Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/4a757c-adde-485c-9171-f603538412c8/1/0eF-_qAby5omneS6gEdAmLz2Va4.roa
File:                     0eF-_qAby5omneS6gEdAmLz2Va4.roa (raw, json)
Hash identifier:          d1gagrfHj2M+ARvH5P32Pn0NN5/eBpDWJoz4V9Lzamw=
Subject key identifier:   D1:E1:7E:FE:A0:1B:CB:9A:26:9D:E4:BA:80:47:40:98:BC:F6:55:AE
Certificate issuer:       /CN=cd1242e6c7ebd82a23fa1a08f396ebe5ab34cf6b
Certificate serial:       01856DCAD3CDB2481CDADE9790B7700D7AC1
Authority key identifier: CD:12:42:E6:C7:EB:D8:2A:23:FA:1A:08:F3:96:EB:E5:AB:34:CF:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zRJC5sfr2Coj-hoI85br5as0z2s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/4a757c-adde-485c-9171-f603538412c8/1/0eF-_qAby5omneS6gEdAmLz2Va4.roa
Signing time:             Sun 01 Jan 2023 14:44:47 +0000
ROA not before:           Sun 01 Jan 2023 14:44:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48882
IP address blocks:        2a0e:2100::/47 maxlen: 47

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:ca:d3:cd:b2:48:1c:da:de:97:90:b7:70:0d:7a:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd1242e6c7ebd82a23fa1a08f396ebe5ab34cf6b
        Validity
            Not Before: Jan  1 14:44:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d1e17efea01bcb9a269de4ba80474098bcf655ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:13:cc:cf:8b:cd:d7:5a:52:f8:05:a1:04:06:
                    5a:37:93:c3:fa:c6:da:6a:1c:51:97:2a:1a:fa:c2:
                    cf:9e:83:b3:b7:78:8d:ef:a3:dc:a3:53:e9:31:9f:
                    a5:96:d8:47:76:95:d4:c0:41:eb:84:09:c7:d3:34:
                    19:59:8a:77:dc:e0:95:4e:f5:0d:4b:1a:70:1e:7e:
                    b5:6c:f1:b4:c3:3c:cd:7d:f9:e1:f5:66:b1:46:71:
                    54:19:33:6c:fd:1b:98:f7:cf:44:e7:08:50:d9:46:
                    4f:0a:3e:44:f4:da:9d:6f:35:75:c9:0f:14:fc:e1:
                    f8:fe:75:13:2a:34:c3:d0:9c:76:74:63:ca:2a:14:
                    92:01:9a:53:76:23:c8:56:b9:6c:11:d9:e5:50:51:
                    30:f2:68:c3:d6:86:48:a8:73:8a:6c:c3:4a:c6:77:
                    3f:15:1c:be:75:a7:f6:36:db:fd:dd:f6:ed:b9:dc:
                    05:5d:7c:ef:dd:53:99:8c:4c:0c:e8:46:33:f3:17:
                    19:de:ba:1b:45:e5:92:52:c5:4d:c0:7d:f1:1f:b6:
                    9a:07:c9:49:4c:8c:47:ca:18:4f:94:1f:be:e0:7a:
                    5a:2e:0a:84:0b:fa:b8:77:9c:8d:c9:ad:14:32:41:
                    4f:a2:eb:df:25:fb:fc:27:8d:e6:12:a4:d2:de:9e:
                    c2:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:E1:7E:FE:A0:1B:CB:9A:26:9D:E4:BA:80:47:40:98:BC:F6:55:AE
            X509v3 Authority Key Identifier:
                keyid:CD:12:42:E6:C7:EB:D8:2A:23:FA:1A:08:F3:96:EB:E5:AB:34:CF:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRJC5sfr2Coj-hoI85br5as0z2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/4a757c-adde-485c-9171-f603538412c8/1/0eF-_qAby5omneS6gEdAmLz2Va4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/4a757c-adde-485c-9171-f603538412c8/1/zRJC5sfr2Coj-hoI85br5as0z2s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:2100::/47

