Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/EqucGb3mM1JmFIicWQYp0BHswEs.roa
File:                     EqucGb3mM1JmFIicWQYp0BHswEs.roa (raw, json)
Hash identifier:          LZVr91KYXtko2gbj/Fszpp/BverSRTrkGdYEpcK6tYM=
Subject key identifier:   12:AB:9C:19:BD:E6:33:52:66:14:88:9C:59:06:29:D0:11:EC:C0:4B
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       018688969675D16F377A128828F98DB65490
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/EqucGb3mM1JmFIicWQYp0BHswEs.roa
Signing time:             Sat 25 Feb 2023 12:40:15 +0000
ROA not before:           Sat 25 Feb 2023 12:40:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204339
IP address blocks:        2a0d:2dc2::/32 maxlen: 32
                          2a0b:da01::/32 maxlen: 32
                          2a0c:aa42::/32 maxlen: 32
                          2a0b:7782::/32 maxlen: 32
                          2a0d:2dc1::/32 maxlen: 32
                          2a0c:aa41::/32 maxlen: 32
                          2a0b:7781::/32 maxlen: 32
                          2a0b:da02::/32 maxlen: 32
                          2a0d:2dc0::/32 maxlen: 32
                          2a0b:da03::/32 maxlen: 32
                          2a0b:da00::/32 maxlen: 32
                          2a0c:aa46::/32 maxlen: 32
                          2a0b:7786::/32 maxlen: 32
                          2a0d:2dc3::/32 maxlen: 32
                          2a0c:aa43::/32 maxlen: 32
                          2a0b:da06::/32 maxlen: 32
                          2a0b:7783::/32 maxlen: 32
                          2a0c:aa40::/32 maxlen: 32
                          2a0b:7780::/32 maxlen: 32
                          2a0d:2dc6::/32 maxlen: 32
                          2a0b:da04::/32 maxlen: 32
                          2a0d:2dc5::/32 maxlen: 32
                          2a0c:aa45::/32 maxlen: 32
                          2a0b:7785::/32 maxlen: 32
                          2a0d:2dc7::/32 maxlen: 32
                          2a0b:7784::/32 maxlen: 32
                          2a0b:da05::/32 maxlen: 32
                          2a0c:aa44::/32 maxlen: 32
                          2a0b:7787::/32 maxlen: 32
                          2a0c:aa47::/32 maxlen: 32
                          2a0d:2dc4::/32 maxlen: 32
                          2a0b:da07::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:88:96:96:75:d1:6f:37:7a:12:88:28:f9:8d:b6:54:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Feb 25 12:40:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=12ab9c19bde633526614889c590629d011ecc04b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:65:e0:a1:55:bf:9c:56:65:ca:f8:85:66:df:
                    21:fb:b4:d8:2a:f8:aa:78:e0:44:e0:8f:f6:9a:ab:
                    4a:cd:4b:85:28:c4:61:54:f0:75:f5:e2:5b:57:41:
                    79:43:71:0a:ab:2d:a7:78:94:98:71:46:0f:4e:25:
                    42:4b:48:94:2e:7a:a6:4d:c2:a7:b9:f6:3b:d4:0c:
                    d3:eb:37:47:d9:41:02:31:81:0b:ca:da:2a:57:11:
                    40:24:bf:97:8a:52:a3:a9:7d:c7:bd:af:90:f7:68:
                    29:1f:60:a8:c1:0a:0f:66:b1:3b:26:68:e5:e3:89:
                    24:85:bc:9a:b4:fa:3b:26:75:66:27:90:ca:0b:97:
                    4e:ff:b4:7f:0d:0d:64:52:a5:18:a6:c3:e8:c1:69:
                    6a:a3:c5:40:9d:ef:82:18:66:01:47:9f:d0:2d:46:
                    6b:24:ec:b4:01:63:bf:9a:66:71:8a:f8:ea:8e:ba:
                    6b:5a:d7:a5:c7:a8:25:3e:1e:26:21:e5:ec:ca:f1:
                    9a:19:5f:3c:48:ea:b8:2e:2c:bd:26:a3:94:35:6f:
                    5d:9a:15:b8:d7:cf:cf:84:c9:56:61:d4:7b:cf:7e:
                    c0:b3:96:ef:9b:7b:82:c8:c6:f9:19:69:00:36:34:
                    a6:c1:d8:9a:41:fd:a4:33:4c:4f:70:68:80:c5:e5:
                    7b:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:AB:9C:19:BD:E6:33:52:66:14:88:9C:59:06:29:D0:11:EC:C0:4B
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/EqucGb3mM1JmFIicWQYp0BHswEs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:7780::/29
                  2a0b:da00::/29
                  2a0c:aa40::/29
                  2a0d:2dc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         27:60:d4:9b:a9:62:8c:2c:46:f8:fc:70:39:f1:cd:8f:31:2f:
         b5:82:d5:c1:bb:4b:84:13:ab:5a:25:cd:26:2b:2a:9d:28:1e:
         61:27:f2:2c:b9:e2:3a:90:06:f4:bc:7f:8a:5d:ac:46:70:fb:
         ef:dd:5c:47:ce:86:69:f3:a6:31:89:45:e6:a3:e8:f2:b2:2c:
         97:1b:8a:0d:89:1d:26:b8:85:2a:74:cc:76:c4:39:02:87:06:
         72:4c:90:28:ff:33:f3:b8:70:92:6d:d5:71:d3:82:41:6b:1a:
         25:e1:f1:0e:bf:b0:cd:3a:1e:4e:52:d5:ae:75:51:41:d5:84:
         f4:bc:cb:1a:be:33:6b:ce:55:b0:d1:c3:a6:2a:ef:7a:65:e8:
         8b:4a:01:6c:ea:65:57:63:4e:a4:7e:3f:1c:da:16:95:2c:1b:
         8f:50:f8:a7:a1:2d:a1:31:11:07:a9:83:49:34:65:dd:8d:1d:
         ae:78:b3:95:44:05:31:94:9e:24:2d:d0:9b:f7:a3:3f:8f:bc:
         7a:84:00:a9:4f:92:b4:84:fa:10:65:94:ee:c5:18:31:55:10:
         33:d9:0c:22:05:c8:11:5d:c9:75:c1:38:f7:84:8e:1a:a4:1e:
         ff:0a:a1:f2:2b:75:64:7e:d1:57:64:5f:42:62:b1:45:3e:da:
         6a:7b:34:9b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYaIlpZ10W83ehKIKPmNtlSQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMjI1MTI0MDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmFiOWMxOWJkZTYzMzUyNjYxNDg4OWM1OTA2MjlkMDExZWNjMDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2mXgoVW/nFZlyviFZt8h+7TYKviq
eOBE4I/2mqtKzUuFKMRhVPB19eJbV0F5Q3EKqy2neJSYcUYPTiVCS0iULnqmTcKn
ufY71AzT6zdH2UECMYELytoqVxFAJL+XilKjqX3Hva+Q92gpH2CowQoPZrE7Jmjl
44kkhbyatPo7JnVmJ5DKC5dO/7R/DQ1kUqUYpsPowWlqo8VAne+CGGYBR5/QLUZr
JOy0AWO/mmZxivjqjrprWtelx6glPh4mIeXsyvGaGV88SOq4Liy9JqOUNW9dmhW4
18/PhMlWYdR7z37As5bvm3uCyMb5GWkANjSmwdiaQf2kM0xPcGiAxeV7LQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFBKrnBm95jNSZhSInFkGKdAR7MBLMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvRXF1Y0diM21NMUptRklpY1dRWXAwQkhzd0VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgt3gAMF
AyoL2gADBQMqDKpAAwUDKg0twDANBgkqhkiG9w0BAQsFAAOCAQEAJ2DUm6lijCxG
+PxwOfHNjzEvtYLVwbtLhBOrWiXNJisqnSgeYSfyLLniOpAG9Lx/il2sRnD7791c
R86GafOmMYlF5qPo8rIslxuKDYkdJriFKnTMdsQ5AocGckyQKP8z87hwkm3VcdOC
QWsaJeHxDr+wzToeTlLVrnVRQdWE9LzLGr4za85VsNHDpirvemXoi0oBbOplV2NO
pH4/HNoWlSwbj1D4p6EtoTERB6mDSTRl3Y0drnizlUQFMZSeJC3Qm/ejP4+8eoQA
qU+StIT6EGWU7sUYMVUQM9kMIgXIEV3JdcE494SOGqQe/wqh8it1ZH7RV2RfQmKx
RT7aans0mw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:08 2024 by rpki-client on console-ams.rpki-client.org