Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/dAZl-zvI-W9NiW8jeIEAcc6HMo4.roa
File:                     dAZl-zvI-W9NiW8jeIEAcc6HMo4.roa (raw, json)
Hash identifier:          n4anKeDbWWk4K6Yk2Op1No863jGTCJ+NorC2sWUbcYg=
Subject key identifier:   74:06:65:FB:3B:C8:F9:6F:4D:89:6F:23:78:81:00:71:CE:87:32:8E
Certificate issuer:       /CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Certificate serial:       01887D12034B8B039DAF7411CA648B695388
Authority key identifier: 24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/dAZl-zvI-W9NiW8jeIEAcc6HMo4.roa
Signing time:             Fri 02 Jun 2023 17:05:12 +0000
ROA not before:           Fri 02 Jun 2023 17:05:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202
IP address blocks:        2a03:5000:62::/48 maxlen: 48
                          2a03:5000:42::/48 maxlen: 48
                          2a03:5000:142::/48 maxlen: 48
                          2a03:5000:22::/48 maxlen: 48
                          2a03:5000:122::/48 maxlen: 48
                          2a03:5000:82::/48 maxlen: 48
                          2a03:5000:61::/48 maxlen: 48
                          2a03:5000:41::/48 maxlen: 48
                          2a03:5000:141::/48 maxlen: 48
                          2a03:5000:21::/48 maxlen: 48
                          2a03:5000:121::/48 maxlen: 48
                          2a03:5000:81::/48 maxlen: 48
                          2a03:5000:101::/48 maxlen: 48
                          2a03:5000:92::/48 maxlen: 48
                          2a03:5000:212::/48 maxlen: 48
                          2a03:5000:112::/48 maxlen: 48
                          2a03:5000:72::/48 maxlen: 48
                          2a03:5000:52::/48 maxlen: 48
                          2a03:5000:32::/48 maxlen: 48
                          2a03:5000:132::/48 maxlen: 48
                          2a03:5000:31::/48 maxlen: 48
                          2a03:5000:131::/48 maxlen: 48
                          2a03:5000:91::/48 maxlen: 48
                          2a03:5000:211::/48 maxlen: 48
                          2a03:5000:111::/48 maxlen: 48
                          2a03:5000:71::/48 maxlen: 48
                          2a03:5000:51::/48 maxlen: 48

Validation:               Failed, certificate revoked on Fri 02 Jun 2023 17:31:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:7d:12:03:4b:8b:03:9d:af:74:11:ca:64:8b:69:53:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
        Validity
            Not Before: Jun  2 17:05:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=740665fb3bc8f96f4d896f2378810071ce87328e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:c4:72:c4:00:a5:93:51:28:f5:6d:42:1c:a4:
                    f6:fe:ce:e0:57:5c:9f:49:c3:48:cb:11:b5:28:51:
                    96:68:48:66:9a:d9:bb:0b:9d:e5:7e:39:f9:10:e8:
                    fe:f5:86:3d:6a:17:81:f0:59:1b:a9:26:49:47:ec:
                    8d:c1:88:a9:cb:c1:32:b4:a1:82:0b:ed:96:38:ea:
                    2b:73:f6:fe:1f:94:f0:51:4e:e8:73:4c:a1:09:fa:
                    82:52:64:8a:52:d5:9d:b1:03:9b:e4:86:cd:40:d4:
                    d3:88:7e:e5:9d:74:4b:89:c7:10:e9:63:5b:5c:af:
                    69:b2:47:91:93:7a:b0:cb:b4:5a:9a:d3:80:37:74:
                    26:2e:b4:c7:ec:9a:9b:8e:5b:27:52:b4:2f:b8:bc:
                    9d:d2:4d:bf:de:b7:de:48:7f:46:71:46:02:f4:c9:
                    e4:68:3e:c5:33:13:ca:35:3d:dd:50:23:0a:43:b5:
                    de:a1:87:dd:7d:5d:1d:82:b1:b8:5b:37:78:41:bd:
                    0e:3c:b7:e6:66:c7:a3:2e:72:4c:78:b7:b4:63:60:
                    5a:9c:cf:83:27:26:23:f7:f7:eb:1a:2a:66:93:e8:
                    7e:cd:28:74:52:59:4b:e6:6b:02:98:01:67:6f:24:
                    ff:4d:69:61:27:dc:b0:ab:9c:bd:db:84:21:98:a7:
                    6b:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:06:65:FB:3B:C8:F9:6F:4D:89:6F:23:78:81:00:71:CE:87:32:8E
            X509v3 Authority Key Identifier:
                keyid:24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/dAZl-zvI-W9NiW8jeIEAcc6HMo4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a03:5000:21::-2a03:5000:22:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:31::-2a03:5000:32:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:41::-2a03:5000:42:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:51::-2a03:5000:52:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:61::-2a03:5000:62:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:71::-2a03:5000:72:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:81::-2a03:5000:82:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:91::-2a03:5000:92:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:101::/48
                  2a03:5000:111::-2a03:5000:112:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:121::-2a03:5000:122:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:131::-2a03:5000:132:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:141::-2a03:5000:142:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:211::-2a03:5000:212:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         27:46:68:5a:b7:f5:7a:13:c3:a3:bb:94:7a:78:13:b9:b7:d4:
         0d:d4:6d:0d:f2:dd:a5:98:70:08:89:f5:a3:e3:13:29:66:bd:
         cb:32:36:2e:88:5c:6d:54:13:58:79:9c:49:ce:01:d4:98:7d:
         39:40:9b:cd:f4:16:9a:2d:92:14:89:49:6f:d2:89:3c:f8:71:
         2b:ee:17:b5:77:f1:2c:a1:e3:5f:aa:70:03:7c:02:a8:03:c2:
         27:e4:83:3d:5b:39:d0:4b:4d:bc:90:fc:50:63:67:b3:7f:7f:
         9c:df:14:ee:c3:c7:98:e1:ca:54:80:42:54:9f:2d:ee:91:c5:
         80:82:aa:2b:a0:cb:7c:76:64:4e:c3:29:d3:3b:dd:33:43:a2:
         16:43:a9:a7:00:ac:fd:98:35:da:20:68:02:c1:d8:06:96:23:
         fc:17:a9:12:be:34:55:7b:e8:b7:1a:a1:0d:4e:92:e0:c8:e8:
         c6:13:e9:7a:08:5b:1f:34:ee:5f:e3:ee:06:07:64:74:bf:5d:
         0a:e3:9e:61:83:58:1a:a6:4f:fb:c9:4f:98:4a:8b:46:d7:58:
         b9:06:61:cc:ba:d8:2c:e3:36:a9:1e:4c:ed:3e:fa:d0:bc:ea:
         05:2d:ba:58:c7:03:7d:1e:85:2a:3c:98:0a:ec:82:9a:07:a7:
         68:3b:5a:1a
-----BEGIN CERTIFICATE-----
MIIGDjCCBPagAwIBAgISAYh9EgNLiwOdr3QRymSLaVOIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2M2YjljMzdmYWEwZGEzYjQxMjAwN2MwYjEwYjJjNWJm
MmNmNGUwHhcNMjMwNjAyMTcwNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDA2NjVmYjNiYzhmOTZmNGQ4OTZmMjM3ODgxMDA3MWNlODczMjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksRyxAClk1Eo9W1CHKT2/s7gV1yf
ScNIyxG1KFGWaEhmmtm7C53lfjn5EOj+9YY9aheB8FkbqSZJR+yNwYipy8EytKGC
C+2WOOorc/b+H5TwUU7oc0yhCfqCUmSKUtWdsQOb5IbNQNTTiH7lnXRLiccQ6WNb
XK9pskeRk3qwy7RamtOAN3QmLrTH7JqbjlsnUrQvuLyd0k2/3rfeSH9GcUYC9Mnk
aD7FMxPKNT3dUCMKQ7XeoYfdfV0dgrG4Wzd4Qb0OPLfmZsejLnJMeLe0Y2BanM+D
JyYj9/frGipmk+h+zSh0UllL5msCmAFnbyT/TWlhJ9ywq5y924QhmKdrbQIDAQAB
o4IDGjCCAxYwHQYDVR0OBBYEFHQGZfs7yPlvTYlvI3iBAHHOhzKOMB8GA1UdIwQY
MBaAFCTMa5w3+qDaO0EgB8CxCyxb8s9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUt
ODY0MjM4YmMwNDliLzEvZEFabC16dkktVzlOaVc4amVJRUFjYzZITW80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUtODY0MjM4YmMwNDli
LzEvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLgYIKwYBBQUHAQcBAf8EggEdMIIBGTCCARUEAgACMIIB
DTASAwcAKgNQAAAhAwcAKgNQAAAiMBIDBwAqA1AAADEDBwAqA1AAADIwEgMHACoD
UAAAQQMHACoDUAAAQjASAwcAKgNQAABRAwcAKgNQAABSMBIDBwAqA1AAAGEDBwAq
A1AAAGIwEgMHACoDUAAAcQMHACoDUAAAcjASAwcAKgNQAACBAwcAKgNQAACCMBID
BwAqA1AAAJEDBwAqA1AAAJIDBwAqA1AAAQEwEgMHACoDUAABEQMHACoDUAABEjAS
AwcAKgNQAAEhAwcAKgNQAAEiMBIDBwAqA1AAATEDBwAqA1AAATIwEgMHACoDUAAB
QQMHACoDUAABQjASAwcAKgNQAAIRAwcAKgNQAAISMA0GCSqGSIb3DQEBCwUAA4IB
AQAnRmhat/V6E8Oju5R6eBO5t9QN1G0N8t2lmHAIifWj4xMpZr3LMjYuiFxtVBNY
eZxJzgHUmH05QJvN9BaaLZIUiUlv0ok8+HEr7he1d/EsoeNfqnADfAKoA8In5IM9
WznQS028kPxQY2ezf3+c3xTuw8eY4cpUgEJUny3ukcWAgqoroMt8dmROwynTO90z
Q6IWQ6mnAKz9mDXaIGgCwdgGliP8F6kSvjRVe+i3GqENTpLgyOjGE+l6CFsfNO5f
4+4GB2R0v10K455hg1gapk/7yU+YSotG11i5BmHMutgs4zapHkztPvrQvOoFLbpY
xwN9HoUqPJgK7IKaB6doO1oa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:18 2024 by rpki-client on console-ams.rpki-client.org