Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/1pBgE-w9IXifwe4hLFE_zgCSlFc.roa
File:                     1pBgE-w9IXifwe4hLFE_zgCSlFc.roa (raw, json)
Hash identifier:          oUNYzfaFeLWGM69Juf12MMHgj7B/QiSt0HZGk+256tM=
Subject key identifier:   D6:90:60:13:EC:3D:21:78:9F:C1:EE:21:2C:51:3F:CE:00:92:94:57
Certificate issuer:       /CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
Certificate serial:       018571BA30AA55FF7D3A6C953F606FB8D7F3
Authority key identifier: EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/1pBgE-w9IXifwe4hLFE_zgCSlFc.roa
Signing time:             Mon 02 Jan 2023 09:05:05 +0000
ROA not before:           Mon 02 Jan 2023 09:05:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     53667
IP address blocks:        2a11:2304::/37 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:ba:30:aa:55:ff:7d:3a:6c:95:3f:60:6f:b8:d7:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
        Validity
            Not Before: Jan  2 09:05:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d6906013ec3d21789fc1ee212c513fce00929457
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:3c:7b:2d:4b:af:91:75:00:5f:48:70:eb:7a:
                    8d:93:a8:2e:ea:0e:36:14:3f:e2:cb:35:ab:10:21:
                    0c:95:5e:4e:2c:4c:3a:54:a2:eb:04:7e:74:d5:20:
                    f8:a5:6d:24:0c:6f:a2:19:e2:44:bf:5f:04:b6:28:
                    80:00:1c:35:0c:92:fc:19:90:6e:d4:09:31:f3:df:
                    21:ec:22:ae:3f:0b:b2:af:28:d7:b3:aa:31:9a:f0:
                    17:1d:d7:48:67:f7:68:82:08:db:4c:54:19:a4:b3:
                    f5:a5:ec:3d:cb:5b:2e:a7:9f:95:90:f6:51:68:d4:
                    f2:bb:d9:f6:c1:ec:7a:b5:27:83:74:b1:b9:70:a1:
                    11:b5:b5:d0:a4:4a:2b:71:b9:ab:b9:b0:fb:77:84:
                    f5:43:c7:1c:5b:92:3b:0e:fe:97:c4:51:b5:d5:d6:
                    61:7d:dc:b4:cf:41:4d:8d:7c:51:9a:b0:a9:8d:18:
                    3e:fa:f9:13:85:8c:48:ac:83:9c:f6:ac:29:e2:65:
                    60:9b:b5:e3:47:72:45:76:87:21:ad:10:db:42:ee:
                    f9:15:17:7b:6d:34:0e:1b:da:28:b4:b9:dd:46:14:
                    d9:fb:5f:48:c3:88:77:ab:41:f4:21:f6:49:b5:88:
                    57:e8:7d:2a:86:f7:b7:20:ee:d7:76:90:2e:e0:68:
                    49:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:90:60:13:EC:3D:21:78:9F:C1:EE:21:2C:51:3F:CE:00:92:94:57
            X509v3 Authority Key Identifier:
                keyid:EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/1pBgE-w9IXifwe4hLFE_zgCSlFc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/6sLBr9S97JgFBvoH33yGYtVU-kY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:2304::/37

