Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/c80c5a-fae2-466d-aa16-8ca6c33d14bb/1/osGVXiaNV-p7pWL1b57dy7tDQXI.roa
File:                     osGVXiaNV-p7pWL1b57dy7tDQXI.roa (raw, json)
Hash identifier:          Avoel0ZU8TCigi5jSJFYCDEHz21OI5d7kePclF5dPQw=
Subject key identifier:   A2:C1:95:5E:26:8D:57:EA:7B:A5:62:F5:6F:9E:DD:CB:BB:43:41:72
Certificate issuer:       /CN=e0f2f545ddb234e383d36b8a8d6b56a38dd72f89
Certificate serial:       0188E1E191CA5F68CFC6470438EE6978A475
Authority key identifier: E0:F2:F5:45:DD:B2:34:E3:83:D3:6B:8A:8D:6B:56:A3:8D:D7:2F:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4PL1Rd2yNOOD02uKjWtWo43XL4k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/c80c5a-fae2-466d-aa16-8ca6c33d14bb/1/osGVXiaNV-p7pWL1b57dy7tDQXI.roa
Signing time:             Thu 22 Jun 2023 06:53:56 +0000
ROA not before:           Thu 22 Jun 2023 06:53:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8823
IP address blocks:        2a0a:64c0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:e1:e1:91:ca:5f:68:cf:c6:47:04:38:ee:69:78:a4:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0f2f545ddb234e383d36b8a8d6b56a38dd72f89
        Validity
            Not Before: Jun 22 06:53:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a2c1955e268d57ea7ba562f56f9eddcbbb434172
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:b9:e6:da:f2:ad:d0:10:54:4b:c3:64:ac:74:
                    76:53:a4:e5:27:0e:f2:c5:6b:99:52:c5:e0:1f:32:
                    af:1c:e6:27:c8:47:fe:87:83:9c:77:27:66:44:6f:
                    71:46:e9:7c:02:05:0a:2b:e5:78:2a:0b:16:e8:d1:
                    45:74:42:ae:76:29:70:a3:1b:e3:5c:e6:1c:2b:f2:
                    c1:6b:ad:15:13:e7:6b:e1:c4:69:66:92:9e:60:b6:
                    cb:15:2d:cf:f6:ce:7c:f5:5b:d6:26:20:a0:76:01:
                    0e:8e:65:bb:e3:7d:b1:16:d5:bc:d5:63:ed:43:a4:
                    ec:71:7f:bb:25:98:bb:78:ef:ae:40:6e:eb:fc:e2:
                    bc:b1:b3:f8:50:53:d8:2a:9f:3d:71:88:33:4c:e5:
                    bf:e4:ee:49:a4:59:3b:8a:7a:75:bf:23:57:da:81:
                    27:39:ac:fc:b2:6f:c7:f4:b6:70:0f:0f:23:c2:42:
                    ac:80:fa:cb:9e:16:0e:0f:2a:8d:d5:13:67:cf:ea:
                    80:1b:52:c0:70:80:53:4d:0c:5e:51:83:ac:00:b9:
                    b1:e8:ad:36:de:28:da:e0:68:7f:9b:b9:ba:03:ab:
                    f3:34:49:02:e6:3d:05:19:56:74:3e:bd:bb:24:06:
                    86:28:05:55:ff:a2:f4:61:be:f2:39:0a:f6:62:ab:
                    9e:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:C1:95:5E:26:8D:57:EA:7B:A5:62:F5:6F:9E:DD:CB:BB:43:41:72
            X509v3 Authority Key Identifier:
