Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/37eab0-7f53-4b62-b5d4-78006e078171/1/MO43qsKMz_hq2LkQyEFCHXwvJAI.roa
File:                     MO43qsKMz_hq2LkQyEFCHXwvJAI.roa (raw, json)
Hash identifier:          xp8sxA8O3bAbhOL76usTIs8De36JVPy/xVkm4MR96vs=
Subject key identifier:   30:EE:37:AA:C2:8C:CF:F8:6A:D8:B9:10:C8:41:42:1D:7C:2F:24:02
Certificate issuer:       /CN=e69f2b69f4a95a521e18fb33e6793f467e031bc1
Certificate serial:       0187C8D2F644F8F7E9439DEFD63ADC68DCA0
Authority key identifier: E6:9F:2B:69:F4:A9:5A:52:1E:18:FB:33:E6:79:3F:46:7E:03:1B:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5p8rafSpWlIeGPsz5nk_Rn4DG8E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/37eab0-7f53-4b62-b5d4-78006e078171/1/MO43qsKMz_hq2LkQyEFCHXwvJAI.roa
Signing time:             Fri 28 Apr 2023 17:04:41 +0000
ROA not before:           Fri 28 Apr 2023 17:04:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210644
IP address blocks:        2a12:5940::/32 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:c8:d2:f6:44:f8:f7:e9:43:9d:ef:d6:3a:dc:68:dc:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e69f2b69f4a95a521e18fb33e6793f467e031bc1
        Validity
            Not Before: Apr 28 17:04:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=30ee37aac28ccff86ad8b910c841421d7c2f2402
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:81:c4:57:d8:9b:b0:e6:a6:8c:fe:8d:a7:cf:
                    26:7e:a8:39:25:f2:a5:e5:16:cf:7b:f3:97:b6:17:
                    d2:7e:27:53:7b:65:c4:14:10:94:fd:0a:92:ee:9d:
                    fa:45:41:ea:1d:15:33:2f:a1:36:2c:99:1c:90:fb:
                    64:41:fe:c8:88:12:f8:46:2e:d0:82:b8:29:d5:b5:
                    85:c5:50:3e:9b:0f:a9:b3:06:d0:c4:e3:a5:c5:ff:
                    3c:ca:63:eb:3c:47:68:42:0c:86:5e:6d:9d:f5:26:
                    6d:2d:90:17:4c:eb:72:99:eb:26:fb:b1:35:05:6d:
                    4c:0e:7a:0e:d5:e5:e0:8b:09:36:bd:6e:8c:25:b9:
                    f7:78:12:09:3a:7f:37:7f:3f:66:57:c1:fa:1b:96:
                    02:fa:99:84:f2:0c:01:9d:bf:5e:d1:7b:5a:0a:5a:
                    1a:4a:b9:b0:eb:15:be:a5:0d:ed:08:d8:ff:7e:bc:
                    1b:b1:0a:32:b8:78:56:ef:1a:14:03:9b:e6:03:b5:
                    fb:7c:ad:6b:e7:14:67:06:4a:aa:1e:a1:cc:41:2c:
                    34:3d:ca:a4:b7:6d:e9:14:62:83:03:b4:b9:80:76:
                    96:89:c3:55:10:7f:63:84:ca:49:e2:85:2a:86:61:
                    a1:9c:86:dd:ee:93:99:03:77:66:68:b1:56:27:88:
                    32:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:EE:37:AA:C2:8C:CF:F8:6A:D8:B9:10:C8:41:42:1D:7C:2F:24:02
            X509v3 Authority Key Identifier:
                keyid:E6:9F:2B:69:F4:A9:5A:52:1E:18:FB:33:E6:79:3F:46:7E:03:1B:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5p8rafSpWlIeGPsz5nk_Rn4DG8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/37eab0-7f53-4b62-b5d4-78006e078171/1/MO43qsKMz_hq2LkQyEFCHXwvJAI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/37eab0-7f53-4b62-b5d4-78006e078171/1/5p8rafSpWlIeGPsz5nk_Rn4DG8E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:5940::/32

