Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/9CYu419KErj9TUP6RWhpTA-46Jw.roa
File:                     9CYu419KErj9TUP6RWhpTA-46Jw.roa (raw, json)
Hash identifier:          z37HAfQ9RhxDdXuCc/Y2Km9ZGkwi9RrhhcuKl6BiL3s=
Subject key identifier:   F4:26:2E:E3:5F:4A:12:B8:FD:4D:43:FA:45:68:69:4C:0F:B8:E8:9C
Certificate issuer:       /CN=1a9154e1c5578b0fef8abb779f8117e64e884d18
Certificate serial:       018572DF022209A5E63AEA712E220FF44238
Authority key identifier: 1A:91:54:E1:C5:57:8B:0F:EF:8A:BB:77:9F:81:17:E6:4E:88:4D:18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GpFU4cVXiw_virt3n4EX5k6ITRg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/9CYu419KErj9TUP6RWhpTA-46Jw.roa
Signing time:             Mon 02 Jan 2023 14:24:55 +0000
ROA not before:           Mon 02 Jan 2023 14:24:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50832
IP address blocks:        2a12:f3c0::/29 maxlen: 48

Validation:               Failed, certificate revoked on Fri 26 May 2023 18:03:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:df:02:22:09:a5:e6:3a:ea:71:2e:22:0f:f4:42:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a9154e1c5578b0fef8abb779f8117e64e884d18
        Validity
            Not Before: Jan  2 14:24:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f4262ee35f4a12b8fd4d43fa4568694c0fb8e89c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:4e:35:f7:34:80:c4:07:ed:ed:e4:c4:a4:ef:
                    23:66:05:6f:9a:b9:6a:ce:85:aa:cb:eb:b6:c5:59:
                    32:a3:8f:32:fb:45:da:b9:79:91:8f:64:96:52:7f:
                    fb:90:54:54:b3:9c:36:12:9e:2d:36:c0:61:e8:bc:
                    72:00:5c:7c:4f:8e:d1:06:fd:6e:77:53:aa:7e:ce:
                    eb:36:ef:d0:07:f0:bb:e6:18:9b:db:12:22:f9:68:
                    d6:ed:76:8c:42:6b:dd:3d:c3:4c:bd:1c:14:7f:08:
                    b6:16:4c:06:20:7d:6f:da:0a:9c:12:fc:b7:ce:b9:
                    41:bf:94:f1:b9:e1:f8:98:1d:94:a2:a5:e4:9c:af:
                    a1:df:1e:1c:63:0f:56:5d:d7:2a:80:6b:20:6c:f3:
                    5d:90:fc:6b:14:1a:ac:62:dd:6e:2a:3a:a2:76:c9:
                    99:30:c5:e6:ce:16:02:6b:e4:05:65:69:21:8d:a1:
                    9a:82:df:0b:e8:5b:f3:2b:dd:70:00:1e:47:35:9e:
                    68:61:b7:ba:f2:6b:c3:33:68:03:73:f8:b0:f1:39:
                    52:08:bb:63:aa:c0:0f:44:83:38:0d:fe:45:29:95:
                    1e:a8:a2:1b:46:08:17:e0:de:a3:be:da:81:1e:e6:
                    8d:28:3c:9b:a4:75:0e:ba:2e:00:e1:86:7e:a8:ab:
                    a0:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:26:2E:E3:5F:4A:12:B8:FD:4D:43:FA:45:68:69:4C:0F:B8:E8:9C
            X509v3 Authority Key Identifier:
                keyid:1A:91:54:E1:C5:57:8B:0F:EF:8A:BB:77:9F:81:17:E6:4E:88:4D:18

