Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/zLKj3FjK0ghmWZz3tZoHp4e_siQ.roa
File:                     zLKj3FjK0ghmWZz3tZoHp4e_siQ.roa (raw, json)
Hash identifier:          4Liwr4A9Q2/aTrAUf2McEN5euBXUkeNBFX88kzX74DQ=
Subject key identifier:   CC:B2:A3:DC:58:CA:D2:08:66:59:9C:F7:B5:9A:07:A7:87:BF:B2:24
Certificate issuer:       /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial:       01857246ECAE99501DE676F4ABDFEDCF9A97
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/zLKj3FjK0ghmWZz3tZoHp4e_siQ.roa
Signing time:             Mon 02 Jan 2023 11:38:48 +0000
ROA not before:           Mon 02 Jan 2023 11:38:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     398549
IP address blocks:        2a0c:9a40:8d00::/40 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:46:ec:ae:99:50:1d:e6:76:f4:ab:df:ed:cf:9a:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
        Validity
            Not Before: Jan  2 11:38:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ccb2a3dc58cad20866599cf7b59a07a787bfb224
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:90:04:0c:79:6b:e2:4e:60:f5:dd:3c:04:15:
                    b6:93:ca:63:3a:ff:bc:6c:b1:a7:2a:68:30:fd:7a:
                    4f:9c:a5:47:d8:ca:cf:06:5f:4b:c7:43:37:a7:fb:
                    ee:19:48:85:ef:04:da:3a:91:3f:af:bc:a3:c1:0b:
                    b6:1a:9e:35:c7:77:2b:4a:bc:58:8c:e0:9d:67:ce:
                    ac:3e:90:ba:84:bc:0a:4b:15:ac:35:c1:fd:c3:06:
                    42:eb:02:7e:06:9f:ab:73:87:de:99:a2:49:04:08:
                    eb:dc:08:64:dd:3d:3e:bb:bd:ed:7e:7d:3b:5e:7c:
                    ab:5e:11:c8:a4:0d:9a:a1:0e:7b:3f:ad:b5:83:5e:
                    47:9d:dd:97:3f:be:73:ec:ec:ff:7a:af:7f:7a:29:
                    18:43:fa:8d:1e:d2:54:0a:61:23:d4:75:54:37:75:
                    2e:a5:59:85:68:29:cf:f8:18:0b:a4:51:e5:1a:10:
                    37:68:ba:5a:7c:4d:f2:b6:32:c3:e3:07:88:bd:6c:
                    ea:60:0f:df:7f:fd:34:c3:09:87:69:d0:3b:be:ce:
                    10:7a:4a:3c:69:4e:bb:85:51:f8:df:7b:6f:ea:95:
                    b5:c9:d9:b0:b1:5f:0f:de:f4:b3:59:27:8b:6e:72:
                    55:08:33:6f:fa:3f:e7:3f:8b:3b:7c:16:0a:7b:7b:
                    c0:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:B2:A3:DC:58:CA:D2:08:66:59:9C:F7:B5:9A:07:A7:87:BF:B2:24
            X509v3 Authority Key Identifier:
                keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/zLKj3FjK0ghmWZz3tZoHp4e_siQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:9a40:8d00::/40

    Signature Algorithm: sha256WithRSAEncryption
         87:8e:79:9b:6c:58:54:63:74:a6:43:52:c9:ad:45:e1:67:d6:
         d6:ad:fb:2a:7e:ab:8f:62:4e:99:d4:60:59:04:c6:32:b3:47:
         69:0f:82:32:ea:1c:51:5d:11:aa:be:ab:2c:e8:93:11:c7:1d:
         3c:9e:bc:27:1e:bc:2f:39:0a:1a:ed:df:9a:40:de:22:65:9e:
         6e:b6:97:24:f7:ab:a2:95:c7:18:88:0d:87:39:e0:fe:ef:20:
         9c:87:5e:0e:93:e5:3b:8c:ce:c6:3a:d8:72:20:e6:ea:72:ec:
         c9:5a:c6:86:64:6d:0a:03:04:ed:ba:45:8b:b6:2d:85:e9:78:
         ca:65:62:d3:f4:42:25:3a:b4:1d:ad:1a:d9:d0:99:50:5a:b8:
         0d:54:50:dc:d1:a0:0b:49:0e:52:c6:02:e4:06:2a:d9:af:d1:
         0a:45:ff:24:b7:11:cc:f9:52:d6:68:a2:55:78:7c:ed:48:d4:
         87:72:cf:47:b4:d5:01:a8:17:e7:22:2b:d0:9e:64:75:04:3f:
         e2:1c:f9:9b:a4:63:26:cc:f1:0c:16:38:7e:f7:94:52:1b:f3:
         8f:f8:57:8e:af:5d:fc:3c:a8:98:e3:d0:a3:de:5a:3f:33:87:
         91:67:dd:ea:68:50:c0:72:e1:86:71:e7:9a:e3:22:e4:2a:f3:
         bc:6e:35:7a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVyRuyumVAd5nb0q9/tz5qXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwMTAyMTEzODQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2IyYTNkYzU4Y2FkMjA4NjY1OTljZjdiNTlhMDdhNzg3YmZiMjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypAEDHlr4k5g9d08BBW2k8pjOv+8
bLGnKmgw/XpPnKVH2MrPBl9Lx0M3p/vuGUiF7wTaOpE/r7yjwQu2Gp41x3crSrxY
jOCdZ86sPpC6hLwKSxWsNcH9wwZC6wJ+Bp+rc4femaJJBAjr3Ahk3T0+u73tfn07
XnyrXhHIpA2aoQ57P621g15Hnd2XP75z7Oz/eq9/eikYQ/qNHtJUCmEj1HVUN3Uu
pVmFaCnP+BgLpFHlGhA3aLpafE3ytjLD4weIvWzqYA/ff/00wwmHadA7vs4Qeko8
aU67hVH433tv6pW1ydmwsV8P3vSzWSeLbnJVCDNv+j/nP4s7fBYKe3vAFwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMyyo9xYytIIZlmc97WaB6eHv7IkMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvekxLajNGakswZ2htV1p6M3Rab0hwNGVfc2lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgyaQI0w
DQYJKoZIhvcNAQELBQADggEBAIeOeZtsWFRjdKZDUsmtReFn1tat+yp+q49iTpnU
YFkExjKzR2kPgjLqHFFdEaq+qyzokxHHHTyevCcevC85Chrt35pA3iJlnm62lyT3
q6KVxxiIDYc54P7vIJyHXg6T5TuMzsY62HIg5upy7MlaxoZkbQoDBO26RYu2LYXp
eMplYtP0QiU6tB2tGtnQmVBauA1UUNzRoAtJDlLGAuQGKtmv0QpF/yS3Ecz5UtZo
olV4fO1I1Idyz0e01QGoF+ciK9CeZHUEP+Ic+ZukYybM8QwWOH73lFIb84/4V46v
Xfw8qJjj0KPeWj8zh5Fn3epoUMBy4YZx55rjIuQq87xuNXo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:50 2024 by rpki-client on console-fra.rpki-client.org