    Signature Algorithm: sha256WithRSAEncryption
         66:2e:7c:47:cd:48:50:14:fe:1a:e4:9b:eb:f5:f1:68:b1:24:
         cb:4d:26:17:c6:8e:8c:c8:cf:b0:d7:b3:aa:f4:64:a4:8b:2a:
         b3:73:e4:2d:5a:59:bf:d3:7b:4c:c3:5c:82:4a:8f:56:07:c5:
         f4:8b:ae:86:6b:b8:dd:7d:c3:29:6b:ac:00:98:17:bc:24:86:
         90:55:fe:8e:e5:e1:d5:3f:25:8e:f2:3d:58:ee:a6:1e:93:2c:
         fa:be:ea:98:f8:11:df:66:58:fe:e5:f3:e6:38:91:77:ff:36:
         5d:35:3c:23:ec:b9:ee:3a:23:fc:48:d5:46:2f:e7:0a:d7:42:
         15:b6:ea:5f:06:b8:73:d9:27:49:42:e8:77:ee:70:c2:c9:5a:
         db:ee:f2:56:e5:7b:4d:a0:fe:5b:5a:52:30:fe:55:2b:24:c8:
         64:49:c7:5e:c2:4c:49:f1:7e:93:c0:f3:0d:41:b2:0d:fe:b8:
         dd:94:98:0b:af:61:7e:8c:6c:53:de:f7:bc:1e:5d:8c:a3:be:
         d7:bb:90:fa:e8:69:b0:b2:4f:e0:39:ad:da:5f:13:27:73:c0:
         15:10:51:54:c7:f7:ae:ec:2e:a3:aa:2d:94:09:c0:1a:09:a7:
         28:3a:f9:40:3b:67:04:fa:f2:20:e7:e7:af:d7:15:2b:a0:91:
         6b:c9:e0:43
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVxujCqVf99OmyVP2BvuNfzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYzJjMWFmZDRiZGVjOTgwNTA2ZmEwN2RmN2M4NjYyZDU1
NGZhNDYwHhcNMjMwMTAyMDkwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjkwNjAxM2VjM2QyMTc4OWZjMWVlMjEyYzUxM2ZjZTAwOTI5NDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTx7LUuvkXUAX0hw63qNk6gu6g42
FD/iyzWrECEMlV5OLEw6VKLrBH501SD4pW0kDG+iGeJEv18EtiiAABw1DJL8GZBu
1Akx898h7CKuPwuyryjXs6oxmvAXHddIZ/doggjbTFQZpLP1pew9y1sup5+VkPZR
aNTyu9n2wex6tSeDdLG5cKERtbXQpEorcbmrubD7d4T1Q8ccW5I7Dv6XxFG11dZh
fdy0z0FNjXxRmrCpjRg++vkThYxIrIOc9qwp4mVgm7XjR3JFdochrRDbQu75FRd7
bTQOG9ootLndRhTZ+19Iw4h3q0H0IfZJtYhX6H0qhve3IO7XdpAu4GhJbwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNaQYBPsPSF4n8HuISxRP84AkpRXMB8GA1UdIwQY
MBaAFOrCwa/UveyYBQb6B998hmLVVPpGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnNMQnI5Uzk3SmdGQnZvSDMzeUdZdFZVLWtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS81ODlhNmItNGQ3ZS00MDEyLWEwZmMt
YzBjZWIwMzdhZDQyLzEvMXBCZ0UtdzlJWGlmd2U0aExGRV96Z0NTbEZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS81ODlhNmItNGQ3ZS00MDEyLWEwZmMtYzBjZWIwMzdhZDQy
LzEvNnNMQnI5Uzk3SmdGQnZvSDMzeUdZdFZVLWtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYDKhEjBAAw
DQYJKoZIhvcNAQELBQADggEBAGYufEfNSFAU/hrkm+v18WixJMtNJhfGjozIz7DX
s6r0ZKSLKrNz5C1aWb/Te0zDXIJKj1YHxfSLroZruN19wylrrACYF7wkhpBV/o7l
4dU/JY7yPVjuph6TLPq+6pj4Ed9mWP7l8+Y4kXf/Nl01PCPsue46I/xI1UYv5wrX
QhW26l8GuHPZJ0lC6HfucMLJWtvu8lble02g/ltaUjD+VSskyGRJx17CTEnxfpPA
8w1Bsg3+uN2UmAuvYX6MbFPe97weXYyjvte7kProabCyT+A5rdpfEydzwBUQUVTH
967sLqOqLZQJwBoJpyg6+UA7ZwT68iDn56/XFSugkWvJ4EM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:48 2024 by rpki-client on console-ams.rpki-client.org