Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/r-RhBqLseVg5gZxXn_cVjcTTlRo.roa
File:                     r-RhBqLseVg5gZxXn_cVjcTTlRo.roa (raw, json)
Hash identifier:          rXOAhSrcyYypCoGCDs8i62e1kP5R7DM0GisC4XMmfU8=
Subject key identifier:   AF:E4:61:06:A2:EC:79:58:39:81:9C:57:9F:F7:15:8D:C4:D3:95:1A
Certificate issuer:       /CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Certificate serial:       01856FCBBEA0E70865D4713082F42A008D06
Authority key identifier: D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/r-RhBqLseVg5gZxXn_cVjcTTlRo.roa
Signing time:             Mon 02 Jan 2023 00:05:01 +0000
ROA not before:           Mon 02 Jan 2023 00:05:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212469
IP address blocks:        2a0e:e704:60::/44 maxlen: 44

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:34:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:cb:be:a0:e7:08:65:d4:71:30:82:f4:2a:00:8d:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
        Validity
            Not Before: Jan  2 00:05:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=afe46106a2ec795839819c579ff7158dc4d3951a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:f2:7f:4b:11:a9:88:f4:cc:44:b6:24:0b:c1:
                    a2:ab:94:8b:5d:7e:a8:4e:30:47:48:46:6f:0c:93:
                    7b:88:16:21:7c:b0:2a:09:91:f7:58:0f:ad:0b:3f:
                    db:1c:73:be:4d:7c:96:1e:65:63:c7:56:3f:0b:32:
                    36:36:ba:c2:98:db:b5:bf:f6:10:6d:84:aa:e4:6c:
                    c3:4c:c4:f2:65:12:84:66:97:c1:f5:21:c6:90:f2:
                    fb:bc:24:da:75:8b:b3:a1:79:7d:1e:58:ea:b3:4c:
                    c7:3a:dc:d7:48:02:85:31:49:71:9d:8b:9e:a2:12:
                    1e:ff:0f:a7:ac:84:7b:bc:ee:71:ce:9b:f8:8f:02:
                    a4:71:52:a5:ba:98:58:03:67:37:bc:b1:44:a9:c9:
                    8b:6f:d7:72:e7:4f:ef:16:96:4e:a3:b0:d1:e6:ec:
                    7c:43:e4:46:88:b0:99:1b:9b:16:09:8d:13:bb:f8:
                    51:15:34:76:71:76:94:b9:ec:55:73:af:c6:c1:72:
                    05:9d:fc:74:60:f5:02:e7:23:11:e9:95:ba:74:3e:
                    9d:c3:d6:c3:1f:fb:d1:34:4a:83:0b:1c:1d:7b:aa:
                    f4:65:3f:6c:45:8c:fd:34:44:59:4a:bf:3e:b2:1e:
                    5c:f1:50:b3:ad:db:c2:9e:e7:0e:89:1c:ef:cd:f1:
                    0a:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:E4:61:06:A2:EC:79:58:39:81:9C:57:9F:F7:15:8D:C4:D3:95:1A
            X509v3 Authority Key Identifier:
                keyid:D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/r-RhBqLseVg5gZxXn_cVjcTTlRo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/1g9F98xLaR_UoxwfHAtPYF13pu8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:e704:60::/44