    Signature Algorithm: sha256WithRSAEncryption
         55:b2:06:d7:57:f5:5d:1b:f6:c5:e4:79:a4:36:94:f0:f9:34:
         73:f2:aa:38:88:8a:80:a8:81:e8:98:63:eb:a6:a3:a6:c9:52:
         83:99:92:49:33:4c:f9:19:e0:87:8c:7c:28:ae:57:ea:8a:0b:
         33:9a:8e:56:ca:de:e6:1c:c2:a2:55:b6:0c:a1:b1:31:64:89:
         36:58:82:bc:4c:30:ee:d8:64:ed:01:c3:ce:36:68:ec:83:3f:
         31:e7:78:02:ec:20:b2:e0:d2:b9:3f:e9:4a:a0:28:46:22:34:
         1f:5e:99:3f:d7:99:e3:09:78:58:c9:95:5d:0f:7a:e7:62:02:
         e6:6d:52:9d:5f:38:ce:d7:89:2e:58:fc:10:00:c7:10:9a:1d:
         68:38:a5:42:7a:22:ce:9c:2d:5c:54:d8:3d:a0:f1:71:f6:75:
         04:db:c9:f5:42:c0:23:c0:43:c1:a8:33:ad:59:9b:8a:60:ad:
         e8:80:56:b0:e3:8b:fe:f2:53:e0:9c:72:3c:d8:00:01:8d:93:
         01:e1:57:e7:f7:32:14:58:57:9f:24:f8:9d:44:a5:d1:66:f0:
         89:a7:f8:c2:ed:e4:45:20:3d:0a:00:31:d7:f8:36:0f:c0:a0:
         73:dc:af:e4:ba:f3:47:df:ee:b4:2c:83:43:9f:dc:24:5f:7e:
         0d:86:27:83
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYfI0vZE+PfpQ53v1jrcaNygMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2OWYyYjY5ZjRhOTVhNTIxZTE4ZmIzM2U2NzkzZjQ2N2Uw
MzFiYzEwHhcNMjMwNDI4MTcwNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGVlMzdhYWMyOGNjZmY4NmFkOGI5MTBjODQxNDIxZDdjMmYyNDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IHEV9ibsOamjP6Np88mfqg5JfKl
5RbPe/OXthfSfidTe2XEFBCU/QqS7p36RUHqHRUzL6E2LJkckPtkQf7IiBL4Ri7Q
grgp1bWFxVA+mw+pswbQxOOlxf88ymPrPEdoQgyGXm2d9SZtLZAXTOtymesm+7E1
BW1MDnoO1eXgiwk2vW6MJbn3eBIJOn83fz9mV8H6G5YC+pmE8gwBnb9e0XtaCloa
Srmw6xW+pQ3tCNj/frwbsQoyuHhW7xoUA5vmA7X7fK1r5xRnBkqqHqHMQSw0Pcqk
t23pFGKDA7S5gHaWicNVEH9jhMpJ4oUqhmGhnIbd7pOZA3dmaLFWJ4gyNQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDDuN6rCjM/4ati5EMhBQh18LyQCMB8GA1UdIwQY
MBaAFOafK2n0qVpSHhj7M+Z5P0Z+AxvBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXA4cmFmU3BXbEllR1BzejVua19SbjRERzhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8zN2VhYjAtN2Y1My00YjYyLWI1ZDQt
NzgwMDZlMDc4MTcxLzEvTU80M3FzS016X2hxMkxrUXlFRkNIWHd2SkFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8zN2VhYjAtN2Y1My00YjYyLWI1ZDQtNzgwMDZlMDc4MTcx
LzEvNXA4cmFmU3BXbEllR1BzejVua19SbjRERzhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhJZQDAN
BgkqhkiG9w0BAQsFAAOCAQEAVbIG11f1XRv2xeR5pDaU8Pk0c/KqOIiKgKiB6Jhj
66ajpslSg5mSSTNM+Rngh4x8KK5X6ooLM5qOVsre5hzColW2DKGxMWSJNliCvEww
7thk7QHDzjZo7IM/Med4AuwgsuDSuT/pSqAoRiI0H16ZP9eZ4wl4WMmVXQ9652IC
5m1SnV84zteJLlj8EADHEJodaDilQnoizpwtXFTYPaDxcfZ1BNvJ9ULAI8BDwagz
rVmbimCt6IBWsOOL/vJT4JxyPNgAAY2TAeFX5/cyFFhXnyT4nUSl0Wbwiaf4wu3k
RSA9CgAx1/g2D8Cgc9yv5LrzR9/utCyDQ5/cJF9+DYYngw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:54 2024 by rpki-client on console-fra.rpki-client.org