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpFU4cVXiw_virt3n4EX5k6ITRg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/9CYu419KErj9TUP6RWhpTA-46Jw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/GpFU4cVXiw_virt3n4EX5k6ITRg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:f3c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         10:c8:6f:29:bd:88:a5:b8:07:91:23:54:0f:a5:ff:3c:35:1b:
         8e:07:16:20:b7:c3:8e:23:26:b9:5c:b6:74:ff:ff:4a:c9:a3:
         92:ee:9b:e0:a2:16:2b:ed:7f:33:4f:a5:8f:78:6f:45:74:ca:
         e1:b9:b5:3c:74:04:4b:b7:65:13:87:15:a4:2d:41:9a:6c:31:
         64:2c:8e:4a:3b:e5:f1:e4:72:31:21:ac:85:19:5f:6a:ed:ef:
         b5:33:ee:99:51:b1:25:7c:06:21:6f:58:7f:4d:3d:92:e9:2d:
         49:f8:2a:ec:64:c0:de:c4:83:c6:6c:ab:cd:a5:65:c4:0c:cd:
         08:49:c1:92:5f:1e:d6:e0:1d:d7:ac:40:47:ed:eb:bf:a7:10:
         82:29:06:ef:79:d1:da:6f:79:61:1f:d4:81:b3:c0:c0:50:61:
         3f:46:c0:2b:5d:73:8c:3a:f1:96:b5:9f:e7:48:7c:a1:c1:93:
         80:ba:d0:31:c9:5f:d8:25:af:30:11:7c:71:f8:cf:1d:31:23:
         40:c0:2e:c3:15:dc:63:06:10:c3:df:21:33:8e:99:e0:a5:49:
         77:6e:cc:d4:5b:02:79:41:c6:c8:ba:61:10:6f:f5:5d:fa:3b:
         9f:3b:68:8b:e0:f4:1a:13:f6:16:ee:af:71:4d:7c:f4:6b:08:
         e5:a2:75:49
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVy3wIiCaXmOupxLiIP9EI4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhOTE1NGUxYzU1NzhiMGZlZjhhYmI3NzlmODExN2U2NGU4
ODRkMTgwHhcNMjMwMTAyMTQyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDI2MmVlMzVmNGExMmI4ZmQ0ZDQzZmE0NTY4Njk0YzBmYjhlODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7k419zSAxAft7eTEpO8jZgVvmrlq
zoWqy+u2xVkyo48y+0XauXmRj2SWUn/7kFRUs5w2Ep4tNsBh6LxyAFx8T47RBv1u
d1Oqfs7rNu/QB/C75hib2xIi+WjW7XaMQmvdPcNMvRwUfwi2FkwGIH1v2gqcEvy3
zrlBv5TxueH4mB2UoqXknK+h3x4cYw9WXdcqgGsgbPNdkPxrFBqsYt1uKjqidsmZ
MMXmzhYCa+QFZWkhjaGagt8L6FvzK91wAB5HNZ5oYbe68mvDM2gDc/iw8TlSCLtj
qsAPRIM4Df5FKZUeqKIbRggX4N6jvtqBHuaNKDybpHUOui4A4YZ+qKugAQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPQmLuNfShK4/U1D+kVoaUwPuOicMB8GA1UdIwQY
MBaAFBqRVOHFV4sP74q7d5+BF+ZOiE0YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3BGVTRjVlhpd192aXJ0M240RVg1azZJVFJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS81NGJhYzgtYmY1MC00NGQyLWFkNDIt
Mzg4ZDhhZDJhNWJiLzEvOUNZdTQxOUtFcmo5VFVQNlJXaHBUQS00Nkp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS81NGJhYzgtYmY1MC00NGQyLWFkNDItMzg4ZDhhZDJhNWJi
LzEvR3BGVTRjVlhpd192aXJ0M240RVg1azZJVFJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhLzwDAN
BgkqhkiG9w0BAQsFAAOCAQEAEMhvKb2IpbgHkSNUD6X/PDUbjgcWILfDjiMmuVy2
dP//Ssmjku6b4KIWK+1/M0+lj3hvRXTK4bm1PHQES7dlE4cVpC1BmmwxZCyOSjvl
8eRyMSGshRlfau3vtTPumVGxJXwGIW9Yf009kuktSfgq7GTA3sSDxmyrzaVlxAzN
CEnBkl8e1uAd16xAR+3rv6cQgikG73nR2m95YR/UgbPAwFBhP0bAK11zjDrxlrWf
50h8ocGTgLrQMclf2CWvMBF8cfjPHTEjQMAuwxXcYwYQw98hM46Z4KVJd27M1FsC
eUHGyLphEG/1Xfo7nztoi+D0GhP2Fu6vcU189GsI5aJ1SQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:19 2024 by rpki-client on console-fra.rpki-client.org