File:                     mQalTo2LGIgukpwbjTlLBUYU8NI.roa (raw, json)
Hash identifier:          jA1EyyrHvuNWq+IOxvX4hVr/yiFHYEVzRxbR1vqvFrc=
Subject key identifier:   99:06:A5:4E:8D:8B:18:88:2E:92:9C:1B:8D:39:4B:05:46:14:F0:D2
Certificate issuer:       /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial:       018854632A0EB29F14277429FA20CBFEAAC5
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/mQalTo2LGIgukpwbjTlLBUYU8NI.roa
Signing time:             Thu 25 May 2023 19:29:24 +0000
ROA not before:           Thu 25 May 2023 19:29:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60389
IP address blocks:        2a0f:6fc7::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:54:63:2a:0e:b2:9f:14:27:74:29:fa:20:cb:fe:aa:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
        Validity
            Not Before: May 25 19:29:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9906a54e8d8b18882e929c1b8d394b054614f0d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:61:a9:92:1c:44:6a:19:4c:2c:df:f6:da:83:
                    e1:92:8f:f9:10:4d:b5:c9:df:b4:d6:27:2c:cb:2d:
                    c4:c9:22:33:ab:f0:34:c4:0b:3f:23:56:ab:1e:f3:
                    ca:8d:59:32:69:9e:f6:b9:f4:0b:f5:f7:95:e7:cc:
                    e8:20:fa:cc:fe:1a:ee:7d:44:92:fd:1d:41:fc:17:
                    3c:51:4d:bc:db:13:57:ee:46:f0:ea:eb:c5:52:f0:
                    28:ca:98:6d:db:da:37:98:47:95:cc:61:97:7a:4e:
                    eb:03:ff:f1:48:f6:9d:58:3e:09:79:31:16:9f:7b:
                    72:d2:10:a8:83:e8:72:f7:68:f0:d1:08:eb:68:39:
                    12:01:65:c6:ec:cf:2a:b9:71:fa:d2:e1:01:c5:69:
                    b8:a4:d6:b3:e9:cb:47:3a:43:60:14:d8:db:b6:cb:
                    c5:d4:6c:f4:b7:cd:26:66:26:1c:7b:3b:4d:e5:24:
                    e3:10:d9:aa:78:7c:4b:24:45:fc:f9:1e:25:be:18:
                    cb:c8:d0:3c:46:7d:2e:d6:ed:d0:e1:32:f9:cf:6d:
                    5d:4d:2a:9c:85:5a:b2:64:b0:10:82:4a:be:69:3a:
                    24:8d:36:0f:ec:9b:d0:35:fb:e8:6b:a1:26:d3:75:
                    ad:1c:09:45:3d:4a:fe:c2:6e:e2:9a:6f:b6:af:c8:
                    ef:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:06:A5:4E:8D:8B:18:88:2E:92:9C:1B:8D:39:4B:05:46:14:F0:D2
            X509v3 Authority Key Identifier:
                keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/mQalTo2LGIgukpwbjTlLBUYU8NI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:6fc7::/32

    Signature Algorithm: sha256WithRSAEncryption
         08:11:50:ea:3d:b2:aa:b9:5a:c5:fc:63:99:a5:fd:39:46:08:
         46:d0:2a:1a:73:31:9b:2d:dc:4a:57:45:56:1f:70:c2:01:1c:
         91:ae:1d:99:1b:b3:87:5a:13:7e:59:33:8f:be:c8:62:c5:a5:
         2d:2b:38:21:cf:ee:c3:91:73:0b:b0:54:f6:20:7c:de:c6:63:
         20:7d:47:22:7c:0f:09:d9:45:51:de:5e:ae:b6:d6:8a:4c:76:
         f3:08:a6:a5:7b:31:12:8d:b5:51:2d:5a:31:65:ec:b2:35:70:
         5a:54:db:49:01:0a:e3:ad:92:50:88:eb:61:c7:71:c0:96:8b:
         d2:70:2f:1b:9a:05:21:40:45:87:b2:18:1a:5d:df:cb:4d:45:
         ef:78:55:fa:6f:bd:44:cb:21:41:26:12:26:c0:1b:22:46:f7:
         53:eb:77:27:9c:7e:62:5a:35:81:81:f7:c6:7d:a0:e6:be:9c:
         9e:ec:ca:aa:61:6a:76:77:75:65:ae:dd:4b:0a:76:37:24:cf:
         fe:8f:16:55:8b:49:8c:26:07:22:45:0f:06:e1:81:51:e8:bd:
         2e:22:b4:a6:b3:00:b0:49:97:d1:bd:f0:4b:c2:26:fa:01:74:
         4b:ff:2a:46:78:2a:92:d3:4a:dd:ce:26:40:43:0e:18:aa:ea:
         17:6f:24:5f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYhUYyoOsp8UJ3Qp+iDL/qrFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwNTI1MTkyOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTA2YTU0ZThkOGIxODg4MmU5MjljMWI4ZDM5NGIwNTQ2MTRmMGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGGpkhxEahlMLN/22oPhko/5EE21
yd+01icsyy3EySIzq/A0xAs/I1arHvPKjVkyaZ72ufQL9feV58zoIPrM/hrufUSS
/R1B/Bc8UU282xNX7kbw6uvFUvAoypht29o3mEeVzGGXek7rA//xSPadWD4JeTEW
n3ty0hCog+hy92jw0QjraDkSAWXG7M8quXH60uEBxWm4pNaz6ctHOkNgFNjbtsvF
1Gz0t80mZiYceztN5STjENmqeHxLJEX8+R4lvhjLyNA8Rn0u1u3Q4TL5z21dTSqc
hVqyZLAQgkq+aTokjTYP7JvQNfvoa6Em03WtHAlFPUr+wm7imm+2r8jvHwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJkGpU6NixiILpKcG405SwVGFPDSMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvbVFhbFRvMkxHSWd1a3B3YmpUbExCVVlVOE5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg9vxzAN
BgkqhkiG9w0BAQsFAAOCAQEACBFQ6j2yqrlaxfxjmaX9OUYIRtAqGnMxmy3cSldF
Vh9wwgEcka4dmRuzh1oTflkzj77IYsWlLSs4Ic/uw5FzC7BU9iB83sZjIH1HInwP
CdlFUd5errbWikx28wimpXsxEo21US1aMWXssjVwWlTbSQEK462SUIjrYcdxwJaL
0nAvG5oFIUBFh7IYGl3fy01F73hV+m+9RMshQSYSJsAbIkb3U+t3J5x+Ylo1gYH3
xn2g5r6cnuzKqmFqdnd1Za7dSwp2NyTP/o8WVYtJjCYHIkUPBuGBUei9LiK0prMA
sEmX0b3wS8Im+gF0S/8qRngqktNK3c4mQEMOGKrqF28kXw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org