Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/a3a0igqyb2M_a4o5Np4qC7WhfIY.roa
File:                     a3a0igqyb2M_a4o5Np4qC7WhfIY.roa (raw, json)
Hash identifier:          4HmCE8G6/F6WnBUiK17aAwEod3hVT4rUGegFGVNumaw=
Subject key identifier:   6B:76:B4:8A:0A:B2:6F:63:3F:6B:8A:39:36:9E:2A:0B:B5:A1:7C:86
Certificate issuer:       /CN=3c177b528043a85953fc250f991d9d8020e2810d
Certificate serial:       01856D8AECA23DC0C00A3741CD73A1573168
Authority key identifier: 3C:17:7B:52:80:43:A8:59:53:FC:25:0F:99:1D:9D:80:20:E2:81:0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PBd7UoBDqFlT_CUPmR2dgCDigQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/a3a0igqyb2M_a4o5Np4qC7WhfIY.roa
Signing time:             Sun 01 Jan 2023 13:34:58 +0000
ROA not before:           Sun 01 Jan 2023 13:34:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202572
IP address blocks:        2a0a:2303::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:8a:ec:a2:3d:c0:c0:0a:37:41:cd:73:a1:57:31:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c177b528043a85953fc250f991d9d8020e2810d
        Validity
            Not Before: Jan  1 13:34:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6b76b48a0ab26f633f6b8a39369e2a0bb5a17c86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:36:45:cd:ff:37:12:c2:cc:39:ad:4f:7c:99:
                    e1:11:96:7f:6c:2e:17:ac:32:3f:38:ec:78:a2:b4:
                    2a:7a:57:bb:95:c5:67:e0:e9:99:34:8d:c6:77:b3:
                    1a:d2:1f:73:4f:b3:0a:2b:fb:a8:e1:7a:1f:8a:3e:
                    01:b2:17:3d:da:33:0e:06:13:7f:5a:6c:c2:d6:82:
                    ee:16:c0:4e:79:68:e9:d4:7d:13:14:8d:38:96:71:
                    7a:3d:36:59:e3:48:c9:d0:b2:8c:1c:8e:08:28:31:
                    a8:9f:2a:58:b5:c5:a4:71:42:26:3b:d2:ed:ba:e7:
                    ff:72:0a:57:b4:53:fa:2f:26:52:5c:47:b5:40:ff:
                    0f:5e:3b:5b:2a:fe:9e:98:37:e8:87:4e:6d:9f:dd:
                    00:1d:63:2d:57:f4:f1:5c:7a:ec:1b:d8:1c:e1:51:
                    72:bb:de:50:26:c6:72:8f:f3:b9:27:5d:d3:de:07:
                    73:a9:ee:7f:2f:5b:3b:8b:23:10:15:eb:c7:3a:d0:
                    ec:ad:a1:77:01:f5:3b:76:ba:82:51:db:90:4c:95:
                    1c:3d:b3:d4:67:26:c2:02:3a:60:b0:1d:1d:aa:55:
                    b1:9a:45:53:73:2b:af:a1:35:f2:77:6b:4c:fe:51:
                    ee:e5:e9:86:01:4b:28:e6:39:4d:f5:8f:a9:ff:f8:
                    5b:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:76:B4:8A:0A:B2:6F:63:3F:6B:8A:39:36:9E:2A:0B:B5:A1:7C:86
            X509v3 Authority Key Identifier:
                keyid:3C:17:7B:52:80:43:A8:59:53:FC:25:0F:99:1D:9D:80:20:E2:81:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PBd7UoBDqFlT_CUPmR2dgCDigQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/a3a0igqyb2M_a4o5Np4qC7WhfIY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/PBd7UoBDqFlT_CUPmR2dgCDigQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:2303::/32

