Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/482101-ac94-4f0b-9309-3e18ee6b4a5a/1/JPZnl4RPCJd3KUfijsvWMbJOad8.roa
File:                     JPZnl4RPCJd3KUfijsvWMbJOad8.roa (raw, json)
Hash identifier:          FpOqI/mb7PKWUsW3kfvNMU8/5VIAPFAuKeDTbEcJuPY=
Subject key identifier:   24:F6:67:97:84:4F:08:97:77:29:47:E2:8E:CB:D6:31:B2:4E:69:DF
Certificate issuer:       /CN=92f7d213fa13708e3200184ff1bc391577cc252f
Certificate serial:       018C4082FB1F1296BD6EC3849DCBD01B4473
Authority key identifier: 92:F7:D2:13:FA:13:70:8E:32:00:18:4F:F1:BC:39:15:77:CC:25:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kvfSE_oTcI4yABhP8bw5FXfMJS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/482101-ac94-4f0b-9309-3e18ee6b4a5a/1/JPZnl4RPCJd3KUfijsvWMbJOad8.roa
Signing time:             Wed 06 Dec 2023 19:02:54 +0000
ROA not before:           Wed 06 Dec 2023 19:02:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     133944
IP address blocks:        2a12:f180::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:40:82:fb:1f:12:96:bd:6e:c3:84:9d:cb:d0:1b:44:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92f7d213fa13708e3200184ff1bc391577cc252f
        Validity
            Not Before: Dec  6 19:02:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=24f66797844f0897772947e28ecbd631b24e69df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:61:6d:77:b3:17:45:2d:67:c2:c8:70:10:78:
                    ce:eb:e5:29:af:83:8f:de:dc:8c:53:ce:0f:57:9e:
                    99:30:ef:29:b4:2f:43:e1:82:d9:2d:09:6a:de:cb:
                    9c:33:5a:cf:27:0d:f8:5d:cb:60:c4:c2:2d:88:6f:
                    02:f0:97:74:db:39:ad:9d:cb:a5:a6:66:f3:cf:80:
                    19:67:dc:90:57:52:ab:3f:97:c7:12:2a:bc:09:5e:
                    47:b9:d7:57:92:f8:a4:54:db:c4:bb:49:ea:0f:16:
                    0d:91:04:0c:18:e9:1c:12:74:a8:e3:c6:0a:0f:b4:
                    f7:c6:62:3c:af:82:37:ed:6e:e8:5f:f9:c9:89:26:
                    a9:7e:7c:29:71:2f:bc:ba:b4:2f:93:49:b4:c3:c2:
                    76:db:67:2d:38:48:56:92:f4:c2:a4:44:7b:01:4d:
                    d7:92:ad:92:2d:cb:6d:7f:8a:af:ad:cb:bb:44:e7:
                    d6:a2:54:d0:b8:9e:24:00:40:db:60:c6:e5:f2:a2:
                    b6:7e:f3:46:6c:97:41:b5:0e:e5:4e:c6:3a:2d:06:
                    ee:b8:19:7a:a1:41:bc:46:3f:2b:31:b6:69:9c:63:
                    16:ab:f5:73:75:83:46:c8:ce:8d:ce:43:c9:d7:71:
                    e7:4c:c7:a4:4d:39:ef:a7:8b:d0:3c:63:f1:37:26:
                    7d:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:F6:67:97:84:4F:08:97:77:29:47:E2:8E:CB:D6:31:B2:4E:69:DF
            X509v3 Authority Key Identifier:
                keyid:92:F7:D2:13:FA:13:70:8E:32:00:18:4F:F1:BC:39:15:77:CC:25:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvfSE_oTcI4yABhP8bw5FXfMJS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/482101-ac94-4f0b-9309-3e18ee6b4a5a/1/JPZnl4RPCJd3KUfijsvWMbJOad8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/482101-ac94-4f0b-9309-3e18ee6b4a5a/1/kvfSE_oTcI4yABhP8bw5FXfMJS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:f180::/29

