Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/PopJRr2U7FJ0g5EyBWHFmzXul-o.roa
File:                     PopJRr2U7FJ0g5EyBWHFmzXul-o.roa (raw, json)
Hash identifier:          w6c32J8DY6ITRdiJGdxJbeLORKoPUncWGdYEqIp5g70=
Subject key identifier:   3E:8A:49:46:BD:94:EC:52:74:83:91:32:05:61:C5:9B:35:EE:97:EA
Certificate issuer:       /CN=a79bba2805a988954e4fec42570530f16f9e7093
Certificate serial:       01856BAECF54AE79538BF5A256049A9B852D
Authority key identifier: A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/PopJRr2U7FJ0g5EyBWHFmzXul-o.roa
Signing time:             Sun 01 Jan 2023 04:54:56 +0000
ROA not before:           Sun 01 Jan 2023 04:54:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34305
IP address blocks:        2001:4de0:2101::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 19 Oct 2023 12:24:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:ae:cf:54:ae:79:53:8b:f5:a2:56:04:9a:9b:85:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a79bba2805a988954e4fec42570530f16f9e7093
        Validity
            Not Before: Jan  1 04:54:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3e8a4946bd94ec52748391320561c59b35ee97ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:6d:e0:57:94:91:b7:07:12:6a:1f:aa:83:78:
                    7c:56:ca:fd:9c:5f:72:60:52:86:bd:ef:c9:53:7a:
                    b2:ac:42:16:3f:68:0a:9c:ec:05:27:f8:3b:71:5d:
                    ab:13:6e:b7:33:bb:da:bf:94:39:17:66:e7:44:f3:
                    c9:36:32:79:f1:21:7b:f5:17:32:42:19:13:02:0d:
                    14:fb:0c:c2:18:95:57:80:1f:97:4c:29:31:16:da:
                    2a:e7:57:a7:84:68:ff:64:ab:9a:22:29:35:da:03:
                    0b:3b:20:91:62:ea:f4:20:6e:f2:16:37:25:e8:b6:
                    62:f8:86:b3:8a:77:b0:65:c5:57:83:69:1b:78:ee:
                    76:dc:1c:46:de:8c:bd:0e:25:d4:98:e5:fb:66:ed:
                    81:9c:f4:b9:f1:63:d4:ab:c8:21:22:b7:2f:03:e9:
                    53:15:bc:ba:98:cb:fe:41:a1:90:46:bb:63:93:b2:
                    0f:ed:10:eb:b2:ca:bd:97:c9:73:44:12:c9:ba:23:
                    f5:b9:eb:16:1d:91:94:c6:48:db:b4:03:6f:54:cc:
                    c7:52:cf:64:ca:dd:15:97:61:28:c7:04:7b:f0:bb:
                    78:a3:74:0e:53:a1:d3:8f:94:7a:a6:1b:c3:7d:4e:
                    00:b7:6d:2c:90:cd:ba:66:26:94:f0:77:1c:01:a9:
                    4d:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:8A:49:46:BD:94:EC:52:74:83:91:32:05:61:C5:9B:35:EE:97:EA
            X509v3 Authority Key Identifier:
                keyid:A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/PopJRr2U7FJ0g5EyBWHFmzXul-o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:4de0:2101::/48

    Signature Algorithm: sha256WithRSAEncryption
         4e:80:08:55:c6:dc:fc:5c:94:ba:65:44:1c:8d:1a:68:fa:c1:
         f3:ce:20:9b:f4:9b:af:d4:b4:be:03:cb:24:63:3f:45:1d:8e:
         25:d5:52:4b:12:0f:97:11:52:95:a7:73:4a:5e:80:5d:01:9f:
         ab:be:41:8b:e6:15:91:12:ad:e2:93:45:9e:46:31:9c:ca:e3:
         5c:b5:99:09:ab:c2:11:5f:51:e9:d2:ec:6f:1d:66:3e:41:ec:
         cf:e3:77:eb:20:84:df:d4:cf:a1:0a:0e:6c:60:bb:0f:8e:ae:
         e9:4d:9d:c3:60:4b:51:6e:8a:aa:25:76:9e:be:c2:fc:b9:5f:
         a4:eb:47:f1:03:8c:d1:ff:50:d1:31:b0:cb:5d:68:af:9e:2d:
         c0:42:60:d9:be:34:da:84:2f:5f:d4:26:3e:13:c4:08:4f:25:
         b9:62:f1:c2:2e:7b:6b:00:34:e8:98:b4:ec:2a:9b:f1:4b:9d:
         ee:d6:57:70:9e:ee:8a:67:b0:d3:ef:bd:18:65:cc:ee:8e:7b:
         f9:a3:6d:88:75:cc:df:3a:c1:f0:66:fe:88:9a:6d:78:10:fd:
         1f:0c:53:4a:fc:ce:0c:c6:32:7f:a3:f4:cf:d4:b6:a7:1b:e1:
         cf:ed:5b:a1:cb:7f:4b:55:37:80:eb:5a:ec:2b:0e:a3:bc:eb:
         34:90:46:aa
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVrrs9UrnlTi/WiVgSam4UtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3OWJiYTI4MDVhOTg4OTU0ZTRmZWM0MjU3MDUzMGYxNmY5
ZTcwOTMwHhcNMjMwMTAxMDQ1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZThhNDk0NmJkOTRlYzUyNzQ4MzkxMzIwNTYxYzU5YjM1ZWU5N2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoW3gV5SRtwcSah+qg3h8Vsr9nF9y
YFKGve/JU3qyrEIWP2gKnOwFJ/g7cV2rE263M7vav5Q5F2bnRPPJNjJ58SF79Rcy
QhkTAg0U+wzCGJVXgB+XTCkxFtoq51enhGj/ZKuaIik12gMLOyCRYur0IG7yFjcl
6LZi+IazinewZcVXg2kbeO523BxG3oy9DiXUmOX7Zu2BnPS58WPUq8ghIrcvA+lT
Fby6mMv+QaGQRrtjk7IP7RDrssq9l8lzRBLJuiP1uesWHZGUxkjbtANvVMzHUs9k
yt0Vl2EoxwR78Lt4o3QOU6HTj5R6phvDfU4At20skM26ZiaU8HccAalNrQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD6KSUa9lOxSdIORMgVhxZs17pfqMB8GA1UdIwQY
MBaAFKebuigFqYiVTk/sQlcFMPFvnnCTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMt
ZTFlZDlkZDJhMDJhLzEvUG9wSlJyMlU3RkowZzVFeUJXSEZtelh1bC1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMtZTFlZDlkZDJhMDJh
LzEvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAFN4CEB
MA0GCSqGSIb3DQEBCwUAA4IBAQBOgAhVxtz8XJS6ZUQcjRpo+sHzziCb9Juv1LS+
A8skYz9FHY4l1VJLEg+XEVKVp3NKXoBdAZ+rvkGL5hWREq3ik0WeRjGcyuNctZkJ
q8IRX1Hp0uxvHWY+QezP43frIITf1M+hCg5sYLsPjq7pTZ3DYEtRboqqJXaevsL8
uV+k60fxA4zR/1DRMbDLXWivni3AQmDZvjTahC9f1CY+E8QITyW5YvHCLntrADTo
mLTsKpvxS53u1ldwnu6KZ7DT770YZczujnv5o22IdczfOsHwZv6Imm14EP0fDFNK
/M4MxjJ/o/TP1LanG+HP7Vuhy39LVTeA61rsKw6jvOs0kEaq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:51 2024 by rpki-client on console-fra.rpki-client.org