Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/58bac7-0f52-4e70-9d9f-6a0ad6bc8240/1/WRq0E9dxEL8hY1nZikzy6kP9SWk.roa
File:                     WRq0E9dxEL8hY1nZikzy6kP9SWk.roa (raw, json)
Hash identifier:          aPChSmNoLzRNkt54rERtwcIEMTeZKEBGxY2MFcNnMNc=
Subject key identifier:   59:1A:B4:13:D7:71:10:BF:21:63:59:D9:8A:4C:F2:EA:43:FD:49:69
Certificate issuer:       /CN=57b02b5f682c0955f4cf47a35f8bb0c2b57f3a75
Certificate serial:       0187C7F5602E7620ADC1A9CF084865EC90DA
Authority key identifier: 57:B0:2B:5F:68:2C:09:55:F4:CF:47:A3:5F:8B:B0:C2:B5:7F:3A:75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V7ArX2gsCVX0z0ejX4uwwrV_OnU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/58bac7-0f52-4e70-9d9f-6a0ad6bc8240/1/WRq0E9dxEL8hY1nZikzy6kP9SWk.roa
Signing time:             Fri 28 Apr 2023 13:02:39 +0000
ROA not before:           Fri 28 Apr 2023 13:02:39 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39259
IP address blocks:        2a05:c680::/29 maxlen: 29
                          2a05:c680:53::/48 maxlen: 48
                          2a0c:e6c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:31:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:c7:f5:60:2e:76:20:ad:c1:a9:cf:08:48:65:ec:90:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57b02b5f682c0955f4cf47a35f8bb0c2b57f3a75
        Validity
            Not Before: Apr 28 13:02:39 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=591ab413d77110bf216359d98a4cf2ea43fd4969
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:86:55:89:d6:fb:69:02:54:50:5b:b9:7c:db:
                    b0:23:77:d0:34:0d:cf:e3:b2:10:83:fa:14:ea:ab:
                    12:72:27:60:89:79:61:55:c4:ee:26:18:26:1c:a2:
                    5e:03:4a:92:98:ac:da:2f:12:ba:e9:a9:79:f2:72:
                    dd:26:d5:0e:83:7f:da:7f:dc:8d:9c:ef:8f:45:6c:
                    1d:97:7f:f0:8c:d1:36:7f:aa:e2:c0:cd:44:cf:3b:
                    f4:54:5c:53:d7:43:bb:db:c6:23:71:05:ba:5a:ac:
                    5e:52:da:e2:96:f8:61:0a:a2:d6:7a:3c:92:8c:82:
                    3b:12:b5:48:d1:9f:e9:a0:d8:53:92:df:94:78:03:
                    94:40:18:4c:09:61:70:50:80:9f:e0:79:41:34:b0:
                    cb:4d:9b:65:c0:f4:2a:d2:8f:54:61:eb:54:06:00:
                    b0:ac:69:ce:33:7b:d4:cd:8d:9e:d3:a9:d3:a2:1d:
                    4e:ce:33:9e:f2:1c:27:f8:d4:be:d0:f8:bd:31:7c:
                    e8:82:f3:79:29:48:b2:e0:b2:1b:d3:41:81:ea:a9:
                    66:74:6a:0b:fd:88:47:59:c2:7b:b4:28:12:56:86:
                    86:98:3f:28:ad:7f:9b:07:2a:1e:b8:1b:76:a6:d6:
                    8f:b2:38:a1:a6:5e:49:49:43:32:e1:e4:8e:bd:02:
                    aa:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:1A:B4:13:D7:71:10:BF:21:63:59:D9:8A:4C:F2:EA:43:FD:49:69
            X509v3 Authority Key Identifier:
                keyid:57:B0:2B:5F:68:2C:09:55:F4:CF:47:A3:5F:8B:B0:C2:B5:7F:3A:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V7ArX2gsCVX0z0ejX4uwwrV_OnU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/58bac7-0f52-4e70-9d9f-6a0ad6bc8240/1/WRq0E9dxEL8hY1nZikzy6kP9SWk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/58bac7-0f52-4e70-9d9f-6a0ad6bc8240/1/V7ArX2gsCVX0z0ejX4uwwrV_OnU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:c680::/29
                  2a0c:e6c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         2d:f7:9b:c4:7b:88:82:b2:9e:52:36:c7:9f:c1:43:67:e3:9e:
         9a:2d:ac:09:92:e6:63:39:a1:2a:3b:1f:97:3b:e8:e9:57:69:
         f8:f7:b9:9f:9c:7f:a4:3d:20:e2:6e:76:dd:ac:55:9e:7e:2d:
         83:28:44:7b:94:38:92:66:d6:dd:be:82:8d:d8:3e:20:ea:56:
         05:69:9c:fe:10:5c:18:5f:e5:68:b2:4f:db:0d:01:49:28:bc:
         3a:19:75:af:13:a5:b5:70:bc:d3:be:7f:13:78:65:06:d8:1f:
         46:63:ed:40:62:f7:46:f0:ff:90:43:f9:f0:70:b3:ca:97:3c:
         ac:e1:ee:25:76:36:a5:cd:0a:b8:ed:98:2f:a6:35:a0:52:82:
         bc:a5:a3:59:3a:ca:91:68:b9:6d:7b:4f:ca:ce:53:cd:f6:4e:
         41:35:d6:86:f9:86:da:e1:fd:3d:c0:2b:d9:53:2f:e1:ab:54:
         d0:ea:0f:99:70:f0:71:71:e8:34:3e:ea:d5:e7:47:21:d4:e1:
         b4:e2:1c:64:3f:fb:2e:18:5b:91:3b:96:d8:f3:44:e1:ef:aa:
         aa:24:58:98:3c:df:4f:80:1e:34:05:af:d8:f3:5a:3c:22:e2:
         39:0c:7b:8c:17:7d:73:82:ec:8a:ce:e0:f7:df:e8:99:62:7c:
         dc:0c:a1:d6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYfH9WAudiCtwanPCEhl7JDaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YjAyYjVmNjgyYzA5NTVmNGNmNDdhMzVmOGJiMGMyYjU3
ZjNhNzUwHhcNMjMwNDI4MTMwMjM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTFhYjQxM2Q3NzExMGJmMjE2MzU5ZDk4YTRjZjJlYTQzZmQ0OTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoZVidb7aQJUUFu5fNuwI3fQNA3P
47IQg/oU6qsScidgiXlhVcTuJhgmHKJeA0qSmKzaLxK66al58nLdJtUOg3/af9yN
nO+PRWwdl3/wjNE2f6riwM1Ezzv0VFxT10O728YjcQW6WqxeUtrilvhhCqLWejyS
jII7ErVI0Z/poNhTkt+UeAOUQBhMCWFwUICf4HlBNLDLTZtlwPQq0o9UYetUBgCw
rGnOM3vUzY2e06nToh1OzjOe8hwn+NS+0Pi9MXzogvN5KUiy4LIb00GB6qlmdGoL
/YhHWcJ7tCgSVoaGmD8orX+bByoeuBt2ptaPsjihpl5JSUMy4eSOvQKqSQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFkatBPXcRC/IWNZ2YpM8upD/UlpMB8GA1UdIwQY
MBaAFFewK19oLAlV9M9Ho1+LsMK1fzp1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjdBclgyZ3NDVlgwejBlalg0dXd3clZfT25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi81OGJhYzctMGY1Mi00ZTcwLTlkOWYt
NmEwYWQ2YmM4MjQwLzEvV1JxMEU5ZHhFTDhoWTFuWmlrenk2a1A5U1drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi81OGJhYzctMGY1Mi00ZTcwLTlkOWYtNmEwYWQ2YmM4MjQw
LzEvVjdBclgyZ3NDVlgwejBlalg0dXd3clZfT25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgXGgAMF
AyoM5sAwDQYJKoZIhvcNAQELBQADggEBAC33m8R7iIKynlI2x5/BQ2fjnpotrAmS
5mM5oSo7H5c76OlXafj3uZ+cf6Q9IOJudt2sVZ5+LYMoRHuUOJJm1t2+go3YPiDq
VgVpnP4QXBhf5WiyT9sNAUkovDoZda8TpbVwvNO+fxN4ZQbYH0Zj7UBi90bw/5BD
+fBws8qXPKzh7iV2NqXNCrjtmC+mNaBSgrylo1k6ypFouW17T8rOU832TkE11ob5
htrh/T3AK9lTL+GrVNDqD5lw8HFx6DQ+6tXnRyHU4bTiHGQ/+y4YW5E7ltjzROHv
qqokWJg830+AHjQFr9jzWjwi4jkMe4wXfXOC7IrO4Pff6JlifNwModY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:00 2024 by rpki-client on console-ams.rpki-client.org