Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/Kfc5sgStwzCu2UAnF7NoJJTvyeI.roa
File:                     Kfc5sgStwzCu2UAnF7NoJJTvyeI.roa (raw, json)
Hash identifier:          3O4veKBAz1x3sLlB3UUQ/M6+Vc+eTFXOk7u1hc9Gex4=
Subject key identifier:   29:F7:39:B2:04:AD:C3:30:AE:D9:40:27:17:B3:68:24:94:EF:C9:E2
Certificate issuer:       /CN=12fd558a64e97586a43dc7ee50a8d6b292365b60
Certificate serial:       018CC3B6CE18E41353BEFFEBB3199066A894
Authority key identifier: 12:FD:55:8A:64:E9:75:86:A4:3D:C7:EE:50:A8:D6:B2:92:36:5B:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/Kfc5sgStwzCu2UAnF7NoJJTvyeI.roa
Signing time:             Mon 01 Jan 2024 06:29:46 +0000
ROA not before:           Mon 01 Jan 2024 06:29:46 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211432
IP address blocks:        2a0f:a780::/29 maxlen: 29
                          2a0f:780::/29 maxlen: 29
                          2a0e:5bc0::/29 maxlen: 29
                          2a0f:1080::/29 maxlen: 29

Validation:               Failed, certificate revoked on Thu 25 Apr 2024 13:49:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:ce:18:e4:13:53:be:ff:eb:b3:19:90:66:a8:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=12fd558a64e97586a43dc7ee50a8d6b292365b60
        Validity
            Not Before: Jan  1 06:29:46 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=29f739b204adc330aed9402717b3682494efc9e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:0f:08:aa:6a:49:a7:34:36:81:e6:6a:dd:dd:
                    9b:e2:d2:b3:89:7f:6f:11:24:63:39:0a:65:80:43:
                    b2:f9:af:b4:55:27:83:e2:26:8d:ba:bc:7a:e4:87:
                    6a:6f:6c:3e:4c:00:26:1c:89:ee:ce:07:d3:6c:9f:
                    a9:a7:07:f1:36:b0:91:d3:7b:aa:e1:9a:e4:b1:44:
                    8c:64:e0:f4:58:68:9a:59:9a:19:fd:a5:43:07:b2:
                    94:e2:95:ac:93:cc:e7:fc:ca:e7:13:c6:21:73:f2:
                    62:8d:8c:59:2c:89:21:9c:06:80:79:cb:10:06:79:
                    f3:b9:4d:9e:ee:e5:81:1c:20:21:aa:7d:a0:5a:f2:
                    9d:50:aa:32:84:e9:04:f3:9c:9e:d1:23:7c:cc:e8:
                    ab:28:e2:67:00:08:02:00:52:af:c6:72:10:2b:b5:
                    9e:e7:61:db:c0:31:5d:4b:a1:e7:ac:a3:5a:07:f8:
                    d0:3e:56:fe:c1:f7:2b:71:96:3e:2b:90:bb:d0:90:
                    4b:fb:57:7b:b8:c3:9c:03:53:5d:0f:d3:8e:df:37:
                    83:fc:ce:d5:0a:21:71:17:99:e7:23:fc:ff:39:fe:
                    b7:9a:70:f2:ef:7f:82:27:d7:e4:7d:4e:ae:02:d1:
                    cd:23:7c:6c:99:28:ad:e6:36:67:ef:ee:d0:83:5c:
                    4b:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:F7:39:B2:04:AD:C3:30:AE:D9:40:27:17:B3:68:24:94:EF:C9:E2
            X509v3 Authority Key Identifier:
                keyid:12:FD:55:8A:64:E9:75:86:A4:3D:C7:EE:50:A8:D6:B2:92:36:5B:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/Kfc5sgStwzCu2UAnF7NoJJTvyeI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/Ev1VimTpdYakPcfuUKjWspI2W2A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:5bc0::/29
