Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/Th801hw0jutchv9mIdKF6FpANUg.roa
File:                     Th801hw0jutchv9mIdKF6FpANUg.roa (raw, json)
Hash identifier:          vn+JCzoubMn0QTrwzOd9xD1Vaz04dCTHl7VfjiRfQHg=
Subject key identifier:   4E:1F:34:D6:1C:34:8E:EB:5C:86:FF:66:21:D2:85:E8:5A:40:35:48
Certificate issuer:       /CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Certificate serial:       018CF5BA5DF057CFCBB58649E6B1108BA48D
Authority key identifier: 31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/Th801hw0jutchv9mIdKF6FpANUg.roa
Signing time:             Wed 10 Jan 2024 23:34:40 +0000
ROA not before:           Wed 10 Jan 2024 23:34:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57487
IP address blocks:        2a11:9885::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 06 May 2024 18:07:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:f5:ba:5d:f0:57:cf:cb:b5:86:49:e6:b1:10:8b:a4:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
        Validity
            Not Before: Jan 10 23:34:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4e1f34d61c348eeb5c86ff6621d285e85a403548
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:9c:4e:5d:6a:db:13:e3:57:ec:33:91:db:b7:
                    60:84:79:7c:1d:f7:65:ab:4f:1a:87:09:ab:00:54:
                    4d:7d:8b:43:04:14:b3:3b:be:a3:05:0d:bc:4e:a5:
                    0b:50:36:82:0b:05:b8:73:fe:19:ba:50:d9:7e:e1:
                    42:5a:18:73:b0:d5:b3:6d:95:40:fc:d9:86:44:73:
                    06:11:aa:a5:e3:37:1f:62:4a:5e:11:1f:a3:be:18:
                    46:db:1e:18:77:a5:77:76:9e:79:c1:78:64:91:ae:
                    62:8e:1a:80:1f:b8:ef:13:c5:d1:0a:bf:c0:e5:69:
                    7a:14:80:6f:28:15:c7:1b:fe:91:89:84:41:e8:54:
                    82:8e:78:3a:8c:93:f7:fe:80:34:c9:bf:59:24:73:
                    5a:28:5f:a5:7d:27:ec:10:e1:83:2e:be:aa:4a:9a:
                    99:3a:08:61:d0:07:cb:a8:bd:7a:77:74:c5:1e:1b:
                    36:1b:7b:8b:95:c9:a6:6c:d8:c2:a8:a3:8a:8e:06:
                    9f:1f:ed:f3:fe:62:94:8d:db:a1:69:af:e3:05:6a:
                    97:1f:86:8d:72:49:0c:75:b3:e9:95:47:34:bc:70:
                    26:ce:43:91:81:96:86:32:04:31:2c:f7:c8:dd:b6:
                    93:57:bc:60:70:44:3b:e0:2d:37:9b:cc:10:e0:8e:
                    78:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:1F:34:D6:1C:34:8E:EB:5C:86:FF:66:21:D2:85:E8:5A:40:35:48
            X509v3 Authority Key Identifier:
                keyid:31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/Th801hw0jutchv9mIdKF6FpANUg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/MQsFJRN4mUz6gIjSO27u1Onmqwg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:9885::/32

    Signature Algorithm: sha256WithRSAEncryption
         79:eb:c4:55:3a:bc:85:bf:93:0c:da:5e:fc:44:5b:60:17:26:
         c3:a7:a6:5b:89:f2:27:6d:c1:73:15:fd:5c:29:15:a2:94:d7:
         fb:8a:4c:9c:41:06:eb:0e:60:48:9f:6e:52:93:ce:01:d5:30:
         43:80:9d:2d:81:0e:90:61:c8:ea:ce:69:ef:c0:44:8b:fe:83:
         b2:2e:47:02:ff:8e:86:95:16:11:c2:4c:5c:95:40:66:c7:c8:
         43:8b:e7:30:29:57:e8:0b:54:d1:e4:49:a7:55:5b:5b:56:50:
         95:12:4e:f7:2b:04:98:27:49:ce:2d:88:de:1a:71:84:6f:81:
         07:1f:1d:1e:7e:44:73:17:18:24:67:71:d8:b3:06:42:6d:65:
         e0:37:fb:96:49:68:d5:ff:02:c5:77:a6:d7:c8:90:85:68:e2:
         8d:e4:17:f3:d7:16:6a:29:dc:a0:62:22:e1:53:ce:35:c8:10:
         f0:41:26:c1:67:98:f7:6f:7a:be:1d:19:86:4e:dc:55:41:58:
         53:20:57:c1:22:aa:a8:00:7d:90:db:7b:35:ae:ed:60:aa:34:
         c2:81:fc:80:d0:9c:8d:a8:90:4d:ec:59:75:e5:19:7f:cb:6e:
         38:72:36:a7:6d:7c:b0:20:b6:31:03:a3:de:81:2c:bf:f5:0f:
         7f:64:6f:2f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYz1ul3wV8/LtYZJ5rEQi6SNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMGIwNTI1MTM3ODk5NGNmYTgwODhkMjNiNmVlZWQ0ZTll
NmFiMDgwHhcNMjQwMTEwMjMzNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTFmMzRkNjFjMzQ4ZWViNWM4NmZmNjYyMWQyODVlODVhNDAzNTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZxOXWrbE+NX7DOR27dghHl8Hfdl
q08ahwmrAFRNfYtDBBSzO76jBQ28TqULUDaCCwW4c/4ZulDZfuFCWhhzsNWzbZVA
/NmGRHMGEaql4zcfYkpeER+jvhhG2x4Yd6V3dp55wXhkka5ijhqAH7jvE8XRCr/A
5Wl6FIBvKBXHG/6RiYRB6FSCjng6jJP3/oA0yb9ZJHNaKF+lfSfsEOGDLr6qSpqZ
Oghh0AfLqL16d3TFHhs2G3uLlcmmbNjCqKOKjgafH+3z/mKUjduhaa/jBWqXH4aN
ckkMdbPplUc0vHAmzkORgZaGMgQxLPfI3baTV7xgcEQ74C03m8wQ4I546QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFE4fNNYcNI7rXIb/ZiHShehaQDVIMB8GA1UdIwQY
MBaAFDELBSUTeJlM+oCI0jtu7tTp5qsIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEt
N2NmZGYyZGY2NjMyLzEvVGg4MDFodzBqdXRjaHY5bUlkS0Y2RnBBTlVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEtN2NmZGYyZGY2NjMy
LzEvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhGYhTAN
BgkqhkiG9w0BAQsFAAOCAQEAeevEVTq8hb+TDNpe/ERbYBcmw6emW4nyJ23BcxX9
XCkVopTX+4pMnEEG6w5gSJ9uUpPOAdUwQ4CdLYEOkGHI6s5p78BEi/6Dsi5HAv+O
hpUWEcJMXJVAZsfIQ4vnMClX6AtU0eRJp1VbW1ZQlRJO9ysEmCdJzi2I3hpxhG+B
Bx8dHn5EcxcYJGdx2LMGQm1l4Df7lklo1f8CxXem18iQhWjijeQX89cWaincoGIi
4VPONcgQ8EEmwWeY9296vh0Zhk7cVUFYUyBXwSKqqAB9kNt7Na7tYKo0woH8gNCc
jaiQTexZdeUZf8tuOHI2p218sCC2MQOj3oEsv/UPf2RvLw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:47 2024 by rpki-client on console-ams.rpki-client.org