Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/UiK8KL5WCdbad3xklOPR1CNgcsU.roa
File:                     UiK8KL5WCdbad3xklOPR1CNgcsU.roa (raw, json)
Hash identifier:          6biwoUCcZSh47bZ9MrjdJFZx6q8pBUcaOvgNMPZXrps=
Subject key identifier:   52:22:BC:28:BE:56:09:D6:DA:77:7C:64:94:E3:D1:D4:23:60:72:C5
Certificate issuer:       /CN=12fd558a64e97586a43dc7ee50a8d6b292365b60
Certificate serial:       018BA4EF509C509972431BBE4265BDEA14D5
Authority key identifier: 12:FD:55:8A:64:E9:75:86:A4:3D:C7:EE:50:A8:D6:B2:92:36:5B:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/UiK8KL5WCdbad3xklOPR1CNgcsU.roa
Signing time:             Mon 06 Nov 2023 14:00:29 +0000
ROA not before:           Mon 06 Nov 2023 14:00:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205884
IP address blocks:        2a12:500::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:a4:ef:50:9c:50:99:72:43:1b:be:42:65:bd:ea:14:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=12fd558a64e97586a43dc7ee50a8d6b292365b60
        Validity
            Not Before: Nov  6 14:00:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5222bc28be5609d6da777c6494e3d1d4236072c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:2d:db:01:a1:b6:e5:47:c7:14:d9:0e:6c:28:
                    89:2e:06:49:03:cc:c8:48:02:a8:ee:bc:19:33:63:
                    a6:92:7a:80:0a:1b:f8:39:96:e8:32:5d:6c:a7:4a:
                    88:c7:4a:cf:02:50:8e:a0:0b:a0:8c:81:5a:53:25:
                    c7:79:50:e1:ce:a9:5e:af:53:4a:88:3f:4c:42:e9:
                    57:d6:58:79:13:b8:b6:30:d5:62:21:97:e7:f5:86:
                    23:21:9f:76:5a:77:e4:e5:94:f3:5c:bc:47:db:e6:
                    65:51:e1:a5:73:ad:08:57:48:04:11:a5:58:a2:cc:
                    c1:0c:6f:e2:15:d8:73:59:4b:8c:86:aa:d0:de:93:
                    68:4f:2e:75:9b:c9:3e:88:3b:34:5d:de:1e:ef:7e:
                    9c:15:6b:b5:ca:52:d0:d8:1d:30:f5:bf:58:9e:fa:
                    24:c0:99:b0:63:53:5a:2f:02:23:29:cf:d0:38:42:
                    84:9e:ca:4c:ae:d7:d1:9a:f8:32:e1:9a:10:61:20:
                    2f:21:b9:47:bc:dd:ab:8a:33:a1:8f:ee:62:de:e6:
                    37:89:55:3f:c0:f4:30:5f:cd:2d:26:53:fa:6f:ba:
                    6b:79:b6:3a:31:fa:dc:aa:05:6a:d8:01:c6:7d:27:
                    c3:47:d6:a0:15:2c:2e:6b:7a:d4:df:37:64:d7:3b:
                    87:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:22:BC:28:BE:56:09:D6:DA:77:7C:64:94:E3:D1:D4:23:60:72:C5
            X509v3 Authority Key Identifier:
                keyid:12:FD:55:8A:64:E9:75:86:A4:3D:C7:EE:50:A8:D6:B2:92:36:5B:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/UiK8KL5WCdbad3xklOPR1CNgcsU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/Ev1VimTpdYakPcfuUKjWspI2W2A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:500::/29

