Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/jQzqawrpEWkWECVCTS96pXc8mkI.roa
File:                     jQzqawrpEWkWECVCTS96pXc8mkI.roa (raw, json)
Hash identifier:          4JvGZM1RhyTrMjc7VCCE4VgMR3uf1UiByNwSTSrs3C0=
Subject key identifier:   8D:0C:EA:6B:0A:E9:11:69:16:10:25:42:4D:2F:7A:A5:77:3C:9A:42
Certificate issuer:       /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial:       018C72CB7848FAFD633DCD3FB026FAE75D23
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/jQzqawrpEWkWECVCTS96pXc8mkI.roa
Signing time:             Sat 16 Dec 2023 13:23:06 +0000
ROA not before:           Sat 16 Dec 2023 13:23:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     40676
IP address blocks:        2a0c:9a40:9c10::/44 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:72:cb:78:48:fa:fd:63:3d:cd:3f:b0:26:fa:e7:5d:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
        Validity
            Not Before: Dec 16 13:23:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8d0cea6b0ae91169161025424d2f7aa5773c9a42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:bd:ad:e2:6b:ea:3e:40:b1:d0:3a:e3:71:c6:
                    b1:4c:dd:3a:67:9a:a1:06:81:24:6b:45:55:7d:56:
                    0a:41:30:ca:39:e2:d1:dd:d7:ed:f0:af:05:39:b1:
                    72:19:db:ee:9c:56:50:f3:ce:a9:a4:2a:22:c5:f4:
                    12:8e:54:24:1e:2d:88:bb:8a:a9:c1:9f:54:8f:3e:
                    5b:22:d0:ce:20:e4:af:eb:ef:79:3b:4e:12:00:5c:
                    e0:58:32:d7:59:f4:7e:52:b9:6a:08:de:1c:1f:47:
                    36:e3:81:f0:f0:3e:be:09:00:62:1a:76:27:69:1a:
                    f1:35:ec:f6:26:d9:8e:86:fc:6c:e8:27:35:7f:b4:
                    61:54:46:1e:c2:5a:db:62:b1:ca:84:10:95:9e:1a:
                    f6:c7:74:73:1c:15:32:e8:d6:8c:ec:db:5f:bc:28:
                    43:61:1f:f5:6a:20:90:ed:7d:77:55:54:d4:95:fa:
                    ca:ba:e3:a4:4f:f4:7b:c5:c7:65:3c:c2:75:77:15:
                    fe:ce:33:ad:44:8b:5c:86:8c:87:ed:7c:4b:82:ad:
                    ee:dc:cf:bc:59:24:49:14:c1:02:54:2e:f7:64:60:
                    90:13:ce:02:6d:96:92:35:00:c4:87:c3:c8:a3:b4:
                    0d:03:80:c9:61:09:59:29:dc:d2:6a:4e:b4:03:d7:
                    ef:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:0C:EA:6B:0A:E9:11:69:16:10:25:42:4D:2F:7A:A5:77:3C:9A:42
            X509v3 Authority Key Identifier:
                keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/jQzqawrpEWkWECVCTS96pXc8mkI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:9a40:9c10::/44

    Signature Algorithm: sha256WithRSAEncryption
         8b:5e:93:d1:eb:27:e9:ac:3a:a5:2d:7e:78:14:d2:51:2d:83:
         e4:df:76:b0:56:1f:24:6e:fe:16:0a:18:18:3e:05:62:f4:d9:
         a3:13:f3:8a:dc:b5:6b:7c:c6:a2:e6:8e:1b:4b:7a:38:50:6b:
         4b:b9:36:39:43:d1:64:c6:28:17:66:bb:ca:96:4f:07:58:0e:
         64:41:3e:fc:dc:97:e9:d8:ab:21:db:bf:af:ce:ad:c5:a1:e5:
         49:d1:a8:f2:11:a7:ed:80:2e:06:75:cd:ae:25:55:d6:5b:13:
         7a:be:53:a8:ab:db:4e:c7:88:e6:65:76:83:c8:33:46:f3:b5:
         5c:9f:b9:8d:0b:3f:84:b4:b5:3e:8c:71:56:e6:55:69:de:de:
         d5:04:11:f8:a0:c7:0d:00:f3:53:10:5e:de:14:ca:56:04:db:
         21:19:f2:17:37:13:88:99:9c:08:8a:c4:b4:e2:55:77:ec:61:
         fa:16:8c:b5:ca:ca:be:64:7b:3c:a0:b6:e7:ae:85:ec:63:ad:
         98:ef:fb:aa:fa:ea:f4:4f:31:a6:15:38:37:77:b7:35:87:70:
         20:13:39:ec:e7:d7:84:cb:f5:e9:5a:2a:19:6d:34:e6:67:dd:
         05:b1:10:5d:e5:e1:35:32:ab:c5:25:a4:fc:97:9c:d6:23:c0:
         c5:78:3c:d0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYxyy3hI+v1jPc0/sCb6510jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMxMjE2MTMyMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDBjZWE2YjBhZTkxMTY5MTYxMDI1NDI0ZDJmN2FhNTc3M2M5YTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArL2t4mvqPkCx0DrjccaxTN06Z5qh
BoEka0VVfVYKQTDKOeLR3dft8K8FObFyGdvunFZQ886ppCoixfQSjlQkHi2Iu4qp
wZ9Ujz5bItDOIOSv6+95O04SAFzgWDLXWfR+UrlqCN4cH0c244Hw8D6+CQBiGnYn
aRrxNez2JtmOhvxs6Cc1f7RhVEYewlrbYrHKhBCVnhr2x3RzHBUy6NaM7NtfvChD
YR/1aiCQ7X13VVTUlfrKuuOkT/R7xcdlPMJ1dxX+zjOtRItchoyH7XxLgq3u3M+8
WSRJFMECVC73ZGCQE84CbZaSNQDEh8PIo7QNA4DJYQlZKdzSak60A9fvPwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFI0M6msK6RFpFhAlQk0veqV3PJpCMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvalF6cWF3cnBFV2tXRUNWQ1RTOTZwWGM4bWtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQJwQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCLXpPR6yfprDqlLX54FNJRLYPk33awVh8kbv4W
ChgYPgVi9NmjE/OK3LVrfMai5o4bS3o4UGtLuTY5Q9FkxigXZrvKlk8HWA5kQT78
3Jfp2Ksh27+vzq3FoeVJ0ajyEaftgC4Gdc2uJVXWWxN6vlOoq9tOx4jmZXaDyDNG
87Vcn7mNCz+EtLU+jHFW5lVp3t7VBBH4oMcNAPNTEF7eFMpWBNshGfIXNxOImZwI
isS04lV37GH6Foy1ysq+ZHs8oLbnroXsY62Y7/uq+ur0TzGmFTg3d7c1h3AgEzns
59eEy/XpWioZbTTmZ90FsRBd5eE1MqvFJaT8l5zWI8DFeDzQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:15 2024 by rpki-client on console-ams.rpki-client.org