Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/e38ff0-469b-41e5-bbed-179e6e4290c0/1/MOz5AFWpr2rGBj9ReWBESoCgnQQ.roa
File:                     MOz5AFWpr2rGBj9ReWBESoCgnQQ.roa (raw, json)
Hash identifier:          f/opMn0tjrhSUkb+fGe3ZrZx0+8rbb0rrvE64RY8CuU=
Subject key identifier:   30:EC:F9:00:55:A9:AF:6A:C6:06:3F:51:79:60:44:4A:80:A0:9D:04
Certificate issuer:       /CN=b22640351ab21a0dc7aaa15fab5b110977714a3c
Certificate serial:       018E7B5EF83AE67DA1075609F9D7FDD63AB8
Authority key identifier: B2:26:40:35:1A:B2:1A:0D:C7:AA:A1:5F:AB:5B:11:09:77:71:4A:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/siZANRqyGg3HqqFfq1sRCXdxSjw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/e38ff0-469b-41e5-bbed-179e6e4290c0/1/MOz5AFWpr2rGBj9ReWBESoCgnQQ.roa
Signing time:             Tue 26 Mar 2024 15:26:45 +0000
ROA not before:           Tue 26 Mar 2024 15:26:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16509
IP address blocks:        2a14:2ec0:62b4::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 26 Mar 2024 19:44:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:7b:5e:f8:3a:e6:7d:a1:07:56:09:f9:d7:fd:d6:3a:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b22640351ab21a0dc7aaa15fab5b110977714a3c
        Validity
            Not Before: Mar 26 15:26:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=30ecf90055a9af6ac6063f517960444a80a09d04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:fc:d1:46:c7:0b:15:a9:59:a3:fb:10:14:44:
                    2c:66:03:0f:db:48:98:39:87:fd:21:51:32:1c:21:
                    35:fe:bc:0f:34:43:cf:4e:06:4f:a3:10:25:50:ad:
                    f2:f3:d1:0d:55:bf:85:f1:ad:61:46:cd:5a:eb:5f:
                    ed:f4:15:2d:6b:9d:9f:55:45:49:ad:ad:a7:28:f7:
                    3f:5b:84:6a:03:9d:f5:ca:48:b3:cc:67:27:76:2a:
                    bb:e9:76:8d:fb:1f:b1:a2:4d:9c:23:42:c6:df:11:
                    6c:61:60:fb:a2:cd:20:66:97:24:f3:2f:cf:28:15:
                    21:c8:9f:dc:2c:40:7f:b1:08:ee:46:26:1e:c9:78:
                    66:5f:fd:13:d0:51:a8:0d:89:90:c4:ff:8a:e6:f7:
                    ea:80:5d:88:df:89:29:06:d6:ff:7a:45:54:a4:cc:
                    76:cd:90:be:aa:76:ed:2c:1e:fb:65:7a:a0:b2:9b:
                    2c:22:13:08:66:0e:28:ee:35:30:8b:11:23:0a:59:
                    9a:c6:09:b7:74:b6:f8:06:fe:d5:32:e8:e0:ee:e7:
                    e2:23:c4:0f:5e:62:32:88:4e:1d:dc:18:55:79:20:
                    2a:c6:e2:c3:2c:1a:c0:0e:7b:5c:4a:b9:b6:2b:72:
                    c0:7f:65:cc:cf:5e:f9:91:14:c5:bf:9f:2c:aa:f8:
                    f3:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:EC:F9:00:55:A9:AF:6A:C6:06:3F:51:79:60:44:4A:80:A0:9D:04
            X509v3 Authority Key Identifier:
