Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/2KJcLQUYCJsfJVZiyZrvzndY7xk.roa
File:                     2KJcLQUYCJsfJVZiyZrvzndY7xk.roa (raw, json)
Hash identifier:          ohA/ZyJB7JT29Vf87WexXxLetZMAQS/Isr+EY8SZ6us=
Subject key identifier:   D8:A2:5C:2D:05:18:08:9B:1F:25:56:62:C9:9A:EF:CE:77:58:EF:19
Certificate issuer:       /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial:       018C25C9A712195F374771EB11AFCA3576B3
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/2KJcLQUYCJsfJVZiyZrvzndY7xk.roa
Signing time:             Fri 01 Dec 2023 14:30:21 +0000
ROA not before:           Fri 01 Dec 2023 14:30:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58057
IP address blocks:        2a06:e881:7700::/40 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:25:c9:a7:12:19:5f:37:47:71:eb:11:af:ca:35:76:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
        Validity
            Not Before: Dec  1 14:30:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d8a25c2d0518089b1f255662c99aefce7758ef19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:a5:45:9d:8d:85:8d:6e:ac:f1:44:32:4a:96:
                    04:6d:3e:06:4f:d3:13:0d:c2:8f:56:f8:10:36:ea:
                    f3:0e:f7:be:93:82:0d:bd:64:b0:bf:1e:b0:d6:9a:
                    f9:fa:57:16:a3:ba:b8:50:98:e8:e8:3e:a4:05:cd:
                    d0:e1:49:a9:f6:1b:08:a3:02:c5:17:e1:8b:ab:24:
                    04:6b:29:88:76:0c:25:0e:68:1c:d0:a2:c2:0b:90:
                    ea:e7:1e:f0:66:06:8a:1d:3b:bc:24:41:c8:01:11:
                    e9:06:85:b6:3f:9f:d0:d9:90:ed:2f:59:b3:c5:cf:
                    c3:99:f3:fd:ce:67:60:75:3e:77:cb:a7:0c:e4:f7:
                    cd:21:21:d3:da:cd:88:b4:9a:4a:c9:2b:76:15:19:
                    8f:0c:a9:69:c9:da:71:37:64:99:2f:90:42:73:d2:
                    f1:4a:06:e9:2a:d9:08:4a:a0:78:0f:3f:94:9c:65:
                    90:dc:82:e5:c5:dd:a9:dd:85:4d:09:99:f6:67:a3:
                    ff:d2:9a:72:b7:d9:b1:df:23:b6:8b:b8:b5:91:95:
                    13:63:2a:e8:ab:c5:59:7c:8d:ce:36:1f:de:c8:24:
                    72:7c:bd:0f:a8:85:20:3b:b6:66:28:6b:7d:c5:a4:
                    fb:fd:ec:e2:de:db:26:8c:96:cf:72:0e:3f:e0:88:
                    e6:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:A2:5C:2D:05:18:08:9B:1F:25:56:62:C9:9A:EF:CE:77:58:EF:19
            X509v3 Authority Key Identifier:
                keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/2KJcLQUYCJsfJVZiyZrvzndY7xk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:e881:7700::/40

    Signature Algorithm: sha256WithRSAEncryption
         99:af:5c:5a:47:fe:70:cd:df:4f:74:c7:a9:05:9c:ac:6c:ea:
         30:c1:86:af:59:c3:ce:f0:64:68:3f:70:be:50:40:cc:81:73:
         4a:0b:41:7f:4b:e7:8d:c9:df:10:9e:cb:08:ae:4c:a7:df:f3:
         5a:a1:a8:89:a0:3f:e0:7a:5f:d9:fa:95:c3:18:21:a3:70:e9:
         b1:6e:d9:ec:7b:62:6a:0a:d8:9e:f9:15:14:2b:c0:33:4d:7f:
         93:5e:a1:64:94:1a:10:b3:73:3b:3b:88:de:55:60:c5:a4:9d:
         e3:bc:c7:af:b7:fe:c4:23:5f:91:72:25:7f:3d:00:90:3f:de:
         cd:1c:f7:ff:c7:17:e1:19:a0:79:8f:a2:20:ca:5f:6e:6a:f9:
         07:b2:18:ce:53:73:98:ef:b2:dd:02:d9:39:28:f2:98:58:93:
         5f:c1:d4:87:34:17:47:28:5c:64:5b:75:58:db:3b:99:f9:2b:
         6b:e4:23:68:50:bb:e4:98:1c:27:a5:50:b6:71:96:a8:6b:79:
         28:72:3b:9d:9c:3a:55:74:87:8a:da:a0:7a:bc:40:fd:13:3b:
         1a:fd:ec:fd:b1:7b:b8:8b:34:28:56:1d:46:5b:24:3d:a6:f7:
         95:ec:18:ec:89:28:cd:43:56:81:f0:88:7a:2f:f2:2d:84:03:
         a6:ab:4a:65
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYwlyacSGV83R3HrEa/KNXazMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjMxMjAxMTQzMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGEyNWMyZDA1MTgwODliMWYyNTU2NjJjOTlhZWZjZTc3NThlZjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraVFnY2FjW6s8UQySpYEbT4GT9MT
DcKPVvgQNurzDve+k4INvWSwvx6w1pr5+lcWo7q4UJjo6D6kBc3Q4Ump9hsIowLF
F+GLqyQEaymIdgwlDmgc0KLCC5Dq5x7wZgaKHTu8JEHIARHpBoW2P5/Q2ZDtL1mz
xc/DmfP9zmdgdT53y6cM5PfNISHT2s2ItJpKySt2FRmPDKlpydpxN2SZL5BCc9Lx
SgbpKtkISqB4Dz+UnGWQ3ILlxd2p3YVNCZn2Z6P/0ppyt9mx3yO2i7i1kZUTYyro
q8VZfI3ONh/eyCRyfL0PqIUgO7ZmKGt9xaT7/ezi3tsmjJbPcg4/4IjmXQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNiiXC0FGAibHyVWYsma7853WO8ZMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvMktKY0xRVVlDSnNmSlZaaXlacnZ6bmRZN3hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgbogXcw
DQYJKoZIhvcNAQELBQADggEBAJmvXFpH/nDN3090x6kFnKxs6jDBhq9Zw87wZGg/
cL5QQMyBc0oLQX9L543J3xCeywiuTKff81qhqImgP+B6X9n6lcMYIaNw6bFu2ex7
YmoK2J75FRQrwDNNf5NeoWSUGhCzczs7iN5VYMWkneO8x6+3/sQjX5FyJX89AJA/
3s0c9//HF+EZoHmPoiDKX25q+QeyGM5Tc5jvst0C2Tko8phYk1/B1Ic0F0coXGRb
dVjbO5n5K2vkI2hQu+SYHCelULZxlqhreShyO52cOlV0h4raoHq8QP0TOxr97P2x
e7iLNChWHUZbJD2m95XsGOyJKM1DVoHwiHov8i2EA6arSmU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:38 2024 by rpki-client on console-fra.rpki-client.org