Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/tboAuw-qd2L1iiGCcGyX5YdXUg8.roa
File:                     tboAuw-qd2L1iiGCcGyX5YdXUg8.roa (raw, json)
Hash identifier:          eia1d54zQT/D3B3d+tEL2Z8v+2ysg9CLXC/0F/mvhq8=
Subject key identifier:   B5:BA:00:BB:0F:AA:77:62:F5:8A:21:82:70:6C:97:E5:87:57:52:0F
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       01856F796F1BC02CF03DCE80E1DBA2044AC8
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/tboAuw-qd2L1iiGCcGyX5YdXUg8.roa
Signing time:             Sun 01 Jan 2023 22:35:07 +0000
ROA not before:           Sun 01 Jan 2023 22:35:07 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     4785
IP address blocks:        2a07:e340::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:79:6f:1b:c0:2c:f0:3d:ce:80:e1:db:a2:04:4a:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Jan  1 22:35:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b5ba00bb0faa7762f58a2182706c97e58757520f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:6e:7b:83:9f:29:8b:9d:94:31:75:bc:59:45:
                    ce:c1:68:a0:67:f7:7e:3c:69:12:1d:69:60:67:71:
                    e4:ba:d7:9f:6a:71:ea:52:13:61:48:1b:1e:5a:06:
                    bf:0f:43:94:dc:61:0f:90:c0:81:c0:b9:fe:45:af:
                    38:0c:46:89:e6:f8:6e:62:01:45:45:05:98:94:c9:
                    88:2c:01:fa:ff:80:b2:cb:7c:4d:85:c1:97:b8:31:
                    fd:72:02:f4:9c:80:37:d0:29:7f:57:ea:9c:22:2a:
                    de:ab:9c:4e:b5:e7:64:9f:36:4d:ef:38:ab:af:52:
                    20:3a:78:0a:ed:75:42:57:dc:e4:14:d2:1b:3b:7e:
                    32:70:47:76:55:79:6c:80:70:11:16:d8:b7:11:e3:
                    cb:c1:73:cf:60:db:aa:64:5f:ff:4c:b0:80:9e:1c:
                    0b:90:95:2c:69:f6:95:5f:e2:a9:c9:16:45:25:e4:
                    8b:cb:3c:35:b8:57:ec:26:73:00:d7:8d:0b:b5:1e:
                    dc:71:48:9d:16:34:64:d3:e0:38:c5:0e:29:f2:9f:
                    8e:49:d4:f1:60:03:67:7c:79:37:dc:70:83:c5:ad:
                    07:af:4c:b7:cd:b2:5c:6a:ad:24:db:d7:36:5d:54:
                    b8:1a:a3:8b:84:e2:f7:df:c5:6a:8b:46:d4:be:52:
                    a5:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:BA:00:BB:0F:AA:77:62:F5:8A:21:82:70:6C:97:E5:87:57:52:0F
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/tboAuw-qd2L1iiGCcGyX5YdXUg8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:e340::/32

    Signature Algorithm: sha256WithRSAEncryption
         73:ef:15:43:fd:c0:43:91:d1:ff:b1:ae:4c:16:b4:56:4e:ad:
         ad:c2:a5:4a:86:85:40:e9:22:e1:6b:9f:82:f3:37:f9:04:ff:
         46:fb:91:b7:a3:66:7e:d7:27:3b:2b:20:d8:2a:0d:ec:05:c2:
         92:4b:a8:95:d8:5d:e9:6d:52:70:e8:06:9f:b6:3e:88:59:23:
         37:e8:c8:36:f6:9f:52:93:b2:45:05:c1:4a:60:7d:b2:8d:8d:
         04:ba:f8:81:d2:44:25:53:80:08:4a:d4:5a:0e:6c:60:9e:28:
         d7:75:2a:78:34:d9:c9:d4:94:21:66:6b:27:45:3c:9d:1e:bc:
         45:9c:71:62:f8:63:84:ec:b5:d2:51:5e:ac:74:67:94:8d:7f:
         09:f8:e5:3e:b2:a6:28:87:8f:96:d7:31:f5:9d:e4:68:ec:7f:
         02:d6:1b:c3:4f:fd:7c:79:4e:e7:ab:60:a2:54:78:c2:5f:9b:
         5f:22:43:c9:df:1b:17:c3:13:a0:6b:fa:19:71:74:d1:eb:9e:
         72:27:51:7c:2c:e0:2f:4b:6a:4b:09:f5:80:f5:85:65:42:19:
         0b:7f:50:aa:db:25:b1:88:67:4a:f5:19:4b:d6:4a:c1:c7:80:
         c2:8d:8f:35:ef:95:22:25:d0:6d:f1:42:06:0d:4c:8b:8c:25:
         19:83:53:cc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVveW8bwCzwPc6A4duiBErIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTAxMjIzNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWJhMDBiYjBmYWE3NzYyZjU4YTIxODI3MDZjOTdlNTg3NTc1MjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtW57g58pi52UMXW8WUXOwWigZ/d+
PGkSHWlgZ3HkutefanHqUhNhSBseWga/D0OU3GEPkMCBwLn+Ra84DEaJ5vhuYgFF
RQWYlMmILAH6/4Cyy3xNhcGXuDH9cgL0nIA30Cl/V+qcIireq5xOtedknzZN7zir
r1IgOngK7XVCV9zkFNIbO34ycEd2VXlsgHARFti3EePLwXPPYNuqZF//TLCAnhwL
kJUsafaVX+KpyRZFJeSLyzw1uFfsJnMA140LtR7ccUidFjRk0+A4xQ4p8p+OSdTx
YANnfHk33HCDxa0Hr0y3zbJcaq0k29c2XVS4GqOLhOL338Vqi0bUvlKlBQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLW6ALsPqndi9YohgnBsl+WHV1IPMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvdGJvQXV3LXFkMkwxaWlHQ2NHeVg1WWRYVWc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgfjQDAN
BgkqhkiG9w0BAQsFAAOCAQEAc+8VQ/3AQ5HR/7GuTBa0Vk6trcKlSoaFQOki4Wuf
gvM3+QT/RvuRt6NmftcnOysg2CoN7AXCkkuoldhd6W1ScOgGn7Y+iFkjN+jINvaf
UpOyRQXBSmB9so2NBLr4gdJEJVOACErUWg5sYJ4o13UqeDTZydSUIWZrJ0U8nR68
RZxxYvhjhOy10lFerHRnlI1/CfjlPrKmKIePltcx9Z3kaOx/AtYbw0/9fHlO56tg
olR4wl+bXyJDyd8bF8MToGv6GXF00euecidRfCzgL0tqSwn1gPWFZUIZC39Qqtsl
sYhnSvUZS9ZKwceAwo2PNe+VIiXQbfFCBg1Mi4wlGYNTzA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org