Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/K5_bDssJDGX-_vpfqDk0Z4plNIA.roa
File:                     K5_bDssJDGX-_vpfqDk0Z4plNIA.roa (raw, json)
Hash identifier:          zmZYT+WILj6LP60EV9bwtg1ncflo5omIeSicp1IiiZM=
Subject key identifier:   2B:9F:DB:0E:CB:09:0C:65:FE:FE:FA:5F:A8:39:34:67:8A:65:34:80
Certificate issuer:       /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial:       018CC72626BBC4E77D4BB7480785CA35B7D0
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/K5_bDssJDGX-_vpfqDk0Z4plNIA.roa
Signing time:             Mon 01 Jan 2024 22:30:15 +0000
ROA not before:           Mon 01 Jan 2024 22:30:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     206873
IP address blocks:        2a11:5a47::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 16 Jan 2024 14:08:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:26:26:bb:c4:e7:7d:4b:b7:48:07:85:ca:35:b7:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
        Validity
            Not Before: Jan  1 22:30:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2b9fdb0ecb090c65fefefa5fa83934678a653480
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:b1:0b:23:33:65:81:5e:e3:c6:3b:29:2f:9f:
                    49:84:8d:72:38:da:dd:ce:89:07:2e:a2:0b:d9:d3:
                    e1:9f:0b:77:36:e4:b7:8b:6b:0a:5b:3b:5d:16:b8:
                    28:78:e2:c2:ee:9f:47:d8:b1:4a:ef:ce:9e:dc:a1:
                    0e:5f:e1:c0:36:ba:c2:30:69:f5:21:d7:54:49:c6:
                    c7:0f:91:f6:bf:94:c6:1c:d0:72:8b:40:83:63:57:
                    f2:e8:d9:2f:78:d4:76:08:d4:82:ce:4b:4c:c4:05:
                    ed:08:9e:4c:70:a8:2b:1e:8a:4e:a4:eb:83:28:8a:
                    cf:ce:43:2a:c8:6a:5c:3a:5e:bb:ce:42:4e:be:fc:
                    1a:95:d2:7f:54:2c:98:98:d1:61:c1:ec:bf:27:5f:
                    b6:6c:c4:79:1e:53:c6:3e:ed:9b:26:f2:4f:35:6a:
                    10:41:44:ed:d0:3c:6d:21:8c:3a:f3:b9:59:60:b5:
                    1a:8a:4a:e0:86:40:1d:fa:9d:df:bc:55:65:b4:06:
                    2c:df:e0:19:34:a7:f4:3b:eb:af:a1:10:d6:ac:be:
                    4c:d9:9c:09:7d:75:de:5c:6e:e6:b7:fd:41:3c:0a:
                    ab:27:c3:32:aa:18:5e:05:9e:2a:62:50:19:f2:fa:
                    00:da:c1:01:8e:36:29:95:4f:c4:1a:ac:1d:b8:d2:
                    c0:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:9F:DB:0E:CB:09:0C:65:FE:FE:FA:5F:A8:39:34:67:8A:65:34:80
            X509v3 Authority Key Identifier:
                keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/K5_bDssJDGX-_vpfqDk0Z4plNIA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:5a47::/32

    Signature Algorithm: sha256WithRSAEncryption
         49:63:29:4d:04:f2:54:1f:08:f7:de:14:3d:9c:a1:37:52:6a:
         07:fb:3e:73:7a:5e:24:f5:64:a4:2a:66:b6:ce:c3:6b:a7:79:
         e2:22:c0:bb:49:66:26:f4:37:df:2b:5e:8f:b5:cf:a2:e4:eb:
         30:55:68:cb:19:16:6d:a6:f9:6e:92:41:c8:f2:e5:dd:8e:1f:
         d8:4b:93:b4:1b:10:d2:38:4c:97:11:e1:52:9e:1e:ab:87:63:
         3d:fa:97:46:85:9a:01:89:58:45:00:3e:45:ee:ab:53:8c:97:
         b9:3a:0c:10:37:38:d3:1b:92:f4:f6:83:a8:ff:4e:a3:9d:72:
         23:54:db:2a:44:e1:6c:da:b5:e3:f5:ce:5b:4c:69:3e:e4:45:
         f6:13:a1:3a:6f:44:6e:92:8b:57:5a:4b:d3:f9:d0:ab:43:df:
         48:85:bc:81:22:50:b3:ad:ac:dd:94:1a:06:bb:46:6a:2d:be:
         93:04:99:f3:74:95:cc:24:9e:ac:1c:71:b5:04:b8:47:7d:29:
         95:fa:a2:1a:15:cb:f7:4e:90:b4:78:59:3e:74:ef:ea:cc:94:
         49:fe:68:cf:ef:f8:9b:40:d7:90:a0:f6:38:f1:56:86:f9:79:
         64:01:e3:91:1e:f2:96:9a:26:95:13:b5:c9:1a:27:df:84:53:
         28:05:86:19
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzHJia7xOd9S7dIB4XKNbfQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjQwMTAxMjIzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjlmZGIwZWNiMDkwYzY1ZmVmZWZhNWZhODM5MzQ2NzhhNjUzNDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrELIzNlgV7jxjspL59JhI1yONrd
zokHLqIL2dPhnwt3NuS3i2sKWztdFrgoeOLC7p9H2LFK786e3KEOX+HANrrCMGn1
IddUScbHD5H2v5TGHNByi0CDY1fy6NkveNR2CNSCzktMxAXtCJ5McKgrHopOpOuD
KIrPzkMqyGpcOl67zkJOvvwaldJ/VCyYmNFhwey/J1+2bMR5HlPGPu2bJvJPNWoQ
QUTt0DxtIYw687lZYLUaikrghkAd+p3fvFVltAYs3+AZNKf0O+uvoRDWrL5M2ZwJ
fXXeXG7mt/1BPAqrJ8MyqhheBZ4qYlAZ8voA2sEBjjYplU/EGqwduNLAYQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCuf2w7LCQxl/v76X6g5NGeKZTSAMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvSzVfYkRzc0pER1gtX3ZwZnFEazBaNHBsTklBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhFaRzAN
BgkqhkiG9w0BAQsFAAOCAQEASWMpTQTyVB8I994UPZyhN1JqB/s+c3peJPVkpCpm
ts7Da6d54iLAu0lmJvQ33ytej7XPouTrMFVoyxkWbab5bpJByPLl3Y4f2EuTtBsQ
0jhMlxHhUp4eq4djPfqXRoWaAYlYRQA+Re6rU4yXuToMEDc40xuS9PaDqP9Oo51y
I1TbKkThbNq14/XOW0xpPuRF9hOhOm9EbpKLV1pL0/nQq0PfSIW8gSJQs62s3ZQa
BrtGai2+kwSZ83SVzCSerBxxtQS4R30plfqiGhXL906QtHhZPnTv6syUSf5oz+/4
m0DXkKD2OPFWhvl5ZAHjkR7ylpomlRO1yRon34RTKAWGGQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:59 2024 by rpki-client on console-fra.rpki-client.org