    Signature Algorithm: sha256WithRSAEncryption
         06:f6:fe:81:22:5f:d8:02:1d:a0:c7:df:47:41:9e:fb:c6:09:
         39:cf:15:4c:79:8b:ab:17:d3:23:da:26:d8:3d:bf:17:ab:42:
         d5:a5:74:13:d1:f7:cf:3e:6a:a2:54:cd:9e:da:6c:b2:7d:67:
         13:2d:b4:ff:2c:ff:06:ad:f2:a2:fe:1e:c3:73:06:c0:c7:42:
         f9:e1:03:97:34:05:ee:10:76:5c:59:a2:93:b4:88:b1:68:36:
         b5:29:00:d7:21:08:cc:e4:41:c5:7d:05:b3:74:34:21:5e:2c:
         c0:92:4d:ca:66:08:2b:f5:1d:96:f6:15:7b:5d:a6:2b:12:62:
         02:45:29:e1:dd:81:2b:b1:2a:84:aa:6a:53:03:08:53:3f:b5:
         f5:12:66:a8:06:39:74:42:e0:32:3d:d6:de:aa:b6:0d:97:1a:
         6b:bc:f6:b7:1e:f8:c8:b3:9e:92:4c:d3:b5:30:43:cb:8a:b1:
         2e:f8:92:45:3e:b6:fb:9c:e5:1a:70:8c:b1:28:55:ca:a6:33:
         46:38:92:b8:f6:23:d5:88:bb:42:f5:5a:c3:2c:3c:f8:6f:d3:
         02:eb:33:ea:bb:53:dc:0a:c3:0a:b0:63:ca:5b:1b:eb:18:db:
         3e:9f:59:58:1c:17:c8:28:68:ea:84:d5:26:ed:2d:0d:ab:51:
         4f:09:df:c2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvy76g5whl1HEwgvQqAI0GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MGY0NWY3Y2M0YjY5MWZkNGEzMWMxZjFjMGI0ZjYwNWQ3
N2E2ZWYwHhcNMjMwMTAyMDAwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmU0NjEwNmEyZWM3OTU4Mzk4MTljNTc5ZmY3MTU4ZGM0ZDM5NTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvJ/SxGpiPTMRLYkC8Giq5SLXX6o
TjBHSEZvDJN7iBYhfLAqCZH3WA+tCz/bHHO+TXyWHmVjx1Y/CzI2NrrCmNu1v/YQ
bYSq5GzDTMTyZRKEZpfB9SHGkPL7vCTadYuzoXl9Hljqs0zHOtzXSAKFMUlxnYue
ohIe/w+nrIR7vO5xzpv4jwKkcVKluphYA2c3vLFEqcmLb9dy50/vFpZOo7DR5ux8
Q+RGiLCZG5sWCY0Tu/hRFTR2cXaUuexVc6/GwXIFnfx0YPUC5yMR6ZW6dD6dw9bD
H/vRNEqDCxwde6r0ZT9sRYz9NERZSr8+sh5c8VCzrdvCnucOiRzvzfEKUwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFK/kYQai7HlYOYGcV5/3FY3E05UaMB8GA1UdIwQY
MBaAFNYPRffMS2kf1KMcHxwLT2Bdd6bvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWc5Rjk4eExhUl9Vb3h3ZkhBdFBZRjEzcHU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hZDMwNDQtY2RjZS00NmNmLTkyYzkt
YTk1NGQwNTM5OTRhLzEvci1SaEJxTHNlVmc1Z1p4WG5fY1ZqY1RUbFJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hZDMwNDQtY2RjZS00NmNmLTkyYzktYTk1NGQwNTM5OTRh
LzEvMWc5Rjk4eExhUl9Vb3h3ZkhBdFBZRjEzcHU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg7nBABg
MA0GCSqGSIb3DQEBCwUAA4IBAQAG9v6BIl/YAh2gx99HQZ77xgk5zxVMeYurF9Mj
2ibYPb8Xq0LVpXQT0ffPPmqiVM2e2myyfWcTLbT/LP8GrfKi/h7DcwbAx0L54QOX
NAXuEHZcWaKTtIixaDa1KQDXIQjM5EHFfQWzdDQhXizAkk3KZggr9R2W9hV7XaYr
EmICRSnh3YErsSqEqmpTAwhTP7X1EmaoBjl0QuAyPdbeqrYNlxprvPa3HvjIs56S
TNO1MEPLirEu+JJFPrb7nOUacIyxKFXKpjNGOJK49iPViLtC9VrDLDz4b9MC6zPq
u1PcCsMKsGPKWxvrGNs+n1lYHBfIKGjqhNUm7S0Nq1FPCd/C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:13 2024 by rpki-client on console-fra.rpki-client.org