Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/64070910tiqFKYZWa4m_ZmPUQVQ.roa
File:                     64070910tiqFKYZWa4m_ZmPUQVQ.roa (raw, json)
Hash identifier:          khYUfGgVryn55B0kKOKNf3AwtUQgRDU4mqxLzp80Nxg=
Subject key identifier:   EB:8D:3B:D3:DD:74:B6:2A:85:29:86:56:6B:89:BF:66:63:D4:41:54
Certificate issuer:       /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial:       018DF43015CD43CBF36452F2437962287E8C
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/64070910tiqFKYZWa4m_ZmPUQVQ.roa
Signing time:             Thu 29 Feb 2024 09:26:48 +0000
ROA not before:           Thu 29 Feb 2024 09:26:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44812
IP address blocks:        2a0c:f643::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 05 Mar 2024 04:57:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:f4:30:15:cd:43:cb:f3:64:52:f2:43:79:62:28:7e:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
        Validity
            Not Before: Feb 29 09:26:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=eb8d3bd3dd74b62a852986566b89bf6663d44154
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:9f:66:44:6d:65:cc:d5:c0:67:ae:f3:8a:da:
                    bf:69:80:9c:f2:a4:2d:54:bf:47:57:ed:d4:8a:92:
                    67:18:bc:d1:7a:98:ea:99:81:b9:6e:4b:bd:e0:5e:
                    c9:6f:4c:4e:be:8d:be:c9:00:6f:3f:1b:79:a4:46:
                    8e:51:6a:5e:0b:7b:92:0e:d6:da:89:75:2e:20:ca:
                    39:c2:4c:ba:87:f2:e9:36:f0:23:26:7f:67:e7:a1:
                    77:90:af:2a:e9:6d:08:8d:16:c9:4e:8b:ee:03:c4:
                    38:99:db:94:6b:6d:22:16:c9:06:02:e6:ff:6e:ea:
                    31:04:cd:fa:9b:53:23:00:6b:72:34:43:a3:3d:47:
                    44:da:11:6d:dd:a8:9b:8b:1d:fa:cd:e1:9f:ed:24:
                    81:b3:81:d4:3e:e5:37:b8:5c:5d:7e:f9:0f:91:8b:
                    12:41:14:a2:79:6c:26:ef:e8:bc:5f:7c:b0:ee:6f:
                    c1:07:a1:f7:54:25:b0:69:35:40:c5:cb:d7:42:e8:
                    66:7f:d4:e7:db:ef:f7:e3:10:0c:23:4d:bd:0a:97:
                    0e:de:51:12:63:cb:a2:24:29:ba:37:f6:90:c4:39:
                    f9:4b:6b:67:9e:b7:37:da:08:c0:28:bb:4f:49:52:
                    bb:0c:6b:08:b1:26:89:26:9e:a5:0c:39:dc:83:f5:
                    9c:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:8D:3B:D3:DD:74:B6:2A:85:29:86:56:6B:89:BF:66:63:D4:41:54
            X509v3 Authority Key Identifier:
                keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/64070910tiqFKYZWa4m_ZmPUQVQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:f643::/32

    Signature Algorithm: sha256WithRSAEncryption
         bb:91:16:f0:96:97:cf:85:f1:23:e4:71:14:95:99:c5:a6:c9:
         f1:c1:db:a4:45:92:b2:5b:b6:19:54:b0:13:0e:6d:ad:4e:40:
         c1:43:ba:e1:a0:5a:01:67:65:11:3e:e5:b1:9b:7e:3f:af:5c:
         a5:4b:1d:29:a0:07:f9:58:7e:cc:6e:49:09:2f:85:17:bf:63:
         a7:3b:c4:21:8a:e7:66:1c:c3:ae:96:8b:f5:cc:df:13:e6:5f:
         9e:90:d3:ef:c2:04:02:63:57:9d:30:41:86:a0:1a:c4:0b:cf:
         aa:66:03:39:57:8b:5c:a2:a6:d5:9d:e0:00:26:9b:69:40:ff:
         20:33:9d:d9:34:7b:e0:48:43:98:2b:13:dd:0c:c2:3d:15:a5:
         b7:a1:c6:08:5b:64:f3:2d:e1:90:65:00:00:2a:7f:49:97:b6:
         e7:5a:94:0f:d7:b3:58:8d:70:db:68:b7:79:4f:f2:78:7a:43:
         3e:63:01:60:3f:73:fc:23:9c:d4:c0:fb:9d:52:00:fa:b2:26:
         0a:d9:26:44:84:2d:2e:2d:79:e4:ee:90:42:eb:1f:52:20:af:
         7c:0a:33:92:86:f8:14:8e:2c:6d:4e:af:f5:20:77:f1:b7:6a:
         a3:2e:32:7e:8c:b9:6c:55:c1:2a:62:8e:c1:58:21:95:5b:1c:
         49:bc:59:3d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY30MBXNQ8vzZFLyQ3liKH6MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjQwMjI5MDkyNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjhkM2JkM2RkNzRiNjJhODUyOTg2NTY2Yjg5YmY2NjYzZDQ0MTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJ9mRG1lzNXAZ67zitq/aYCc8qQt
VL9HV+3UipJnGLzRepjqmYG5bku94F7Jb0xOvo2+yQBvPxt5pEaOUWpeC3uSDtba
iXUuIMo5wky6h/LpNvAjJn9n56F3kK8q6W0IjRbJTovuA8Q4mduUa20iFskGAub/
buoxBM36m1MjAGtyNEOjPUdE2hFt3aibix36zeGf7SSBs4HUPuU3uFxdfvkPkYsS
QRSieWwm7+i8X3yw7m/BB6H3VCWwaTVAxcvXQuhmf9Tn2+/34xAMI029CpcO3lES
Y8uiJCm6N/aQxDn5S2tnnrc32gjAKLtPSVK7DGsIsSaJJp6lDDncg/Wc8wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOuNO9PddLYqhSmGVmuJv2Zj1EFUMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvNjQwNzA5MTB0aXFGS1laV2E0bV9abVBVUVZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgz2QzAN
BgkqhkiG9w0BAQsFAAOCAQEAu5EW8JaXz4XxI+RxFJWZxabJ8cHbpEWSslu2GVSw
Ew5trU5AwUO64aBaAWdlET7lsZt+P69cpUsdKaAH+Vh+zG5JCS+FF79jpzvEIYrn
ZhzDrpaL9czfE+ZfnpDT78IEAmNXnTBBhqAaxAvPqmYDOVeLXKKm1Z3gACabaUD/
IDOd2TR74EhDmCsT3QzCPRWlt6HGCFtk8y3hkGUAACp/SZe251qUD9ezWI1w22i3
eU/yeHpDPmMBYD9z/COc1MD7nVIA+rImCtkmRIQtLi155O6QQusfUiCvfAozkob4
FI4sbU6v9SB38bdqoy4yfoy5bFXBKmKOwVghlVscSbxZPQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:58 2024 by rpki-client on console-fra.rpki-client.org