Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/j06YW1dVUK4FPbYub6c3G7v1szs.roa
File:                     j06YW1dVUK4FPbYub6c3G7v1szs.roa (raw, json)
Hash identifier:          V1zF6CBROomTJsrYbxD0yJrCeqyDDKrw48sjsJIxLcg=
Subject key identifier:   8F:4E:98:5B:57:55:50:AE:05:3D:B6:2E:6F:A7:37:1B:BB:F5:B3:3B
Certificate issuer:       /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial:       018EA0438BFD9F66355EA84A6EB2CF932CF3
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/j06YW1dVUK4FPbYub6c3G7v1szs.roa
Signing time:             Tue 02 Apr 2024 19:22:45 +0000
ROA not before:           Tue 02 Apr 2024 19:22:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     213220
IP address blocks:        2a11:5a42::/32 maxlen: 32
                          2a11:5a46::/32 maxlen: 32
                          2a12:7301::/32 maxlen: 32
                          2a12:7304::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 23 Apr 2024 18:41:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:a0:43:8b:fd:9f:66:35:5e:a8:4a:6e:b2:cf:93:2c:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
        Validity
            Not Before: Apr  2 19:22:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8f4e985b575550ae053db62e6fa7371bbbf5b33b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:9f:19:3c:29:9d:7a:e0:1b:0c:f0:8b:83:e9:
                    fa:32:89:85:5b:48:45:43:54:cb:46:ff:0f:82:2b:
                    1b:8a:3d:c3:8a:36:d3:99:c8:5e:66:54:0a:1f:fb:
                    98:cb:55:8c:8e:49:05:74:87:14:7f:3b:21:39:ed:
                    b3:d1:0d:29:af:b5:ca:52:15:23:56:b7:5d:53:a6:
                    0f:7f:9f:7b:bf:2e:5e:7d:76:23:ba:c4:66:b8:30:
                    6b:22:11:55:c6:de:af:b8:e8:2a:d1:71:25:46:88:
                    7a:c1:74:a5:68:0c:de:78:36:2b:e1:61:33:4e:8e:
                    cb:4f:a6:f5:6c:c4:9b:f1:ee:e9:fc:47:da:5f:c8:
                    72:06:05:7d:37:dc:89:c2:6d:6c:02:49:fb:ad:93:
                    eb:7a:42:a7:cd:20:1d:c5:0c:d1:78:ca:84:2c:23:
                    f0:a2:22:50:a4:87:49:03:54:1c:9b:54:76:5c:71:
                    36:86:6f:69:d5:ed:ae:02:1e:e6:b8:bb:7d:b2:d6:
                    be:15:25:52:97:c4:2a:a9:8a:47:73:07:b5:99:0d:
                    e9:31:28:95:01:75:78:e9:ef:d1:e9:4e:9f:33:98:
                    d2:9d:dd:36:65:7c:7d:3f:bb:69:31:c7:4d:38:e0:
                    87:81:e2:7b:30:8a:09:d4:4e:e1:78:22:f9:72:23:
                    74:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:4E:98:5B:57:55:50:AE:05:3D:B6:2E:6F:A7:37:1B:BB:F5:B3:3B
            X509v3 Authority Key Identifier:
                keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/j06YW1dVUK4FPbYub6c3G7v1szs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:5a42::/32
                  2a11:5a46::/32
                  2a12:7301::/32
                  2a12:7304::/32

    Signature Algorithm: sha256WithRSAEncryption
         ac:bf:14:57:c1:ae:1a:94:17:8e:54:00:f0:5c:76:05:6f:d2:
         26:eb:c1:0d:3f:ad:d4:78:0e:6d:4f:35:00:40:5e:7e:60:c3:
         b7:d5:8a:6d:fe:b1:5b:99:e7:f9:00:f1:4d:1b:fa:0a:e3:28:
         b5:3c:9f:1e:28:0f:ab:b0:66:da:8c:27:23:be:e4:f2:46:e7:
         9a:e1:b8:53:28:43:c4:32:a2:f8:2c:bd:63:ea:8a:5f:4c:22:
         59:8c:f8:54:4c:9b:a1:a7:f4:9d:0b:65:fb:a3:12:f6:9c:39:
         8b:a3:68:5e:37:32:d2:02:75:b9:7d:df:b8:dd:5b:16:ff:09:
         ed:17:dd:14:1b:ae:fa:5b:f9:e0:43:db:42:bb:76:89:ab:14:
         95:b4:b2:46:06:8c:47:e1:d8:54:ee:30:37:f5:c4:c3:af:f9:
         c4:bf:27:73:c2:96:f5:3d:38:b6:60:c8:cc:49:b1:f6:76:ed:
         2d:45:f3:1e:00:45:d9:dd:47:4f:5d:62:e7:35:0e:32:14:3e:
         43:94:d5:d7:7b:0a:98:1a:59:9b:94:50:1e:48:1e:9b:57:86:
         0b:96:a8:ad:f7:86:5b:8c:c8:26:d7:07:0b:9d:1f:95:95:ff:
         45:ae:6a:33:83:68:f0:dd:e0:67:a7:8d:32:37:71:f8:b3:6f:
         9d:83:8d:ed
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY6gQ4v9n2Y1XqhKbrLPkyzzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjQwNDAyMTkyMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjRlOTg1YjU3NTU1MGFlMDUzZGI2MmU2ZmE3MzcxYmJiZjViMzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq58ZPCmdeuAbDPCLg+n6MomFW0hF
Q1TLRv8Pgisbij3DijbTmcheZlQKH/uYy1WMjkkFdIcUfzshOe2z0Q0pr7XKUhUj
VrddU6YPf597vy5efXYjusRmuDBrIhFVxt6vuOgq0XElRoh6wXSlaAzeeDYr4WEz
To7LT6b1bMSb8e7p/EfaX8hyBgV9N9yJwm1sAkn7rZPrekKnzSAdxQzReMqELCPw
oiJQpIdJA1Qcm1R2XHE2hm9p1e2uAh7muLt9sta+FSVSl8QqqYpHcwe1mQ3pMSiV
AXV46e/R6U6fM5jSnd02ZXx9P7tpMcdNOOCHgeJ7MIoJ1E7heCL5ciN0BwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFI9OmFtXVVCuBT22Lm+nNxu79bM7MB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvajA2WVcxZFZVSzRGUGJZdWI2YzNHN3Yxc3pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKhFaQgMF
ACoRWkYDBQAqEnMBAwUAKhJzBDANBgkqhkiG9w0BAQsFAAOCAQEArL8UV8GuGpQX
jlQA8Fx2BW/SJuvBDT+t1HgObU81AEBefmDDt9WKbf6xW5nn+QDxTRv6CuMotTyf
HigPq7Bm2ownI77k8kbnmuG4UyhDxDKi+Cy9Y+qKX0wiWYz4VEyboaf0nQtl+6MS
9pw5i6NoXjcy0gJ1uX3fuN1bFv8J7RfdFBuu+lv54EPbQrt2iasUlbSyRgaMR+HY
VO4wN/XEw6/5xL8nc8KW9T04tmDIzEmx9nbtLUXzHgBF2d1HT11i5zUOMhQ+Q5TV
13sKmBpZm5RQHkgem1eGC5aorfeGW4zIJtcHC50flZX/Ra5qM4No8N3gZ6eNMjdx
+LNvnYON7Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:59 2024 by rpki-client on console-fra.rpki-client.org