Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/AwThM4mfSX94rzlMYkWJ-y1uA8Y.roa
File:                     AwThM4mfSX94rzlMYkWJ-y1uA8Y.roa (raw, json)
Hash identifier:          YODDG4BENpYVvlM2a83aGUjYUf3SUjF2zulSY8r7DXI=
Subject key identifier:   03:04:E1:33:89:9F:49:7F:78:AF:39:4C:62:45:89:FB:2D:6E:03:C6
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       018653A340F69E7BAFFD278FB4630B44B8DA
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/AwThM4mfSX94rzlMYkWJ-y1uA8Y.roa
Signing time:             Wed 15 Feb 2023 05:54:13 +0000
ROA not before:           Wed 15 Feb 2023 05:54:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211027
IP address blocks:        2a11:200:2000::/36 maxlen: 36

Validation:               Failed, certificate revoked on Tue 28 Mar 2023 08:30:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:53:a3:40:f6:9e:7b:af:fd:27:8f:b4:63:0b:44:b8:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Feb 15 05:54:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0304e133899f497f78af394c624589fb2d6e03c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:dc:3f:fc:fc:d3:8b:45:b2:70:fd:c2:cc:7c:
                    ee:09:7d:d3:c5:45:65:6d:fd:5b:62:ac:1a:a9:1d:
                    4b:45:15:d4:69:a7:de:fa:f3:37:e6:36:f8:f4:34:
                    41:aa:1e:ea:4a:0b:94:eb:f3:4e:b1:1c:9a:43:0b:
                    65:a2:e8:83:b5:c9:88:03:23:84:88:31:9f:1d:e3:
                    e4:57:6a:2b:08:1b:dc:6a:5a:ea:d4:2d:fb:1f:63:
                    af:3b:3a:c8:bc:9b:28:3f:65:ae:30:d2:c4:01:c9:
                    a0:bd:19:ab:06:70:da:39:7c:cf:65:bb:1d:04:fd:
                    f0:78:ec:ce:fd:e0:85:c8:ad:7f:60:43:93:88:25:
                    ae:80:9a:82:b8:11:36:8b:e3:8c:33:8f:9d:87:96:
                    43:92:1b:60:e6:c2:f6:95:18:3f:12:77:cb:83:9b:
                    8d:c1:e0:8c:f2:68:e2:84:3a:40:b7:3f:02:0e:82:
                    b6:77:42:8c:05:7c:62:ec:31:30:ce:17:26:5f:18:
                    12:6a:60:08:30:1b:a0:1b:36:67:f3:9f:bc:e7:b2:
                    09:e3:c4:af:62:0e:8b:06:00:9d:9d:9c:3c:3a:26:
                    1c:15:7e:4c:30:5e:60:41:f0:55:4d:4e:ff:7d:64:
                    f4:9a:fa:44:da:0f:24:5f:41:c3:bb:9a:46:62:d7:
                    0b:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:04:E1:33:89:9F:49:7F:78:AF:39:4C:62:45:89:FB:2D:6E:03:C6
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/AwThM4mfSX94rzlMYkWJ-y1uA8Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:200:2000::/36

    Signature Algorithm: sha256WithRSAEncryption
         52:55:04:95:b6:63:e2:7f:41:89:3a:91:9b:15:34:52:6d:81:
         69:e2:b0:ef:54:e3:a4:49:80:2b:fc:fd:df:89:61:f9:77:17:
         ef:ed:4d:68:ed:df:c6:1b:24:76:c6:fc:55:bf:88:ee:2d:05:
         f2:69:2d:03:19:fc:98:d9:cf:62:ea:a1:0e:e2:7f:49:bc:41:
         7c:49:19:6c:fd:d5:a1:7e:6d:5c:f0:95:45:61:a6:6d:07:f1:
         5d:b5:15:bb:f8:41:89:2d:ed:3a:39:68:fa:13:1e:bc:53:be:
         3c:93:ea:75:3d:24:14:b6:79:c4:2b:2a:43:b5:0c:5c:90:71:
         aa:e7:ba:47:21:cf:24:c8:1c:f0:68:94:85:c6:f9:f5:ce:b0:
         22:d5:ed:1c:ce:cb:23:73:1e:16:c1:1c:8a:41:42:4f:ba:00:
         ec:65:d1:20:b4:4a:f3:f8:cb:6e:bb:62:e7:52:9c:68:4b:a7:
         b6:0f:6e:da:e3:5b:4f:37:16:02:7b:3d:10:80:a8:9d:55:1a:
         8a:52:ad:ac:7c:0a:93:36:4a:ac:c3:23:b2:f7:b6:92:ef:ce:
         ca:7b:09:87:2a:a7:9a:dd:f9:ec:a2:46:68:8b:66:a5:26:58:
         d5:09:38:68:b5:61:7f:89:de:bc:ae:30:d3:6c:42:1e:71:e7:
         eb:10:9f:ae
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYZTo0D2nnuv/SePtGMLRLjaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwMjE1MDU1NDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzA0ZTEzMzg5OWY0OTdmNzhhZjM5NGM2MjQ1ODlmYjJkNmUwM2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNw//PzTi0WycP3CzHzuCX3TxUVl
bf1bYqwaqR1LRRXUaafe+vM35jb49DRBqh7qSguU6/NOsRyaQwtlouiDtcmIAyOE
iDGfHePkV2orCBvcalrq1C37H2OvOzrIvJsoP2WuMNLEAcmgvRmrBnDaOXzPZbsd
BP3weOzO/eCFyK1/YEOTiCWugJqCuBE2i+OMM4+dh5ZDkhtg5sL2lRg/EnfLg5uN
weCM8mjihDpAtz8CDoK2d0KMBXxi7DEwzhcmXxgSamAIMBugGzZn85+857IJ48Sv
Yg6LBgCdnZw8OiYcFX5MMF5gQfBVTU7/fWT0mvpE2g8kX0HDu5pGYtcLTwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFAME4TOJn0l/eK85TGJFifstbgPGMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvQXdUaE00bWZTWDk0cnpsTVlrV0oteTF1QThZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKhECACAw
DQYJKoZIhvcNAQELBQADggEBAFJVBJW2Y+J/QYk6kZsVNFJtgWnisO9U46RJgCv8
/d+JYfl3F+/tTWjt38YbJHbG/FW/iO4tBfJpLQMZ/JjZz2LqoQ7if0m8QXxJGWz9
1aF+bVzwlUVhpm0H8V21Fbv4QYkt7To5aPoTHrxTvjyT6nU9JBS2ecQrKkO1DFyQ
carnukchzyTIHPBolIXG+fXOsCLV7RzOyyNzHhbBHIpBQk+6AOxl0SC0SvP4y267
YudSnGhLp7YPbtrjW083FgJ7PRCAqJ1VGopSrax8CpM2SqzDI7L3tpLvzsp7CYcq
p5rd+eyiRmiLZqUmWNUJOGi1YX+J3ryuMNNsQh5x5+sQn64=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:58 2024 by rpki-client on console-ams.rpki-client.org