Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/eedbcd-ab18-4ab3-b5dd-e3b0b41e25c5/1/nBbcYv772ozs0HVaG0zi9q-wto0.roa
File:                     nBbcYv772ozs0HVaG0zi9q-wto0.roa (raw, json)
Hash identifier:          glDc5DEcaQXsYoaNJu35I0mM4c4arzu6DCr/8vVjTF8=
Subject key identifier:   9C:16:DC:62:FE:FB:DA:8C:EC:D0:75:5A:1B:4C:E2:F6:AF:B0:B6:8D
Certificate issuer:       /CN=d594e95fa59b52b599dba406d7b76f383ca90fa8
Certificate serial:       01856B255F87FB6C33DEED3247F2005B7B4C
Authority key identifier: D5:94:E9:5F:A5:9B:52:B5:99:DB:A4:06:D7:B7:6F:38:3C:A9:0F:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1ZTpX6WbUrWZ26QG17dvODypD6g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/eedbcd-ab18-4ab3-b5dd-e3b0b41e25c5/1/nBbcYv772ozs0HVaG0zi9q-wto0.roa
Signing time:             Sun 01 Jan 2023 02:24:49 +0000
ROA not before:           Sun 01 Jan 2023 02:24:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208446
IP address blocks:        2a12:7c40::/29 maxlen: 48

Validation:               Failed, certificate revoked on Tue 07 Feb 2023 16:03:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:25:5f:87:fb:6c:33:de:ed:32:47:f2:00:5b:7b:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d594e95fa59b52b599dba406d7b76f383ca90fa8
        Validity
            Not Before: Jan  1 02:24:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9c16dc62fefbda8cecd0755a1b4ce2f6afb0b68d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:ae:f8:5b:16:19:4c:d0:df:43:e8:53:7a:db:
                    8e:01:14:95:ee:58:b2:ea:f9:d4:b7:22:d4:af:ea:
                    8f:dd:1b:09:c1:d0:35:4c:58:2d:4e:86:ce:6a:03:
                    8e:ab:48:17:a8:2c:dc:3d:79:7b:e4:eb:89:2a:e4:
                    22:78:5a:b9:97:b8:90:e8:f1:36:13:6d:2f:ca:17:
                    7d:a9:86:80:31:0b:de:0e:3a:8b:58:94:33:e4:5d:
                    6f:69:da:55:3e:fa:15:ec:70:b1:ad:86:05:0a:5c:
                    6d:a4:62:d0:51:76:f5:16:a3:78:80:68:66:d7:bb:
                    a1:5f:f0:21:ae:79:3f:37:fb:1f:ed:41:0d:1e:44:
                    25:68:15:d0:5f:77:e5:da:39:bc:13:da:42:aa:89:
                    8b:0a:6b:03:01:ac:7f:a8:96:4b:66:d6:a1:e5:ca:
                    da:c4:d0:15:91:ec:85:0b:7e:96:e9:92:19:8f:38:
                    76:58:27:cd:44:87:65:ab:5b:8b:2f:96:62:03:4b:
                    31:8e:42:e2:b7:54:5c:58:67:12:ba:48:84:5c:63:
                    1e:c2:14:fe:8f:b5:c9:b4:f8:66:13:65:f8:5f:6f:
                    e2:6d:19:57:9b:18:7a:17:7b:96:40:14:17:bc:5c:
                    91:a0:87:71:b6:cf:86:53:58:a0:8a:cb:dc:83:68:
                    10:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:16:DC:62:FE:FB:DA:8C:EC:D0:75:5A:1B:4C:E2:F6:AF:B0:B6:8D
            X509v3 Authority Key Identifier:
