Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/OWXjhxXYP0nwPFMFDB1PyW8eVBo.roa
File:                     OWXjhxXYP0nwPFMFDB1PyW8eVBo.roa (raw, json)
Hash identifier:          3GKF7t/pEQ1TdHA4Tz98DiP+hl4H2EKpahQSYMjGPBg=
Subject key identifier:   39:65:E3:87:15:D8:3F:49:F0:3C:53:05:0C:1D:4F:C9:6F:1E:54:1A
Certificate issuer:       /CN=96bfc5a172654dd6009db1d82d92ffaf71234120
Certificate serial:       01856C53F324DC5F5EF161719FD433DDE2D9
Authority key identifier: 96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/OWXjhxXYP0nwPFMFDB1PyW8eVBo.roa
Signing time:             Sun 01 Jan 2023 07:55:19 +0000
ROA not before:           Sun 01 Jan 2023 07:55:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208731
IP address blocks:        2a0a:e5c0::/29 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:53:f3:24:dc:5f:5e:f1:61:71:9f:d4:33:dd:e2:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96bfc5a172654dd6009db1d82d92ffaf71234120
        Validity
            Not Before: Jan  1 07:55:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3965e38715d83f49f03c53050c1d4fc96f1e541a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:62:23:ac:1f:59:13:04:04:44:41:62:53:fb:
                    f6:eb:b9:10:4e:a1:75:7e:fd:15:57:2b:bc:54:22:
                    e2:27:47:45:6f:8a:be:41:bd:1f:3d:78:1d:95:1a:
                    ba:22:58:47:9f:2e:8b:72:a3:0d:96:d1:c9:77:9d:
                    d2:fc:28:04:0b:3b:4e:60:18:2e:f7:d0:68:7a:68:
                    f0:49:31:fc:10:7e:ef:ce:a9:1e:aa:b4:f3:e1:9d:
                    ef:92:c2:4c:4e:61:5e:d8:58:85:79:cf:56:de:66:
                    ea:f6:b0:5c:01:65:db:c6:0c:94:63:14:39:8f:3b:
                    25:95:79:93:46:73:96:2c:c0:bd:45:d1:cb:33:57:
                    b3:13:0f:ae:03:2d:79:84:c8:0a:43:0b:26:16:11:
                    5c:71:a6:44:46:06:9d:92:97:1f:06:99:66:92:b7:
                    96:e8:27:b7:da:0f:9a:1b:61:70:c5:0a:01:c6:71:
                    21:59:2f:fa:01:03:11:d4:b8:c0:3b:e1:92:3b:7e:
                    ea:c6:7b:dd:9c:29:88:ed:0f:9b:d9:78:46:6e:e9:
                    54:38:12:0b:78:86:b2:dc:16:69:4a:c0:fc:de:1a:
                    1f:f7:3c:75:2f:6c:fe:0a:f9:d0:ad:00:f8:a4:de:
                    25:c0:85:38:d3:44:a1:c2:9d:d4:1d:89:4f:f6:3a:
                    0c:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:65:E3:87:15:D8:3F:49:F0:3C:53:05:0C:1D:4F:C9:6F:1E:54:1A
            X509v3 Authority Key Identifier:
                keyid:96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/OWXjhxXYP0nwPFMFDB1PyW8eVBo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:e5c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         11:f8:ac:ad:9a:66:de:ea:cd:95:bc:45:c1:fe:9a:24:1b:9d:
         83:2d:68:c2:d0:93:5b:4f:c5:64:97:6c:42:a0:1d:70:e1:e7:
         25:51:ed:5c:62:ed:c9:ec:d2:69:fd:81:8f:c3:da:4f:a6:07:
         af:4d:f0:2a:78:50:04:a2:20:2c:3f:e5:55:90:77:07:56:4b:
         6b:71:6b:f0:f1:e7:39:21:e5:77:68:07:91:10:56:24:a2:6f:
         bd:1a:c5:a2:aa:b7:08:76:bd:85:38:c7:39:23:90:2e:f3:c7:
         48:f4:b7:2a:2e:6e:bc:d6:62:01:0d:16:73:48:cd:16:3c:1d:
         18:85:31:a7:1c:99:97:e6:fd:72:77:8f:78:e3:33:df:4c:74:
         a3:ed:5b:f5:5a:6b:a1:ef:91:6d:d9:fd:7e:b0:da:57:f3:53:
         01:a4:ce:be:af:92:68:23:98:35:67:7c:16:0f:4f:8c:47:85:
         a4:1b:f7:8a:4b:dd:9e:e1:9c:2e:f9:4f:f0:17:cb:4f:14:09:
         ab:27:0a:f6:04:f4:db:78:19:6f:96:e5:be:37:d4:10:40:54:
         3a:08:83:5e:c6:ac:ed:89:2b:c2:3d:d1:14:a4:0c:57:72:0b:
         15:bd:6b:3e:d9:c4:eb:6f:f4:1a:b3:09:94:4d:a7:7c:a9:71:
         a6:db:89:b9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVsU/Mk3F9e8WFxn9Qz3eLZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YmZjNWExNzI2NTRkZDYwMDlkYjFkODJkOTJmZmFmNzEy
MzQxMjAwHhcNMjMwMTAxMDc1NTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTY1ZTM4NzE1ZDgzZjQ5ZjAzYzUzMDUwYzFkNGZjOTZmMWU1NDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmIjrB9ZEwQEREFiU/v267kQTqF1
fv0VVyu8VCLiJ0dFb4q+Qb0fPXgdlRq6IlhHny6LcqMNltHJd53S/CgECztOYBgu
99BoemjwSTH8EH7vzqkeqrTz4Z3vksJMTmFe2FiFec9W3mbq9rBcAWXbxgyUYxQ5
jzsllXmTRnOWLMC9RdHLM1ezEw+uAy15hMgKQwsmFhFccaZERgadkpcfBplmkreW
6Ce32g+aG2FwxQoBxnEhWS/6AQMR1LjAO+GSO37qxnvdnCmI7Q+b2XhGbulUOBIL
eIay3BZpSsD83hof9zx1L2z+CvnQrQD4pN4lwIU400Shwp3UHYlP9joMKQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDll44cV2D9J8DxTBQwdT8lvHlQaMB8GA1UdIwQY
MBaAFJa/xaFyZU3WAJ2x2C2S/69xI0EgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmIt
YmZmYjc1N2MzMTM0LzEvT1dYamh4WFlQMG53UEZNRkRCMVB5VzhlVkJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmItYmZmYjc1N2MzMTM0
LzEvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgrlwDAN
BgkqhkiG9w0BAQsFAAOCAQEAEfisrZpm3urNlbxFwf6aJBudgy1owtCTW0/FZJds
QqAdcOHnJVHtXGLtyezSaf2Bj8PaT6YHr03wKnhQBKIgLD/lVZB3B1ZLa3Fr8PHn
OSHld2gHkRBWJKJvvRrFoqq3CHa9hTjHOSOQLvPHSPS3Ki5uvNZiAQ0Wc0jNFjwd
GIUxpxyZl+b9cnePeOMz30x0o+1b9Vproe+Rbdn9frDaV/NTAaTOvq+SaCOYNWd8
Fg9PjEeFpBv3ikvdnuGcLvlP8BfLTxQJqycK9gT023gZb5blvjfUEEBUOgiDXsas
7Ykrwj3RFKQMV3ILFb1rPtnE62/0GrMJlE2nfKlxptuJuQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:07 2024 by rpki-client on console-fra.rpki-client.org