Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/d612e3-94eb-4866-b43c-e40b301401a9/1/tt1bguvIQ1WLcx5FNx5FYA_Ml4k.roa
File:                     tt1bguvIQ1WLcx5FNx5FYA_Ml4k.roa (raw, json)
Hash identifier:          Cxy37J58ecPXXjzs1/+epf5nQM6oSmzEP8/PM/S1R5U=
Subject key identifier:   B6:DD:5B:82:EB:C8:43:55:8B:73:1E:45:37:1E:45:60:0F:CC:97:89
Certificate issuer:       /CN=e7fe22f551e95b0f15033c503552e49bca617c6a
Certificate serial:       0193AB4DA1EAADC0553863A438F72A21083A
Authority key identifier: E7:FE:22:F5:51:E9:5B:0F:15:03:3C:50:35:52:E4:9B:CA:61:7C:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5_4i9VHpWw8VAzxQNVLkm8phfGo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/d612e3-94eb-4866-b43c-e40b301401a9/1/tt1bguvIQ1WLcx5FNx5FYA_Ml4k.roa
Signing time:             Mon 09 Dec 2024 12:03:31 +0000
ROA not before:           Mon 09 Dec 2024 12:03:31 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     28725
IP address blocks:        2a0b:bb40::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 10 Dec 2024 13:34:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:ab:4d:a1:ea:ad:c0:55:38:63:a4:38:f7:2a:21:08:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7fe22f551e95b0f15033c503552e49bca617c6a
        Validity
            Not Before: Dec  9 12:03:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b6dd5b82ebc843558b731e45371e45600fcc9789
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:7d:e9:cf:b1:a9:af:c8:2a:4a:18:19:6c:70:
                    c8:0c:12:fc:c9:11:93:07:1f:76:5f:ee:35:6a:50:
                    a0:e1:b6:bf:27:26:51:7d:2b:84:40:3f:4d:cb:25:
                    29:91:df:be:b9:9b:d2:68:79:66:ce:b9:62:75:7c:
                    b1:b3:55:de:79:b0:2a:75:09:c1:7c:80:5d:b7:d4:
                    9f:e7:16:78:8b:23:ca:09:5d:ad:41:17:1b:98:54:
                    63:cd:e3:33:c8:ad:9e:16:ac:fd:ff:28:59:36:4e:
                    80:e6:9a:10:a7:1e:80:d1:dd:4a:6f:85:eb:0c:b2:
                    f6:1f:14:40:b8:5a:a0:f3:ad:2a:8a:f1:15:69:3b:
                    3f:58:0f:27:9a:1e:46:02:ed:b1:13:1c:57:8f:42:
                    59:97:22:86:a6:21:b2:a5:12:df:74:76:9a:23:01:
                    48:7b:ba:16:e1:42:86:f0:46:b2:ec:8b:01:a0:5e:
                    c0:2f:9b:23:0c:c2:f1:16:71:81:3b:b9:f2:43:87:
                    da:ac:5d:bc:7c:64:73:af:1f:7c:b1:cd:a9:35:b9:
                    99:b4:2e:1d:2b:73:96:c0:b9:ad:3c:4d:40:78:ad:
                    43:78:75:bf:1c:05:94:a8:72:74:1b:e2:ad:17:77:
                    e2:f8:15:fb:1a:7e:8d:78:91:28:c4:c4:f7:ab:06:
                    a9:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:DD:5B:82:EB:C8:43:55:8B:73:1E:45:37:1E:45:60:0F:CC:97:89
            X509v3 Authority Key Identifier:
                keyid:E7:FE:22:F5:51:E9:5B:0F:15:03:3C:50:35:52:E4:9B:CA:61:7C:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_4i9VHpWw8VAzxQNVLkm8phfGo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/d612e3-94eb-4866-b43c-e40b301401a9/1/tt1bguvIQ1WLcx5FNx5FYA_Ml4k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/d612e3-94eb-4866-b43c-e40b301401a9/1/5_4i9VHpWw8VAzxQNVLkm8phfGo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:bb40::/32

    Signature Algorithm: sha256WithRSAEncryption
         5f:ba:e6:54:c3:da:60:79:ff:45:5d:7f:9f:94:f4:7a:2d:cb:
         ce:38:14:2f:e4:2c:78:a0:c9:f6:c1:8a:bd:10:64:b0:51:06:
         c1:a6:d1:4f:3a:a3:c4:7b:e3:5c:55:bd:a0:3c:71:6c:0f:54:
         c0:b1:c7:43:1d:76:80:98:4a:1b:a3:ca:70:8d:18:3a:09:d7:
         58:bb:c0:55:b6:4e:8f:01:26:3b:72:c9:2e:af:08:8f:dc:4d:
         62:7b:c1:dd:ee:6e:dd:4a:4f:f5:58:b4:e1:8e:3d:33:cb:a5:
         8e:f1:fa:5d:9d:c6:4d:be:08:37:39:f3:67:a3:08:4c:72:c4:
         2f:9d:0b:c2:05:ce:6e:13:7d:c4:36:29:7a:4b:cf:c2:4c:3f:
         61:96:72:0e:31:0d:a2:dc:c0:30:19:f1:9a:6f:1c:60:89:81:
         e9:df:5d:59:32:0a:49:a7:0a:4b:0e:3f:c5:3a:5d:99:f8:5e:
         72:5d:fc:c5:d4:5c:d8:6b:39:b7:30:9a:a7:13:2e:1e:a6:e6:
         b1:5f:47:0c:90:be:6c:15:a5:d8:cb:d8:10:82:81:ac:37:4e:
         1c:6d:79:8e:48:3f:22:17:ca:06:41:56:9c:41:86:c8:31:16:
         95:71:5c:07:d0:34:2c:18:5b:e3:0b:10:8c:f6:72:ec:08:46:
         5d:de:cb:b1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZOrTaHqrcBVOGOkOPcqIQg6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZmUyMmY1NTFlOTViMGYxNTAzM2M1MDM1NTJlNDliY2E2
MTdjNmEwHhcNMjQxMjA5MTIwMzMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmRkNWI4MmViYzg0MzU1OGI3MzFlNDUzNzFlNDU2MDBmY2M5Nzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvX3pz7Gpr8gqShgZbHDIDBL8yRGT
Bx92X+41alCg4ba/JyZRfSuEQD9NyyUpkd++uZvSaHlmzrlidXyxs1XeebAqdQnB
fIBdt9Sf5xZ4iyPKCV2tQRcbmFRjzeMzyK2eFqz9/yhZNk6A5poQpx6A0d1Kb4Xr
DLL2HxRAuFqg860qivEVaTs/WA8nmh5GAu2xExxXj0JZlyKGpiGypRLfdHaaIwFI
e7oW4UKG8Eay7IsBoF7AL5sjDMLxFnGBO7nyQ4farF28fGRzrx98sc2pNbmZtC4d
K3OWwLmtPE1AeK1DeHW/HAWUqHJ0G+KtF3fi+BX7Gn6NeJEoxMT3qwapxwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLbdW4LryENVi3MeRTceRWAPzJeJMB8GA1UdIwQY
MBaAFOf+IvVR6VsPFQM8UDVS5JvKYXxqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV80aTlWSHBXdzhWQXp4UU5WTGttOHBoZkdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kNjEyZTMtOTRlYi00ODY2LWI0M2Mt
ZTQwYjMwMTQwMWE5LzEvdHQxYmd1dklRMVdMY3g1Rk54NUZZQV9NbDRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kNjEyZTMtOTRlYi00ODY2LWI0M2MtZTQwYjMwMTQwMWE5
LzEvNV80aTlWSHBXdzhWQXp4UU5WTGttOHBoZkdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgu7QDAN
BgkqhkiG9w0BAQsFAAOCAQEAX7rmVMPaYHn/RV1/n5T0ei3LzjgUL+QseKDJ9sGK
vRBksFEGwabRTzqjxHvjXFW9oDxxbA9UwLHHQx12gJhKG6PKcI0YOgnXWLvAVbZO
jwEmO3LJLq8Ij9xNYnvB3e5u3UpP9Vi04Y49M8uljvH6XZ3GTb4INznzZ6MITHLE
L50LwgXObhN9xDYpekvPwkw/YZZyDjENotzAMBnxmm8cYImB6d9dWTIKSacKSw4/
xTpdmfhecl38xdRc2Gs5tzCapxMuHqbmsV9HDJC+bBWl2MvYEIKBrDdOHG15jkg/
IhfKBkFWnEGGyDEWlXFcB9A0LBhb4wsQjPZy7AhGXd7LsQ==
-----END CERTIFICATE-----
Generated at Tue Dec 10 18:08:57 2024 by rpki-client on console-ams.rpki-client.org