Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/37eab0-7f53-4b62-b5d4-78006e078171/1/Xp3CBJFhbnr_v2Ip98E5Wf035xo.roa
File:                     Xp3CBJFhbnr_v2Ip98E5Wf035xo.roa (raw, json)
Hash identifier:          nQRUONWj6tgfc1dfDRthlA7uSRT43CckDKQbpfapUW8=
Subject key identifier:   5E:9D:C2:04:91:61:6E:7A:FF:BF:62:29:F7:C1:39:59:FD:37:E7:1A
Certificate issuer:       /CN=e69f2b69f4a95a521e18fb33e6793f467e031bc1
Certificate serial:       018CC86EF3246D7E8F82718FF3922C02CBCD
Authority key identifier: E6:9F:2B:69:F4:A9:5A:52:1E:18:FB:33:E6:79:3F:46:7E:03:1B:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5p8rafSpWlIeGPsz5nk_Rn4DG8E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/37eab0-7f53-4b62-b5d4-78006e078171/1/Xp3CBJFhbnr_v2Ip98E5Wf035xo.roa
Signing time:             Tue 02 Jan 2024 04:29:23 +0000
ROA not before:           Tue 02 Jan 2024 04:29:23 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210644
IP address blocks:        2a12:5940::/32 maxlen: 48

Validation:               Failed, certificate revoked on Thu 08 Aug 2024 12:49:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:6e:f3:24:6d:7e:8f:82:71:8f:f3:92:2c:02:cb:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e69f2b69f4a95a521e18fb33e6793f467e031bc1
        Validity
            Not Before: Jan  2 04:29:23 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5e9dc20491616e7affbf6229f7c13959fd37e71a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:cd:62:26:6a:64:e6:7a:6b:44:94:4f:56:83:
                    bd:c7:c7:4f:42:62:a5:c1:ed:f7:c4:bd:30:9a:1b:
                    2c:2a:3a:d3:fc:ba:5b:10:88:05:04:b7:16:b9:1e:
                    6a:4b:a2:0d:56:3a:45:c6:f3:93:4a:27:fc:b6:c8:
                    56:94:21:56:f4:a9:9c:db:f0:4b:00:62:70:40:29:
                    bb:7c:ca:8b:6d:af:56:54:ca:d0:9a:da:f3:06:36:
                    44:73:fd:91:7a:c2:f2:6c:81:30:bd:e3:74:20:48:
                    74:72:aa:a3:c0:a9:65:0e:e3:c2:d0:4f:ff:97:34:
                    48:18:e1:8c:f9:c0:67:14:ef:e3:96:de:63:49:f7:
                    ac:81:f3:01:e7:d3:2a:1a:93:93:ad:d6:53:2a:12:
                    33:37:cb:e3:c9:01:b5:7c:a2:8e:31:77:65:8c:c6:
                    56:80:29:99:87:95:94:bd:fd:d9:41:1f:62:94:f1:
                    75:ee:d6:f0:a7:e1:22:2b:e5:09:bd:80:08:15:1c:
                    fe:17:63:4d:b6:12:24:0c:cc:4d:ba:01:0c:1a:99:
                    17:3c:d6:e3:58:f4:8c:12:b0:48:4c:23:c1:1a:55:
                    e9:5e:cd:96:ca:42:e0:ad:31:02:f7:77:cb:54:f6:
                    10:ac:3c:70:58:96:cf:e6:88:91:5b:41:8f:57:e0:
                    ed:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:9D:C2:04:91:61:6E:7A:FF:BF:62:29:F7:C1:39:59:FD:37:E7:1A
            X509v3 Authority Key Identifier:
