Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/TuDvABoh5z7GXqPYA5Ii365SuTE.roa
File:                     TuDvABoh5z7GXqPYA5Ii365SuTE.roa (raw, json)
Hash identifier:          G16+A/Ll+kYAoBFRKmV+emlDsCKVKomWLrVA3E0WaBc=
Subject key identifier:   4E:E0:EF:00:1A:21:E7:3E:C6:5E:A3:D8:03:92:22:DF:AE:52:B9:31
Certificate issuer:       /CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Certificate serial:       01856F5DF53D94AAC873C55AF2CA0F5DC092
Authority key identifier: 65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/TuDvABoh5z7GXqPYA5Ii365SuTE.roa
Signing time:             Sun 01 Jan 2023 22:05:06 +0000
ROA not before:           Sun 01 Jan 2023 22:05:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197595
IP address blocks:        2a02:20c8:4750::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:5d:f5:3d:94:aa:c8:73:c5:5a:f2:ca:0f:5d:c0:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
        Validity
            Not Before: Jan  1 22:05:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4ee0ef001a21e73ec65ea3d8039222dfae52b931
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:98:62:62:d3:81:c5:c9:0f:35:f5:65:0b:7b:
                    09:ca:50:35:64:95:5a:d7:e4:68:a6:7e:bb:13:9b:
                    b6:82:6e:27:a4:d1:17:ce:f1:11:d4:3d:9d:29:06:
                    22:c6:42:65:53:20:3f:ab:9b:a6:d3:f0:b5:41:17:
                    af:ae:ef:43:21:42:63:b9:b8:ea:65:0a:bd:77:4e:
                    d0:d9:01:74:a6:a1:e9:37:8a:d3:48:1a:a0:83:01:
                    b3:b9:8d:57:88:6d:e6:80:c2:67:f0:3d:2a:72:3a:
                    03:2e:31:f9:6b:9d:02:ff:c1:ee:ef:8a:0e:cc:ff:
                    00:6e:e1:25:86:fb:ba:85:0e:d2:6b:bd:8f:c4:a1:
                    0b:b9:ac:f6:67:a1:f4:1a:4d:c8:58:87:23:0d:a9:
                    8d:51:8a:b0:e1:34:af:41:75:c1:0d:7b:21:b4:a6:
                    15:df:08:ed:1d:98:68:78:e7:63:91:3b:be:21:73:
                    29:23:ac:bf:03:f5:75:a7:a9:08:ca:55:53:15:d4:
                    cc:1b:b4:90:6a:fe:62:d0:c6:2a:fa:b0:3f:1d:12:
                    71:e8:61:ac:2a:d1:0b:6f:ef:db:7f:c8:2f:cb:2c:
                    10:5b:9a:08:35:b9:1d:58:0f:67:9c:f1:a3:b7:d1:
                    55:eb:f5:4f:06:fc:e5:c8:21:fc:a4:c1:93:40:71:
                    b4:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:E0:EF:00:1A:21:E7:3E:C6:5E:A3:D8:03:92:22:DF:AE:52:B9:31
            X509v3 Authority Key Identifier:
                keyid:65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/TuDvABoh5z7GXqPYA5Ii365SuTE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a02:20c8:4750::/48

    Signature Algorithm: sha256WithRSAEncryption
         1d:10:c1:dc:dd:bd:24:fd:4e:58:68:d5:81:14:61:20:25:e5:
         11:bf:9f:18:5c:95:8d:7b:9a:2f:93:a4:d9:b4:04:6c:51:59:
         e4:a8:82:83:26:39:b2:1e:36:d5:9b:5e:ef:12:f7:bb:3a:c7:
         d9:fc:2c:43:b4:d3:d8:b8:32:ba:14:ec:dc:54:4a:3e:19:6b:
         16:a3:ab:48:59:fb:32:5e:bc:70:a3:ca:cb:a5:e0:68:a7:ec:
         2d:27:fc:45:b0:d0:b6:28:57:79:2c:02:4b:ef:5a:cf:0e:7e:
         b6:e7:3d:86:8f:58:64:21:29:33:1e:c7:d2:c8:cc:aa:12:ec:
         00:b9:a6:fc:ca:26:67:83:c2:d7:0d:9a:3a:a8:b2:e0:79:76:
         6a:55:47:e8:db:fc:04:98:27:e8:df:e1:be:e4:e3:6e:9a:0d:
         45:34:28:71:da:22:46:4c:60:62:3b:d3:ee:97:1e:56:2c:90:
         ad:c3:ee:62:21:6a:01:64:23:62:4c:65:15:a3:00:8a:68:d4:
         09:e3:c8:81:7f:26:0a:27:bd:25:0c:a6:dd:79:41:a8:79:58:
         50:4b:22:47:c8:c1:ec:99:f7:98:a4:42:8c:e7:24:34:76:14:
         e4:fa:d0:2a:41:b9:e2:d4:90:12:6c:bf:53:f3:b6:ed:0c:4e:
         c6:1e:6b:c5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvXfU9lKrIc8Va8soPXcCSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YmRjZmY3N2JmMDYwZDVkYTEyZGU0NWUyMDcyZTFjZmY0
NTYwYTcwHhcNMjMwMTAxMjIwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWUwZWYwMDFhMjFlNzNlYzY1ZWEzZDgwMzkyMjJkZmFlNTJiOTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5hiYtOBxckPNfVlC3sJylA1ZJVa
1+Ropn67E5u2gm4npNEXzvER1D2dKQYixkJlUyA/q5um0/C1QRevru9DIUJjubjq
ZQq9d07Q2QF0pqHpN4rTSBqggwGzuY1XiG3mgMJn8D0qcjoDLjH5a50C/8Hu74oO
zP8AbuElhvu6hQ7Sa72PxKELuaz2Z6H0Gk3IWIcjDamNUYqw4TSvQXXBDXshtKYV
3wjtHZhoeOdjkTu+IXMpI6y/A/V1p6kIylVTFdTMG7SQav5i0MYq+rA/HRJx6GGs
KtELb+/bf8gvyywQW5oINbkdWA9nnPGjt9FV6/VPBvzlyCH8pMGTQHG0VQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE7g7wAaIec+xl6j2AOSIt+uUrkxMB8GA1UdIwQY
MBaAFGW9z/d78GDV2hLeReIHLhz/RWCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYt
ZDcwY2Q5N2Y0ODU3LzEvVHVEdkFCb2g1ejdHWHFQWUE1SWkzNjVTdVRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYtZDcwY2Q5N2Y0ODU3
LzEvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgIgyEdQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAdEMHc3b0k/U5YaNWBFGEgJeURv58YXJWNe5ov
k6TZtARsUVnkqIKDJjmyHjbVm17vEve7OsfZ/CxDtNPYuDK6FOzcVEo+GWsWo6tI
WfsyXrxwo8rLpeBop+wtJ/xFsNC2KFd5LAJL71rPDn625z2Gj1hkISkzHsfSyMyq
EuwAuab8yiZng8LXDZo6qLLgeXZqVUfo2/wEmCfo3+G+5ONumg1FNChx2iJGTGBi
O9Pulx5WLJCtw+5iIWoBZCNiTGUVowCKaNQJ48iBfyYKJ70lDKbdeUGoeVhQSyJH
yMHsmfeYpEKM5yQ0dhTk+tAqQbni1JASbL9T87btDE7GHmvF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:32 2024 by rpki-client on console-fra.rpki-client.org