Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/oYD2ZEI2ajuJEkrF2ITBLzUEDSI.roa
File:                     oYD2ZEI2ajuJEkrF2ITBLzUEDSI.roa (raw, json)
Hash identifier:          p0+KdSjWnYnInU3ejhff5/aheD+JCB3b5NpqtXg38LE=
Subject key identifier:   A1:80:F6:64:42:36:6A:3B:89:12:4A:C5:D8:84:C1:2F:35:04:0D:22
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       01893BFEEED69E42B381D9FEF0447FE4C9F8
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/oYD2ZEI2ajuJEkrF2ITBLzUEDSI.roa
Signing time:             Sun 09 Jul 2023 18:51:50 +0000
ROA not before:           Sun 09 Jul 2023 18:51:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52000
IP address blocks:        2a0a:2880::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:3b:fe:ee:d6:9e:42:b3:81:d9:fe:f0:44:7f:e4:c9:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Jul  9 18:51:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a180f66442366a3b89124ac5d884c12f35040d22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:da:4f:8c:24:e6:5a:ef:be:bc:0f:65:49:63:
                    e1:20:8e:31:3e:dd:7e:2e:5e:21:b4:46:d7:f0:ce:
                    23:fd:86:20:18:2e:81:da:6e:38:8d:09:d5:ae:57:
                    fe:94:ec:24:0b:a4:7b:95:11:c0:4e:e5:4d:8c:c5:
                    dc:35:2c:35:04:7d:b5:c4:9c:e4:64:67:47:56:3d:
                    26:df:e8:89:a1:4c:27:13:26:f5:93:d5:5e:1f:f3:
                    b2:f9:88:9d:be:18:bd:c5:83:96:1f:9a:20:29:84:
                    84:2f:ea:3e:52:3e:3d:b0:7b:3d:c9:d2:fd:ec:2f:
                    7e:fc:a5:d9:cd:4c:22:4c:89:45:3d:b0:bf:d0:57:
                    af:64:63:2d:f6:a9:4c:ee:a3:bb:87:c6:d1:16:84:
                    3b:47:2b:d4:db:55:6e:d6:1b:76:6b:04:25:fc:7f:
                    51:65:34:b2:92:fc:4e:5d:67:bd:cb:3a:9a:4d:9b:
                    9d:f1:88:8d:ec:82:ac:72:62:b9:f5:dd:46:35:09:
                    8f:3c:9e:5a:d0:69:f5:0a:34:2b:1f:ee:93:26:0f:
                    d2:6c:db:60:f8:84:be:1f:01:55:9d:d1:dc:20:03:
                    53:25:3f:da:89:8f:22:10:c9:03:61:19:3d:b2:b9:
                    74:33:54:bd:f1:34:a9:8c:15:b4:b4:82:ab:6b:4d:
                    c7:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:80:F6:64:42:36:6A:3B:89:12:4A:C5:D8:84:C1:2F:35:04:0D:22
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/oYD2ZEI2ajuJEkrF2ITBLzUEDSI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:2880::/29

    Signature Algorithm: sha256WithRSAEncryption
         ab:d5:83:1a:a8:dc:63:da:a5:99:2d:0b:4b:db:5d:ea:35:6a:
         36:7f:db:3a:e0:83:9b:3c:f3:37:5e:e9:11:42:b7:26:58:a0:
         13:27:a5:83:b8:ad:c0:10:9e:ab:23:f1:ab:e6:3f:cd:4d:2e:
         1f:eb:9a:ad:40:9c:68:9b:62:af:49:16:ab:d3:bf:44:c0:0c:
         f3:4c:20:94:53:06:97:57:0d:8b:11:10:0c:96:3a:03:0f:eb:
         d0:94:43:d0:3f:7f:ad:11:db:c0:1a:29:38:d5:64:8e:25:ac:
         62:29:62:f4:42:00:ef:8b:f8:71:ce:ce:16:b6:2e:b0:d4:cb:
         95:a0:d7:8d:29:72:98:b7:5e:6b:fb:c0:15:ba:6a:d7:93:0c:
         34:d7:24:bf:17:60:ed:df:55:1d:7a:b3:ae:f5:82:5c:a7:e2:
         31:d7:d8:5a:3e:1d:53:b5:68:f9:6c:ed:94:46:73:22:e9:5d:
         2c:fd:3a:c5:6e:37:69:77:68:83:f3:d1:48:53:87:ff:a7:4e:
         ab:e8:87:a3:14:a3:c3:c2:f7:23:29:ba:47:78:01:7b:4a:91:
         87:63:9f:65:11:91:3d:f2:e2:28:8a:44:34:3f:99:20:b2:8b:
         2a:95:eb:53:bc:4b:f2:d0:3c:a5:9f:87:43:b2:1e:94:0c:c1:
         be:be:20:de
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYk7/u7WnkKzgdn+8ER/5Mn4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwNzA5MTg1MTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTgwZjY2NDQyMzY2YTNiODkxMjRhYzVkODg0YzEyZjM1MDQwZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9pPjCTmWu++vA9lSWPhII4xPt1+
Ll4htEbX8M4j/YYgGC6B2m44jQnVrlf+lOwkC6R7lRHATuVNjMXcNSw1BH21xJzk
ZGdHVj0m3+iJoUwnEyb1k9VeH/Oy+Yidvhi9xYOWH5ogKYSEL+o+Uj49sHs9ydL9
7C9+/KXZzUwiTIlFPbC/0FevZGMt9qlM7qO7h8bRFoQ7RyvU21Vu1ht2awQl/H9R
ZTSykvxOXWe9yzqaTZud8YiN7IKscmK59d1GNQmPPJ5a0Gn1CjQrH+6TJg/SbNtg
+IS+HwFVndHcIANTJT/aiY8iEMkDYRk9srl0M1S98TSpjBW0tIKra03H/wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKGA9mRCNmo7iRJKxdiEwS81BA0iMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvb1lEMlpFSTJhanVKRWtyRjJJVEJMelVFRFNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgoogDAN
BgkqhkiG9w0BAQsFAAOCAQEAq9WDGqjcY9qlmS0LS9td6jVqNn/bOuCDmzzzN17p
EUK3JligEyelg7itwBCeqyPxq+Y/zU0uH+uarUCcaJtir0kWq9O/RMAM80wglFMG
l1cNixEQDJY6Aw/r0JRD0D9/rRHbwBopONVkjiWsYili9EIA74v4cc7OFrYusNTL
laDXjSlymLdea/vAFbpq15MMNNckvxdg7d9VHXqzrvWCXKfiMdfYWj4dU7Vo+Wzt
lEZzIuldLP06xW43aXdog/PRSFOH/6dOq+iHoxSjw8L3Iym6R3gBe0qRh2OfZRGR
PfLiKIpEND+ZILKLKpXrU7xL8tA8pZ+HQ7IelAzBvr4g3g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:05 2024 by rpki-client on console-fra.rpki-client.org