                keyid:E0:F2:F5:45:DD:B2:34:E3:83:D3:6B:8A:8D:6B:56:A3:8D:D7:2F:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4PL1Rd2yNOOD02uKjWtWo43XL4k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/c80c5a-fae2-466d-aa16-8ca6c33d14bb/1/osGVXiaNV-p7pWL1b57dy7tDQXI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/c80c5a-fae2-466d-aa16-8ca6c33d14bb/1/4PL1Rd2yNOOD02uKjWtWo43XL4k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:64c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         65:8d:48:90:04:a8:74:16:2f:3d:61:0d:1a:93:d9:27:94:53:
         d5:74:6c:1a:67:3f:8d:09:e7:c3:5c:46:85:c1:bd:b9:28:31:
         dc:1d:b6:e3:9c:ff:24:64:22:86:11:2f:43:71:cf:89:d1:23:
         66:2b:ca:c0:44:65:e7:21:09:0f:6d:b6:01:0f:21:26:e5:8e:
         5a:28:f4:62:0a:b5:ca:59:b6:28:a3:e2:b6:ef:2c:46:83:b5:
         f1:08:a5:d6:c7:41:6f:f0:24:de:75:1d:4c:e2:89:fe:ba:d3:
         35:3a:2f:a6:5c:78:1c:c6:19:d1:39:bf:76:7b:31:4c:02:ed:
         0d:7d:d9:90:63:5f:d4:46:84:eb:da:07:21:4d:4a:7f:6e:cc:
         a7:34:79:72:bd:b6:92:d0:11:e4:36:7c:c5:38:08:71:ed:c0:
         8a:86:b8:2f:fa:fa:f0:68:d9:79:95:7b:9d:c2:d6:b1:22:79:
         1f:bd:b5:16:86:8b:35:b5:45:bd:ee:05:1b:ac:be:cd:64:df:
         d6:78:95:77:6e:c6:28:b4:03:77:37:ad:84:54:8b:ab:e2:be:
         ca:ec:42:07:b6:51:13:49:5b:ba:c6:8a:5a:72:f0:33:21:8b:
         38:0a:7e:5e:18:1c:dc:47:8d:3e:b2:05:41:c2:36:a1:bf:39:
         ec:da:11:f3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYjh4ZHKX2jPxkcEOO5peKR1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZjJmNTQ1ZGRiMjM0ZTM4M2QzNmI4YThkNmI1NmEzOGRk
NzJmODkwHhcNMjMwNjIyMDY1MzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmMxOTU1ZTI2OGQ1N2VhN2JhNTYyZjU2ZjllZGRjYmJiNDM0MTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbnm2vKt0BBUS8NkrHR2U6TlJw7y
xWuZUsXgHzKvHOYnyEf+h4OcdydmRG9xRul8AgUKK+V4KgsW6NFFdEKudilwoxvj
XOYcK/LBa60VE+dr4cRpZpKeYLbLFS3P9s589VvWJiCgdgEOjmW7432xFtW81WPt
Q6TscX+7JZi7eO+uQG7r/OK8sbP4UFPYKp89cYgzTOW/5O5JpFk7inp1vyNX2oEn
Oaz8sm/H9LZwDw8jwkKsgPrLnhYODyqN1RNnz+qAG1LAcIBTTQxeUYOsALmx6K02
3ija4Gh/m7m6A6vzNEkC5j0FGVZ0Pr27JAaGKAVV/6L0Yb7yOQr2YqueVwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKLBlV4mjVfqe6Vi9W+e3cu7Q0FyMB8GA1UdIwQY
MBaAFODy9UXdsjTjg9Nrio1rVqON1y+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFBMMVJkMnlOT09EMDJ1S2pXdFdvNDNYTDRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9jODBjNWEtZmFlMi00NjZkLWFhMTYt
OGNhNmMzM2QxNGJiLzEvb3NHVlhpYU5WLXA3cFdMMWI1N2R5N3REUVhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9jODBjNWEtZmFlMi00NjZkLWFhMTYtOGNhNmMzM2QxNGJi
LzEvNFBMMVJkMnlOT09EMDJ1S2pXdFdvNDNYTDRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgpkwDAN
BgkqhkiG9w0BAQsFAAOCAQEAZY1IkASodBYvPWENGpPZJ5RT1XRsGmc/jQnnw1xG
hcG9uSgx3B2245z/JGQihhEvQ3HPidEjZivKwERl5yEJD222AQ8hJuWOWij0Ygq1
ylm2KKPitu8sRoO18Qil1sdBb/Ak3nUdTOKJ/rrTNTovplx4HMYZ0Tm/dnsxTALt
DX3ZkGNf1EaE69oHIU1Kf27MpzR5cr22ktAR5DZ8xTgIce3Aioa4L/r68GjZeZV7
ncLWsSJ5H721FoaLNbVFve4FG6y+zWTf1niVd27GKLQDdzethFSLq+K+yuxCB7ZR
E0lbusaKWnLwMyGLOAp+Xhgc3EeNPrIFQcI2ob857NoR8w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-fra.rpki-client.org