Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/49424a-aa5f-4b9f-a627-24654e941c12/1/pmqwsWSLbKZZjP8E6cEv5sHOVac.roa
File:                     pmqwsWSLbKZZjP8E6cEv5sHOVac.roa (raw, json)
Hash identifier:          l6qWYrDB9DKqfhjJDCyqYVctyzfvWa/2ufviB4gVVoI=
Subject key identifier:   A6:6A:B0:B1:64:8B:6C:A6:59:8C:FF:04:E9:C1:2F:E6:C1:CE:55:A7
Certificate issuer:       /CN=dac32632aa9154253c6dcd2331e9ad6920b6bdcc
Certificate serial:       01856D53F81AEEE351C5DB3B3AD232BE427F
Authority key identifier: DA:C3:26:32:AA:91:54:25:3C:6D:CD:23:31:E9:AD:69:20:B6:BD:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2sMmMqqRVCU8bc0jMemtaSC2vcw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/49424a-aa5f-4b9f-a627-24654e941c12/1/pmqwsWSLbKZZjP8E6cEv5sHOVac.roa
Signing time:             Sun 01 Jan 2023 12:34:57 +0000
ROA not before:           Sun 01 Jan 2023 12:34:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        2a12:fc0:10::/44 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:53:f8:1a:ee:e3:51:c5:db:3b:3a:d2:32:be:42:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dac32632aa9154253c6dcd2331e9ad6920b6bdcc
        Validity
            Not Before: Jan  1 12:34:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a66ab0b1648b6ca6598cff04e9c12fe6c1ce55a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:5a:e8:52:77:3f:e8:c6:1c:21:a8:c4:e9:71:
                    ed:b4:2e:42:9d:e2:fc:d5:59:96:a1:30:22:19:20:
                    33:44:12:97:a9:d2:e0:72:42:7b:b2:4c:21:c1:9c:
                    36:b6:34:29:05:81:43:ab:e7:ca:28:91:41:a0:db:
                    f7:c2:4a:e3:9f:99:10:9a:7a:ee:68:10:85:74:3c:
                    ad:fa:6d:cf:8d:5b:09:94:97:2b:ec:6c:41:e5:1b:
                    6a:a5:94:6b:e9:0f:69:3c:68:e5:56:f3:ff:fd:d0:
                    f5:60:56:53:e0:c0:f7:35:d7:9c:16:36:1a:b8:f7:
                    de:e7:9e:01:05:aa:47:32:70:2e:bd:b1:43:1d:56:
                    09:3a:2b:a7:93:bd:f2:00:4e:89:50:07:ab:c6:39:
                    d4:6a:4d:64:23:38:d0:25:5f:c6:27:37:c1:8f:8e:
                    f8:50:c4:dd:d1:cd:6f:0f:55:56:f2:5b:b9:99:27:
                    2f:b9:26:a4:e5:b2:41:6f:8a:74:4e:04:f8:de:2c:
                    ac:4b:48:95:d8:cb:e8:99:54:e9:aa:80:2e:1c:96:
                    39:d5:a8:65:1b:7e:10:54:41:2e:38:e1:52:ec:b8:
                    49:a5:df:71:89:c7:86:6d:27:55:6f:b2:31:8a:46:
                    50:99:6a:97:2a:d8:11:4f:1e:0e:1a:60:f0:37:bc:
                    c9:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:6A:B0:B1:64:8B:6C:A6:59:8C:FF:04:E9:C1:2F:E6:C1:CE:55:A7
            X509v3 Authority Key Identifier:
                keyid:DA:C3:26:32:AA:91:54:25:3C:6D:CD:23:31:E9:AD:69:20:B6:BD:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2sMmMqqRVCU8bc0jMemtaSC2vcw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/49424a-aa5f-4b9f-a627-24654e941c12/1/pmqwsWSLbKZZjP8E6cEv5sHOVac.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/49424a-aa5f-4b9f-a627-24654e941c12/1/2sMmMqqRVCU8bc0jMemtaSC2vcw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:fc0:10::/44

