Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/3546dxK89Lzv3rRKKf9jGVDc3fQ.roa
File:                     3546dxK89Lzv3rRKKf9jGVDc3fQ.roa (raw, json)
Hash identifier:          jSRQH0ANo6gB/Yk7zJYq4wZ9wBwx+/Hf0PFPF6SLRaQ=
Subject key identifier:   DF:9E:3A:77:12:BC:F4:BC:EF:DE:B4:4A:29:FF:63:19:50:DC:DD:F4
Certificate issuer:       /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial:       018DD131D8B7B0EBC38C3CF90B7CEE31B8F9
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/3546dxK89Lzv3rRKKf9jGVDc3fQ.roa
Signing time:             Thu 22 Feb 2024 14:22:01 +0000
ROA not before:           Thu 22 Feb 2024 14:22:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44812
IP address blocks:        2a0b:d900::/29 maxlen: 29
                          2a0c:f643::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 29 Feb 2024 09:26:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:d1:31:d8:b7:b0:eb:c3:8c:3c:f9:0b:7c:ee:31:b8:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
        Validity
            Not Before: Feb 22 14:22:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=df9e3a7712bcf4bcefdeb44a29ff631950dcddf4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:5f:34:a6:b7:75:65:68:45:f9:69:40:83:c0:
                    03:72:e3:30:99:36:c0:57:40:c1:d4:68:76:9f:ef:
                    56:23:d5:08:42:5a:f6:e0:dd:16:37:1a:9d:9b:c5:
                    d1:78:12:c4:9f:7e:cc:63:ab:49:16:d9:24:0c:5c:
                    6e:d1:5d:e6:17:94:55:d0:bd:4f:7f:91:9e:f5:aa:
                    0d:18:e8:00:4c:c1:d7:9d:3b:1b:61:f8:1a:15:f7:
                    32:ea:6a:dd:ac:b8:7b:61:76:83:3f:e1:67:0c:ef:
                    b9:45:a7:49:80:c3:8a:5a:93:86:7c:52:7d:0f:e0:
                    bc:ed:a1:63:5e:71:8b:0a:b2:3c:00:77:17:d9:32:
                    d1:2f:7f:55:87:73:5f:bc:fc:67:4e:e2:48:12:ad:
                    5c:87:07:58:bc:64:89:b9:18:36:e6:24:18:b9:c6:
                    ad:24:a4:98:a9:b1:73:2f:d3:02:b0:d2:28:d3:e3:
                    a9:6c:25:b0:84:29:d2:93:b4:f4:8b:22:6a:0a:51:
                    b1:1b:0d:c9:d2:d8:ab:62:2f:5f:bf:05:d7:2e:76:
                    35:c7:5b:56:46:34:c8:31:5e:bf:97:4a:d8:e4:eb:
                    61:5f:34:d1:81:ca:c5:4a:37:9e:35:06:fb:c9:a2:
                    e4:0f:32:83:0a:61:1f:d7:88:e2:a7:c4:03:3b:c1:
                    1e:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:9E:3A:77:12:BC:F4:BC:EF:DE:B4:4A:29:FF:63:19:50:DC:DD:F4
            X509v3 Authority Key Identifier:
                keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/3546dxK89Lzv3rRKKf9jGVDc3fQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:d900::/29
                  2a0c:f643::/32

    Signature Algorithm: sha256WithRSAEncryption
         2c:d3:6b:34:8b:b3:a6:63:f7:87:4c:10:3d:48:c5:ea:d8:f8:
         ca:ad:dd:41:2d:de:c2:52:71:70:7b:3b:8f:0c:15:e6:5b:16:
         2d:fa:03:d7:e6:c8:f7:ac:fd:c4:1c:54:81:00:e3:9d:44:ca:
         c8:7f:74:4d:0c:60:93:a5:ef:cd:7b:84:7e:05:b5:45:cf:84:
         13:8c:78:1c:bc:61:f2:7b:0d:b8:e6:3c:4d:14:ab:50:7c:4f:
         c7:be:30:77:a0:79:0b:46:77:14:64:e1:0f:ab:ab:a6:d4:91:
         2a:57:b5:2a:e1:41:55:52:a8:35:ef:40:8c:17:d3:6a:b9:be:
         83:0c:c2:95:e3:53:d6:45:26:bc:7a:9d:ef:04:07:c0:15:a5:
         3f:b7:ac:69:ee:b0:fb:92:3a:e1:f7:02:4d:40:b9:72:2d:72:
         63:79:4c:1c:68:66:e2:1c:d7:eb:cb:56:92:78:46:bf:8f:c6:
         43:cf:f2:c7:1a:e6:6e:d2:8c:2a:41:24:b2:71:29:e6:78:89:
         06:e5:30:c2:eb:6d:21:9a:9d:85:44:ba:0a:13:9e:9c:31:69:
         f4:2a:e6:6c:44:b1:0e:c9:ab:3d:be:f1:00:a3:ae:70:ec:d3:
         c6:77:c4:f8:1e:84:7f:4b:ef:16:73:19:4e:bc:d6:ee:a4:93:
         b3:86:58:da
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY3RMdi3sOvDjDz5C3zuMbj5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjQwMjIyMTQyMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjllM2E3NzEyYmNmNGJjZWZkZWI0NGEyOWZmNjMxOTUwZGNkZGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx180prd1ZWhF+WlAg8ADcuMwmTbA
V0DB1Gh2n+9WI9UIQlr24N0WNxqdm8XReBLEn37MY6tJFtkkDFxu0V3mF5RV0L1P
f5Ge9aoNGOgATMHXnTsbYfgaFfcy6mrdrLh7YXaDP+FnDO+5RadJgMOKWpOGfFJ9
D+C87aFjXnGLCrI8AHcX2TLRL39Vh3NfvPxnTuJIEq1chwdYvGSJuRg25iQYucat
JKSYqbFzL9MCsNIo0+OpbCWwhCnSk7T0iyJqClGxGw3J0tirYi9fvwXXLnY1x1tW
RjTIMV6/l0rY5OthXzTRgcrFSjeeNQb7yaLkDzKDCmEf14jip8QDO8EexwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFN+eOncSvPS87960Sin/YxlQ3N30MB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvMzU0NmR4Szg5THp2M3JSS0tmOWpHVkRjM2ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgvZAAMF
ACoM9kMwDQYJKoZIhvcNAQELBQADggEBACzTazSLs6Zj94dMED1IxerY+Mqt3UEt
3sJScXB7O48MFeZbFi36A9fmyPes/cQcVIEA451Eysh/dE0MYJOl7817hH4FtUXP
hBOMeBy8YfJ7DbjmPE0Uq1B8T8e+MHegeQtGdxRk4Q+rq6bUkSpXtSrhQVVSqDXv
QIwX02q5voMMwpXjU9ZFJrx6ne8EB8AVpT+3rGnusPuSOuH3Ak1AuXItcmN5TBxo
ZuIc1+vLVpJ4Rr+PxkPP8sca5m7SjCpBJLJxKeZ4iQblMMLrbSGanYVEugoTnpwx
afQq5mxEsQ7Jqz2+8QCjrnDs08Z3xPgehH9L7xZzGU681u6kk7OGWNo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:58 2024 by rpki-client on console-fra.rpki-client.org