Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/xdsUkRu_mAfY7RH2Tnt3GeidtGo.roa
File:                     xdsUkRu_mAfY7RH2Tnt3GeidtGo.roa (raw, json)
Hash identifier:          /XCYAxlW8LFIEx6mAt4EKri55NGCb/aNn57IqAeBRI8=
Subject key identifier:   C5:DB:14:91:1B:BF:98:07:D8:ED:11:F6:4E:7B:77:19:E8:9D:B4:6A
Certificate issuer:       /CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd
Certificate serial:       01856F5DF1F441983649EC7FFACC340E2852
Authority key identifier: FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/xdsUkRu_mAfY7RH2Tnt3GeidtGo.roa
Signing time:             Sun 01 Jan 2023 22:05:05 +0000
ROA not before:           Sun 01 Jan 2023 22:05:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207080
IP address blocks:        2a0a:5940::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:31:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:5d:f1:f4:41:98:36:49:ec:7f:fa:cc:34:0e:28:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd
        Validity
            Not Before: Jan  1 22:05:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c5db14911bbf9807d8ed11f64e7b7719e89db46a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:1f:45:a1:64:ad:8d:dd:06:78:8d:f9:2c:7f:
                    a4:fc:cc:ea:17:f6:02:91:b9:05:43:d3:61:03:1a:
                    e0:79:6d:b9:a3:3a:8b:87:a3:63:5b:b9:7c:b5:e2:
                    6b:15:b5:23:16:e3:8b:34:ea:d9:03:9f:be:4d:5c:
                    f2:58:9a:1e:73:4b:52:f5:b4:d6:bb:4f:39:e0:76:
                    db:d3:3e:89:a3:62:fa:85:d6:77:0f:18:71:fa:6b:
                    55:6d:c6:55:41:08:99:e7:7e:39:11:24:f7:33:2f:
                    34:69:14:ae:1e:22:86:83:92:5e:14:dc:09:d7:b4:
                    c5:98:d0:4c:6a:24:f9:7b:69:ab:e6:e1:4b:36:38:
                    44:3d:5e:24:ac:51:cc:c5:12:75:34:8e:31:3b:d7:
                    63:b0:c3:42:6c:0e:f3:ea:b8:33:7a:af:eb:59:a3:
                    3c:a2:6e:39:7a:bf:3c:2c:57:cf:3e:c8:f4:29:e6:
                    1a:dc:db:d3:29:7d:25:dc:a0:42:95:07:96:5b:92:
                    ff:f1:c6:96:96:f2:be:e8:2a:80:36:69:cc:b3:b8:
                    de:99:aa:3c:f0:bf:18:3e:59:0c:02:fb:ce:83:a5:
                    11:4e:47:47:15:a4:ff:74:a4:8b:f9:83:18:cf:5d:
                    14:94:9d:e5:08:9b:1b:80:4d:86:de:7f:19:64:59:
                    1d:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:DB:14:91:1B:BF:98:07:D8:ED:11:F6:4E:7B:77:19:E8:9D:B4:6A
            X509v3 Authority Key Identifier:
                keyid:FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/xdsUkRu_mAfY7RH2Tnt3GeidtGo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/_97EpGpubk-aktC6Lgs6tWWL4b0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:5940::/48

