Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/hEQNY05FKXaT6b2EfqUPQb_P1k0.roa
File:                     hEQNY05FKXaT6b2EfqUPQb_P1k0.roa (raw, json)
Hash identifier:          PCOdh/YBA17PVWi6iDHGVeDpMmYmZO9jFp6KCrq3fwI=
Subject key identifier:   84:44:0D:63:4E:45:29:76:93:E9:BD:84:7E:A5:0F:41:BF:CF:D6:4D
Certificate issuer:       /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial:       01857246EB3C945663FCDBEE76A427B9F3A4
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/hEQNY05FKXaT6b2EfqUPQb_P1k0.roa
Signing time:             Mon 02 Jan 2023 11:38:48 +0000
ROA not before:           Mon 02 Jan 2023 11:38:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213385
IP address blocks:        2a0c:9a40:81a0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:46:eb:3c:94:56:63:fc:db:ee:76:a4:27:b9:f3:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
        Validity
            Not Before: Jan  2 11:38:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=84440d634e45297693e9bd847ea50f41bfcfd64d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:f7:fb:a3:26:50:a8:ef:2e:fc:7e:1d:9b:95:
                    08:9a:39:17:6c:b0:15:d1:87:b2:a4:3a:20:07:fa:
                    87:dd:a8:c7:8c:ff:e5:37:13:a3:47:bf:5f:b5:26:
                    89:f8:50:a3:84:3d:11:a8:97:cf:a5:b7:be:c1:3e:
                    dc:74:48:df:57:15:b2:8d:3b:66:61:65:0a:e4:51:
                    5c:81:29:c1:9c:14:5e:fa:b3:cc:33:37:ca:a6:4a:
                    f5:d8:7b:b9:45:82:27:29:61:6e:bb:ca:7d:79:38:
                    bf:4e:d5:96:d2:73:88:73:16:41:c6:20:6b:97:fe:
                    ce:17:74:c0:95:81:db:d2:d1:b8:47:46:56:e0:08:
                    d0:5a:60:e4:37:77:9c:49:9a:8b:96:59:a4:b7:c7:
                    4b:5c:b1:17:dd:83:8f:d1:86:b2:41:73:9d:89:e3:
                    e8:1a:4a:8a:a8:a1:a5:43:f1:9a:95:31:5d:c7:b1:
                    86:29:70:7c:c4:f0:1c:52:e9:49:a6:52:a1:32:63:
                    a2:bc:16:b3:58:01:9b:a4:0c:6c:db:09:60:bd:f8:
                    7f:7f:ff:55:bf:c0:1d:1f:94:8f:a5:62:bc:9e:22:
                    46:ae:0d:01:a4:0c:9b:3f:ad:b6:28:59:82:50:8b:
                    d9:2c:4b:fc:4f:85:ec:e4:57:6f:2b:d3:a8:3a:3c:
                    7a:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:44:0D:63:4E:45:29:76:93:E9:BD:84:7E:A5:0F:41:BF:CF:D6:4D
            X509v3 Authority Key Identifier:
                keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/hEQNY05FKXaT6b2EfqUPQb_P1k0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:9a40:81a0::/48

    Signature Algorithm: sha256WithRSAEncryption
         ae:f4:10:1c:bf:a1:b5:a8:c2:54:9c:f4:74:49:3a:0b:73:6a:
         af:b3:8f:ec:e4:73:c8:09:25:31:6d:f8:78:09:e2:a7:80:36:
         95:f7:61:d3:07:f8:41:a9:49:d8:d9:fa:bb:e0:36:12:b0:75:
         29:6f:55:5c:d6:87:65:7a:78:58:42:e0:cc:fd:ba:1c:2c:26:
         0d:b4:06:e6:c2:33:39:3e:d7:3c:95:f6:1c:3e:74:a5:df:fa:
         52:eb:fa:60:f6:12:a2:59:9c:c4:1e:bf:fa:b1:60:6f:6c:64:
         50:fc:de:00:f0:b4:46:11:7e:ef:37:05:13:7b:c5:47:80:1a:
         4f:26:6d:c5:20:85:1a:bd:fd:ff:cb:47:3a:23:01:09:c0:23:
         04:c2:58:88:2a:22:48:e5:4f:4b:f2:a4:fb:92:b8:35:fb:4f:
         c5:3c:9c:f0:6e:c4:68:8f:21:27:6d:f0:cc:d3:34:54:1e:8f:
         50:5a:cf:05:8b:8a:11:e3:cd:de:48:fe:bd:3f:98:45:88:a5:
         b7:c9:10:5d:fc:d3:0b:5a:90:59:4f:ef:d5:1c:28:58:fa:68:
         c6:03:7e:f5:6c:50:f1:9f:a3:a8:9c:84:9d:e1:eb:0f:0f:98:
         56:10:23:2f:cb:ff:56:d2:84:f0:13:ca:60:df:05:b5:54:c3:
         c7:6d:d8:a3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyRus8lFZj/NvudqQnufOkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwMTAyMTEzODQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDQ0MGQ2MzRlNDUyOTc2OTNlOWJkODQ3ZWE1MGY0MWJmY2ZkNjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgff7oyZQqO8u/H4dm5UImjkXbLAV
0YeypDogB/qH3ajHjP/lNxOjR79ftSaJ+FCjhD0RqJfPpbe+wT7cdEjfVxWyjTtm
YWUK5FFcgSnBnBRe+rPMMzfKpkr12Hu5RYInKWFuu8p9eTi/TtWW0nOIcxZBxiBr
l/7OF3TAlYHb0tG4R0ZW4AjQWmDkN3ecSZqLllmkt8dLXLEX3YOP0YayQXOdiePo
GkqKqKGlQ/GalTFdx7GGKXB8xPAcUulJplKhMmOivBazWAGbpAxs2wlgvfh/f/9V
v8AdH5SPpWK8niJGrg0BpAybP622KFmCUIvZLEv8T4Xs5FdvK9OoOjx6fwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIREDWNORSl2k+m9hH6lD0G/z9ZNMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvaEVRTlkwNUZLWGFUNmIyRWZxVVBRYl9QMWswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIGg
MA0GCSqGSIb3DQEBCwUAA4IBAQCu9BAcv6G1qMJUnPR0SToLc2qvs4/s5HPICSUx
bfh4CeKngDaV92HTB/hBqUnY2fq74DYSsHUpb1Vc1odlenhYQuDM/bocLCYNtAbm
wjM5Ptc8lfYcPnSl3/pS6/pg9hKiWZzEHr/6sWBvbGRQ/N4A8LRGEX7vNwUTe8VH
gBpPJm3FIIUavf3/y0c6IwEJwCMEwliIKiJI5U9L8qT7krg1+0/FPJzwbsRojyEn
bfDM0zRUHo9QWs8Fi4oR483eSP69P5hFiKW3yRBd/NMLWpBZT+/VHChY+mjGA371
bFDxn6OonISd4esPD5hWECMvy/9W0oTwE8pg3wW1VMPHbdij
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:15 2024 by rpki-client on console-ams.rpki-client.org