Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/wyztUhQ0ca0MTpuyFmfynFOxBmk.roa
File:                     wyztUhQ0ca0MTpuyFmfynFOxBmk.roa (raw, json)
Hash identifier:          eQVuMB3CAxQgjTh9XhEDfYpPd9NVvR6CdtLlKEjlnj4=
Subject key identifier:   C3:2C:ED:52:14:34:71:AD:0C:4E:9B:B2:16:67:F2:9C:53:B1:06:69
Certificate issuer:       /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial:       018C15A6CBF34DF3AAD0BCD168F368860665
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/wyztUhQ0ca0MTpuyFmfynFOxBmk.roa
Signing time:             Tue 28 Nov 2023 11:18:21 +0000
ROA not before:           Tue 28 Nov 2023 11:18:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208626
IP address blocks:        2a11:3184::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:15:a6:cb:f3:4d:f3:aa:d0:bc:d1:68:f3:68:86:06:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
        Validity
            Not Before: Nov 28 11:18:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c32ced52143471ad0c4e9bb21667f29c53b10669
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:49:80:50:77:0d:51:c3:4f:28:42:5e:2d:7b:
                    4b:3d:fd:0a:8e:27:6c:95:94:f7:40:54:7f:5e:38:
                    2b:8c:ce:4b:fe:97:d6:ed:e3:fb:67:84:bd:00:8f:
                    e8:de:c3:84:ee:9f:cd:85:52:bc:53:08:3f:79:f9:
                    51:db:08:bc:9c:8f:39:d9:e1:82:cc:51:52:3f:9b:
                    be:9c:00:48:d5:5d:2a:d8:ae:35:0e:b7:3e:1d:e8:
                    19:85:46:d9:dc:76:84:75:60:e4:3f:93:c9:89:1f:
                    54:60:98:c4:35:14:26:db:6f:3b:3d:94:f6:48:3e:
                    20:9f:2f:5b:2f:c4:7d:84:25:79:0c:5f:8a:d9:ae:
                    43:19:23:07:f7:22:bf:49:49:3c:2b:9f:41:13:49:
                    16:9f:35:26:ce:a2:c7:8f:de:19:36:1c:f5:ea:d2:
                    54:d5:71:29:34:0b:5d:c4:3e:ba:74:e2:07:62:9c:
                    48:ea:95:56:2c:fb:bf:6b:a1:be:0b:b5:d5:4b:d8:
                    47:12:c8:07:06:6d:c2:f2:ea:a3:4f:2f:8e:05:be:
                    2e:20:d1:60:95:86:5a:10:37:02:dd:c6:9b:10:06:
                    e1:b2:68:02:c9:27:5d:96:ac:e3:85:c9:aa:ed:1a:
                    46:f0:51:36:d3:65:39:3c:0a:01:d9:11:bb:37:0c:
                    e4:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:2C:ED:52:14:34:71:AD:0C:4E:9B:B2:16:67:F2:9C:53:B1:06:69
            X509v3 Authority Key Identifier:
                keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/wyztUhQ0ca0MTpuyFmfynFOxBmk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:3184::/32

    Signature Algorithm: sha256WithRSAEncryption
         c7:55:ef:82:76:8e:87:db:3f:77:1a:ab:27:7a:9b:b4:ab:96:
         cc:ba:b1:2f:5f:77:8d:a5:a9:c0:97:dd:d7:15:fe:03:c9:41:
         75:ed:ab:22:cc:ff:6d:e2:f4:d3:78:ff:01:97:40:8b:e1:cd:
         39:7c:b1:df:01:d6:9a:3d:18:4a:39:3f:d2:b6:e7:b6:fe:9f:
         c2:b4:e5:c6:17:94:a1:47:a2:41:a5:84:e2:7d:8c:23:72:8f:
         e8:56:b0:57:b3:dc:06:4e:d3:13:ff:c7:d2:79:1c:b7:5b:aa:
         77:f5:36:eb:3b:2a:c0:a7:34:62:1b:00:86:98:c8:74:45:af:
         e5:51:69:b9:b8:84:14:57:23:b7:9c:c7:04:73:0f:f0:b6:57:
         29:0c:47:5e:dd:13:a5:dd:47:ef:7d:da:7a:f2:94:5f:be:56:
         ca:0b:de:c3:67:8e:38:9b:64:68:43:f4:ca:01:3c:0c:6f:0b:
         d8:5e:f5:d0:0f:00:60:87:1d:b9:40:e9:b5:ee:8a:07:12:80:
         4c:8c:2d:59:59:e9:6c:28:e3:c4:ba:e7:e2:93:c2:a9:4e:5d:
         f1:c6:bb:bc:58:61:39:99:92:78:c6:2e:d2:e7:2e:9b:c8:c3:
         c3:f6:24:d8:f0:fc:9f:fe:63:5d:09:53:53:13:0f:19:f5:95:
         81:d0:13:d5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYwVpsvzTfOq0LzRaPNohgZlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjMxMTI4MTExODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzJjZWQ1MjE0MzQ3MWFkMGM0ZTliYjIxNjY3ZjI5YzUzYjEwNjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEmAUHcNUcNPKEJeLXtLPf0Kjids
lZT3QFR/XjgrjM5L/pfW7eP7Z4S9AI/o3sOE7p/NhVK8Uwg/eflR2wi8nI852eGC
zFFSP5u+nABI1V0q2K41Drc+HegZhUbZ3HaEdWDkP5PJiR9UYJjENRQm2287PZT2
SD4gny9bL8R9hCV5DF+K2a5DGSMH9yK/SUk8K59BE0kWnzUmzqLHj94ZNhz16tJU
1XEpNAtdxD66dOIHYpxI6pVWLPu/a6G+C7XVS9hHEsgHBm3C8uqjTy+OBb4uINFg
lYZaEDcC3cabEAbhsmgCySddlqzjhcmq7RpG8FE202U5PAoB2RG7NwzkZwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMMs7VIUNHGtDE6bshZn8pxTsQZpMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvd3l6dFVoUTBjYTBNVHB1eUZtZnluRk94Qm1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhExhDAN
BgkqhkiG9w0BAQsFAAOCAQEAx1XvgnaOh9s/dxqrJ3qbtKuWzLqxL193jaWpwJfd
1xX+A8lBde2rIsz/beL003j/AZdAi+HNOXyx3wHWmj0YSjk/0rbntv6fwrTlxheU
oUeiQaWE4n2MI3KP6FawV7PcBk7TE//H0nkct1uqd/U26zsqwKc0YhsAhpjIdEWv
5VFpubiEFFcjt5zHBHMP8LZXKQxHXt0Tpd1H733aevKUX75Wygvew2eOOJtkaEP0
ygE8DG8L2F710A8AYIcduUDpte6KBxKATIwtWVnpbCjjxLrn4pPCqU5d8ca7vFhh
OZmSeMYu0ucum8jDw/Yk2PD8n/5jXQlTUxMPGfWVgdAT1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:31 2024 by rpki-client on console-fra.rpki-client.org