Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/wQvd3Dmiht1umvVR07isL04PnLw.roa
File:                     wQvd3Dmiht1umvVR07isL04PnLw.roa (raw, json)
Hash identifier:          3YGM3RI0OZmIx8eRu5wCHuLPkgbzdyJ85rQhkCOF0cc=
Subject key identifier:   C1:0B:DD:DC:39:A2:86:DD:6E:9A:F5:51:D3:B8:AC:2F:4E:0F:9C:BC
Certificate issuer:       /CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Certificate serial:       01856BDC6FD824C7578354B20707FAF97863
Authority key identifier: 0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/wQvd3Dmiht1umvVR07isL04PnLw.roa
Signing time:             Sun 01 Jan 2023 05:44:46 +0000
ROA not before:           Sun 01 Jan 2023 05:44:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207705
IP address blocks:        2a0f:607:1072::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:dc:6f:d8:24:c7:57:83:54:b2:07:07:fa:f9:78:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
        Validity
            Not Before: Jan  1 05:44:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c10bdddc39a286dd6e9af551d3b8ac2f4e0f9cbc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:4a:28:31:b7:0d:88:a6:cf:86:4d:34:bf:8e:
                    ef:e3:1a:8a:4b:0a:07:5a:3e:20:84:a1:f9:08:fc:
                    90:25:37:2e:a4:77:8e:36:da:14:d0:40:dd:be:ec:
                    52:01:2f:fd:b3:c8:8a:a3:bf:cb:e5:44:46:17:b9:
                    e5:f9:c9:d5:cb:c8:00:74:de:66:bf:59:d7:90:de:
                    ae:4a:e2:81:a1:5c:1d:b8:60:24:95:b0:4a:d7:3b:
                    b5:27:08:eb:0e:47:26:3a:6c:ea:34:6b:fe:88:7b:
                    29:60:1d:75:4d:fa:77:63:01:17:4f:5d:7a:81:d6:
                    35:9d:45:33:c7:82:f3:50:34:4e:ed:2e:4a:2a:cb:
                    aa:a1:d5:a6:0f:63:ca:9d:3f:92:23:42:49:37:5a:
                    55:ee:e6:07:09:47:48:48:cf:45:a1:bd:da:61:df:
                    02:c4:06:ff:81:e3:6d:41:2d:a1:10:d8:f6:a8:c2:
                    a1:70:12:47:70:82:04:ff:22:a8:59:83:8a:29:cd:
                    b8:13:aa:c5:11:3f:0d:7c:00:35:42:11:86:e8:6a:
                    c8:03:24:50:f7:1b:78:1d:ca:e3:36:68:1e:6d:38:
                    e5:5c:24:01:c6:b5:2e:fa:c2:d1:ce:39:bb:06:7c:
                    35:0c:d4:63:d3:a1:c9:da:89:59:46:86:01:ac:8e:
                    ad:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:0B:DD:DC:39:A2:86:DD:6E:9A:F5:51:D3:B8:AC:2F:4E:0F:9C:BC
            X509v3 Authority Key Identifier:
                keyid:0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/wQvd3Dmiht1umvVR07isL04PnLw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:607:1072::/48

    Signature Algorithm: sha256WithRSAEncryption
         2f:2c:ee:33:2e:e1:bc:5f:33:b4:c9:79:38:61:68:e2:fe:64:
         de:ef:49:9c:aa:97:7d:f0:6b:33:f8:a7:8c:34:4a:4e:23:2c:
         1c:1c:89:cf:e6:74:11:f7:2f:99:83:05:d1:67:ae:d8:f3:5c:
         4f:0e:f2:7e:b6:e0:ce:1a:de:3a:20:93:f2:b7:fb:9f:fe:35:
         12:b0:80:81:58:2a:6a:00:e0:94:db:53:a4:88:d6:78:f4:85:
         30:17:cb:a9:36:52:ab:3c:4c:89:a1:10:d7:7e:53:78:71:5c:
         44:e9:39:f3:de:ef:67:b0:03:61:f4:4f:e5:9f:50:e7:b6:71:
         a0:47:ee:36:a6:56:9c:4d:23:38:cf:91:c6:a5:08:62:92:50:
         52:52:71:63:6e:a3:c0:24:ff:1d:75:10:9f:83:c5:b2:a3:40:
         26:91:80:8d:61:88:00:ac:e6:f3:fe:0c:2c:08:be:a5:2d:b6:
         b5:ac:48:af:1c:09:e5:1b:4e:4e:74:09:7f:d6:ab:5b:d9:87:
         23:a8:a0:52:cd:9c:87:a6:dd:a9:41:88:f4:00:47:24:d7:a1:
         60:e0:47:ed:d3:55:37:2f:73:de:a9:f6:7d:a9:7e:60:13:e3:
         e0:9d:ea:0b:c1:0f:b3:db:b1:9e:cd:24:1f:7c:87:98:d2:88:
         bd:ec:33:16
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVr3G/YJMdXg1SyBwf6+XhjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMjFiOTI1YjRjNGJjYzMwZjc3YzljNDFiYThkMDQwYWM5
NWRmYzYwHhcNMjMwMTAxMDU0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTBiZGRkYzM5YTI4NmRkNmU5YWY1NTFkM2I4YWMyZjRlMGY5Y2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0ooMbcNiKbPhk00v47v4xqKSwoH
Wj4ghKH5CPyQJTcupHeONtoU0EDdvuxSAS/9s8iKo7/L5URGF7nl+cnVy8gAdN5m
v1nXkN6uSuKBoVwduGAklbBK1zu1JwjrDkcmOmzqNGv+iHspYB11Tfp3YwEXT116
gdY1nUUzx4LzUDRO7S5KKsuqodWmD2PKnT+SI0JJN1pV7uYHCUdISM9Fob3aYd8C
xAb/geNtQS2hENj2qMKhcBJHcIIE/yKoWYOKKc24E6rFET8NfAA1QhGG6GrIAyRQ
9xt4HcrjNmgebTjlXCQBxrUu+sLRzjm7Bnw1DNRj06HJ2olZRoYBrI6tRwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMEL3dw5oobdbpr1UdO4rC9OD5y8MB8GA1UdIwQY
MBaAFAwhuSW0xLzDD3fJxBuo0ECsld/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2Ut
YTM0NzU2NDE1OGY4LzEvd1F2ZDNEbWlodDF1bXZWUjA3aXNMMDRQbkx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2UtYTM0NzU2NDE1OGY4
LzEvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg8GBxBy
MA0GCSqGSIb3DQEBCwUAA4IBAQAvLO4zLuG8XzO0yXk4YWji/mTe70mcqpd98Gsz
+KeMNEpOIywcHInP5nQR9y+ZgwXRZ67Y81xPDvJ+tuDOGt46IJPyt/uf/jUSsICB
WCpqAOCU21OkiNZ49IUwF8upNlKrPEyJoRDXflN4cVxE6Tnz3u9nsANh9E/ln1Dn
tnGgR+42placTSM4z5HGpQhiklBSUnFjbqPAJP8ddRCfg8Wyo0AmkYCNYYgArObz
/gwsCL6lLba1rEivHAnlG05OdAl/1qtb2YcjqKBSzZyHpt2pQYj0AEck16Fg4Eft
01U3L3PeqfZ9qX5gE+PgneoLwQ+z27GezSQffIeY0oi97DMW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:14 2024 by rpki-client on console-fra.rpki-client.org