    Signature Algorithm: sha256WithRSAEncryption
         72:8a:17:b0:6f:05:99:8b:eb:d3:aa:a9:1d:23:93:20:da:41:
         8a:e7:ac:73:4b:cb:04:bf:33:36:b3:1d:9b:37:f7:33:44:98:
         d5:d8:7e:80:52:c5:8f:f7:ca:c2:1f:22:6b:fb:09:94:90:27:
         ea:ec:3b:ef:aa:4a:b5:14:99:27:55:37:1f:83:24:07:ad:4b:
         71:b4:e2:9c:d1:07:96:32:95:de:8b:16:d2:bf:c1:96:bc:91:
         8a:9f:f1:ea:26:5b:03:5e:d7:47:6a:0b:02:f9:f7:5b:1e:5a:
         a6:20:01:bb:cf:bc:99:10:ef:64:f2:e9:27:4b:cd:e6:e5:e4:
         ce:b4:4e:ab:3a:7c:3a:2f:fa:be:25:9f:7b:85:22:05:70:b2:
         27:1f:63:e1:c3:54:c4:0e:e1:e0:eb:66:f3:34:92:15:6b:85:
         8e:ee:46:c5:ec:53:be:14:d7:d2:b0:82:b2:d2:a8:a9:83:cd:
         e6:4f:7c:0b:05:a7:bb:2f:44:7b:95:07:61:09:6c:76:53:92:
         21:d6:61:e9:0f:4e:a5:41:ef:35:15:88:99:f0:fe:ab:a8:57:
         6d:38:0c:e2:54:f0:0f:cf:e2:16:0c:57:de:cd:19:ea:3d:90:
         13:9e:a5:14:fd:5a:b7:3a:eb:2f:db:60:d2:ba:01:34:9b:5c:
         cd:27:7d:49
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYuk71CcUJlyQxu+QmW96hTVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyZmQ1NThhNjRlOTc1ODZhNDNkYzdlZTUwYThkNmIyOTIz
NjViNjAwHhcNMjMxMTA2MTQwMDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjIyYmMyOGJlNTYwOWQ2ZGE3NzdjNjQ5NGUzZDFkNDIzNjA3MmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqS3bAaG25UfHFNkObCiJLgZJA8zI
SAKo7rwZM2OmknqAChv4OZboMl1sp0qIx0rPAlCOoAugjIFaUyXHeVDhzqler1NK
iD9MQulX1lh5E7i2MNViIZfn9YYjIZ92Wnfk5ZTzXLxH2+ZlUeGlc60IV0gEEaVY
oszBDG/iFdhzWUuMhqrQ3pNoTy51m8k+iDs0Xd4e736cFWu1ylLQ2B0w9b9Ynvok
wJmwY1NaLwIjKc/QOEKEnspMrtfRmvgy4ZoQYSAvIblHvN2rijOhj+5i3uY3iVU/
wPQwX80tJlP6b7prebY6MfrcqgVq2AHGfSfDR9agFSwua3rU3zdk1zuHVQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFIivCi+VgnW2nd8ZJTj0dQjYHLFMB8GA1UdIwQY
MBaAFBL9VYpk6XWGpD3H7lCo1rKSNltgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXYxVmltVHBkWWFrUGNmdVVLaldzcEkyVzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9hZjk2ZGYtYTRkNS00OGY5LWFjMGMt
MjRkOGU3NDdjMzhmLzEvVWlLOEtMNVdDZGJhZDN4a2xPUFIxQ05nY3NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9hZjk2ZGYtYTRkNS00OGY5LWFjMGMtMjRkOGU3NDdjMzhm
LzEvRXYxVmltVHBkWWFrUGNmdVVLaldzcEkyVzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhIFADAN
BgkqhkiG9w0BAQsFAAOCAQEAcooXsG8FmYvr06qpHSOTINpBiuesc0vLBL8zNrMd
mzf3M0SY1dh+gFLFj/fKwh8ia/sJlJAn6uw776pKtRSZJ1U3H4MkB61LcbTinNEH
ljKV3osW0r/BlryRip/x6iZbA17XR2oLAvn3Wx5apiABu8+8mRDvZPLpJ0vN5uXk
zrROqzp8Oi/6viWfe4UiBXCyJx9j4cNUxA7h4Otm8zSSFWuFju5GxexTvhTX0rCC
stKoqYPN5k98CwWnuy9Ee5UHYQlsdlOSIdZh6Q9OpUHvNRWImfD+q6hXbTgM4lTw
D8/iFgxX3s0Z6j2QE56lFP1atzrrL9tg0roBNJtczSd9SQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:48 2024 by rpki-client on console-fra.rpki-client.org