Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Be6hCk5otPFsmTuujqagHHxfDhY.roa
File:                     Be6hCk5otPFsmTuujqagHHxfDhY.roa (raw, json)
Hash identifier:          ZFzZsPL2ANGdgLs7KIolbC995hqQ2KJKaHDB39wlegY=
Subject key identifier:   05:EE:A1:0A:4E:68:B4:F1:6C:99:3B:AE:8E:A6:A0:1C:7C:5F:0E:16
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       01856F7993F8B3B5376EA5B88B7FBCD7AA81
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Be6hCk5otPFsmTuujqagHHxfDhY.roa
Signing time:             Sun 01 Jan 2023 22:35:16 +0000
ROA not before:           Sun 01 Jan 2023 22:35:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208254
IP address blocks:        2a0e:bac0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Sun 26 Mar 2023 13:52:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:79:93:f8:b3:b5:37:6e:a5:b8:8b:7f:bc:d7:aa:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Jan  1 22:35:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=05eea10a4e68b4f16c993bae8ea6a01c7c5f0e16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:6a:21:0b:64:a6:95:20:fa:6c:d1:d7:91:cf:
                    2b:d6:9c:0d:1f:5e:4a:76:a0:ee:ad:42:e5:81:e3:
                    b2:f7:74:6f:00:96:c4:b5:c6:94:a5:6f:7f:cb:ce:
                    26:02:30:cf:dd:d5:60:4d:e3:12:9d:57:e4:43:cf:
                    07:5a:da:97:0a:82:8b:69:6d:d5:d1:60:12:a7:cd:
                    2b:b7:c4:59:bc:c8:b2:93:8d:51:fc:bb:33:fc:96:
                    e2:f2:e6:b9:8f:6b:a0:c8:93:0d:88:1e:1b:c5:ca:
                    d1:bd:33:b0:6d:f1:41:18:f9:b7:e5:03:c7:c0:58:
                    a9:7d:d2:ca:c0:45:56:b3:28:bd:51:14:ac:f7:5b:
                    66:99:45:29:4c:48:5a:95:ad:f1:65:63:e1:da:5c:
                    39:24:dc:80:0f:ea:fc:76:b7:95:12:72:80:ac:3b:
                    65:6f:90:4c:89:d4:bb:40:70:bb:d3:5d:f2:da:cc:
                    19:f2:62:91:00:d9:69:c5:3b:26:0f:01:c8:38:e0:
                    3c:46:35:5f:2e:d8:4d:f7:79:74:53:62:20:74:81:
                    c0:1c:fb:a0:35:3f:6e:99:af:b8:03:e1:55:9e:6f:
                    b5:ee:cf:b2:d3:9e:34:85:5e:7a:7f:4c:af:97:59:
                    0d:08:21:bc:01:4f:98:75:c7:94:a5:37:ff:d7:4e:
                    d7:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:EE:A1:0A:4E:68:B4:F1:6C:99:3B:AE:8E:A6:A0:1C:7C:5F:0E:16
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Be6hCk5otPFsmTuujqagHHxfDhY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:bac0::/29

    Signature Algorithm: sha256WithRSAEncryption
         44:82:d4:7f:e6:84:e3:d9:14:1e:97:8e:50:b0:5d:19:a1:0d:
         5f:83:21:62:87:f4:fa:44:bc:02:0a:82:94:e3:35:e4:12:72:
         b3:4c:53:82:9d:5e:21:0d:22:cf:e7:5c:eb:c7:0e:da:20:aa:
         be:02:76:0e:5f:0b:10:f0:ef:47:cb:bb:56:4c:53:61:3e:12:
         48:b6:87:b0:a8:15:5f:98:2c:90:ec:87:a1:bb:9f:20:9b:9e:
         42:89:6d:38:14:b4:8b:79:5e:85:c5:43:19:c7:d3:a4:a2:0d:
         af:5a:00:d2:8a:ba:60:8f:b1:d1:76:69:55:ad:51:3f:89:cb:
         da:6a:7d:59:72:83:b6:8e:28:c3:29:60:ef:17:fe:a4:7b:c8:
         4a:52:b3:9e:5d:4a:0e:58:40:a1:f1:3f:0f:32:dc:43:b6:f3:
         32:22:be:de:04:be:29:49:db:4d:25:16:69:71:48:14:76:7b:
         24:ea:9b:d3:3e:8d:4e:8b:b0:55:4e:90:86:f9:95:8b:c8:46:
         ae:a4:18:91:5f:22:93:2f:29:e3:77:99:43:65:1b:4c:72:a4:
         cb:99:70:05:04:3f:04:56:12:e4:1b:9d:9d:3b:b6:2f:58:3a:
         1b:a5:5d:86:c2:5f:d4:19:33:d1:66:9f:b9:ff:93:57:4a:f1:
         5d:fc:81:49
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVveZP4s7U3bqW4i3+816qBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTAxMjIzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWVlYTEwYTRlNjhiNGYxNmM5OTNiYWU4ZWE2YTAxYzdjNWYwZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGohC2SmlSD6bNHXkc8r1pwNH15K
dqDurULlgeOy93RvAJbEtcaUpW9/y84mAjDP3dVgTeMSnVfkQ88HWtqXCoKLaW3V
0WASp80rt8RZvMiyk41R/Lsz/Jbi8ua5j2ugyJMNiB4bxcrRvTOwbfFBGPm35QPH
wFipfdLKwEVWsyi9URSs91tmmUUpTEhala3xZWPh2lw5JNyAD+r8dreVEnKArDtl
b5BMidS7QHC7013y2swZ8mKRANlpxTsmDwHIOOA8RjVfLthN93l0U2IgdIHAHPug
NT9uma+4A+FVnm+17s+y0540hV56f0yvl1kNCCG8AU+YdceUpTf/107XWQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAXuoQpOaLTxbJk7ro6moBx8Xw4WMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvQmU2aENrNW90UEZzbVR1dWpxYWdISHhmRGhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg66wDAN
BgkqhkiG9w0BAQsFAAOCAQEARILUf+aE49kUHpeOULBdGaENX4MhYof0+kS8AgqC
lOM15BJys0xTgp1eIQ0iz+dc68cO2iCqvgJ2Dl8LEPDvR8u7VkxTYT4SSLaHsKgV
X5gskOyHobufIJueQoltOBS0i3lehcVDGcfTpKINr1oA0oq6YI+x0XZpVa1RP4nL
2mp9WXKDto4owylg7xf+pHvISlKznl1KDlhAofE/DzLcQ7bzMiK+3gS+KUnbTSUW
aXFIFHZ7JOqb0z6NTouwVU6QhvmVi8hGrqQYkV8iky8p43eZQ2UbTHKky5lwBQQ/
BFYS5BudnTu2L1g6G6VdhsJf1Bkz0Wafuf+TV0rxXfyBSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org