Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/oy5RlK5ojy0WIehOm2qeme8QG9U.roa
File:                     oy5RlK5ojy0WIehOm2qeme8QG9U.roa (raw, json)
Hash identifier:          MvQMUvM4ab3awLtAluLMzo1oKYUrz22T2tkyD2JdIVM=
Subject key identifier:   A3:2E:51:94:AE:68:8F:2D:16:21:E8:4E:9B:6A:9E:99:EF:10:1B:D5
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       01856F798952750C0EDC204F05C7BEFEA957
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/oy5RlK5ojy0WIehOm2qeme8QG9U.roa
Signing time:             Sun 01 Jan 2023 22:35:14 +0000
ROA not before:           Sun 01 Jan 2023 22:35:14 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57138
IP address blocks:        2a07:e340::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:79:89:52:75:0c:0e:dc:20:4f:05:c7:be:fe:a9:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Jan  1 22:35:14 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a32e5194ae688f2d1621e84e9b6a9e99ef101bd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:eb:ef:ed:03:3c:73:04:c0:47:e2:64:a2:70:
                    17:79:80:ea:91:3b:20:db:f1:8f:4b:c6:68:c5:71:
                    8c:a4:07:09:d4:56:0b:1b:4b:33:d1:d5:75:92:0e:
                    26:31:08:14:92:e5:47:61:08:3b:38:ba:1e:34:e4:
                    9b:c7:6d:ae:a4:24:13:eb:c1:6e:7b:2c:cc:7d:bd:
                    53:7c:08:74:2c:b4:36:db:12:92:18:df:10:a1:ac:
                    2c:da:a9:4f:53:74:e8:1d:e5:58:71:d3:a2:a8:59:
                    09:c9:a7:66:45:29:7c:4c:33:68:b9:4b:c5:67:f8:
                    c5:88:16:7a:d8:52:4d:98:d9:79:06:83:74:0d:fd:
                    d1:fa:c0:0b:dd:c8:bb:75:63:ed:51:c5:ca:8f:42:
                    3e:c9:02:70:93:a0:78:2e:ef:d0:52:68:49:f4:a1:
                    04:62:53:49:97:a6:9d:22:4a:48:99:1d:cf:80:cb:
                    28:c9:53:9e:3d:67:9d:3c:c2:13:0e:a5:95:9a:85:
                    a5:96:0b:d2:2e:b6:29:8c:02:2a:45:49:6d:63:59:
                    6f:3e:15:8f:76:80:b8:33:69:05:3b:00:21:42:db:
                    3f:1b:f8:bb:fe:28:6a:a0:eb:22:33:1d:40:42:ab:
                    3f:b4:79:f2:49:b2:ff:ed:5b:03:1b:72:12:b1:f6:
                    3e:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:2E:51:94:AE:68:8F:2D:16:21:E8:4E:9B:6A:9E:99:EF:10:1B:D5
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/oy5RlK5ojy0WIehOm2qeme8QG9U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:e340::/32

    Signature Algorithm: sha256WithRSAEncryption
         45:4f:3b:41:13:44:b7:0e:33:97:49:81:17:33:f4:78:58:b6:
         23:29:c0:ed:70:37:fc:1a:9e:59:ee:e6:04:4e:17:12:65:4e:
         25:7b:40:64:d4:ec:9f:e3:f9:de:27:35:48:e9:7a:97:2f:c7:
         4c:8e:6a:7f:10:01:8b:fd:d7:60:bd:9c:e4:d7:41:b5:c4:50:
         11:0f:1a:c7:d4:f8:4a:46:27:72:05:5f:5a:e2:c2:1a:ab:3b:
         11:8e:d0:98:30:d0:0b:91:81:d1:f4:d2:fd:d1:a8:ca:9a:37:
         ba:52:ab:1f:fb:ed:a0:11:8f:d8:8c:3b:1d:b6:30:58:ae:f2:
         f4:72:a4:f0:1a:8c:e3:9e:41:a7:92:da:95:ea:a2:0b:9e:60:
         91:36:95:f8:e6:7e:69:ea:30:99:bd:f5:63:ea:4d:ae:82:b1:
         81:47:dc:82:5d:72:a4:58:5e:84:47:d5:50:18:f8:b1:56:93:
         b8:59:26:bb:39:fc:76:99:cf:e5:dc:c5:aa:ed:92:0c:89:97:
         27:67:81:6c:72:43:bb:66:5d:6d:f0:49:87:41:4e:57:ad:b8:
         10:1c:65:ea:c2:2f:07:bd:57:f4:4c:09:91:88:09:a3:78:71:
         1a:49:77:ba:4a:97:ab:a6:e6:2a:27:9b:48:c6:73:28:ad:83:
         3b:36:63:d0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVveYlSdQwO3CBPBce+/qlXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTAxMjIzNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzJlNTE5NGFlNjg4ZjJkMTYyMWU4NGU5YjZhOWU5OWVmMTAxYmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuvv7QM8cwTAR+JkonAXeYDqkTsg
2/GPS8ZoxXGMpAcJ1FYLG0sz0dV1kg4mMQgUkuVHYQg7OLoeNOSbx22upCQT68Fu
eyzMfb1TfAh0LLQ22xKSGN8Qoaws2qlPU3ToHeVYcdOiqFkJyadmRSl8TDNouUvF
Z/jFiBZ62FJNmNl5BoN0Df3R+sAL3ci7dWPtUcXKj0I+yQJwk6B4Lu/QUmhJ9KEE
YlNJl6adIkpImR3PgMsoyVOePWedPMITDqWVmoWllgvSLrYpjAIqRUltY1lvPhWP
doC4M2kFOwAhQts/G/i7/ihqoOsiMx1AQqs/tHnySbL/7VsDG3ISsfY+/QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKMuUZSuaI8tFiHoTptqnpnvEBvVMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvb3k1UmxLNW9qeTBXSWVoT20ycWVtZThRRzlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgfjQDAN
BgkqhkiG9w0BAQsFAAOCAQEARU87QRNEtw4zl0mBFzP0eFi2IynA7XA3/BqeWe7m
BE4XEmVOJXtAZNTsn+P53ic1SOl6ly/HTI5qfxABi/3XYL2c5NdBtcRQEQ8ax9T4
SkYncgVfWuLCGqs7EY7QmDDQC5GB0fTS/dGoypo3ulKrH/vtoBGP2Iw7HbYwWK7y
9HKk8BqM455Bp5LaleqiC55gkTaV+OZ+aeowmb31Y+pNroKxgUfcgl1ypFhehEfV
UBj4sVaTuFkmuzn8dpnP5dzFqu2SDImXJ2eBbHJDu2ZdbfBJh0FOV624EBxl6sIv
B71X9EwJkYgJo3hxGkl3ukqXq6bmKiebSMZzKK2DOzZj0A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org