                  2a0f:780::/29
                  2a0f:1080::/29
                  2a0f:a780::/29

    Signature Algorithm: sha256WithRSAEncryption
         9a:c7:ab:0d:86:1e:1e:20:a2:d0:42:76:0f:53:bc:4a:77:ae:
         bc:d6:1d:ef:28:c5:61:c7:ac:ad:84:17:de:03:02:27:34:47:
         97:65:f3:55:e1:1c:2a:d4:c8:1e:b6:49:df:3b:1b:4c:73:80:
         9d:7e:14:10:cd:a6:0d:97:5f:f8:6c:cc:2d:39:2f:12:9d:b5:
         f7:4f:d2:09:cb:9b:e2:ee:21:dc:ba:f0:84:a2:39:09:f9:a1:
         3c:a0:3b:4c:e8:72:ae:f2:20:60:6b:77:6c:e7:2e:5d:ba:0b:
         f2:05:f1:bb:2a:7f:00:d6:ba:44:5d:32:4a:ec:ca:29:4a:2b:
         2a:3b:e3:de:3c:81:33:c6:9c:5f:a1:3c:ab:c3:7e:4b:57:fb:
         4a:e0:6e:6f:38:54:1f:34:12:8b:8e:d0:f7:01:50:32:63:86:
         fb:1f:3b:e8:38:68:5b:cc:8d:a2:c2:5c:97:e2:f9:f8:34:b2:
         dd:22:51:34:bd:b7:cb:da:a9:5a:9b:f9:58:74:c0:1a:90:20:
         f3:96:0d:40:ce:01:a5:d4:60:84:64:51:ab:5e:6b:d3:93:c4:
         a5:36:24:0f:86:15:82:15:1c:fb:49:1d:07:58:cd:18:62:a0:
         cc:e3:7b:a3:72:57:6f:e8:99:44:e7:f0:0a:1c:f0:33:d3:2f:
         1c:95:34:76
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzDts4Y5BNTvv/rsxmQZqiUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyZmQ1NThhNjRlOTc1ODZhNDNkYzdlZTUwYThkNmIyOTIz
NjViNjAwHhcNMjQwMTAxMDYyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWY3MzliMjA0YWRjMzMwYWVkOTQwMjcxN2IzNjgyNDk0ZWZjOWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQ8IqmpJpzQ2geZq3d2b4tKziX9v
ESRjOQplgEOy+a+0VSeD4iaNurx65Idqb2w+TAAmHInuzgfTbJ+ppwfxNrCR03uq
4ZrksUSMZOD0WGiaWZoZ/aVDB7KU4pWsk8zn/MrnE8Yhc/JijYxZLIkhnAaAecsQ
BnnzuU2e7uWBHCAhqn2gWvKdUKoyhOkE85ye0SN8zOirKOJnAAgCAFKvxnIQK7We
52HbwDFdS6HnrKNaB/jQPlb+wfcrcZY+K5C70JBL+1d7uMOcA1NdD9OO3zeD/M7V
CiFxF5nnI/z/Of63mnDy73+CJ9fkfU6uAtHNI3xsmSit5jZn7+7Qg1xL1wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCn3ObIErcMwrtlAJxezaCSU78niMB8GA1UdIwQY
MBaAFBL9VYpk6XWGpD3H7lCo1rKSNltgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXYxVmltVHBkWWFrUGNmdVVLaldzcEkyVzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9hZjk2ZGYtYTRkNS00OGY5LWFjMGMt
MjRkOGU3NDdjMzhmLzEvS2ZjNXNnU3R3ekN1MlVBbkY3Tm9KSlR2eWVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9hZjk2ZGYtYTRkNS00OGY5LWFjMGMtMjRkOGU3NDdjMzhm
LzEvRXYxVmltVHBkWWFrUGNmdVVLaldzcEkyVzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg5bwAMF
AyoPB4ADBQMqDxCAAwUDKg+ngDANBgkqhkiG9w0BAQsFAAOCAQEAmserDYYeHiCi
0EJ2D1O8SneuvNYd7yjFYcesrYQX3gMCJzRHl2XzVeEcKtTIHrZJ3zsbTHOAnX4U
EM2mDZdf+GzMLTkvEp2190/SCcub4u4h3LrwhKI5CfmhPKA7TOhyrvIgYGt3bOcu
XboL8gXxuyp/ANa6RF0ySuzKKUorKjvj3jyBM8acX6E8q8N+S1f7SuBubzhUHzQS
i47Q9wFQMmOG+x876DhoW8yNosJcl+L5+DSy3SJRNL23y9qpWpv5WHTAGpAg85YN
QM4BpdRghGRRq15r05PEpTYkD4YVghUc+0kdB1jNGGKgzON7o3JXb+iZROfwChzw
M9MvHJU0dg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:48 2024 by rpki-client on console-fra.rpki-client.org