Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e403aa-7fa5-4d96-b49f-6cf165239bd9/1/I1f3iij3kXc6lEYtZQ5oVAecP28.roa
File:                     I1f3iij3kXc6lEYtZQ5oVAecP28.roa (raw, json)
Hash identifier:          8xNKuCjUp1/tEqw+LN0DG2NcDP27kH63JA8n4tMDCgE=
Subject key identifier:   23:57:F7:8A:28:F7:91:77:3A:94:46:2D:65:0E:68:54:07:9C:3F:6F
Certificate issuer:       /CN=cd963dd01ec80de9e138c9de44a36d48f06b93fd
Certificate serial:       0185727124AB2E5AD89FFBE79F1622720C9A
Authority key identifier: CD:96:3D:D0:1E:C8:0D:E9:E1:38:C9:DE:44:A3:6D:48:F0:6B:93:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zZY90B7IDenhOMneRKNtSPBrk_0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/e403aa-7fa5-4d96-b49f-6cf165239bd9/1/I1f3iij3kXc6lEYtZQ5oVAecP28.roa
Signing time:             Mon 02 Jan 2023 12:24:55 +0000
ROA not before:           Mon 02 Jan 2023 12:24:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29119
IP address blocks:        2a12:96c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Wed 15 Mar 2023 12:25:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:71:24:ab:2e:5a:d8:9f:fb:e7:9f:16:22:72:0c:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd963dd01ec80de9e138c9de44a36d48f06b93fd
        Validity
            Not Before: Jan  2 12:24:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2357f78a28f791773a94462d650e6854079c3f6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:6b:ef:08:ee:5a:ea:da:cf:c2:a4:4b:a8:0e:
                    b2:6d:66:9b:ca:37:08:22:5c:9a:d7:42:30:6a:c6:
                    b3:53:ba:5d:ce:15:45:3b:3d:da:24:c1:10:4e:be:
                    e3:3c:f5:98:4d:37:d3:ff:b0:f6:b5:c8:6e:ba:e1:
                    25:13:e5:31:bc:ee:92:34:ad:ca:b8:44:f1:c1:05:
                    25:c4:c0:86:c1:7b:ce:a1:eb:be:89:5c:c3:7e:b9:
                    9e:b4:f3:9e:5c:45:91:aa:34:2b:ea:bc:bd:9a:e5:
                    d7:f4:5b:c1:ea:73:58:b6:b8:73:d7:d4:a6:ac:3c:
                    09:29:57:2d:3e:47:e8:d4:aa:8a:bd:5c:3f:7f:00:
                    23:e2:a0:87:c5:56:ad:96:65:e1:09:59:eb:a1:b1:
                    0d:cc:ec:72:8b:37:fb:12:81:d8:16:eb:03:80:8b:
                    1e:4f:ed:f9:01:c1:95:b6:c1:e3:1b:fb:9b:db:42:
                    6b:02:1f:30:df:69:a5:24:e7:1a:c4:74:7f:45:38:
                    76:e8:19:30:94:33:08:8d:ec:4c:83:e0:d6:a5:4d:
                    1f:68:2f:d2:fa:d0:b3:c4:9b:85:dd:87:ec:97:2e:
                    06:3c:69:51:5f:74:96:03:82:42:c5:9e:93:46:1f:
                    47:43:26:54:74:bd:be:30:62:f9:7d:e8:ad:d3:01:
                    10:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:57:F7:8A:28:F7:91:77:3A:94:46:2D:65:0E:68:54:07:9C:3F:6F
            X509v3 Authority Key Identifier:
                keyid:CD:96:3D:D0:1E:C8:0D:E9:E1:38:C9:DE:44:A3:6D:48:F0:6B:93:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zZY90B7IDenhOMneRKNtSPBrk_0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e403aa-7fa5-4d96-b49f-6cf165239bd9/1/I1f3iij3kXc6lEYtZQ5oVAecP28.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e403aa-7fa5-4d96-b49f-6cf165239bd9/1/zZY90B7IDenhOMneRKNtSPBrk_0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:96c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         0d:bf:c1:49:7d:31:79:92:de:2e:53:b3:70:e3:be:ee:39:7d:
         71:25:1a:09:72:00:e2:a7:ec:a6:77:39:51:12:5c:af:02:c9:
         35:5d:52:9e:86:15:39:f9:a5:6a:22:8b:f6:64:d0:0f:cc:24:
         20:9d:dd:68:9b:ed:ea:a4:c3:56:7c:34:48:db:13:78:fc:7b:
         78:dc:cc:74:29:cd:c2:c3:9b:ec:c2:ae:f6:78:64:d2:b2:86:
         6e:66:41:67:58:f5:8d:02:0d:d9:2f:76:61:4d:7d:ed:3e:c6:
         7f:f2:e4:61:66:c4:6b:65:65:a0:c3:22:8e:62:b9:83:a3:8a:
         cc:2f:ba:13:70:2d:6a:e3:48:76:91:47:f2:80:bc:c3:61:2a:
         0c:f7:46:f8:a5:f7:55:e9:e2:ea:a6:8a:ba:e4:e9:1f:03:dc:
         86:e7:0e:61:f5:19:9c:a1:ac:87:ad:4f:92:07:ae:ab:67:ea:
         6a:57:33:92:93:24:b6:94:20:4e:32:43:27:9c:2e:1f:8c:51:
         5a:b2:cb:25:ff:68:44:0c:7f:0a:a0:37:90:ac:18:37:aa:f1:
         52:9f:96:2d:21:b2:69:ae:1a:72:07:33:c7:ae:7a:3d:ae:c0:
         16:c5:64:2f:96:6c:d7:b4:6c:3f:3b:7b:e9:c0:c3:8c:59:ed:
         7f:ef:cd:b0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVycSSrLlrYn/vnnxYicgyaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkOTYzZGQwMWVjODBkZTllMTM4YzlkZTQ0YTM2ZDQ4ZjA2
YjkzZmQwHhcNMjMwMTAyMTIyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzU3Zjc4YTI4Zjc5MTc3M2E5NDQ2MmQ2NTBlNjg1NDA3OWMzZjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWvvCO5a6trPwqRLqA6ybWabyjcI
Ilya10IwasazU7pdzhVFOz3aJMEQTr7jPPWYTTfT/7D2tchuuuElE+UxvO6SNK3K
uETxwQUlxMCGwXvOoeu+iVzDfrmetPOeXEWRqjQr6ry9muXX9FvB6nNYtrhz19Sm
rDwJKVctPkfo1KqKvVw/fwAj4qCHxVatlmXhCVnrobENzOxyizf7EoHYFusDgIse
T+35AcGVtsHjG/ub20JrAh8w32mlJOcaxHR/RTh26BkwlDMIjexMg+DWpU0faC/S
+tCzxJuF3Yfsly4GPGlRX3SWA4JCxZ6TRh9HQyZUdL2+MGL5feit0wEQAwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCNX94oo95F3OpRGLWUOaFQHnD9vMB8GA1UdIwQY
MBaAFM2WPdAeyA3p4TjJ3kSjbUjwa5P9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelpZOTBCN0lEZW5oT01uZVJLTnRTUEJya18wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lNDAzYWEtN2ZhNS00ZDk2LWI0OWYt
NmNmMTY1MjM5YmQ5LzEvSTFmM2lpajNrWGM2bEVZdFpRNW9WQWVjUDI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lNDAzYWEtN2ZhNS00ZDk2LWI0OWYtNmNmMTY1MjM5YmQ5
LzEvelpZOTBCN0lEZW5oT01uZVJLTnRTUEJya18wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhKWwDAN
BgkqhkiG9w0BAQsFAAOCAQEADb/BSX0xeZLeLlOzcOO+7jl9cSUaCXIA4qfspnc5
URJcrwLJNV1SnoYVOfmlaiKL9mTQD8wkIJ3daJvt6qTDVnw0SNsTePx7eNzMdCnN
wsOb7MKu9nhk0rKGbmZBZ1j1jQIN2S92YU197T7Gf/LkYWbEa2VloMMijmK5g6OK
zC+6E3AtauNIdpFH8oC8w2EqDPdG+KX3Veni6qaKuuTpHwPchucOYfUZnKGsh61P
kgeuq2fqalczkpMktpQgTjJDJ5wuH4xRWrLLJf9oRAx/CqA3kKwYN6rxUp+WLSGy
aa4acgczx656Pa7AFsVkL5Zs17RsPzt76cDDjFntf+/NsA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:53 2024 by rpki-client on console-ams.rpki-client.org