Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/TozxA6129UmHDJTRyGfQVh5FZM4.roa
File:                     TozxA6129UmHDJTRyGfQVh5FZM4.roa (raw, json)
Hash identifier:          8yqEBry47X7x24wrWvjMsFiyoWLDweyMEwOfW31BLxI=
Subject key identifier:   4E:8C:F1:03:AD:76:F5:49:87:0C:94:D1:C8:67:D0:56:1E:45:64:CE
Certificate issuer:       /CN=ee31367df6d1861071c92bae726523326f45ba2a
Certificate serial:       01856FA71B70FDB5AA0A5A20DE0550B6DC6B
Authority key identifier: EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/TozxA6129UmHDJTRyGfQVh5FZM4.roa
Signing time:             Sun 01 Jan 2023 23:25:00 +0000
ROA not before:           Sun 01 Jan 2023 23:25:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207960
IP address blocks:        2a0e:1cc1::/40 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:a7:1b:70:fd:b5:aa:0a:5a:20:de:05:50:b6:dc:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee31367df6d1861071c92bae726523326f45ba2a
        Validity
            Not Before: Jan  1 23:25:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4e8cf103ad76f549870c94d1c867d0561e4564ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:c4:ca:4f:ac:54:0d:26:91:0a:96:bf:2b:db:
                    1c:3a:ef:9d:da:b9:7f:4d:0c:58:ce:99:52:2d:a4:
                    fb:78:90:5c:85:42:3b:cb:bf:73:f2:17:66:07:08:
                    6e:36:5e:0f:5f:32:45:6b:f8:af:63:03:dd:c7:59:
                    24:2e:d2:ae:0e:bc:ba:06:7e:97:9c:6b:f2:76:8c:
                    92:ab:18:3e:43:68:62:ad:0d:be:05:3c:d8:79:81:
                    e4:b5:c8:6c:be:6a:ef:ff:64:72:76:84:14:63:92:
                    b2:f9:ce:50:37:a6:51:7c:da:21:9e:e3:b0:bc:48:
                    eb:e7:49:fc:ea:87:e8:95:31:67:c7:65:ab:62:1a:
                    89:b6:4c:03:32:d6:63:52:c2:f8:ce:ec:af:5e:b1:
                    a6:20:86:24:a8:4a:80:fb:ec:5e:6b:27:b0:8c:e8:
                    b7:c8:e1:ad:09:ce:52:45:b1:b5:ce:33:b0:fc:1e:
                    02:56:f2:9c:0b:1e:37:7d:60:4d:44:70:20:89:6b:
                    2a:73:e7:bf:e1:3c:97:93:3b:f3:7f:54:96:d8:4c:
                    57:43:bc:77:ff:f6:f2:a7:81:72:a4:ce:0e:fa:f5:
                    ee:67:ca:57:44:1e:81:72:e0:62:3d:c0:51:ca:72:
                    f0:79:a0:5b:4c:c2:2a:c6:8c:0a:b0:f8:52:ca:9e:
                    39:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:8C:F1:03:AD:76:F5:49:87:0C:94:D1:C8:67:D0:56:1E:45:64:CE
            X509v3 Authority Key Identifier:
                keyid:EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/TozxA6129UmHDJTRyGfQVh5FZM4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/7jE2ffbRhhBxySuucmUjMm9Fuio.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:1cc1::/40

