Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/6fe149-8a72-47fd-8735-7dc5bddf91b5/1/XkP4XEGUirca6nCsBD2x-0_Ehas.roa
File:                     XkP4XEGUirca6nCsBD2x-0_Ehas.roa (raw, json)
Hash identifier:          wlTG5ESIQ0FO1sD/dgiWUg6Vp2DsN2RCBrHIVLd5w6o=
Subject key identifier:   5E:43:F8:5C:41:94:8A:B7:1A:EA:70:AC:04:3D:B1:FB:4F:C4:85:AB
Certificate issuer:       /CN=4f3bd56e8b54e6da27bbe6622dac67cbf02a81ea
Certificate serial:       0185710C219AA72A60831F23E1DB5A3B87F0
Authority key identifier: 4F:3B:D5:6E:8B:54:E6:DA:27:BB:E6:62:2D:AC:67:CB:F0:2A:81:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TzvVbotU5tonu-ZiLaxny_Aqgeo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/6fe149-8a72-47fd-8735-7dc5bddf91b5/1/XkP4XEGUirca6nCsBD2x-0_Ehas.roa
Signing time:             Mon 02 Jan 2023 05:54:58 +0000
ROA not before:           Mon 02 Jan 2023 05:54:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34081
IP address blocks:        2a0c:8fc1::/32 maxlen: 48
                          2a0c:8fc2::/32 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:35:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0c:21:9a:a7:2a:60:83:1f:23:e1:db:5a:3b:87:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f3bd56e8b54e6da27bbe6622dac67cbf02a81ea
        Validity
            Not Before: Jan  2 05:54:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5e43f85c41948ab71aea70ac043db1fb4fc485ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:3a:ca:59:4e:10:d2:0e:df:b2:f7:e0:cb:16:
                    7e:5a:e9:01:51:54:5b:f3:32:f4:03:a0:b2:67:a2:
                    b0:50:b5:7a:81:92:0c:1c:50:33:0d:91:d8:6b:08:
                    c3:1c:66:26:83:1a:42:7b:27:d5:dc:d1:bd:09:de:
                    48:13:62:cb:63:a3:01:96:cd:76:18:74:a0:b8:18:
                    af:ec:37:4d:d6:03:bc:90:3f:29:62:31:d4:eb:92:
                    9e:d5:e1:3d:ef:86:45:51:cc:dd:03:f8:5b:1e:7a:
                    10:6d:b5:97:31:e4:64:8b:79:c5:04:5c:4d:ca:ce:
                    5f:3e:f1:68:12:92:27:45:53:93:f3:9f:0f:4e:11:
                    80:98:58:c3:05:d7:74:b7:93:3c:80:a0:79:5f:3c:
                    dc:42:17:29:cf:7b:db:9c:cf:05:ce:90:28:fc:f0:
                    6d:76:94:37:6e:84:26:26:60:36:57:8e:b5:2d:01:
                    85:ff:8a:c8:7b:d8:b3:01:3d:18:16:85:84:8f:8f:
                    a1:08:9b:12:b8:54:90:a2:84:5a:9a:fb:ea:3a:86:
                    3e:74:06:a5:ab:cb:02:4c:8e:2b:05:69:e7:96:9e:
                    92:b3:ff:03:51:91:6f:74:3f:d3:66:78:72:2a:c8:
                    55:43:19:76:6e:c4:08:9a:1f:98:a9:aa:14:60:b8:
                    09:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:43:F8:5C:41:94:8A:B7:1A:EA:70:AC:04:3D:B1:FB:4F:C4:85:AB
            X509v3 Authority Key Identifier:
                keyid:4F:3B:D5:6E:8B:54:E6:DA:27:BB:E6:62:2D:AC:67:CB:F0:2A:81:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TzvVbotU5tonu-ZiLaxny_Aqgeo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6fe149-8a72-47fd-8735-7dc5bddf91b5/1/XkP4XEGUirca6nCsBD2x-0_Ehas.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6fe149-8a72-47fd-8735-7dc5bddf91b5/1/TzvVbotU5tonu-ZiLaxny_Aqgeo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:8fc1::-2a0c:8fc2:ffff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         14:96:59:13:a9:e9:a5:01:2d:80:19:ec:ec:2e:1c:3f:0e:bb:
         1a:fa:df:b1:c2:2a:05:b6:d2:b3:ff:52:40:90:45:9e:ed:c8:
         b7:5b:2c:d2:2f:6d:2a:64:40:75:c0:18:53:dc:8f:ee:6f:ee:
         1d:1a:c6:c8:07:91:f1:b3:48:b9:ab:4a:83:c4:59:2f:83:73:
         f2:a7:c5:4d:9c:1e:f9:53:a0:b3:dd:42:70:f2:29:f5:a6:b0:
         34:31:01:4c:4e:96:14:96:e1:9b:9b:9d:e0:94:15:b4:28:51:
         71:26:12:42:ce:de:83:7f:37:c2:c0:b4:23:10:3c:1f:16:14:
         d2:05:e7:11:9b:ae:68:24:4c:23:81:b1:64:c6:21:5e:59:7f:
         b1:38:b7:4f:68:40:eb:ce:da:97:aa:e4:18:e2:b5:13:b6:f7:
         1e:a2:5b:93:35:8b:dd:4e:b5:2d:06:6e:fd:8d:41:e9:5e:66:
         d7:cb:f6:ff:8b:cf:93:f5:3b:91:d6:72:30:f1:d9:a2:87:8b:
         e0:31:57:46:02:2a:b6:f2:36:95:f5:87:63:b7:52:53:0b:b3:
         d8:65:96:63:99:ac:26:e9:05:d1:0e:17:a4:2f:f0:e8:5e:df:
         78:47:fa:cc:b8:0a:3c:75:8d:5a:83:2a:cc:2c:d0:cb:f9:fb:
         7a:26:a5:f2
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYVxDCGapypggx8j4dtaO4fwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmM2JkNTZlOGI1NGU2ZGEyN2JiZTY2MjJkYWM2N2NiZjAy
YTgxZWEwHhcNMjMwMTAyMDU1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTQzZjg1YzQxOTQ4YWI3MWFlYTcwYWMwNDNkYjFmYjRmYzQ4NWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTrKWU4Q0g7fsvfgyxZ+WukBUVRb
8zL0A6CyZ6KwULV6gZIMHFAzDZHYawjDHGYmgxpCeyfV3NG9Cd5IE2LLY6MBls12
GHSguBiv7DdN1gO8kD8pYjHU65Ke1eE974ZFUczdA/hbHnoQbbWXMeRki3nFBFxN
ys5fPvFoEpInRVOT858PThGAmFjDBdd0t5M8gKB5XzzcQhcpz3vbnM8FzpAo/PBt
dpQ3boQmJmA2V461LQGF/4rIe9izAT0YFoWEj4+hCJsSuFSQooRamvvqOoY+dAal
q8sCTI4rBWnnlp6Ss/8DUZFvdD/TZnhyKshVQxl2bsQImh+YqaoUYLgJFwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFF5D+FxBlIq3GupwrAQ9sftPxIWrMB8GA1UdIwQY
MBaAFE871W6LVObaJ7vmYi2sZ8vwKoHqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHp2VmJvdFU1dG9udS1aaUxheG55X0FxZ2VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS82ZmUxNDktOGE3Mi00N2ZkLTg3MzUt
N2RjNWJkZGY5MWI1LzEvWGtQNFhFR1VpcmNhNm5Dc0JEMngtMF9FaGFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS82ZmUxNDktOGE3Mi00N2ZkLTg3MzUtN2RjNWJkZGY5MWI1
LzEvVHp2VmJvdFU1dG9udS1aaUxheG55X0FxZ2VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqDI/B
AwUAKgyPwjANBgkqhkiG9w0BAQsFAAOCAQEAFJZZE6nppQEtgBns7C4cPw67Gvrf
scIqBbbSs/9SQJBFnu3It1ss0i9tKmRAdcAYU9yP7m/uHRrGyAeR8bNIuatKg8RZ
L4Nz8qfFTZwe+VOgs91CcPIp9aawNDEBTE6WFJbhm5ud4JQVtChRcSYSQs7eg383
wsC0IxA8HxYU0gXnEZuuaCRMI4GxZMYhXll/sTi3T2hA687al6rkGOK1E7b3HqJb
kzWL3U61LQZu/Y1B6V5m18v2/4vPk/U7kdZyMPHZooeL4DFXRgIqtvI2lfWHY7dS
Uwuz2GWWY5msJukF0Q4XpC/w6F7feEf6zLgKPHWNWoMqzCzQy/n7eial8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:43 2024 by rpki-client on console-ams.rpki-client.org