                keyid:B2:26:40:35:1A:B2:1A:0D:C7:AA:A1:5F:AB:5B:11:09:77:71:4A:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/siZANRqyGg3HqqFfq1sRCXdxSjw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/e38ff0-469b-41e5-bbed-179e6e4290c0/1/MOz5AFWpr2rGBj9ReWBESoCgnQQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/e38ff0-469b-41e5-bbed-179e6e4290c0/1/siZANRqyGg3HqqFfq1sRCXdxSjw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:2ec0:62b4::/48

    Signature Algorithm: sha256WithRSAEncryption
         13:d4:b8:f2:ff:6f:c9:cc:ef:6b:66:31:70:fb:cd:2f:eb:40:
         7e:93:a9:da:60:bd:84:7a:06:0f:35:9d:b5:4e:2c:87:a5:5a:
         10:df:41:bb:e9:b1:7d:77:21:d5:a7:13:8e:e0:68:f8:76:d4:
         38:53:7c:e3:88:03:ed:a7:aa:64:d1:e9:2d:e3:bd:fc:cd:d3:
         9c:c6:a2:6d:97:61:34:f9:06:15:2d:3f:b9:37:27:5d:c6:a6:
         43:07:6a:d7:ed:94:3e:d5:43:c9:50:5f:ff:73:94:28:a3:cb:
         66:2a:1b:cc:98:63:29:4c:64:61:20:8e:e2:6d:70:a0:82:e9:
         af:c8:15:c0:22:38:87:6d:98:ad:42:b1:ee:63:8b:7f:dd:c8:
         20:60:cf:25:a7:47:e3:96:ab:50:d7:eb:1e:d9:75:60:4e:0c:
         12:b5:96:ad:9f:8e:bd:34:0c:be:1d:4b:b9:a9:ff:d2:9f:1f:
         58:80:e9:ba:5b:1b:b5:b9:1b:3a:23:32:e7:24:eb:aa:ba:89:
         0a:67:39:5f:0b:63:ad:8f:d1:2b:4e:9d:70:8b:d4:50:b2:16:
         e5:77:4c:92:71:d7:fb:a3:88:6d:70:19:c4:63:6e:7a:26:d5:
         62:ff:00:49:8c:bb:36:81:f4:d8:5a:60:3c:be:6c:5e:84:81:
         e4:54:f1:bf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY57Xvg65n2hB1YJ+df91jq4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMjY0MDM1MWFiMjFhMGRjN2FhYTE1ZmFiNWIxMTA5Nzc3
MTRhM2MwHhcNMjQwMzI2MTUyNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGVjZjkwMDU1YTlhZjZhYzYwNjNmNTE3OTYwNDQ0YTgwYTA5ZDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPzRRscLFalZo/sQFEQsZgMP20iY
OYf9IVEyHCE1/rwPNEPPTgZPoxAlUK3y89ENVb+F8a1hRs1a61/t9BUta52fVUVJ
ra2nKPc/W4RqA531ykizzGcndiq76XaN+x+xok2cI0LG3xFsYWD7os0gZpck8y/P
KBUhyJ/cLEB/sQjuRiYeyXhmX/0T0FGoDYmQxP+K5vfqgF2I34kpBtb/ekVUpMx2
zZC+qnbtLB77ZXqgspssIhMIZg4o7jUwixEjClmaxgm3dLb4Bv7VMujg7ufiI8QP
XmIyiE4d3BhVeSAqxuLDLBrADntcSrm2K3LAf2XMz175kRTFv58sqvjzlQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDDs+QBVqa9qxgY/UXlgREqAoJ0EMB8GA1UdIwQY
MBaAFLImQDUashoNx6qhX6tbEQl3cUo8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2laQU5ScXlHZzNIcXFGZnExc1JDWGR4U2p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9lMzhmZjAtNDY5Yi00MWU1LWJiZWQt
MTc5ZTZlNDI5MGMwLzEvTU96NUFGV3ByMnJHQmo5UmVXQkVTb0NnblFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9lMzhmZjAtNDY5Yi00MWU1LWJiZWQtMTc5ZTZlNDI5MGMw
LzEvc2laQU5ScXlHZzNIcXFGZnExc1JDWGR4U2p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhQuwGK0
MA0GCSqGSIb3DQEBCwUAA4IBAQAT1Ljy/2/JzO9rZjFw+80v60B+k6naYL2EegYP
NZ21TiyHpVoQ30G76bF9dyHVpxOO4Gj4dtQ4U3zjiAPtp6pk0ekt4738zdOcxqJt
l2E0+QYVLT+5NyddxqZDB2rX7ZQ+1UPJUF//c5Qoo8tmKhvMmGMpTGRhII7ibXCg
gumvyBXAIjiHbZitQrHuY4t/3cggYM8lp0fjlqtQ1+se2XVgTgwStZatn469NAy+
HUu5qf/Snx9YgOm6Wxu1uRs6IzLnJOuquokKZzlfC2Otj9ErTp1wi9RQshbld0yS
cdf7o4htcBnEY256JtVi/wBJjLs2gfTYWmA8vmxehIHkVPG/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:45 2024 by rpki-client on console-ams.rpki-client.org