Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/y4B2b1JvLjs5cnPoVKVxELqBa9s.roa
File:                     y4B2b1JvLjs5cnPoVKVxELqBa9s.roa (raw, json)
Hash identifier:          IiOxN6KrqY4FZdinSeQsD3yFl/0pPUHmNHJJfW20Yh4=
Subject key identifier:   CB:80:76:6F:52:6F:2E:3B:39:72:73:E8:54:A5:71:10:BA:81:6B:DB
Certificate issuer:       /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial:       01856C6EF77A77756F58162794080525883A
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/y4B2b1JvLjs5cnPoVKVxELqBa9s.roa
Signing time:             Sun 01 Jan 2023 08:24:49 +0000
ROA not before:           Sun 01 Jan 2023 08:24:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41732
IP address blocks:        2a03:9c00:d::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:6e:f7:7a:77:75:6f:58:16:27:94:08:05:25:88:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
        Validity
            Not Before: Jan  1 08:24:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cb80766f526f2e3b397273e854a57110ba816bdb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:d4:49:d2:c2:83:63:a5:04:44:de:2f:bb:a4:
                    ea:4f:aa:e9:44:16:ec:d2:5c:dd:d2:7a:ea:f4:6e:
                    dd:77:40:cf:fc:ad:61:38:bc:ec:fd:69:8f:98:97:
                    9c:e9:89:2d:fe:71:79:41:df:42:54:ea:3b:e3:26:
                    b0:25:07:21:a0:5b:71:3f:f2:71:b1:81:a1:96:75:
                    9a:12:4a:c3:6b:4a:be:07:72:f3:44:4b:d3:66:ce:
                    a9:6c:15:47:3a:b2:b7:78:7e:c8:36:f2:a6:c8:9b:
                    89:49:86:95:e1:31:c5:3e:a5:6a:67:5d:30:ab:20:
                    45:6a:7b:b3:02:3c:eb:c2:44:c5:c9:e8:fd:a7:13:
                    42:51:6d:7f:2a:5f:57:93:8b:52:80:d5:f1:40:97:
                    24:3f:9e:d5:9e:b7:1d:2c:85:92:4e:80:31:d2:7a:
                    4d:44:82:82:2d:ad:27:91:7e:38:4b:ef:32:0d:2f:
                    8c:ce:9c:39:64:6b:b6:e7:80:0e:e1:35:b4:91:d1:
                    9d:02:78:f8:32:4e:6b:c8:14:19:dc:20:0e:93:49:
                    18:d4:80:99:17:cc:cc:25:16:61:08:bd:1f:e2:b9:
                    dd:6c:a8:ae:c6:3c:30:6b:eb:30:35:40:2b:b6:46:
                    bb:b9:ff:55:17:18:b2:bd:c0:0c:8f:f2:96:85:52:
                    d3:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:80:76:6F:52:6F:2E:3B:39:72:73:E8:54:A5:71:10:BA:81:6B:DB
            X509v3 Authority Key Identifier:
                keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/y4B2b1JvLjs5cnPoVKVxELqBa9s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a03:9c00:d::/48

    Signature Algorithm: sha256WithRSAEncryption
         23:77:d2:91:eb:a0:af:8b:e4:be:eb:ae:c1:e0:1c:69:6a:b0:
         2d:fd:84:f2:06:4a:db:72:9a:9e:4a:2e:3e:61:2d:8a:a5:3e:
         43:80:e3:09:3e:0f:94:95:b8:da:70:92:33:e5:7b:a7:f1:62:
         0f:ce:24:c0:d0:87:03:52:37:e0:c6:8d:1a:91:54:59:ef:7d:
         7f:1d:df:35:5c:f4:87:ca:79:1c:ba:f7:bc:bf:ba:b1:11:ca:
         b6:6e:43:d4:c6:14:dd:98:6a:91:f8:9f:3f:5f:13:02:4a:b1:
         2e:4c:3f:b9:6b:61:5c:9b:fc:16:fe:77:6a:a4:d9:8b:c2:f3:
         90:64:a5:a9:f5:42:e9:bb:50:86:1c:ce:63:2d:71:b4:3e:92:
         32:ce:d0:f5:96:43:b7:0f:99:53:64:8e:f1:d0:d1:ce:e6:2f:
         61:7d:a3:37:d6:4e:1c:6e:a9:cc:2e:99:25:e6:e8:38:d8:9b:
         8f:1d:9a:38:d6:44:48:90:00:46:cc:ab:8c:4b:45:bc:d3:3e:
         e4:cd:e8:5e:34:7c:63:5e:d6:d2:c6:79:04:b5:e3:b8:86:08:
         6e:84:68:16:51:8e:23:bf:c1:8b:27:0a:e3:0c:70:68:ac:7e:
         ac:bc:a0:ce:bf:7a:14:37:46:68:0e:bc:88:a2:99:1b:55:41:
         fd:c6:6f:3d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsbvd6d3VvWBYnlAgFJYg6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjMwMTAxMDgyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjgwNzY2ZjUyNmYyZTNiMzk3MjczZTg1NGE1NzExMGJhODE2YmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9RJ0sKDY6UERN4vu6TqT6rpRBbs
0lzd0nrq9G7dd0DP/K1hOLzs/WmPmJec6Ykt/nF5Qd9CVOo74yawJQchoFtxP/Jx
sYGhlnWaEkrDa0q+B3LzREvTZs6pbBVHOrK3eH7INvKmyJuJSYaV4THFPqVqZ10w
qyBFanuzAjzrwkTFyej9pxNCUW1/Kl9Xk4tSgNXxQJckP57VnrcdLIWSToAx0npN
RIKCLa0nkX44S+8yDS+Mzpw5ZGu254AO4TW0kdGdAnj4Mk5ryBQZ3CAOk0kY1ICZ
F8zMJRZhCL0f4rndbKiuxjwwa+swNUArtka7uf9VFxiyvcAMj/KWhVLT8wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMuAdm9Sby47OXJz6FSlcRC6gWvbMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEveTRCMmIxSnZManM1Y25Qb1ZLVnhFTHFCYTlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgOcAAAN
MA0GCSqGSIb3DQEBCwUAA4IBAQAjd9KR66Cvi+S+667B4BxparAt/YTyBkrbcpqe
Si4+YS2KpT5DgOMJPg+UlbjacJIz5Xun8WIPziTA0IcDUjfgxo0akVRZ731/Hd81
XPSHynkcuve8v7qxEcq2bkPUxhTdmGqR+J8/XxMCSrEuTD+5a2Fcm/wW/ndqpNmL
wvOQZKWp9ULpu1CGHM5jLXG0PpIyztD1lkO3D5lTZI7x0NHO5i9hfaM31k4cbqnM
Lpkl5ug42JuPHZo41kRIkABGzKuMS0W80z7kzeheNHxjXtbSxnkEteO4hghuhGgW
UY4jv8GLJwrjDHBorH6svKDOv3oUN0ZoDryIopkbVUH9xm89
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:14 2024 by rpki-client on console-fra.rpki-client.org