Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/cRNsOYQa155yKoh8HeyeQ_3dPAE.roa
File:                     cRNsOYQa155yKoh8HeyeQ_3dPAE.roa (raw, json)
Hash identifier:          okwHHtUyYcx5r3qgB2/3KsBM09b6W5gfGp5qBQeesk4=
Subject key identifier:   71:13:6C:39:84:1A:D7:9E:72:2A:88:7C:1D:EC:9E:43:FD:DD:3C:01
Certificate issuer:       /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial:       0189F60FA7368951F3A9456AA65E262DAF84
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/cRNsOYQa155yKoh8HeyeQ_3dPAE.roa
Signing time:             Mon 14 Aug 2023 21:59:28 +0000
ROA not before:           Mon 14 Aug 2023 21:59:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58336
IP address blocks:        2a0c:9a40:9e00::/40 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:f6:0f:a7:36:89:51:f3:a9:45:6a:a6:5e:26:2d:af:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
        Validity
            Not Before: Aug 14 21:59:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=71136c39841ad79e722a887c1dec9e43fddd3c01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:bb:aa:63:22:6b:43:b4:12:e0:db:8e:b2:38:
                    03:b5:1b:7a:ec:0a:0a:43:c4:b8:29:01:98:9e:de:
                    17:d1:ab:47:7a:b1:bf:14:69:03:57:97:2c:b6:6b:
                    f7:10:ea:b8:67:0f:dc:b1:2d:f4:a0:c7:c3:eb:05:
                    da:6c:cc:9c:65:f1:8a:79:7a:56:92:c1:cd:46:58:
                    3a:39:b8:4c:36:69:09:1a:6a:d5:82:42:a5:08:5d:
                    cc:bd:48:d8:02:1a:ad:04:45:53:bc:60:e0:76:cb:
                    7f:b6:ba:30:86:cd:d7:c0:2e:18:cf:81:80:a6:a1:
                    45:06:ad:c8:dd:ac:cf:13:ca:cd:b5:43:df:97:13:
                    e6:ac:00:c8:4f:fc:53:59:e9:02:92:9a:40:3e:4c:
                    bc:f4:da:9e:66:b7:47:a9:c2:41:90:49:6c:77:cb:
                    0c:55:50:d0:0f:f2:e4:87:bb:9a:6c:ad:36:3e:06:
                    04:ea:5e:08:47:0f:ef:f2:2e:06:1f:a7:49:c6:0a:
                    d0:bb:12:69:27:04:68:3c:0f:4e:f5:59:7c:69:37:
                    94:13:cd:32:71:44:2c:f4:11:f7:b4:fc:d9:67:26:
                    df:4a:5e:f3:12:d2:59:4e:17:f3:d3:66:70:7a:fc:
                    a8:59:44:1d:82:35:4e:c7:bf:6f:a6:72:a8:ee:31:
                    c6:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:13:6C:39:84:1A:D7:9E:72:2A:88:7C:1D:EC:9E:43:FD:DD:3C:01
            X509v3 Authority Key Identifier:
                keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/cRNsOYQa155yKoh8HeyeQ_3dPAE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:9a40:9e00::/40

    Signature Algorithm: sha256WithRSAEncryption
         1c:cf:0e:c9:ff:5a:e6:2a:d8:bf:2c:64:86:2b:4e:69:a0:e9:
         53:4f:b1:ea:f0:62:43:ae:b2:5d:b3:f1:58:b0:bb:53:6b:26:
         39:cb:c9:f2:3e:47:40:4b:33:b0:5a:13:e7:0a:d1:a4:5b:11:
         02:a1:4e:e3:98:ef:37:5a:f9:d8:e1:97:98:6b:9b:ff:c3:0d:
         eb:7e:54:fc:95:dd:d6:1c:c0:de:ea:1b:ed:ed:f4:97:5a:c1:
         58:21:de:54:69:25:fd:5c:50:eb:17:bb:bd:08:6c:a2:ce:10:
         35:c5:b9:e5:2f:18:61:ab:1a:31:5b:27:15:eb:88:6e:f6:45:
         b3:63:72:76:fc:93:57:6d:a7:e6:cf:9c:22:b1:e0:f6:65:02:
         69:ad:64:96:7a:ae:8f:47:84:0b:8f:53:02:51:14:50:41:ad:
         a5:5b:fb:da:6f:85:c6:7a:8e:60:28:b1:d3:1c:dc:f6:c7:a4:
         d5:88:20:b5:03:49:eb:5c:b9:b4:78:be:5b:3d:6c:f1:6b:91:
         08:a8:75:e9:d1:2b:1a:dc:40:b1:34:8d:b2:6c:c2:a8:6d:ec:
         f0:35:0a:6a:ca:00:1c:1e:30:f8:e3:67:ce:0a:7c:45:88:d6:
         57:6b:2f:ce:0e:44:ae:17:42:dd:05:cb:6f:18:d2:d6:3d:8b:
         03:dd:1f:ff
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYn2D6c2iVHzqUVqpl4mLa+EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwODE0MjE1OTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTEzNmMzOTg0MWFkNzllNzIyYTg4N2MxZGVjOWU0M2ZkZGQzYzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6buqYyJrQ7QS4NuOsjgDtRt67AoK
Q8S4KQGYnt4X0atHerG/FGkDV5cstmv3EOq4Zw/csS30oMfD6wXabMycZfGKeXpW
ksHNRlg6ObhMNmkJGmrVgkKlCF3MvUjYAhqtBEVTvGDgdst/trowhs3XwC4Yz4GA
pqFFBq3I3azPE8rNtUPflxPmrADIT/xTWekCkppAPky89NqeZrdHqcJBkElsd8sM
VVDQD/Lkh7uabK02PgYE6l4IRw/v8i4GH6dJxgrQuxJpJwRoPA9O9Vl8aTeUE80y
cUQs9BH3tPzZZybfSl7zEtJZThfz02ZwevyoWUQdgjVOx79vpnKo7jHGvQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFHETbDmEGteeciqIfB3snkP93TwBMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvY1JOc09ZUWExNTV5S29oOEhleWVRXzNkUEFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgyaQJ4w
DQYJKoZIhvcNAQELBQADggEBABzPDsn/WuYq2L8sZIYrTmmg6VNPserwYkOusl2z
8Viwu1NrJjnLyfI+R0BLM7BaE+cK0aRbEQKhTuOY7zda+djhl5hrm//DDet+VPyV
3dYcwN7qG+3t9JdawVgh3lRpJf1cUOsXu70IbKLOEDXFueUvGGGrGjFbJxXriG72
RbNjcnb8k1dtp+bPnCKx4PZlAmmtZJZ6ro9HhAuPUwJRFFBBraVb+9pvhcZ6jmAo
sdMc3PbHpNWIILUDSetcubR4vls9bPFrkQiodenRKxrcQLE0jbJswqht7PA1CmrK
ABweMPjjZ84KfEWI1ldrL84ORK4XQt0Fy28Y0tY9iwPdH/8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:15 2024 by rpki-client on console-ams.rpki-client.org