    Signature Algorithm: sha256WithRSAEncryption
         59:ec:a1:8c:8f:75:9e:2b:88:4f:ff:e2:8e:b6:b9:f8:2b:1e:
         c9:3f:dd:b5:83:56:ef:38:88:67:80:6b:37:53:94:91:b1:77:
         35:b7:13:8a:81:93:73:a4:45:1d:e6:43:b7:e4:6a:38:75:bf:
         34:5a:cd:9c:a7:90:7b:54:45:3a:76:05:e0:15:50:ed:0c:3c:
         e0:0e:29:45:cb:d8:c2:7e:b8:0f:cf:e6:22:7c:82:89:28:02:
         26:38:82:d0:8d:46:e8:d5:f9:d7:b1:ce:18:41:83:97:39:46:
         19:78:7a:0c:ce:91:b9:5c:56:54:ff:23:ee:e7:f3:d2:2c:4a:
         98:fb:59:c3:ac:79:26:27:df:69:d8:c4:57:e3:5d:fc:e1:e9:
         ba:c7:64:18:af:b2:9f:ae:6d:bd:97:c9:c6:c0:ef:53:31:60:
         38:8f:ac:d4:4d:d5:94:3b:b8:c8:7e:1c:86:e8:46:83:3d:f9:
         4f:c8:47:9d:61:06:85:74:9d:55:57:76:3a:19:41:e3:aa:ac:
         ac:2e:99:d6:a1:e2:5c:82:da:e5:7c:6c:7a:bb:c6:ad:b5:32:
         be:2e:13:48:e4:da:f6:65:d2:85:8d:38:d6:4e:df:9d:26:d9:
         64:3d:d2:8a:cb:5f:84:62:e4:f3:9a:b0:8a:d2:5e:9b:97:e8:
         47:3c:82:26
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvXfH0QZg2Sex/+sw0DihSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZGVjNGE0NmE2ZTZlNGY5YTkyZDBiYTJlMGIzYWI1NjU4
YmUxYmQwHhcNMjMwMTAxMjIwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWRiMTQ5MTFiYmY5ODA3ZDhlZDExZjY0ZTdiNzcxOWU4OWRiNDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwB9FoWStjd0GeI35LH+k/MzqF/YC
kbkFQ9NhAxrgeW25ozqLh6NjW7l8teJrFbUjFuOLNOrZA5++TVzyWJoec0tS9bTW
u0854Hbb0z6Jo2L6hdZ3Dxhx+mtVbcZVQQiZ5345EST3My80aRSuHiKGg5JeFNwJ
17TFmNBMaiT5e2mr5uFLNjhEPV4krFHMxRJ1NI4xO9djsMNCbA7z6rgzeq/rWaM8
om45er88LFfPPsj0KeYa3NvTKX0l3KBClQeWW5L/8caWlvK+6CqANmnMs7jemao8
8L8YPlkMAvvOg6URTkdHFaT/dKSL+YMYz10UlJ3lCJsbgE2G3n8ZZFkdUQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMXbFJEbv5gH2O0R9k57dxnonbRqMB8GA1UdIwQY
MBaAFP/exKRqbm5PmpLQui4LOrVli+G9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzk3RXBHcHViay1ha3RDNkxnczZ0V1dMNGIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8xMWU1YjMtNDNhYS00Mjc5LTk0NDEt
N2U4YzZkNGQ5YmVmLzEveGRzVWtSdV9tQWZZN1JIMlRudDNHZWlkdEdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8xMWU1YjMtNDNhYS00Mjc5LTk0NDEtN2U4YzZkNGQ5YmVm
LzEvXzk3RXBHcHViay1ha3RDNkxnczZ0V1dMNGIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgpZQAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBZ7KGMj3WeK4hP/+KOtrn4Kx7JP921g1bvOIhn
gGs3U5SRsXc1txOKgZNzpEUd5kO35Go4db80Ws2cp5B7VEU6dgXgFVDtDDzgDilF
y9jCfrgPz+YifIKJKAImOILQjUbo1fnXsc4YQYOXOUYZeHoMzpG5XFZU/yPu5/PS
LEqY+1nDrHkmJ99p2MRX41384em6x2QYr7Kfrm29l8nGwO9TMWA4j6zUTdWUO7jI
fhyG6EaDPflPyEedYQaFdJ1VV3Y6GUHjqqysLpnWoeJcgtrlfGx6u8attTK+LhNI
5Nr2ZdKFjTjWTt+dJtlkPdKKy1+EYuTzmrCK0l6bl+hHPIIm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:52 2024 by rpki-client on console-ams.rpki-client.org