Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/dL1YQuOIRyOl4WhZv7jdtBzt5_8.roa
File:                     dL1YQuOIRyOl4WhZv7jdtBzt5_8.roa (raw, json)
Hash identifier:          Wr5ekwNd376LcOcctfM+NtcpziFbISHH/EA8/7Ip20w=
Subject key identifier:   74:BD:58:42:E3:88:47:23:A5:E1:68:59:BF:B8:DD:B4:1C:ED:E7:FF
Certificate issuer:       /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial:       018E24D9FEA2EF5DC7C166D2CF292F6C0AC3
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/dL1YQuOIRyOl4WhZv7jdtBzt5_8.roa
Signing time:             Sat 09 Mar 2024 20:14:10 +0000
ROA not before:           Sat 09 Mar 2024 20:14:10 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48266
IP address blocks:        2a12:8c00::/36 maxlen: 128
                          2a12:8c00:1000::/36 maxlen: 128

Validation:               Failed, certificate revoked on Sun 10 Mar 2024 01:42:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:24:d9:fe:a2:ef:5d:c7:c1:66:d2:cf:29:2f:6c:0a:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
        Validity
            Not Before: Mar  9 20:14:10 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=74bd5842e3884723a5e16859bfb8ddb41cede7ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:d7:01:e2:a8:34:f7:a4:ed:98:71:e0:cb:fb:
                    bf:fe:26:ad:7c:ad:5c:cf:ef:82:7c:7b:f4:51:6a:
                    5a:fb:87:51:b1:74:14:40:a5:97:f5:a0:96:34:cf:
                    17:96:c8:c9:eb:54:2f:10:bd:7e:db:ea:05:d4:61:
                    d6:b8:b9:60:0a:81:ba:06:9a:27:19:4d:7c:e4:23:
                    68:a7:b6:fd:3c:2d:f8:27:17:cd:df:0a:87:d9:18:
                    9b:20:5d:dc:16:fa:87:47:e8:d7:35:eb:b5:23:b6:
                    db:2a:f0:32:2e:05:b2:13:20:3b:c1:a4:3f:3f:ff:
                    d7:86:5e:83:58:79:ab:3f:56:5e:43:b7:74:f0:03:
                    a0:8c:58:dc:2a:59:de:57:cb:f9:a9:ae:7d:95:5c:
                    a8:6a:54:df:c2:42:4a:bc:f7:a0:a2:a5:f9:4c:ae:
                    b4:a2:99:74:18:aa:68:0f:76:9a:ae:68:4f:40:e7:
                    a5:c1:35:ed:15:8d:4c:6e:0b:6b:e6:5b:e1:84:d9:
                    08:e6:ca:fc:e6:11:f7:70:b4:e7:92:dc:c0:34:ab:
                    ad:8f:1e:d2:7b:1a:68:de:08:3d:f9:70:63:7d:fb:
                    40:f3:8c:17:26:94:a7:71:58:bf:9f:7b:e4:43:77:
                    e8:d4:7f:c7:9a:a9:f5:06:2f:27:16:15:0a:85:d2:
                    45:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:BD:58:42:E3:88:47:23:A5:E1:68:59:BF:B8:DD:B4:1C:ED:E7:FF
            X509v3 Authority Key Identifier:
                keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/dL1YQuOIRyOl4WhZv7jdtBzt5_8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:8c00::/35

    Signature Algorithm: sha256WithRSAEncryption
         0d:93:68:ed:02:af:9f:82:4f:2a:6f:46:76:1b:26:d6:eb:90:
         f3:97:e4:04:bb:5d:9d:94:d0:16:b6:bc:e4:32:ab:89:a6:3c:
         4f:2b:53:75:2e:ae:a2:61:fc:eb:55:19:08:1e:28:96:04:66:
         7b:21:95:8a:5b:dc:c7:ae:42:e6:b6:19:54:b2:4c:fa:a7:53:
         80:15:f4:e3:a1:50:0b:aa:b7:b5:cd:9b:5a:4b:32:65:d1:6c:
         83:8d:f7:58:25:85:99:91:cd:56:67:3e:4a:47:27:db:0a:41:
         56:31:35:ab:18:07:49:ff:a5:45:a6:07:97:bb:ab:60:30:11:
         85:e1:d5:27:25:ca:2a:d1:03:eb:ff:bd:33:e6:bd:d7:be:f9:
         ef:37:a4:58:ce:2b:2f:cf:ae:48:1b:e0:52:f8:01:5b:31:d2:
         39:01:3f:fa:bb:c7:bf:83:13:a7:00:51:f6:32:21:c2:97:2c:
         79:51:2d:42:a8:ac:a1:e1:54:9c:6a:46:3f:26:ab:10:90:02:
         2d:24:13:1d:57:d2:52:e7:5b:df:3c:03:78:45:3e:2d:07:4d:
         f5:5f:c6:66:ee:56:9b:7b:61:88:f4:d5:31:19:57:09:d2:45:
         0c:ce:e4:21:28:86:43:a2:c4:cf:72:45:26:86:c5:9a:66:bd:
         9b:cd:ac:29
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAY4k2f6i713HwWbSzykvbArDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjQwMzA5MjAxNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGJkNTg0MmUzODg0NzIzYTVlMTY4NTliZmI4ZGRiNDFjZWRlN2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9cB4qg096TtmHHgy/u//iatfK1c
z++CfHv0UWpa+4dRsXQUQKWX9aCWNM8XlsjJ61QvEL1+2+oF1GHWuLlgCoG6Bpon
GU185CNop7b9PC34JxfN3wqH2RibIF3cFvqHR+jXNeu1I7bbKvAyLgWyEyA7waQ/
P//Xhl6DWHmrP1ZeQ7d08AOgjFjcKlneV8v5qa59lVyoalTfwkJKvPegoqX5TK60
opl0GKpoD3aarmhPQOelwTXtFY1Mbgtr5lvhhNkI5sr85hH3cLTnktzANKutjx7S
expo3gg9+XBjfftA84wXJpSncVi/n3vkQ3fo1H/Hmqn1Bi8nFhUKhdJFeQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFHS9WELjiEcjpeFoWb+43bQc7ef/MB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvZEwxWVF1T0lSeU9sNFdoWnY3amR0Qnp0NV84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYFKhKMAAAw
DQYJKoZIhvcNAQELBQADggEBAA2TaO0Cr5+CTypvRnYbJtbrkPOX5AS7XZ2U0Ba2
vOQyq4mmPE8rU3UurqJh/OtVGQgeKJYEZnshlYpb3MeuQua2GVSyTPqnU4AV9OOh
UAuqt7XNm1pLMmXRbION91glhZmRzVZnPkpHJ9sKQVYxNasYB0n/pUWmB5e7q2Aw
EYXh1SclyirRA+v/vTPmvde++e83pFjOKy/Prkgb4FL4AVsx0jkBP/q7x7+DE6cA
UfYyIcKXLHlRLUKorKHhVJxqRj8mqxCQAi0kEx1X0lLnW988A3hFPi0HTfVfxmbu
Vpt7YYj01TEZVwnSRQzO5CEohkOixM9yRSaGxZpmvZvNrCk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:57 2024 by rpki-client on console-fra.rpki-client.org