    Signature Algorithm: sha256WithRSAEncryption
         16:d4:b6:e5:3c:90:db:5d:36:da:e5:ec:91:a7:bc:21:1a:db:
         4c:18:0f:08:e0:58:b6:41:6d:aa:df:5a:e7:6f:2b:7c:4f:73:
         ed:ca:18:b6:92:ff:79:ee:3b:b6:a1:01:fd:d7:8a:14:24:7b:
         f5:9c:89:45:a2:d8:74:dc:60:3b:cc:91:3d:22:16:22:f7:b3:
         7f:67:08:7a:f3:2f:6e:4c:75:60:7d:53:ca:29:df:da:77:12:
         4d:04:b7:a0:c8:33:03:a1:57:3a:d4:92:7e:40:15:8e:20:d9:
         a4:c4:42:d2:37:aa:9a:16:d5:81:5b:a1:2e:d9:47:67:bf:21:
         4e:3f:98:00:54:da:58:6a:d1:c4:ec:7d:5d:25:34:5e:e3:e0:
         4e:be:1c:ec:6c:3b:a8:30:88:86:b5:71:7b:fa:15:b3:a2:2a:
         49:23:cf:8d:16:96:42:82:c4:68:3c:58:1d:5e:0c:c8:a2:fb:
         55:c8:d9:81:56:f6:24:9e:29:09:0a:f0:71:b6:c1:d9:f5:58:
         97:a8:63:cd:90:f6:77:51:c9:7d:37:71:9b:ea:6b:d6:b4:49:
         e0:31:2a:61:01:fa:ac:99:35:4d:eb:f2:30:39:cd:25:8a:b8:
         8a:1c:6f:73:85:5d:09:e0:70:d9:ea:1f:65:f1:7f:b6:81:a2:
         02:bb:f0:38
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYxAgvsfEpa9bsOEncvQG0RzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZjdkMjEzZmExMzcwOGUzMjAwMTg0ZmYxYmMzOTE1Nzdj
YzI1MmYwHhcNMjMxMjA2MTkwMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGY2Njc5Nzg0NGYwODk3NzcyOTQ3ZTI4ZWNiZDYzMWIyNGU2OWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2Ftd7MXRS1nwshwEHjO6+Upr4OP
3tyMU84PV56ZMO8ptC9D4YLZLQlq3sucM1rPJw34XctgxMItiG8C8Jd02zmtncul
pmbzz4AZZ9yQV1KrP5fHEiq8CV5HuddXkvikVNvEu0nqDxYNkQQMGOkcEnSo48YK
D7T3xmI8r4I37W7oX/nJiSapfnwpcS+8urQvk0m0w8J222ctOEhWkvTCpER7AU3X
kq2SLcttf4qvrcu7ROfWolTQuJ4kAEDbYMbl8qK2fvNGbJdBtQ7lTsY6LQbuuBl6
oUG8Rj8rMbZpnGMWq/VzdYNGyM6NzkPJ13HnTMekTTnvp4vQPGPxNyZ9dwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCT2Z5eETwiXdylH4o7L1jGyTmnfMB8GA1UdIwQY
MBaAFJL30hP6E3COMgAYT/G8ORV3zCUvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3ZmU0Vfb1RjSTR5QUJoUDhidzVGWGZNSlM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi80ODIxMDEtYWM5NC00ZjBiLTkzMDkt
M2UxOGVlNmI0YTVhLzEvSlBabmw0UlBDSmQzS1VmaWpzdldNYkpPYWQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi80ODIxMDEtYWM5NC00ZjBiLTkzMDktM2UxOGVlNmI0YTVh
LzEva3ZmU0Vfb1RjSTR5QUJoUDhidzVGWGZNSlM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhLxgDAN
BgkqhkiG9w0BAQsFAAOCAQEAFtS25TyQ21022uXskae8IRrbTBgPCOBYtkFtqt9a
528rfE9z7coYtpL/ee47tqEB/deKFCR79ZyJRaLYdNxgO8yRPSIWIvezf2cIevMv
bkx1YH1Tyinf2ncSTQS3oMgzA6FXOtSSfkAVjiDZpMRC0jeqmhbVgVuhLtlHZ78h
Tj+YAFTaWGrRxOx9XSU0XuPgTr4c7Gw7qDCIhrVxe/oVs6IqSSPPjRaWQoLEaDxY
HV4MyKL7VcjZgVb2JJ4pCQrwcbbB2fVYl6hjzZD2d1HJfTdxm+pr1rRJ4DEqYQH6
rJk1TevyMDnNJYq4ihxvc4VdCeBw2eofZfF/toGiArvwOA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:47 2024 by rpki-client on console-ams.rpki-client.org