                keyid:D5:94:E9:5F:A5:9B:52:B5:99:DB:A4:06:D7:B7:6F:38:3C:A9:0F:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ZTpX6WbUrWZ26QG17dvODypD6g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/eedbcd-ab18-4ab3-b5dd-e3b0b41e25c5/1/nBbcYv772ozs0HVaG0zi9q-wto0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/eedbcd-ab18-4ab3-b5dd-e3b0b41e25c5/1/1ZTpX6WbUrWZ26QG17dvODypD6g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:7c40::/29

    Signature Algorithm: sha256WithRSAEncryption
         8e:d2:8c:77:a8:22:3d:74:e7:92:da:2a:d6:35:e5:83:07:06:
         53:15:43:59:60:3d:3f:b2:53:29:c8:3f:14:fa:23:07:a2:7f:
         b8:d4:84:6b:4e:8b:e0:4c:fd:4a:3c:7c:db:31:2a:d3:54:3c:
         cc:a3:14:d3:69:8d:83:db:63:e9:bd:51:ba:fb:f7:05:82:3f:
         37:a3:f4:2c:59:88:3d:c9:b1:a6:3f:44:b4:1b:19:d0:56:fd:
         70:99:0f:51:ee:8d:d6:40:59:57:79:e3:55:7b:c9:ae:3e:0b:
         4e:bc:12:a3:f4:33:fa:43:a2:9a:3b:89:c3:62:64:28:38:36:
         2c:5e:84:99:b3:48:50:23:73:08:8f:27:ad:5e:fb:e3:79:11:
         a1:7a:9e:a6:36:dd:98:1a:95:d4:94:b4:66:a5:2f:80:a5:40:
         a8:09:a1:f7:d6:ea:5e:5d:23:d5:02:72:41:98:7e:4e:d4:18:
         c8:df:d9:02:50:17:e9:38:ac:8c:13:4f:b7:c6:1a:9d:6a:e2:
         bc:20:52:6a:71:65:c0:20:ef:4d:7e:fc:6d:e9:3f:86:b6:cd:
         6e:3e:78:ef:99:27:ed:81:14:d5:3c:34:51:06:0c:73:c5:af:
         2d:d3:af:8f:da:4a:eb:b5:ed:df:6a:cc:fe:cb:6e:11:b4:52:
         34:76:be:c2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVrJV+H+2wz3u0yR/IAW3tMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1OTRlOTVmYTU5YjUyYjU5OWRiYTQwNmQ3Yjc2ZjM4M2Nh
OTBmYTgwHhcNMjMwMTAxMDIyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzE2ZGM2MmZlZmJkYThjZWNkMDc1NWExYjRjZTJmNmFmYjBiNjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlq74WxYZTNDfQ+hTetuOARSV7liy
6vnUtyLUr+qP3RsJwdA1TFgtTobOagOOq0gXqCzcPXl75OuJKuQieFq5l7iQ6PE2
E20vyhd9qYaAMQveDjqLWJQz5F1vadpVPvoV7HCxrYYFClxtpGLQUXb1FqN4gGhm
17uhX/Ahrnk/N/sf7UENHkQlaBXQX3fl2jm8E9pCqomLCmsDAax/qJZLZtah5cra
xNAVkeyFC36W6ZIZjzh2WCfNRIdlq1uLL5ZiA0sxjkLit1RcWGcSukiEXGMewhT+
j7XJtPhmE2X4X2/ibRlXmxh6F3uWQBQXvFyRoIdxts+GU1igisvcg2gQCwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJwW3GL++9qM7NB1WhtM4vavsLaNMB8GA1UdIwQY
MBaAFNWU6V+lm1K1mdukBte3bzg8qQ+oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVpUcFg2V2JVcldaMjZRRzE3ZHZPRHlwRDZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9lZWRiY2QtYWIxOC00YWIzLWI1ZGQt
ZTNiMGI0MWUyNWM1LzEvbkJiY1l2Nzcyb3pzMEhWYUcwemk5cS13dG8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9lZWRiY2QtYWIxOC00YWIzLWI1ZGQtZTNiMGI0MWUyNWM1
LzEvMVpUcFg2V2JVcldaMjZRRzE3ZHZPRHlwRDZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJ8QDAN
BgkqhkiG9w0BAQsFAAOCAQEAjtKMd6giPXTnktoq1jXlgwcGUxVDWWA9P7JTKcg/
FPojB6J/uNSEa06L4Ez9Sjx82zEq01Q8zKMU02mNg9tj6b1Ruvv3BYI/N6P0LFmI
Pcmxpj9EtBsZ0Fb9cJkPUe6N1kBZV3njVXvJrj4LTrwSo/Qz+kOimjuJw2JkKDg2
LF6EmbNIUCNzCI8nrV7743kRoXqepjbdmBqV1JS0ZqUvgKVAqAmh99bqXl0j1QJy
QZh+TtQYyN/ZAlAX6TisjBNPt8YanWrivCBSanFlwCDvTX78bek/hrbNbj5475kn
7YEU1Tw0UQYMc8WvLdOvj9pK67Xt32rM/stuEbRSNHa+wg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:49 2024 by rpki-client on console-ams.rpki-client.org