    Signature Algorithm: sha256WithRSAEncryption
         7a:f8:55:fc:80:7f:8a:81:95:89:08:09:8e:54:04:46:8e:d0:
         1b:ba:d7:46:59:ec:00:bf:ff:00:4a:24:90:53:63:c6:44:c9:
         88:ba:99:01:4b:3d:ac:d5:ed:5b:f9:c9:e9:62:02:86:2a:be:
         d4:b4:2b:e0:3e:1a:53:dd:d2:28:8b:cd:df:5d:a5:91:6c:51:
         9e:af:02:05:47:0a:8a:c3:89:3c:35:1f:2f:fc:b6:9c:d6:25:
         cf:72:e0:db:77:bc:56:b4:bf:86:2d:ee:4e:d1:56:af:7c:63:
         1c:de:8f:3d:03:7e:29:ce:20:84:c5:79:a4:1e:07:ff:dd:76:
         65:b2:37:ac:3e:0e:19:4c:c6:f0:5d:87:4a:a2:f4:07:77:25:
         4c:ab:a5:18:e9:8a:17:16:ac:ba:b9:7e:61:60:16:2b:5b:1a:
         f5:7f:9a:5f:23:6d:d9:ca:5d:11:44:37:60:d3:e9:4f:5e:b2:
         7f:cf:89:41:e4:5d:5c:09:5f:4d:4e:3b:04:37:07:7d:dc:2e:
         61:70:d0:97:1e:64:83:d1:e8:11:3f:3e:ff:c8:6b:7a:fc:ca:
         36:35:c1:8a:de:1f:ed:6a:70:47:ff:8d:7f:89:45:c8:d5:30:
         26:cf:ac:ee:47:e0:88:b1:23:bc:68:5d:37:d0:fa:db:a2:e1:
         81:99:93:32
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVvpxtw/bWqClog3gVQttxrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMzEzNjdkZjZkMTg2MTA3MWM5MmJhZTcyNjUyMzMyNmY0
NWJhMmEwHhcNMjMwMTAxMjMyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZThjZjEwM2FkNzZmNTQ5ODcwYzk0ZDFjODY3ZDA1NjFlNDU2NGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcTKT6xUDSaRCpa/K9scOu+d2rl/
TQxYzplSLaT7eJBchUI7y79z8hdmBwhuNl4PXzJFa/ivYwPdx1kkLtKuDry6Bn6X
nGvydoySqxg+Q2hirQ2+BTzYeYHktchsvmrv/2RydoQUY5Ky+c5QN6ZRfNohnuOw
vEjr50n86ofolTFnx2WrYhqJtkwDMtZjUsL4zuyvXrGmIIYkqEqA++xeayewjOi3
yOGtCc5SRbG1zjOw/B4CVvKcCx43fWBNRHAgiWsqc+e/4TyXkzvzf1SW2ExXQ7x3
//byp4FypM4O+vXuZ8pXRB6BcuBiPcBRynLweaBbTMIqxowKsPhSyp45EwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFE6M8QOtdvVJhwyU0chn0FYeRWTOMB8GA1UdIwQY
MBaAFO4xNn320YYQcckrrnJlIzJvRboqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2pFMmZmYlJoaEJ4eVN1dWNtVWpNbTlGdWlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xYmI0ZGQtZTljNC00ZDNkLTlhM2It
MTE1OWRiZmJlZDU0LzEvVG96eEE2MTI5VW1IREpUUnlHZlFWaDVGWk00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xYmI0ZGQtZTljNC00ZDNkLTlhM2ItMTE1OWRiZmJlZDU0
LzEvN2pFMmZmYlJoaEJ4eVN1dWNtVWpNbTlGdWlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg4cwQAw
DQYJKoZIhvcNAQELBQADggEBAHr4VfyAf4qBlYkICY5UBEaO0Bu610ZZ7AC//wBK
JJBTY8ZEyYi6mQFLPazV7Vv5yeliAoYqvtS0K+A+GlPd0iiLzd9dpZFsUZ6vAgVH
CorDiTw1Hy/8tpzWJc9y4Nt3vFa0v4Yt7k7RVq98Yxzejz0DfinOIITFeaQeB//d
dmWyN6w+DhlMxvBdh0qi9Ad3JUyrpRjpihcWrLq5fmFgFitbGvV/ml8jbdnKXRFE
N2DT6U9esn/PiUHkXVwJX01OOwQ3B33cLmFw0JceZIPR6BE/Pv/Ia3r8yjY1wYre
H+1qcEf/jX+JRcjVMCbPrO5H4IixI7xoXTfQ+tui4YGZkzI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:59 2024 by rpki-client on console-fra.rpki-client.org