Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/52cb8d-11d4-4f9c-8f92-26e64d78b0c6/1/fPOCo9Hl3c-pvL_22Do7WDy33vQ.roa
File:                     fPOCo9Hl3c-pvL_22Do7WDy33vQ.roa (raw, json)
Hash identifier:          47Ui78saeUUp4FPJGASehV34X0TsVKhJDde4LSyuU2Q=
Subject key identifier:   7C:F3:82:A3:D1:E5:DD:CF:A9:BC:BF:F6:D8:3A:3B:58:3C:B7:DE:F4
Certificate issuer:       /CN=19b105d148de996036fdf21cb208a338a158ceda
Certificate serial:       018DB1D9920CEF7D4FF64CFBFBBE1049C573
Authority key identifier: 19:B1:05:D1:48:DE:99:60:36:FD:F2:1C:B2:08:A3:38:A1:58:CE:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GbEF0UjemWA2_fIcsgijOKFYzto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/52cb8d-11d4-4f9c-8f92-26e64d78b0c6/1/fPOCo9Hl3c-pvL_22Do7WDy33vQ.roa
Signing time:             Fri 16 Feb 2024 12:17:22 +0000
ROA not before:           Fri 16 Feb 2024 12:17:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     203234
IP address blocks:        2a07:10c0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 19 Feb 2024 08:25:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:b1:d9:92:0c:ef:7d:4f:f6:4c:fb:fb:be:10:49:c5:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19b105d148de996036fdf21cb208a338a158ceda
        Validity
            Not Before: Feb 16 12:17:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7cf382a3d1e5ddcfa9bcbff6d83a3b583cb7def4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:3b:14:e0:95:f5:a6:b9:90:b0:48:74:52:b2:
                    7b:d6:fc:08:bc:78:b3:bb:67:b3:43:59:0b:1b:d8:
                    f7:c6:26:62:97:d2:05:11:ab:e9:10:21:a7:d0:4a:
                    9d:19:3f:03:05:de:69:3e:86:a8:e8:00:58:78:9b:
                    f7:c1:2e:41:78:84:02:77:07:60:b1:72:a0:56:de:
                    a0:db:d9:54:bd:08:ef:7f:bb:f6:ef:79:8b:c5:7e:
                    7d:0f:b9:cb:e3:92:5b:62:41:75:c2:c6:29:cb:3a:
                    12:45:ba:b3:6f:cf:88:86:7e:91:3b:19:54:11:bc:
                    7a:e8:0e:89:2b:2d:b2:f3:16:6a:44:f6:8b:bb:5b:
                    3d:4b:5b:42:3e:0f:a9:35:fc:71:be:77:f9:49:d9:
                    18:fc:3b:02:e0:da:60:9b:ee:40:9d:7d:22:fe:5e:
                    e7:98:fc:d6:07:b5:48:bb:ae:b5:7e:27:f6:ff:3b:
                    ff:19:1f:06:f1:d5:43:65:63:fe:8f:32:5f:7a:cc:
                    a8:d3:00:e6:19:03:77:3b:ad:d1:5e:ac:3b:a6:9e:
                    4a:df:de:4d:7a:d6:a9:9f:c4:02:8c:46:c4:60:f3:
                    b9:ee:68:7c:c8:12:6b:8b:4d:5a:6d:fb:cb:38:e7:
                    54:0f:b4:b4:e7:98:e8:2c:b1:78:d2:80:a9:45:75:
                    57:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:F3:82:A3:D1:E5:DD:CF:A9:BC:BF:F6:D8:3A:3B:58:3C:B7:DE:F4
            X509v3 Authority Key Identifier:
                keyid:19:B1:05:D1:48:DE:99:60:36:FD:F2:1C:B2:08:A3:38:A1:58:CE:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GbEF0UjemWA2_fIcsgijOKFYzto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/52cb8d-11d4-4f9c-8f92-26e64d78b0c6/1/fPOCo9Hl3c-pvL_22Do7WDy33vQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/52cb8d-11d4-4f9c-8f92-26e64d78b0c6/1/GbEF0UjemWA2_fIcsgijOKFYzto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:10c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         5e:5f:85:55:79:d4:af:e6:f4:3f:f2:33:c1:42:0f:91:37:ee:
         3c:94:58:a2:a7:8e:37:b6:bd:ac:d6:68:46:63:99:66:ba:48:
         8c:5a:aa:01:98:9d:a0:ec:06:4e:ba:82:6a:b3:9e:ca:9b:4d:
         03:bf:09:73:6d:58:93:fd:a3:fd:67:84:7a:5c:89:c8:18:5b:
         5f:67:98:99:9d:06:1c:9e:82:f8:36:a6:fa:bb:e7:69:ae:0f:
         77:b8:a2:3e:37:a9:c1:2a:55:9a:18:9b:12:e1:bf:58:44:96:
         66:5d:e0:b2:27:21:eb:77:0f:b5:e4:32:fc:b4:0d:94:e6:97:
         a5:29:3b:da:11:26:2a:35:c8:0d:c4:c6:3c:48:ef:a0:20:5e:
         36:b7:bc:45:12:40:73:bc:a5:b4:55:78:ad:5e:2f:b7:65:de:
         a3:0b:6d:1a:b2:46:ec:24:64:02:d6:84:04:56:51:c1:03:75:
         a3:b9:bc:af:e2:91:60:e1:65:3f:9d:f8:5c:eb:13:3b:84:d0:
         0f:e6:1c:89:7f:94:e7:2c:6f:95:e6:25:49:f7:50:f4:9c:44:
         53:fa:2b:24:1c:8f:19:61:2f:fd:1b:bb:c4:b3:be:3a:f7:a1:
         6d:a5:6d:2f:ee:96:6c:2d:e4:01:c9:54:5d:b2:b6:00:74:69:
         0f:f7:a8:ab
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2x2ZIM731P9kz7+74QScVzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YjEwNWQxNDhkZTk5NjAzNmZkZjIxY2IyMDhhMzM4YTE1
OGNlZGEwHhcNMjQwMjE2MTIxNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2YzODJhM2QxZTVkZGNmYTliY2JmZjZkODNhM2I1ODNjYjdkZWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzsU4JX1prmQsEh0UrJ71vwIvHiz
u2ezQ1kLG9j3xiZil9IFEavpECGn0EqdGT8DBd5pPoao6ABYeJv3wS5BeIQCdwdg
sXKgVt6g29lUvQjvf7v273mLxX59D7nL45JbYkF1wsYpyzoSRbqzb8+Ihn6ROxlU
Ebx66A6JKy2y8xZqRPaLu1s9S1tCPg+pNfxxvnf5SdkY/DsC4Npgm+5AnX0i/l7n
mPzWB7VIu661fif2/zv/GR8G8dVDZWP+jzJfesyo0wDmGQN3O63RXqw7pp5K395N
etapn8QCjEbEYPO57mh8yBJri01abfvLOOdUD7S055joLLF40oCpRXVXHQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHzzgqPR5d3Pqby/9tg6O1g8t970MB8GA1UdIwQY
MBaAFBmxBdFI3plgNv3yHLIIozihWM7aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2JFRjBVamVtV0EyX2ZJY3NnaWpPS0ZZenRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi81MmNiOGQtMTFkNC00ZjljLThmOTIt
MjZlNjRkNzhiMGM2LzEvZlBPQ285SGwzYy1wdkxfMjJEbzdXRHkzM3ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi81MmNiOGQtMTFkNC00ZjljLThmOTItMjZlNjRkNzhiMGM2
LzEvR2JFRjBVamVtV0EyX2ZJY3NnaWpPS0ZZenRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgcQwAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBeX4VVedSv5vQ/8jPBQg+RN+48lFiip443tr2s
1mhGY5lmukiMWqoBmJ2g7AZOuoJqs57Km00DvwlzbViT/aP9Z4R6XInIGFtfZ5iZ
nQYcnoL4Nqb6u+dprg93uKI+N6nBKlWaGJsS4b9YRJZmXeCyJyHrdw+15DL8tA2U
5pelKTvaESYqNcgNxMY8SO+gIF42t7xFEkBzvKW0VXitXi+3Zd6jC20askbsJGQC
1oQEVlHBA3Wjubyv4pFg4WU/nfhc6xM7hNAP5hyJf5TnLG+V5iVJ91D0nERT+isk
HI8ZYS/9G7vEs74696FtpW0v7pZsLeQByVRdsrYAdGkP96ir
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:41 2024 by rpki-client on console-fra.rpki-client.org