    Signature Algorithm: sha256WithRSAEncryption
         0e:07:16:dc:b0:52:9b:fc:e2:79:6f:18:03:3f:28:58:35:fa:
         d3:a6:61:30:e0:7d:41:ff:1a:c0:06:5d:a7:5c:50:13:fb:a4:
         74:2a:25:97:44:79:58:97:92:79:c6:05:1a:9a:c8:28:fb:ac:
         d1:c3:66:d4:ef:a9:b0:4e:f7:07:b5:60:0b:05:41:d1:61:b7:
         67:46:69:a6:a8:b7:1c:27:6b:5c:2a:ec:a9:c0:41:cf:3d:4e:
         0d:15:68:69:15:8e:cb:d9:71:bf:a7:94:7f:64:d8:9a:06:92:
         f5:84:70:c9:62:67:04:55:3c:88:44:f9:8e:dd:95:52:f8:49:
         61:ec:d8:cb:62:11:51:61:d4:fa:d3:40:d8:e3:64:b2:24:fc:
         d6:36:f3:f5:df:c1:d4:7d:c1:4f:93:73:da:62:24:68:ea:65:
         86:67:99:71:a7:58:96:64:50:1f:d4:20:52:d1:e9:8b:fe:76:
         60:29:eb:5d:9a:b9:2d:0f:81:33:18:2e:8d:57:33:b0:4f:e8:
         ce:2a:b1:14:f7:0a:58:9e:36:1d:95:04:cc:9d:71:61:d3:d4:
         6b:65:48:92:68:53:eb:1a:bd:4f:6c:31:8a:6c:6b:de:d4:c2:
         fa:2c:76:e0:c2:5a:be:bc:9d:65:13:66:c4:d0:2f:e0:61:ed:
         f0:48:26:7b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtytPNskgc2t6XkLdwDXrBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTI0MmU2YzdlYmQ4MmEyM2ZhMWEwOGYzOTZlYmU1YWIz
NGNmNmIwHhcNMjMwMTAxMTQ0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWUxN2VmZWEwMWJjYjlhMjY5ZGU0YmE4MDQ3NDA5OGJjZjY1NWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RPMz4vN11pS+AWhBAZaN5PD+sba
ahxRlyoa+sLPnoOzt3iN76Pco1PpMZ+llthHdpXUwEHrhAnH0zQZWYp33OCVTvUN
SxpwHn61bPG0wzzNffnh9WaxRnFUGTNs/RuY989E5whQ2UZPCj5E9NqdbzV1yQ8U
/OH4/nUTKjTD0Jx2dGPKKhSSAZpTdiPIVrlsEdnlUFEw8mjD1oZIqHOKbMNKxnc/
FRy+daf2Ntv93fbtudwFXXzv3VOZjEwM6EYz8xcZ3robReWSUsVNwH3xH7aaB8lJ
TIxHyhhPlB++4HpaLgqEC/q4d5yNya0UMkFPouvfJfv8J43mEqTS3p7CxwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNHhfv6gG8uaJp3kuoBHQJi89lWuMB8GA1UdIwQY
MBaAFM0SQubH69gqI/oaCPOW6+WrNM9rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJKQzVzZnIyQ29qLWhvSTg1YnI1YXMwejJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC80YTc1N2MtYWRkZS00ODVjLTkxNzEt
ZjYwMzUzODQxMmM4LzEvMGVGLV9xQWJ5NW9tbmVTNmdFZEFtTHoyVmE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC80YTc1N2MtYWRkZS00ODVjLTkxNzEtZjYwMzUzODQxMmM4
LzEvelJKQzVzZnIyQ29qLWhvSTg1YnI1YXMwejJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKg4hAAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAOBxbcsFKb/OJ5bxgDPyhYNfrTpmEw4H1B/xrA
Bl2nXFAT+6R0KiWXRHlYl5J5xgUamsgo+6zRw2bU76mwTvcHtWALBUHRYbdnRmmm
qLccJ2tcKuypwEHPPU4NFWhpFY7L2XG/p5R/ZNiaBpL1hHDJYmcEVTyIRPmO3ZVS
+Elh7NjLYhFRYdT600DY42SyJPzWNvP138HUfcFPk3PaYiRo6mWGZ5lxp1iWZFAf
1CBS0emL/nZgKetdmrktD4EzGC6NVzOwT+jOKrEU9wpYnjYdlQTMnXFh09RrZUiS
aFPrGr1PbDGKbGve1ML6LHbgwlq+vJ1lE2bE0C/gYe3wSCZ7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:07 2024 by rpki-client on console-fra.rpki-client.org