Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/6k6eMz9U83cFrYzVBN0Urkr1QJA.roa
File:                     6k6eMz9U83cFrYzVBN0Urkr1QJA.roa (raw, json)
Hash identifier:          Mq860T2wAbqREpoD4JQg5dIUs2VpgD1Y9OKx0+gxXSU=
Subject key identifier:   EA:4E:9E:33:3F:54:F3:77:05:AD:8C:D5:04:DD:14:AE:4A:F5:40:90
Certificate issuer:       /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial:       01857246E621A0B46A6DAF0188182396C9C0
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/6k6eMz9U83cFrYzVBN0Urkr1QJA.roa
Signing time:             Mon 02 Jan 2023 11:38:47 +0000
ROA not before:           Mon 02 Jan 2023 11:38:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212925
IP address blocks:        2a0c:9a40:8020::/44 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:46:e6:21:a0:b4:6a:6d:af:01:88:18:23:96:c9:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
        Validity
            Not Before: Jan  2 11:38:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ea4e9e333f54f37705ad8cd504dd14ae4af54090
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:8f:c0:0a:88:07:ec:56:39:0a:60:d9:72:17:
                    a1:d1:e8:6b:2c:92:40:89:07:6d:87:61:18:be:d2:
                    2b:09:d0:48:bd:26:3e:00:e1:65:db:08:eb:d1:dd:
                    27:bc:b6:1f:3d:4f:5e:9b:1a:e6:87:d4:21:56:3a:
                    d6:4f:3d:fa:4e:94:f0:d6:ea:90:00:df:b0:41:d3:
                    23:26:ab:76:d8:ea:7d:3d:17:f8:f8:6e:ad:8f:73:
                    9f:75:1d:d9:30:31:ba:30:2b:3a:99:9c:86:ac:20:
                    19:1d:81:f5:f0:91:ab:a7:72:61:1c:65:67:2f:10:
                    58:be:ba:12:39:58:cc:ed:7c:36:6c:18:8a:6c:64:
                    8f:06:c4:c7:87:ef:f4:0f:67:87:91:f2:98:7a:69:
                    70:ce:33:e1:ee:1b:ca:9d:e8:aa:fa:99:64:44:20:
                    92:b1:10:8c:7a:9d:25:fb:87:4b:92:c5:ee:e8:c4:
                    0a:d9:d3:11:5b:8b:1c:21:e4:60:79:e1:ad:2d:df:
                    3c:be:10:e0:11:2a:3d:64:8b:c0:2b:f0:8f:18:6e:
                    04:0f:3b:69:64:53:6c:51:5f:36:d7:4c:3d:28:4b:
                    79:f5:6f:00:57:74:67:f9:56:43:9c:00:74:be:bf:
                    6a:fa:03:32:72:d2:d5:ee:81:37:b4:01:4d:23:ec:
                    43:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:4E:9E:33:3F:54:F3:77:05:AD:8C:D5:04:DD:14:AE:4A:F5:40:90
            X509v3 Authority Key Identifier:
                keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/6k6eMz9U83cFrYzVBN0Urkr1QJA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:9a40:8020::/44

    Signature Algorithm: sha256WithRSAEncryption
         72:68:63:4b:2e:15:f6:a6:d0:ae:0a:e8:3c:45:c0:16:f8:14:
         9b:03:ab:0e:91:d8:02:86:ff:18:c0:86:18:80:9e:e6:d0:f6:
         32:63:e4:25:34:5f:92:9c:ed:b6:4c:d4:99:66:d2:31:e1:46:
         37:10:53:88:e0:c3:ca:4a:c1:41:73:1b:15:ee:5b:ea:03:81:
         31:20:d2:7c:7d:31:14:6f:31:3d:d6:a3:8a:5b:13:f3:ee:b4:
         ab:c2:3e:fc:53:9f:99:fc:df:e8:e4:09:72:79:08:4c:5a:9a:
         c6:25:e9:84:e7:4c:b0:33:92:a6:94:bd:d4:a3:7c:56:3d:5b:
         a1:22:3d:97:1c:47:f3:8c:02:1c:f7:bf:83:6a:57:eb:79:61:
         00:4a:10:dd:bc:b0:84:09:17:fa:64:58:13:9a:88:3f:dc:27:
         0a:3e:dc:82:ae:fa:ce:2f:f5:5d:bc:72:c0:ff:ed:d1:bb:6f:
         a6:d0:86:7e:9d:3d:e1:48:8a:b5:5d:65:a6:62:de:54:68:40:
         26:b2:d2:38:53:3c:15:c1:89:ac:35:b3:bb:90:17:f3:37:9d:
         52:cd:b5:5c:6e:18:f1:48:f5:00:5f:ff:37:9b:7c:fd:81:5f:
         4c:e8:21:23:55:9a:2b:06:9c:35:f9:b1:c9:7d:ec:43:20:c0:
         c8:39:4d:87
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyRuYhoLRqba8BiBgjlsnAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwMTAyMTEzODQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTRlOWUzMzNmNTRmMzc3MDVhZDhjZDUwNGRkMTRhZTRhZjU0MDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjo/ACogH7FY5CmDZcheh0ehrLJJA
iQdth2EYvtIrCdBIvSY+AOFl2wjr0d0nvLYfPU9emxrmh9QhVjrWTz36TpTw1uqQ
AN+wQdMjJqt22Op9PRf4+G6tj3OfdR3ZMDG6MCs6mZyGrCAZHYH18JGrp3JhHGVn
LxBYvroSOVjM7Xw2bBiKbGSPBsTHh+/0D2eHkfKYemlwzjPh7hvKneiq+plkRCCS
sRCMep0l+4dLksXu6MQK2dMRW4scIeRgeeGtLd88vhDgESo9ZIvAK/CPGG4EDztp
ZFNsUV8210w9KEt59W8AV3Rn+VZDnAB0vr9q+gMyctLV7oE3tAFNI+xD3wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOpOnjM/VPN3Ba2M1QTdFK5K9UCQMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvNms2ZU16OVU4M2NGcll6VkJOMFVya3IxUUpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQIAg
MA0GCSqGSIb3DQEBCwUAA4IBAQByaGNLLhX2ptCuCug8RcAW+BSbA6sOkdgChv8Y
wIYYgJ7m0PYyY+QlNF+SnO22TNSZZtIx4UY3EFOI4MPKSsFBcxsV7lvqA4ExINJ8
fTEUbzE91qOKWxPz7rSrwj78U5+Z/N/o5AlyeQhMWprGJemE50ywM5KmlL3Uo3xW
PVuhIj2XHEfzjAIc97+DalfreWEAShDdvLCECRf6ZFgTmog/3CcKPtyCrvrOL/Vd
vHLA/+3Ru2+m0IZ+nT3hSIq1XWWmYt5UaEAmstI4UzwVwYmsNbO7kBfzN51SzbVc
bhjxSPUAX/83m3z9gV9M6CEjVZorBpw1+bHJfexDIMDIOU2H
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:49 2024 by rpki-client on console-fra.rpki-client.org