    Signature Algorithm: sha256WithRSAEncryption
         ba:44:28:92:ca:5c:69:7c:17:4c:0b:4c:31:a3:82:8f:67:1b:
         35:c5:b9:28:4d:63:75:93:ac:cb:c7:ea:f9:9d:36:0f:66:6d:
         39:a4:00:86:d9:f7:a2:57:d8:bb:91:ac:fe:3f:27:1f:23:2e:
         e2:4f:d3:00:0b:41:4b:e1:a0:af:f9:c2:4f:6d:5b:b8:e9:ba:
         46:a7:d7:26:a7:e4:58:c2:e7:83:e1:85:58:ac:35:4e:a4:6e:
         1c:13:a7:b0:29:0b:36:18:3c:dc:5f:c0:6d:ad:23:37:92:f5:
         1f:77:ec:c2:63:4b:af:a5:87:ed:fc:1e:91:5c:65:21:fe:53:
         2d:96:25:e6:3c:72:fb:bb:b9:f5:3f:ba:6f:4c:1d:81:31:3a:
         26:14:72:51:82:fd:6a:1c:7c:f6:53:3b:b7:d6:e8:83:b5:f4:
         9c:a6:66:63:b1:e1:12:a9:3e:15:66:58:bb:14:9e:2d:53:e5:
         85:5a:34:bb:40:75:c6:8c:68:de:74:b8:2a:d0:49:dd:cd:4b:
         5e:f6:67:2f:90:fe:c0:74:6b:c8:e0:1e:aa:4a:fb:1c:0e:74:
         d5:88:17:e2:07:0e:f1:d0:04:d2:57:2d:56:1b:b1:4d:eb:b4:
         e4:23:2a:5f:a0:49:7f:ad:60:3b:b4:31:2f:1a:d2:b1:0b:bb:
         76:a1:1d:f3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtU/ga7uNRxds7OtIyvkJ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYzMyNjMyYWE5MTU0MjUzYzZkY2QyMzMxZTlhZDY5MjBi
NmJkY2MwHhcNMjMwMTAxMTIzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjZhYjBiMTY0OGI2Y2E2NTk4Y2ZmMDRlOWMxMmZlNmMxY2U1NWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFroUnc/6MYcIajE6XHttC5CneL8
1VmWoTAiGSAzRBKXqdLgckJ7skwhwZw2tjQpBYFDq+fKKJFBoNv3wkrjn5kQmnru
aBCFdDyt+m3PjVsJlJcr7GxB5RtqpZRr6Q9pPGjlVvP//dD1YFZT4MD3NdecFjYa
uPfe554BBapHMnAuvbFDHVYJOiunk73yAE6JUAerxjnUak1kIzjQJV/GJzfBj474
UMTd0c1vD1VW8lu5mScvuSak5bJBb4p0TgT43iysS0iV2MvomVTpqoAuHJY51ahl
G34QVEEuOOFS7LhJpd9xiceGbSdVb7IxikZQmWqXKtgRTx4OGmDwN7zJmwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKZqsLFki2ymWYz/BOnBL+bBzlWnMB8GA1UdIwQY
MBaAFNrDJjKqkVQlPG3NIzHprWkgtr3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnNNbU1xcVJWQ1U4YmMwak1lbXRhU0MydmN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi80OTQyNGEtYWE1Zi00YjlmLWE2Mjct
MjQ2NTRlOTQxYzEyLzEvcG1xd3NXU0xiS1paalA4RTZjRXY1c0hPVmFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi80OTQyNGEtYWE1Zi00YjlmLWE2MjctMjQ2NTRlOTQxYzEy
LzEvMnNNbU1xcVJWQ1U4YmMwak1lbXRhU0MydmN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhIPwAAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC6RCiSylxpfBdMC0wxo4KPZxs1xbkoTWN1k6zL
x+r5nTYPZm05pACG2feiV9i7kaz+PycfIy7iT9MAC0FL4aCv+cJPbVu46bpGp9cm
p+RYwueD4YVYrDVOpG4cE6ewKQs2GDzcX8BtrSM3kvUfd+zCY0uvpYft/B6RXGUh
/lMtliXmPHL7u7n1P7pvTB2BMTomFHJRgv1qHHz2Uzu31uiDtfScpmZjseESqT4V
Zli7FJ4tU+WFWjS7QHXGjGjedLgq0EndzUte9mcvkP7AdGvI4B6qSvscDnTViBfi
Bw7x0ATSVy1WG7FN67TkIypfoEl/rWA7tDEvGtKxC7t2oR3z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:46 2024 by rpki-client on console-ams.rpki-client.org