Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/360de7-6fdc-4067-8f4d-676b52096cf8/1/D2tIBSPZ7xAFeSStKZBcqW44x0o.roa
File:                     D2tIBSPZ7xAFeSStKZBcqW44x0o.roa (raw, json)
Hash identifier:          deOnDmAyJ1IQMXIUhF9v0k02eNzFfBgolPTsERKCyJM=
Subject key identifier:   0F:6B:48:05:23:D9:EF:10:05:79:24:AD:29:90:5C:A9:6E:38:C7:4A
Certificate issuer:       /CN=f0e729a54cc76b889c832e0d1395894af7c0e5fe
Certificate serial:       018902154B0814C95459CB2A52AF5AED3D93
Authority key identifier: F0:E7:29:A5:4C:C7:6B:88:9C:83:2E:0D:13:95:89:4A:F7:C0:E5:FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8OcppUzHa4icgy4NE5WJSvfA5f4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/360de7-6fdc-4067-8f4d-676b52096cf8/1/D2tIBSPZ7xAFeSStKZBcqW44x0o.roa
Signing time:             Wed 28 Jun 2023 12:58:17 +0000
ROA not before:           Wed 28 Jun 2023 12:58:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208685
IP address blocks:        2a12:5343:2::/48 maxlen: 48
                          2a12:5343:1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:02:15:4b:08:14:c9:54:59:cb:2a:52:af:5a:ed:3d:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f0e729a54cc76b889c832e0d1395894af7c0e5fe
        Validity
            Not Before: Jun 28 12:58:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0f6b480523d9ef10057924ad29905ca96e38c74a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:f2:40:c3:e6:bc:a3:7e:6d:0b:61:38:20:09:
                    9d:e7:31:71:20:39:13:35:21:14:f0:dc:b1:a1:4f:
                    35:0b:1c:5e:03:d0:48:75:e2:76:2d:03:22:0b:60:
                    af:e1:f3:fc:01:aa:e3:50:af:83:4f:46:48:6c:a6:
                    c4:81:64:b1:ca:51:ef:31:24:d4:0f:8f:19:ed:15:
                    fa:89:d4:b9:17:db:ed:8a:4e:5d:84:c7:1c:8d:49:
                    93:71:42:8d:dc:09:6d:8c:9f:01:ab:dd:01:72:ce:
                    7b:de:bf:07:cc:4d:62:72:92:b2:d8:c8:c1:f8:26:
                    ad:17:50:eb:66:9d:67:15:b5:e7:b7:d7:c6:1b:39:
                    19:4b:33:06:94:1a:92:10:ae:67:c5:50:2c:3f:81:
                    8b:aa:42:9c:a8:bf:f0:f5:9c:c5:a4:49:a7:ab:ae:
                    e3:f8:21:64:f5:58:01:8c:d5:a9:dd:a7:d9:d1:75:
                    63:57:4c:bc:c3:45:08:55:95:3f:b7:dc:4a:b9:83:
                    76:f6:a8:0f:0b:a1:84:95:c7:6e:f4:03:4a:ba:9c:
                    80:15:a2:cd:a5:ac:83:1f:b7:8d:ea:ae:9b:a4:20:
                    74:22:0d:66:a1:4d:af:5c:7c:bb:aa:1a:e7:b9:a9:
                    d5:ac:f0:02:28:a3:22:58:29:7c:4a:05:2c:58:04:
                    cc:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:6B:48:05:23:D9:EF:10:05:79:24:AD:29:90:5C:A9:6E:38:C7:4A
            X509v3 Authority Key Identifier:
                keyid:F0:E7:29:A5:4C:C7:6B:88:9C:83:2E:0D:13:95:89:4A:F7:C0:E5:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8OcppUzHa4icgy4NE5WJSvfA5f4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/360de7-6fdc-4067-8f4d-676b52096cf8/1/D2tIBSPZ7xAFeSStKZBcqW44x0o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/360de7-6fdc-4067-8f4d-676b52096cf8/1/8OcppUzHa4icgy4NE5WJSvfA5f4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:5343:1::-2a12:5343:2:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         8d:7a:c3:b0:17:63:60:b0:a3:81:55:cc:b2:cb:10:f6:66:dc:
         71:32:f9:3b:68:94:97:1b:b1:81:7d:e0:71:b2:68:b6:22:65:
         0b:3b:e3:36:8b:6d:65:05:1b:cc:b9:26:68:c4:59:54:e2:5a:
         01:92:20:e5:1d:51:d6:1d:ba:11:6e:6c:65:90:3f:ae:d7:f7:
         ee:cb:7b:1f:e9:aa:00:b5:15:db:10:96:90:92:d1:81:b2:b9:
         f2:33:a8:ca:56:b6:a5:35:ad:51:21:8f:b4:ff:3a:e5:00:8a:
         71:be:a2:bb:9a:f5:24:c9:3f:66:0c:a2:aa:4d:dd:33:67:6a:
         34:db:a2:cb:50:39:8a:23:b8:70:b9:03:69:03:25:cc:ab:88:
         9f:15:a3:63:45:93:83:97:78:35:45:4e:fa:4e:d3:5c:28:57:
         79:cc:27:68:2d:64:21:b4:b7:ff:09:06:f2:59:23:a1:0e:fd:
         e3:e9:68:84:32:8d:72:f4:2d:1a:bc:12:ae:62:af:de:3c:40:
         2a:9e:73:e4:06:f7:4f:61:10:b6:e8:b4:de:6e:29:86:6e:d1:
         02:7d:f6:52:78:0a:4c:09:ef:6f:b9:04:36:4f:c7:90:d9:77:
         61:2d:fc:e9:e7:77:08:5c:ed:e4:cc:dd:b8:80:45:e6:15:0e:
         0f:55:b2:c9
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYkCFUsIFMlUWcsqUq9a7T2TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZTcyOWE1NGNjNzZiODg5YzgzMmUwZDEzOTU4OTRhZjdj
MGU1ZmUwHhcNMjMwNjI4MTI1ODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjZiNDgwNTIzZDllZjEwMDU3OTI0YWQyOTkwNWNhOTZlMzhjNzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvJAw+a8o35tC2E4IAmd5zFxIDkT
NSEU8NyxoU81CxxeA9BIdeJ2LQMiC2Cv4fP8AarjUK+DT0ZIbKbEgWSxylHvMSTU
D48Z7RX6idS5F9vtik5dhMccjUmTcUKN3AltjJ8Bq90Bcs573r8HzE1icpKy2MjB
+CatF1DrZp1nFbXnt9fGGzkZSzMGlBqSEK5nxVAsP4GLqkKcqL/w9ZzFpEmnq67j
+CFk9VgBjNWp3afZ0XVjV0y8w0UIVZU/t9xKuYN29qgPC6GElcdu9ANKupyAFaLN
payDH7eN6q6bpCB0Ig1moU2vXHy7qhrnuanVrPACKKMiWCl8SgUsWATM0wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFA9rSAUj2e8QBXkkrSmQXKluOMdKMB8GA1UdIwQY
MBaAFPDnKaVMx2uInIMuDROViUr3wOX+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE9jcHBVekhhNGljZ3k0TkU1V0pTdmZBNWY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8zNjBkZTctNmZkYy00MDY3LThmNGQt
Njc2YjUyMDk2Y2Y4LzEvRDJ0SUJTUFo3eEFGZVNTdEtaQmNxVzQ0eDBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8zNjBkZTctNmZkYy00MDY3LThmNGQtNjc2YjUyMDk2Y2Y4
LzEvOE9jcHBVekhhNGljZ3k0TkU1V0pTdmZBNWY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqElND
AAEDBwAqElNDAAIwDQYJKoZIhvcNAQELBQADggEBAI16w7AXY2Cwo4FVzLLLEPZm
3HEy+TtolJcbsYF94HGyaLYiZQs74zaLbWUFG8y5JmjEWVTiWgGSIOUdUdYduhFu
bGWQP67X9+7Lex/pqgC1FdsQlpCS0YGyufIzqMpWtqU1rVEhj7T/OuUAinG+orua
9STJP2YMoqpN3TNnajTbostQOYojuHC5A2kDJcyriJ8Vo2NFk4OXeDVFTvpO01wo
V3nMJ2gtZCG0t/8JBvJZI6EO/ePpaIQyjXL0LRq8Eq5ir948QCqec+QG909hELbo
tN5uKYZu0QJ99lJ4CkwJ72+5BDZPx5DZd2Et/Onndwhc7eTM3biAReYVDg9Vssk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:43 2024 by rpki-client on console-ams.rpki-client.org