Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/s3Y6OYqURh9oXFe2ocGAPWVdSv4.roa
File:                     s3Y6OYqURh9oXFe2ocGAPWVdSv4.roa (raw, json)
Hash identifier:          hlbl3N1myXEIePqd6n9THin3EigSiE/38bludEOO3W0=
Subject key identifier:   B3:76:3A:39:8A:94:46:1F:68:5C:57:B6:A1:C1:80:3D:65:5D:4A:FE
Certificate issuer:       /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial:       01857246C1D6590D1A9979758082B59A6269
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/s3Y6OYqURh9oXFe2ocGAPWVdSv4.roa
Signing time:             Mon 02 Jan 2023 11:38:37 +0000
ROA not before:           Mon 02 Jan 2023 11:38:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48646
IP address blocks:        2a0c:9a40:808a::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:46:c1:d6:59:0d:1a:99:79:75:80:82:b5:9a:62:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
        Validity
            Not Before: Jan  2 11:38:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b3763a398a94461f685c57b6a1c1803d655d4afe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:a4:a9:e8:6e:a8:61:51:cb:8c:90:bf:c7:02:
                    3e:d1:f8:79:0d:7f:ff:ad:d1:4b:71:b7:1b:b1:2f:
                    aa:ec:e6:f9:be:3f:07:71:78:6c:15:1d:60:10:17:
                    9d:51:c6:cd:e7:d4:b1:68:dc:31:83:fb:98:26:58:
                    8d:68:4b:b0:d9:b0:0c:2e:9b:99:5f:47:10:0c:88:
                    f3:f4:8d:a6:e6:fc:64:d6:9d:24:f8:a2:9c:84:fd:
                    3c:a9:3e:8c:e0:5a:c6:a3:3d:10:fa:0c:9a:c6:c2:
                    21:45:68:51:dd:e8:4e:63:3b:ec:e1:4d:cd:53:91:
                    f0:bd:ed:91:c7:fd:57:2e:0d:48:8d:a7:df:fe:8f:
                    0e:67:2b:52:93:88:a8:d1:f2:a5:ef:93:09:bd:f8:
                    9c:b8:09:4f:4c:21:f3:86:ed:22:e1:5e:91:b5:e4:
                    51:f9:4d:99:f8:9b:9a:1e:fb:73:8b:7b:84:2b:df:
                    a0:ed:d2:e3:85:25:44:67:7a:24:d0:5b:03:7e:f4:
                    0d:50:f9:d3:66:db:80:60:b0:8f:02:9e:fe:cf:92:
                    77:6d:33:a9:d9:b8:27:6e:ac:db:e7:bf:a7:12:4d:
                    91:c1:56:77:ff:87:43:60:3a:eb:0f:e7:d5:07:e9:
                    47:41:4b:f6:d1:55:ad:13:48:2d:36:35:c3:20:bc:
                    0c:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:76:3A:39:8A:94:46:1F:68:5C:57:B6:A1:C1:80:3D:65:5D:4A:FE
            X509v3 Authority Key Identifier:
                keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/s3Y6OYqURh9oXFe2ocGAPWVdSv4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:9a40:808a::/48

    Signature Algorithm: sha256WithRSAEncryption
         30:7c:d2:d9:b9:54:35:cd:0c:85:e0:62:81:9b:39:cf:78:1f:
         0d:a3:57:dc:bd:37:04:24:dd:43:42:9b:b8:bf:18:9c:13:8b:
         df:1c:f8:c5:f8:06:e7:b9:dd:a3:25:6a:d3:89:dd:f9:20:cc:
         1d:38:0c:fe:5a:51:89:ea:da:75:7e:1e:0e:34:50:51:8f:55:
         cf:33:3b:81:b1:74:b2:65:65:06:53:d0:ee:63:27:a5:bb:25:
         2a:18:d0:8e:b4:2b:66:15:24:40:08:ee:c8:8e:3a:32:07:01:
         c4:33:a3:f0:13:06:55:9f:10:1e:b4:1f:75:68:10:d9:01:c9:
         b4:13:20:ca:7d:22:86:9f:c5:1f:d5:97:ab:fa:65:11:f5:93:
         3d:23:36:52:e7:25:6f:1b:18:34:77:c4:fc:82:f2:3b:63:94:
         ba:61:0e:95:d9:55:ba:0f:a7:89:b0:12:23:c9:82:82:8f:68:
         ce:b7:ba:bc:3f:a0:69:39:8d:8b:ef:25:f7:9c:19:b0:df:9f:
         cd:fd:59:2e:ca:d3:d1:2d:c9:44:fd:a8:96:18:5e:4b:87:b7:
         fa:42:fd:f6:42:80:62:d6:62:a4:ec:a5:4b:74:84:d6:b5:43:
         b6:60:c5:a9:a0:7f:87:52:c8:2b:f9:86:50:5c:48:55:de:a2:
         5c:fe:bc:0b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyRsHWWQ0amXl1gIK1mmJpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwMTAyMTEzODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzc2M2EzOThhOTQ0NjFmNjg1YzU3YjZhMWMxODAzZDY1NWQ0YWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6Sp6G6oYVHLjJC/xwI+0fh5DX//
rdFLcbcbsS+q7Ob5vj8HcXhsFR1gEBedUcbN59SxaNwxg/uYJliNaEuw2bAMLpuZ
X0cQDIjz9I2m5vxk1p0k+KKchP08qT6M4FrGoz0Q+gyaxsIhRWhR3ehOYzvs4U3N
U5Hwve2Rx/1XLg1Ijaff/o8OZytSk4io0fKl75MJvficuAlPTCHzhu0i4V6RteRR
+U2Z+JuaHvtzi3uEK9+g7dLjhSVEZ3ok0FsDfvQNUPnTZtuAYLCPAp7+z5J3bTOp
2bgnbqzb57+nEk2RwVZ3/4dDYDrrD+fVB+lHQUv20VWtE0gtNjXDILwMDwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLN2OjmKlEYfaFxXtqHBgD1lXUr+MB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvczNZNk9ZcVVSaDlvWEZlMm9jR0FQV1ZkU3Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQICK
MA0GCSqGSIb3DQEBCwUAA4IBAQAwfNLZuVQ1zQyF4GKBmznPeB8No1fcvTcEJN1D
Qpu4vxicE4vfHPjF+Abnud2jJWrTid35IMwdOAz+WlGJ6tp1fh4ONFBRj1XPMzuB
sXSyZWUGU9DuYyeluyUqGNCOtCtmFSRACO7IjjoyBwHEM6PwEwZVnxAetB91aBDZ
Acm0EyDKfSKGn8Uf1Zer+mUR9ZM9IzZS5yVvGxg0d8T8gvI7Y5S6YQ6V2VW6D6eJ
sBIjyYKCj2jOt7q8P6BpOY2L7yX3nBmw35/N/VkuytPRLclE/aiWGF5Lh7f6Qv32
QoBi1mKk7KVLdITWtUO2YMWpoH+HUsgr+YZQXEhV3qJc/rwL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:50 2024 by rpki-client on console-fra.rpki-client.org