                keyid:E6:9F:2B:69:F4:A9:5A:52:1E:18:FB:33:E6:79:3F:46:7E:03:1B:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5p8rafSpWlIeGPsz5nk_Rn4DG8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/37eab0-7f53-4b62-b5d4-78006e078171/1/Xp3CBJFhbnr_v2Ip98E5Wf035xo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/37eab0-7f53-4b62-b5d4-78006e078171/1/5p8rafSpWlIeGPsz5nk_Rn4DG8E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:5940::/32

    Signature Algorithm: sha256WithRSAEncryption
         21:d9:97:f6:8c:5c:59:0d:9a:4e:0a:a3:95:19:76:86:ee:00:
         c9:83:d6:03:7a:40:ce:10:06:79:73:6c:99:1a:dd:99:51:52:
         00:0d:b5:02:8e:8a:6e:76:2d:b5:22:1a:79:9e:d9:1d:7a:88:
         f7:63:fa:5f:92:b7:e0:2f:d7:bc:61:4d:0e:b5:77:c2:65:6b:
         03:ff:7e:12:b8:7a:21:c8:2c:be:ea:2b:24:2b:80:39:28:d0:
         44:f0:3c:15:e7:42:5e:bb:c7:4e:a1:3e:41:b8:eb:67:cc:d1:
         04:6b:4f:7b:fa:0a:e9:4e:62:91:e0:bd:22:b9:22:a3:60:2b:
         ff:e1:60:2c:d4:9a:0b:8c:a3:c4:d2:37:c9:ba:0e:99:e6:dc:
         68:f6:46:1a:29:1c:21:35:2a:78:dd:dc:d3:8b:ae:f9:c5:14:
         90:33:05:1d:c1:50:8d:44:a3:4f:fd:4d:49:95:2d:11:33:01:
         0c:80:f1:15:af:32:84:58:61:71:df:a5:a6:0d:6a:15:18:97:
         92:a4:91:6b:5a:b2:79:4e:53:c9:8a:58:ec:70:64:e3:c2:3a:
         6b:f2:ff:9c:a1:dd:55:2e:bc:d9:f5:32:38:77:93:58:f5:83:
         e8:32:38:aa:45:f7:2c:1d:76:fd:c6:a8:dc:4f:01:f0:dc:21:
         95:44:59:ed
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzIbvMkbX6PgnGP85IsAsvNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2OWYyYjY5ZjRhOTVhNTIxZTE4ZmIzM2U2NzkzZjQ2N2Uw
MzFiYzEwHhcNMjQwMTAyMDQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTlkYzIwNDkxNjE2ZTdhZmZiZjYyMjlmN2MxMzk1OWZkMzdlNzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvs1iJmpk5nprRJRPVoO9x8dPQmKl
we33xL0wmhssKjrT/LpbEIgFBLcWuR5qS6INVjpFxvOTSif8tshWlCFW9Kmc2/BL
AGJwQCm7fMqLba9WVMrQmtrzBjZEc/2ResLybIEwveN0IEh0cqqjwKllDuPC0E//
lzRIGOGM+cBnFO/jlt5jSfesgfMB59MqGpOTrdZTKhIzN8vjyQG1fKKOMXdljMZW
gCmZh5WUvf3ZQR9ilPF17tbwp+EiK+UJvYAIFRz+F2NNthIkDMxNugEMGpkXPNbj
WPSMErBITCPBGlXpXs2WykLgrTEC93fLVPYQrDxwWJbP5oiRW0GPV+Dt9wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFF6dwgSRYW56/79iKffBOVn9N+caMB8GA1UdIwQY
MBaAFOafK2n0qVpSHhj7M+Z5P0Z+AxvBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXA4cmFmU3BXbEllR1BzejVua19SbjRERzhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8zN2VhYjAtN2Y1My00YjYyLWI1ZDQt
NzgwMDZlMDc4MTcxLzEvWHAzQ0JKRmhibnJfdjJJcDk4RTVXZjAzNXhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8zN2VhYjAtN2Y1My00YjYyLWI1ZDQtNzgwMDZlMDc4MTcx
LzEvNXA4cmFmU3BXbEllR1BzejVua19SbjRERzhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhJZQDAN
BgkqhkiG9w0BAQsFAAOCAQEAIdmX9oxcWQ2aTgqjlRl2hu4AyYPWA3pAzhAGeXNs
mRrdmVFSAA21Ao6KbnYttSIaeZ7ZHXqI92P6X5K34C/XvGFNDrV3wmVrA/9+Erh6
IcgsvuorJCuAOSjQRPA8FedCXrvHTqE+QbjrZ8zRBGtPe/oK6U5ikeC9Irkio2Ar
/+FgLNSaC4yjxNI3yboOmebcaPZGGikcITUqeN3c04uu+cUUkDMFHcFQjUSjT/1N
SZUtETMBDIDxFa8yhFhhcd+lpg1qFRiXkqSRa1qyeU5TyYpY7HBk48I6a/L/nKHd
VS682fUyOHeTWPWD6DI4qkX3LB12/cao3E8B8NwhlURZ7Q==
-----END CERTIFICATE-----
Generated at Thu Aug 8 14:53:12 2024 by rpki-client on console-fra.rpki-client.org