Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/c72abe-32dc-4f18-905f-c1ff056fc76f/1/NtNvAfm6mIt1OZBIENW34CjoAzU.roa
File:                     NtNvAfm6mIt1OZBIENW34CjoAzU.roa (raw, json)
Hash identifier:          /yUJmH3AHKpdC0LS14y+zJOWn5jMbmhv3wubU6zjdCI=
Subject key identifier:   36:D3:6F:01:F9:BA:98:8B:75:39:90:48:10:D5:B7:E0:28:E8:03:35
Certificate issuer:       /CN=4c33c0e14d57eabc3b65e38a7736bebe49092e9e
Certificate serial:       01856B8112E5ED5C4A5F2B6F69E63D013404
Authority key identifier: 4C:33:C0:E1:4D:57:EA:BC:3B:65:E3:8A:77:36:BE:BE:49:09:2E:9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TDPA4U1X6rw7ZeOKdza-vkkJLp4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/c72abe-32dc-4f18-905f-c1ff056fc76f/1/NtNvAfm6mIt1OZBIENW34CjoAzU.roa
Signing time:             Sun 01 Jan 2023 04:04:59 +0000
ROA not before:           Sun 01 Jan 2023 04:04:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49581
IP address blocks:        2a12:89c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 27 Feb 2023 09:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:81:12:e5:ed:5c:4a:5f:2b:6f:69:e6:3d:01:34:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c33c0e14d57eabc3b65e38a7736bebe49092e9e
        Validity
            Not Before: Jan  1 04:04:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=36d36f01f9ba988b7539904810d5b7e028e80335
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:66:f0:25:04:28:5d:0a:34:c9:f1:21:b1:a9:
                    b2:06:09:54:9f:c5:53:38:c7:2b:90:0e:3f:77:c8:
                    b6:0a:2a:a1:12:19:01:b9:0f:f3:b6:cb:13:bb:bf:
                    00:53:1d:4f:72:2c:7b:04:9d:18:84:45:c9:b5:16:
                    9c:6c:9f:25:b7:73:ec:0f:16:8a:ae:9f:1b:1a:be:
                    70:0c:6d:b7:54:03:48:31:65:99:9c:94:4d:43:7d:
                    4b:77:84:5a:60:20:c9:e5:03:f1:47:f1:7d:ff:f1:
                    93:a0:53:46:c1:e3:76:61:38:db:fb:9a:db:71:8b:
                    2a:df:51:91:1f:c4:d9:01:1c:fc:5a:3d:8f:b8:8d:
                    9c:ff:9f:56:b3:76:0c:29:6a:3f:16:83:f4:12:8b:
                    a2:70:74:5a:b6:16:54:36:da:0f:32:28:37:0c:b5:
                    61:8b:29:20:27:47:0a:cd:37:18:b5:7b:4f:60:56:
                    5d:6b:54:78:48:92:22:b2:9f:d6:b7:0d:55:2d:7c:
                    a9:99:80:bd:ef:0d:a2:87:12:9d:dd:05:4d:9b:c5:
                    d0:9b:48:13:a5:59:a4:f6:f4:35:11:b9:e1:0b:2a:
                    4a:7f:10:e9:e3:66:4e:fb:6c:e9:24:07:9f:35:19:
                    d9:94:ec:ef:26:0b:49:f5:45:8a:c3:ad:16:d1:8b:
                    d8:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:D3:6F:01:F9:BA:98:8B:75:39:90:48:10:D5:B7:E0:28:E8:03:35
            X509v3 Authority Key Identifier:
                keyid:4C:33:C0:E1:4D:57:EA:BC:3B:65:E3:8A:77:36:BE:BE:49:09:2E:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDPA4U1X6rw7ZeOKdza-vkkJLp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/c72abe-32dc-4f18-905f-c1ff056fc76f/1/NtNvAfm6mIt1OZBIENW34CjoAzU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/c72abe-32dc-4f18-905f-c1ff056fc76f/1/TDPA4U1X6rw7ZeOKdza-vkkJLp4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:89c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         70:d0:c4:58:2a:7c:09:18:27:67:e0:a5:a0:17:b0:83:cd:fb:
         96:c8:9e:a7:7d:80:0b:1d:e7:83:c5:65:e8:56:6f:56:1e:97:
         25:bb:b1:19:24:28:47:9d:72:82:70:90:5f:aa:9f:1c:99:c2:
         4f:25:4b:2b:14:d9:b1:dd:4c:51:50:c7:95:f7:02:45:72:21:
         de:91:fe:36:8e:a1:73:29:22:6c:cf:19:62:5b:df:e4:9f:ec:
         1d:a8:1c:82:e6:b9:b3:ae:84:da:a2:22:43:32:b2:9c:5b:50:
         5b:13:04:71:10:63:76:bc:db:aa:31:cb:2a:bc:e6:37:9f:c1:
         b4:9c:fc:6f:c9:91:34:3f:c9:c6:eb:a1:4f:91:a6:89:a6:d0:
         6e:ab:12:a2:89:30:76:7f:27:a2:0c:c8:d9:4c:a3:84:db:43:
         d3:35:4b:a7:83:b8:66:40:01:a6:26:1c:c0:25:b4:4b:c0:51:
         64:dc:05:f2:69:2a:25:c5:56:6a:53:2f:15:21:b5:de:b6:41:
         21:5f:65:6a:53:e2:f7:68:f1:94:55:fc:bc:98:22:17:e0:b6:
         62:4e:88:13:9f:ac:a3:f0:c0:f6:ac:cc:6d:56:c7:cc:4e:70:
         d8:12:5b:f2:b3:1a:97:c6:d7:b4:9c:85:53:eb:a6:62:37:56:
         d0:5b:5d:a3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVrgRLl7VxKXytvaeY9ATQEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzNjMGUxNGQ1N2VhYmMzYjY1ZTM4YTc3MzZiZWJlNDkw
OTJlOWUwHhcNMjMwMTAxMDQwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQzNmYwMWY5YmE5ODhiNzUzOTkwNDgxMGQ1YjdlMDI4ZTgwMzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3mbwJQQoXQo0yfEhsamyBglUn8VT
OMcrkA4/d8i2CiqhEhkBuQ/ztssTu78AUx1Pcix7BJ0YhEXJtRacbJ8lt3PsDxaK
rp8bGr5wDG23VANIMWWZnJRNQ31Ld4RaYCDJ5QPxR/F9//GToFNGweN2YTjb+5rb
cYsq31GRH8TZARz8Wj2PuI2c/59Ws3YMKWo/FoP0EouicHRathZUNtoPMig3DLVh
iykgJ0cKzTcYtXtPYFZda1R4SJIisp/Wtw1VLXypmYC97w2ihxKd3QVNm8XQm0gT
pVmk9vQ1EbnhCypKfxDp42ZO+2zpJAefNRnZlOzvJgtJ9UWKw60W0YvYcwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDbTbwH5upiLdTmQSBDVt+Ao6AM1MB8GA1UdIwQY
MBaAFEwzwOFNV+q8O2Xjinc2vr5JCS6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERQQTRVMVg2cnc3WmVPS2R6YS12a2tKTHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9jNzJhYmUtMzJkYy00ZjE4LTkwNWYt
YzFmZjA1NmZjNzZmLzEvTnROdkFmbTZtSXQxT1pCSUVOVzM0Q2pvQXpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9jNzJhYmUtMzJkYy00ZjE4LTkwNWYtYzFmZjA1NmZjNzZm
LzEvVERQQTRVMVg2cnc3WmVPS2R6YS12a2tKTHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhKJwDAN
BgkqhkiG9w0BAQsFAAOCAQEAcNDEWCp8CRgnZ+CloBewg837lsiep32ACx3ng8Vl
6FZvVh6XJbuxGSQoR51ygnCQX6qfHJnCTyVLKxTZsd1MUVDHlfcCRXIh3pH+No6h
cykibM8ZYlvf5J/sHagcgua5s66E2qIiQzKynFtQWxMEcRBjdrzbqjHLKrzmN5/B
tJz8b8mRND/JxuuhT5GmiabQbqsSookwdn8nogzI2UyjhNtD0zVLp4O4ZkABpiYc
wCW0S8BRZNwF8mkqJcVWalMvFSG13rZBIV9lalPi92jxlFX8vJgiF+C2Yk6IE5+s
o/DA9qzMbVbHzE5w2BJb8rMal8bXtJyFU+umYjdW0Ftdow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:58 2024 by rpki-client on console-ams.rpki-client.org