Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/OLdQNQAw6k9a16DWFM2QSt9gK2A.roa
File:                     OLdQNQAw6k9a16DWFM2QSt9gK2A.roa (raw, json)
Hash identifier:          CS65jN6MDfM5rzkgHd2ytSMBGC3D/OQ07jT0B/m4T30=
Subject key identifier:   38:B7:50:35:00:30:EA:4F:5A:D7:A0:D6:14:CD:90:4A:DF:60:2B:60
Certificate issuer:       /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial:       018D22E6DDB5D79D646E97B0492C377A1F2A
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/OLdQNQAw6k9a16DWFM2QSt9gK2A.roa
Signing time:             Fri 19 Jan 2024 18:06:11 +0000
ROA not before:           Fri 19 Jan 2024 18:06:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     14618
IP address blocks:        2a0c:9a40:83c0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 28 Aug 2024 22:59:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:22:e6:dd:b5:d7:9d:64:6e:97:b0:49:2c:37:7a:1f:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
        Validity
            Not Before: Jan 19 18:06:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=38b750350030ea4f5ad7a0d614cd904adf602b60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:98:5d:77:dc:8d:5d:ae:62:08:bf:94:e9:48:
                    9f:1f:db:26:e9:91:a9:29:5f:3f:0c:ba:7c:ca:20:
                    9e:9a:af:3a:25:6e:8c:b0:d7:b3:95:79:12:25:7e:
                    9e:91:5d:df:14:97:f9:4c:5d:8c:4d:43:2c:12:8a:
                    7d:cf:d9:e9:b7:3d:04:71:9f:f9:59:69:de:43:b6:
                    85:a5:13:98:3a:dd:88:44:58:66:52:71:3a:49:7c:
                    d1:1f:4f:87:35:c3:ab:86:2f:6c:0b:ca:97:d3:17:
                    bb:9b:43:d0:27:9e:10:92:35:08:ca:4b:a6:73:9e:
                    8c:19:9a:a2:01:0d:04:6e:95:23:c1:c3:2f:be:a4:
                    39:ac:9a:64:59:66:26:c4:5c:c5:1c:3a:49:1a:5e:
                    91:88:60:77:ba:d0:a4:e9:88:e2:72:94:d0:9c:fb:
                    78:9f:68:3f:a8:3b:f9:c2:9a:d3:e2:62:03:08:92:
                    28:6d:b5:c2:9d:d5:7d:87:4b:b7:91:42:09:09:3a:
                    ce:a7:a1:23:b1:b8:69:13:3e:6c:c8:c8:25:a9:2b:
                    0a:c3:5f:5b:8e:9b:b9:f7:4e:28:b5:04:bf:5b:33:
                    9a:f7:ef:7e:9a:ff:53:55:c8:84:98:6d:d2:ec:93:
                    46:d2:cf:97:47:f5:de:9a:d0:13:61:d2:b0:57:e5:
                    63:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:B7:50:35:00:30:EA:4F:5A:D7:A0:D6:14:CD:90:4A:DF:60:2B:60
            X509v3 Authority Key Identifier:
                keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/OLdQNQAw6k9a16DWFM2QSt9gK2A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:9a40:83c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         59:07:8f:5e:7d:0c:b2:de:b3:47:27:85:fe:98:0b:87:ab:c7:
         b9:04:80:4e:f7:6a:07:29:c2:49:2d:35:51:2b:2c:95:aa:36:
         77:c5:57:24:f1:25:bb:db:ae:16:2b:38:54:76:ac:ed:29:75:
         f7:3c:70:9f:63:22:91:fa:04:62:85:25:b3:b4:f8:82:45:09:
         05:90:a9:2c:55:c1:b7:45:64:73:9a:99:9f:bd:95:7d:2b:fb:
         14:8e:7e:f6:38:af:ed:11:47:22:82:65:52:f2:ed:c5:0f:54:
         0d:4a:a4:2e:67:70:d3:e3:88:59:c6:ac:80:21:0c:dc:44:96:
         87:20:76:98:25:ce:a2:2a:09:2a:57:ed:2d:74:c9:65:67:be:
         d2:92:e6:73:aa:d4:59:f1:45:d7:9e:45:a3:8c:98:27:03:40:
         18:95:68:0f:a8:1c:44:eb:07:f2:21:8e:db:34:3e:e1:9e:09:
         1b:61:17:bc:02:45:51:73:6b:b0:fc:8e:84:24:e4:e9:fd:ba:
         78:21:ee:79:8d:19:54:15:19:56:61:6b:bd:80:73:52:da:6d:
         c9:04:66:8e:ca:f1:40:7a:3a:8e:e5:1b:af:9f:b1:bb:b8:c1:
         cc:05:30:31:c2:78:dc:07:50:b2:75:b3:b0:33:d8:05:bf:2d:
         5d:cc:63:00
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY0i5t21151kbpewSSw3eh8qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTE5MTgwNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGI3NTAzNTAwMzBlYTRmNWFkN2EwZDYxNGNkOTA0YWRmNjAyYjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5hdd9yNXa5iCL+U6UifH9sm6ZGp
KV8/DLp8yiCemq86JW6MsNezlXkSJX6ekV3fFJf5TF2MTUMsEop9z9nptz0EcZ/5
WWneQ7aFpROYOt2IRFhmUnE6SXzRH0+HNcOrhi9sC8qX0xe7m0PQJ54QkjUIykum
c56MGZqiAQ0EbpUjwcMvvqQ5rJpkWWYmxFzFHDpJGl6RiGB3utCk6YjicpTQnPt4
n2g/qDv5wprT4mIDCJIobbXCndV9h0u3kUIJCTrOp6EjsbhpEz5syMglqSsKw19b
jpu5904otQS/WzOa9+9+mv9TVciEmG3S7JNG0s+XR/XemtATYdKwV+VjNQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDi3UDUAMOpPWteg1hTNkErfYCtgMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvT0xkUU5RQXc2azlhMTZEV0ZNMlFTdDlnSzJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIPA
MA0GCSqGSIb3DQEBCwUAA4IBAQBZB49efQyy3rNHJ4X+mAuHq8e5BIBO92oHKcJJ
LTVRKyyVqjZ3xVck8SW7264WKzhUdqztKXX3PHCfYyKR+gRihSWztPiCRQkFkKks
VcG3RWRzmpmfvZV9K/sUjn72OK/tEUcigmVS8u3FD1QNSqQuZ3DT44hZxqyAIQzc
RJaHIHaYJc6iKgkqV+0tdMllZ77SkuZzqtRZ8UXXnkWjjJgnA0AYlWgPqBxE6wfy
IY7bND7hngkbYRe8AkVRc2uw/I6EJOTp/bp4Ie55jRlUFRlWYWu9gHNS2m3JBGaO
yvFAejqO5Ruvn7G7uMHMBTAxwnjcB1CydbOwM9gFvy1dzGMA
-----END CERTIFICATE-----
Generated at Thu Aug 29 01:57:07 2024 by rpki-client on console-ams.rpki-client.org