Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/f6c862-af8b-43f3-98ad-44241fec1a9f/1/cd_CQaGc3x_WAA4jSH23kYAwpEw.roa
File:                     cd_CQaGc3x_WAA4jSH23kYAwpEw.roa (raw, json)
Hash identifier:          ytiTgGC/92eH9u5yLHNzStOJ2jdgxTeu5nzvvHNpvcs=
Subject key identifier:   71:DF:C2:41:A1:9C:DF:1F:D6:00:0E:23:48:7D:B7:91:80:30:A4:4C
Certificate issuer:       /CN=6a8b5a374f146d7b6a6dc7d316e8ebb12deea670
Certificate serial:       018CC26D016E5043DC7AD24042B41D3AA1A4
Authority key identifier: 6A:8B:5A:37:4F:14:6D:7B:6A:6D:C7:D3:16:E8:EB:B1:2D:EE:A6:70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aotaN08UbXtqbcfTFujrsS3upnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/f6c862-af8b-43f3-98ad-44241fec1a9f/1/cd_CQaGc3x_WAA4jSH23kYAwpEw.roa
Signing time:             Mon 01 Jan 2024 00:29:32 +0000
ROA not before:           Mon 01 Jan 2024 00:29:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212238
IP address blocks:        2a12:1780::/29 maxlen: 29
                          2a12:8dc0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Thu 15 Feb 2024 17:48:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:01:6e:50:43:dc:7a:d2:40:42:b4:1d:3a:a1:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a8b5a374f146d7b6a6dc7d316e8ebb12deea670
        Validity
            Not Before: Jan  1 00:29:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=71dfc241a19cdf1fd6000e23487db7918030a44c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:d9:70:e0:d0:b0:4b:7e:30:55:71:9e:42:50:
                    e4:0f:f5:ff:ba:92:1d:87:51:7c:7b:8a:df:24:98:
                    ea:1c:12:66:34:ad:4b:b8:00:06:4e:14:19:75:bb:
                    31:97:b6:c7:44:9b:b1:02:2a:52:51:76:77:08:3d:
                    e3:36:45:a8:44:8d:17:e2:f6:09:29:8b:88:c3:c4:
                    a8:52:37:4e:18:b5:4c:07:7d:97:32:4f:65:48:23:
                    e3:80:68:61:27:8e:f4:d8:2c:9a:95:b4:ed:91:13:
                    91:2d:f2:e8:d1:83:b7:9d:f8:6f:28:86:59:61:7d:
                    1b:fe:d4:ce:cb:06:ac:45:9a:69:5e:c3:65:98:88:
                    78:50:7b:c7:b6:47:62:32:68:a8:d4:82:cb:2f:61:
                    15:40:07:92:ae:dd:28:78:72:6e:90:9b:93:fe:e5:
                    be:a8:e2:fc:30:02:7b:58:1a:0b:5d:5a:ff:8a:0f:
                    42:ed:a1:f7:3c:26:81:6d:07:d6:1b:8f:f0:20:9b:
                    3d:9b:50:18:9c:61:f0:56:c7:54:e6:5d:1b:60:ba:
                    fc:2a:43:89:fc:be:b0:a1:84:c6:10:25:37:b4:db:
                    77:79:b8:10:fa:de:05:ca:81:92:6f:25:01:c3:f2:
                    d3:ca:2b:5d:e9:b5:c7:9b:c2:2b:94:9a:e6:0c:37:
                    fa:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:DF:C2:41:A1:9C:DF:1F:D6:00:0E:23:48:7D:B7:91:80:30:A4:4C
            X509v3 Authority Key Identifier:
                keyid:6A:8B:5A:37:4F:14:6D:7B:6A:6D:C7:D3:16:E8:EB:B1:2D:EE:A6:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aotaN08UbXtqbcfTFujrsS3upnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f6c862-af8b-43f3-98ad-44241fec1a9f/1/cd_CQaGc3x_WAA4jSH23kYAwpEw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f6c862-af8b-43f3-98ad-44241fec1a9f/1/aotaN08UbXtqbcfTFujrsS3upnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:1780::/29
                  2a12:8dc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         a8:3a:7a:3f:86:a5:de:ad:fe:7b:01:ac:97:34:85:76:07:8a:
         b0:40:5e:40:d8:1a:eb:4b:c6:d7:01:34:a3:17:4e:bf:85:47:
         5e:8a:99:d3:02:2f:9a:aa:e9:ae:8a:67:e0:b7:76:96:4f:ba:
         d8:3c:ec:06:42:9e:13:dc:7b:ab:31:29:ff:fc:d7:d6:b7:6f:
         64:8e:66:87:0c:e0:c0:cb:09:b2:b4:1e:a5:11:7c:f3:ec:2d:
         9e:a1:66:06:8c:d4:fc:b2:8c:14:dd:de:46:d8:61:f7:54:06:
         01:a6:c1:c4:b3:aa:35:21:8e:ff:4e:51:59:fd:30:e1:fc:62:
         dd:df:3e:fe:48:fb:9e:42:67:f9:ef:4a:82:86:dd:9e:49:88:
         92:26:96:c6:6f:0c:ec:1f:31:19:91:c4:35:a2:78:76:1c:09:
         b0:01:30:e5:c8:3f:fe:68:69:86:98:2f:a5:79:66:90:79:1a:
         17:1e:47:d8:cf:e6:63:d6:15:3c:e7:61:99:56:45:05:06:fa:
         6b:35:94:04:cb:7c:f6:ca:5f:cb:b6:79:c4:c6:7a:f7:5e:ce:
         c6:c4:94:da:83:35:a0:d6:08:be:96:02:16:8a:bb:74:54:85:
         f1:2f:01:7e:b1:60:45:76:e4:3a:93:80:be:87:34:f2:5f:15:
         38:eb:ef:26
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzCbQFuUEPcetJAQrQdOqGkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOGI1YTM3NGYxNDZkN2I2YTZkYzdkMzE2ZThlYmIxMmRl
ZWE2NzAwHhcNMjQwMTAxMDAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWRmYzI0MWExOWNkZjFmZDYwMDBlMjM0ODdkYjc5MTgwMzBhNDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Nlw4NCwS34wVXGeQlDkD/X/upId
h1F8e4rfJJjqHBJmNK1LuAAGThQZdbsxl7bHRJuxAipSUXZ3CD3jNkWoRI0X4vYJ
KYuIw8SoUjdOGLVMB32XMk9lSCPjgGhhJ4702CyalbTtkRORLfLo0YO3nfhvKIZZ
YX0b/tTOywasRZppXsNlmIh4UHvHtkdiMmio1ILLL2EVQAeSrt0oeHJukJuT/uW+
qOL8MAJ7WBoLXVr/ig9C7aH3PCaBbQfWG4/wIJs9m1AYnGHwVsdU5l0bYLr8KkOJ
/L6woYTGECU3tNt3ebgQ+t4FyoGSbyUBw/LTyitd6bXHm8IrlJrmDDf6DQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHHfwkGhnN8f1gAOI0h9t5GAMKRMMB8GA1UdIwQY
MBaAFGqLWjdPFG17am3H0xbo67Et7qZwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW90YU4wOFViWHRxYmNmVEZ1anJzUzN1cG5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9mNmM4NjItYWY4Yi00M2YzLTk4YWQt
NDQyNDFmZWMxYTlmLzEvY2RfQ1FhR2MzeF9XQUE0alNIMjNrWUF3cEV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9mNmM4NjItYWY4Yi00M2YzLTk4YWQtNDQyNDFmZWMxYTlm
LzEvYW90YU4wOFViWHRxYmNmVEZ1anJzUzN1cG5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhIXgAMF
AyoSjcAwDQYJKoZIhvcNAQELBQADggEBAKg6ej+Gpd6t/nsBrJc0hXYHirBAXkDY
GutLxtcBNKMXTr+FR16KmdMCL5qq6a6KZ+C3dpZPutg87AZCnhPce6sxKf/819a3
b2SOZocM4MDLCbK0HqURfPPsLZ6hZgaM1PyyjBTd3kbYYfdUBgGmwcSzqjUhjv9O
UVn9MOH8Yt3fPv5I+55CZ/nvSoKG3Z5JiJImlsZvDOwfMRmRxDWieHYcCbABMOXI
P/5oaYaYL6V5ZpB5GhceR9jP5mPWFTznYZlWRQUG+ms1lATLfPbKX8u2ecTGevde
zsbElNqDNaDWCL6WAhaKu3RUhfEvAX6xYEV25DqTgL6HNPJfFTjr7yY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:18 2024 by rpki-client on console-ams.rpki-client.org