Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/f6c862-af8b-43f3-98ad-44241fec1a9f/1/4h7soeijUwxLGwooiuM32a_1o-Y.roa
File:                     4h7soeijUwxLGwooiuM32a_1o-Y.roa (raw, json)
Hash identifier:          xMoKs9rReEs0gEtA+RMToM3J6UuBgignoYtgokFH2w0=
Subject key identifier:   E2:1E:EC:A1:E8:A3:53:0C:4B:1B:0A:28:8A:E3:37:D9:AF:F5:A3:E6
Certificate issuer:       /CN=6a8b5a374f146d7b6a6dc7d316e8ebb12deea670
Certificate serial:       01857142E7013A21ED25147BE79FB2184F45
Authority key identifier: 6A:8B:5A:37:4F:14:6D:7B:6A:6D:C7:D3:16:E8:EB:B1:2D:EE:A6:70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aotaN08UbXtqbcfTFujrsS3upnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/f6c862-af8b-43f3-98ad-44241fec1a9f/1/4h7soeijUwxLGwooiuM32a_1o-Y.roa
Signing time:             Mon 02 Jan 2023 06:54:47 +0000
ROA not before:           Mon 02 Jan 2023 06:54:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212238
IP address blocks:        2a12:8dc0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 05 Jun 2023 16:53:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:42:e7:01:3a:21:ed:25:14:7b:e7:9f:b2:18:4f:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a8b5a374f146d7b6a6dc7d316e8ebb12deea670
        Validity
            Not Before: Jan  2 06:54:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e21eeca1e8a3530c4b1b0a288ae337d9aff5a3e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:da:07:31:58:01:a4:8f:d4:8f:81:bd:41:3e:
                    92:e1:6f:30:ee:81:93:96:2f:42:4d:f2:a6:fe:74:
                    5f:48:3d:1a:10:62:8d:c8:8a:98:38:91:e8:77:3a:
                    c6:b6:b2:5a:ea:cf:dd:21:b0:3e:d0:1b:e7:9b:ee:
                    d6:42:90:e9:48:0a:90:b6:cd:21:d5:db:c5:fc:6b:
                    94:95:e3:c9:44:b4:ee:c3:34:68:39:f7:ec:c4:af:
                    b2:1c:49:2e:5b:b8:de:d6:4b:b8:db:99:fc:3f:de:
                    95:ab:7d:cd:3d:6b:ba:2f:82:67:e0:92:53:ed:e2:
                    02:24:5f:c8:54:ba:b8:41:11:5f:39:13:2e:a5:c0:
                    ae:3b:3b:06:21:ef:39:2d:52:24:9f:eb:1d:53:35:
                    4c:55:27:43:b5:41:78:4f:16:d6:71:cc:06:8b:59:
                    f0:98:04:94:01:30:cb:1b:32:bd:c6:3c:3d:58:24:
                    11:4a:27:ce:1b:62:ce:fb:80:f5:50:56:9d:35:84:
                    4e:a0:1e:e7:13:fa:f4:ee:04:a0:6c:9b:29:6d:f8:
                    aa:ff:b8:f9:26:8c:f6:f7:25:8a:2a:cb:e0:e6:d2:
                    f1:d3:9a:96:98:cc:d5:0e:b2:db:3d:95:98:7f:a7:
                    fa:f4:86:64:0c:9a:62:8e:a5:aa:a8:e5:cf:10:a5:
                    56:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:1E:EC:A1:E8:A3:53:0C:4B:1B:0A:28:8A:E3:37:D9:AF:F5:A3:E6
            X509v3 Authority Key Identifier:
                keyid:6A:8B:5A:37:4F:14:6D:7B:6A:6D:C7:D3:16:E8:EB:B1:2D:EE:A6:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aotaN08UbXtqbcfTFujrsS3upnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f6c862-af8b-43f3-98ad-44241fec1a9f/1/4h7soeijUwxLGwooiuM32a_1o-Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f6c862-af8b-43f3-98ad-44241fec1a9f/1/aotaN08UbXtqbcfTFujrsS3upnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:8dc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         6b:0b:6c:e9:86:26:72:af:95:8a:da:46:d1:ab:bf:6f:78:a8:
         46:c0:01:20:f5:0b:95:ed:3e:42:9f:c5:61:82:8a:c3:91:d7:
         22:75:ba:1f:9b:2d:73:49:ce:51:6c:fe:9f:66:a3:86:e8:98:
         84:7d:0d:4b:87:3f:62:35:bf:4f:40:b2:33:cd:5c:6e:15:63:
         0b:04:4f:c5:02:0b:60:cd:fe:f2:77:60:88:52:95:6f:50:4a:
         a3:75:08:00:3b:25:48:ac:e0:c8:e2:a2:fa:08:00:83:ca:96:
         57:1e:8d:59:e7:98:c8:52:52:82:99:23:c5:70:86:a1:b1:f0:
         e3:52:33:63:aa:f8:dc:2c:ae:06:40:b6:03:3d:c2:34:8e:14:
         92:09:bf:b5:bf:c5:62:36:6a:29:d0:10:02:34:f0:10:d4:fe:
         7a:ff:2d:95:8e:d1:c2:7c:7c:78:de:82:59:72:4e:f4:29:9c:
         58:c3:ad:d9:0a:ec:fc:b5:c8:14:61:9a:ca:2d:9a:fe:77:28:
         38:06:3c:24:f1:de:4f:be:0f:95:af:fd:9c:4e:6c:23:5b:e0:
         0a:07:83:5d:e5:a0:78:65:1f:20:5d:6c:8b:bf:42:2a:36:e8:
         1d:d2:f1:e2:0f:f1:83:e5:f5:63:7a:d2:cc:3e:51:03:b2:ea:
         52:2b:f1:18
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxQucBOiHtJRR755+yGE9FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOGI1YTM3NGYxNDZkN2I2YTZkYzdkMzE2ZThlYmIxMmRl
ZWE2NzAwHhcNMjMwMTAyMDY1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjFlZWNhMWU4YTM1MzBjNGIxYjBhMjg4YWUzMzdkOWFmZjVhM2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydoHMVgBpI/Uj4G9QT6S4W8w7oGT
li9CTfKm/nRfSD0aEGKNyIqYOJHodzrGtrJa6s/dIbA+0Bvnm+7WQpDpSAqQts0h
1dvF/GuUlePJRLTuwzRoOffsxK+yHEkuW7je1ku425n8P96Vq33NPWu6L4Jn4JJT
7eICJF/IVLq4QRFfORMupcCuOzsGIe85LVIkn+sdUzVMVSdDtUF4TxbWccwGi1nw
mASUATDLGzK9xjw9WCQRSifOG2LO+4D1UFadNYROoB7nE/r07gSgbJspbfiq/7j5
Joz29yWKKsvg5tLx05qWmMzVDrLbPZWYf6f69IZkDJpijqWqqOXPEKVWoQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOIe7KHoo1MMSxsKKIrjN9mv9aPmMB8GA1UdIwQY
MBaAFGqLWjdPFG17am3H0xbo67Et7qZwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW90YU4wOFViWHRxYmNmVEZ1anJzUzN1cG5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9mNmM4NjItYWY4Yi00M2YzLTk4YWQt
NDQyNDFmZWMxYTlmLzEvNGg3c29laWpVd3hMR3dvb2l1TTMyYV8xby1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9mNmM4NjItYWY4Yi00M2YzLTk4YWQtNDQyNDFmZWMxYTlm
LzEvYW90YU4wOFViWHRxYmNmVEZ1anJzUzN1cG5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhKNwDAN
BgkqhkiG9w0BAQsFAAOCAQEAawts6YYmcq+VitpG0au/b3ioRsABIPULle0+Qp/F
YYKKw5HXInW6H5stc0nOUWz+n2ajhuiYhH0NS4c/YjW/T0CyM81cbhVjCwRPxQIL
YM3+8ndgiFKVb1BKo3UIADslSKzgyOKi+ggAg8qWVx6NWeeYyFJSgpkjxXCGobHw
41IzY6r43CyuBkC2Az3CNI4Ukgm/tb/FYjZqKdAQAjTwENT+ev8tlY7Rwnx8eN6C
WXJO9CmcWMOt2Qrs/LXIFGGayi2a/ncoOAY8JPHeT74Pla/9nE5sI1vgCgeDXeWg
eGUfIF1si79CKjboHdLx4g/xg+X1Y3rSzD5RA7LqUivxGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:31 2024 by rpki-client on console-fra.rpki-client.org