Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/tCqZeY3uKIdl2odUYjlRr38hYIc.roa
File:                     tCqZeY3uKIdl2odUYjlRr38hYIc.roa (raw, json)
Hash identifier:          MrH1AU7EeUj2SAjWM0l7DMrM9YrWl0BJ66J+toNNT0M=
Subject key identifier:   B4:2A:99:79:8D:EE:28:87:65:DA:87:54:62:39:51:AF:7F:21:60:87
Certificate issuer:       /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial:       01857246CDA57C8B2CED69065B51FE4765B9
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/tCqZeY3uKIdl2odUYjlRr38hYIc.roa
Signing time:             Mon 02 Jan 2023 11:38:40 +0000
ROA not before:           Mon 02 Jan 2023 11:38:40 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202297
IP address blocks:        2a0c:9a40:8089::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:46:cd:a5:7c:8b:2c:ed:69:06:5b:51:fe:47:65:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
        Validity
            Not Before: Jan  2 11:38:40 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b42a99798dee288765da8754623951af7f216087
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:28:57:28:fe:42:2f:90:4c:cb:16:67:10:6c:
                    cc:5d:9b:87:19:39:8b:10:2f:58:4b:f1:42:ae:96:
                    1c:f6:11:aa:db:67:8e:e1:82:5a:3e:7b:3b:e0:ca:
                    e5:d2:d2:60:9e:0d:aa:7c:45:78:57:4d:50:c5:39:
                    f7:75:cc:84:a5:fb:6d:6c:06:e0:0c:3a:64:99:1e:
                    dc:d8:d6:1f:99:23:46:ec:85:1a:f6:a9:e0:80:51:
                    4a:5b:03:93:ee:71:73:8d:86:76:66:82:20:94:a4:
                    b4:ae:28:99:e6:ce:47:14:f9:32:ef:2a:ae:d0:2f:
                    46:0f:22:ad:79:bf:2a:75:4e:97:d9:09:12:58:e5:
                    3e:a6:6e:26:f3:74:b7:e6:e2:d9:50:85:ca:1d:d7:
                    6c:bd:b2:56:a7:f6:57:75:70:0d:ba:b7:c1:56:0a:
                    03:aa:00:a1:16:db:9a:e5:bc:82:a6:e4:6e:de:dd:
                    98:8e:8a:eb:14:a0:a3:f1:81:8a:cf:8c:c7:45:df:
                    aa:c8:ad:6b:7d:57:58:fc:64:02:88:b0:de:63:fb:
                    f7:19:e7:f2:76:27:33:92:56:76:e9:09:c9:73:bb:
                    7f:47:23:ab:50:52:49:4a:5e:cd:b3:e5:1d:8d:83:
                    71:e7:f0:b4:17:95:06:f0:87:1e:62:07:38:95:a6:
                    0a:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:2A:99:79:8D:EE:28:87:65:DA:87:54:62:39:51:AF:7F:21:60:87
            X509v3 Authority Key Identifier:
                keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/tCqZeY3uKIdl2odUYjlRr38hYIc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:9a40:8089::/48

    Signature Algorithm: sha256WithRSAEncryption
         5f:7a:03:d4:c1:88:c9:07:a3:ca:17:b3:96:c8:16:e7:3f:86:
         14:e5:7b:cd:41:b9:8a:b2:a5:d8:e9:6b:80:1b:68:c4:bf:bd:
         82:c1:7c:2c:1e:02:70:a8:c1:aa:ec:40:cc:43:eb:fb:87:69:
         86:87:03:13:98:12:01:5b:90:c2:55:d4:0b:95:4f:d6:d9:29:
         b6:77:ee:9f:1c:68:6d:48:74:1a:43:be:1b:09:a0:36:eb:c5:
         54:88:8f:e2:7d:ff:2e:43:98:1f:32:f3:9a:e3:8a:e6:81:cf:
         2c:5c:87:1d:c5:58:4a:af:f2:a9:d6:45:0f:54:eb:04:ee:c5:
         00:7a:af:4c:ab:b3:12:6a:b1:1f:1e:5e:2e:bd:a2:e0:87:b0:
         f0:73:f4:c9:84:e4:f1:44:1a:ed:ba:4a:36:93:2f:6c:01:b1:
         7c:5c:76:ec:3b:63:44:32:72:c5:3e:b5:8c:c0:93:67:4b:8d:
         91:04:45:75:f3:23:d5:b6:7a:b4:89:1a:8c:7b:c7:36:a7:d6:
         3b:78:5a:40:00:5c:53:14:30:a3:d7:84:52:8b:1b:be:70:cd:
         4a:db:60:b0:12:5d:1a:78:08:aa:ff:1f:69:c5:61:04:00:0c:
         86:4d:bf:65:8f:73:1b:46:7f:05:f9:8b:16:87:9b:a3:03:84:
         31:f7:52:ca
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyRs2lfIss7WkGW1H+R2W5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwMTAyMTEzODQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDJhOTk3OThkZWUyODg3NjVkYTg3NTQ2MjM5NTFhZjdmMjE2MDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzChXKP5CL5BMyxZnEGzMXZuHGTmL
EC9YS/FCrpYc9hGq22eO4YJaPns74Mrl0tJgng2qfEV4V01QxTn3dcyEpfttbAbg
DDpkmR7c2NYfmSNG7IUa9qnggFFKWwOT7nFzjYZ2ZoIglKS0riiZ5s5HFPky7yqu
0C9GDyKteb8qdU6X2QkSWOU+pm4m83S35uLZUIXKHddsvbJWp/ZXdXANurfBVgoD
qgChFtua5byCpuRu3t2YjorrFKCj8YGKz4zHRd+qyK1rfVdY/GQCiLDeY/v3Gefy
diczklZ26QnJc7t/RyOrUFJJSl7Ns+UdjYNx5/C0F5UG8IceYgc4laYK3wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLQqmXmN7iiHZdqHVGI5Ua9/IWCHMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvdENxWmVZM3VLSWRsMm9kVVlqbFJyMzhoWUljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQICJ
MA0GCSqGSIb3DQEBCwUAA4IBAQBfegPUwYjJB6PKF7OWyBbnP4YU5XvNQbmKsqXY
6WuAG2jEv72CwXwsHgJwqMGq7EDMQ+v7h2mGhwMTmBIBW5DCVdQLlU/W2Sm2d+6f
HGhtSHQaQ74bCaA268VUiI/iff8uQ5gfMvOa44rmgc8sXIcdxVhKr/Kp1kUPVOsE
7sUAeq9Mq7MSarEfHl4uvaLgh7Dwc/TJhOTxRBrtuko2ky9sAbF8XHbsO2NEMnLF
PrWMwJNnS42RBEV18yPVtnq0iRqMe8c2p9Y7eFpAAFxTFDCj14RSixu+cM1K22Cw
El0aeAiq/x9pxWEEAAyGTb9lj3MbRn8F+YsWh5ujA4Qx91LK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:50 2024 by rpki-client on console-fra.rpki-client.org