    Signature Algorithm: sha256WithRSAEncryption
         1e:23:38:16:db:cf:1a:72:17:11:3d:ce:29:79:2a:ab:6c:8c:
         d3:e1:af:93:71:e0:2b:82:23:a1:39:f5:ee:06:97:fc:da:b2:
         df:a9:c2:7b:3b:f7:95:29:bb:37:3c:65:26:77:44:31:9e:64:
         74:1d:ae:c0:64:86:50:32:ee:76:ee:63:52:03:9b:b7:ca:76:
         4d:6d:31:dd:a2:49:4d:70:6b:27:14:71:8b:46:bc:74:ee:bf:
         f4:42:07:a3:67:5d:f6:cc:34:b6:47:3b:24:85:c9:fb:17:50:
         fe:40:db:a3:93:93:93:94:71:39:c5:75:b3:06:c1:74:b5:29:
         ac:aa:7e:f6:26:21:f6:e6:5a:0a:cc:60:2c:fe:1e:03:9a:7c:
         c5:c9:94:26:91:b0:40:a8:9c:3d:9a:f4:1a:5a:4c:58:e1:6e:
         38:e5:01:dd:1d:94:a0:60:ce:a7:e0:60:5b:d2:9c:45:2f:f8:
         62:e0:dc:81:6d:46:e6:52:bb:54:42:4f:09:16:93:48:e0:1a:
         5b:30:11:e2:d3:f0:1c:b2:a2:02:ed:66:2d:3f:c5:40:36:eb:
         5f:78:e2:9c:eb:c4:10:11:dc:13:0b:f0:eb:44:32:b2:20:ff:
         d3:76:79:cf:55:70:1c:c2:e0:b5:da:c4:bd:20:09:54:4d:60:
         ab:68:6d:eb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtiuyiPcDACjdBzXOhVzFoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMTc3YjUyODA0M2E4NTk1M2ZjMjUwZjk5MWQ5ZDgwMjBl
MjgxMGQwHhcNMjMwMTAxMTMzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yjc2YjQ4YTBhYjI2ZjYzM2Y2YjhhMzkzNjllMmEwYmI1YTE3Yzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizZFzf83EsLMOa1PfJnhEZZ/bC4X
rDI/OOx4orQqele7lcVn4OmZNI3Gd7Ma0h9zT7MKK/uo4Xofij4Bshc92jMOBhN/
WmzC1oLuFsBOeWjp1H0TFI04lnF6PTZZ40jJ0LKMHI4IKDGonypYtcWkcUImO9Lt
uuf/cgpXtFP6LyZSXEe1QP8PXjtbKv6emDfoh05tn90AHWMtV/TxXHrsG9gc4VFy
u95QJsZyj/O5J13T3gdzqe5/L1s7iyMQFevHOtDsraF3AfU7drqCUduQTJUcPbPU
ZybCAjpgsB0dqlWxmkVTcyuvoTXyd2tM/lHu5emGAUso5jlN9Y+p//hbzwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGt2tIoKsm9jP2uKOTaeKgu1oXyGMB8GA1UdIwQY
MBaAFDwXe1KAQ6hZU/wlD5kdnYAg4oENMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEJkN1VvQkRxRmxUX0NVUG1SMmRnQ0RpZ1EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81ZWQ1MjUtM2YzNy00YzcwLWEyZWMt
YTQxNTFiNWUyZmNmLzEvYTNhMGlncXliMk1fYTRvNU5wNHFDN1doZklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81ZWQ1MjUtM2YzNy00YzcwLWEyZWMtYTQxNTFiNWUyZmNm
LzEvUEJkN1VvQkRxRmxUX0NVUG1SMmRnQ0RpZ1EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgojAzAN
BgkqhkiG9w0BAQsFAAOCAQEAHiM4FtvPGnIXET3OKXkqq2yM0+Gvk3HgK4IjoTn1
7gaX/Nqy36nCezv3lSm7NzxlJndEMZ5kdB2uwGSGUDLudu5jUgObt8p2TW0x3aJJ
TXBrJxRxi0a8dO6/9EIHo2dd9sw0tkc7JIXJ+xdQ/kDbo5OTk5RxOcV1swbBdLUp
rKp+9iYh9uZaCsxgLP4eA5p8xcmUJpGwQKicPZr0GlpMWOFuOOUB3R2UoGDOp+Bg
W9KcRS/4YuDcgW1G5lK7VEJPCRaTSOAaWzAR4tPwHLKiAu1mLT/FQDbrX3jinOvE
EBHcEwvw60QysiD/03Z5z1VwHMLgtdrEvSAJVE1gq2ht6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:12 2024 by rpki-client on console-ams.rpki-client.org