Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/z9-6oi5tBggQKeXt3ZX1bFt7qwk.roa
File:                     z9-6oi5tBggQKeXt3ZX1bFt7qwk.roa (raw, json)
Hash identifier:          bTdDW7SQ5+109QUgiwW7QUfHt/3xaV7BmZubtlOAsM8=
Subject key identifier:   CF:DF:BA:A2:2E:6D:06:08:10:29:E5:ED:DD:95:F5:6C:5B:7B:AB:09
Certificate issuer:       /CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Certificate serial:       018582183AD593DC099BB4686979B0381746
Authority key identifier: ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/z9-6oi5tBggQKeXt3ZX1bFt7qwk.roa
Signing time:             Thu 05 Jan 2023 13:21:44 +0000
ROA not before:           Thu 05 Jan 2023 13:21:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210989
IP address blocks:        2a0d:1a40:7b00::/44 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:82:18:3a:d5:93:dc:09:9b:b4:68:69:79:b0:38:17:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
        Validity
            Not Before: Jan  5 13:21:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cfdfbaa22e6d06081029e5eddd95f56c5b7bab09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:26:73:48:80:f3:fe:a1:da:d0:78:78:e8:c1:
                    40:b4:a4:f4:fa:d2:55:d0:85:ea:12:4c:31:ef:81:
                    f1:21:c4:d5:d0:0a:85:0c:c1:09:f5:ed:23:e0:1b:
                    9e:14:f7:78:f3:1b:85:5f:74:d9:59:27:f0:92:b5:
                    71:9d:a7:d5:62:c8:32:fe:f7:c0:57:69:ea:9d:38:
                    7f:75:8b:67:fd:93:82:01:02:30:db:9d:1b:6a:63:
                    9d:09:9b:18:0d:b9:48:fc:2d:36:c4:1f:be:5a:f3:
                    42:a5:0b:cb:ac:ba:aa:46:a8:ec:59:3f:e7:65:8f:
                    1d:38:44:fe:9f:df:92:2a:a5:c6:7e:ab:e7:d6:62:
                    34:9a:e1:05:ab:9e:02:21:98:4a:af:ef:05:bf:d3:
                    5d:bc:da:fe:31:57:0d:b8:29:09:10:3a:a5:44:96:
                    bd:a3:46:fd:ad:35:45:85:4a:4b:ac:09:ca:1b:f7:
                    e3:dc:af:2b:b3:9b:2c:0d:bd:e8:a2:2a:2c:f3:de:
                    88:2d:4a:c8:1d:c1:b8:16:ed:2e:37:88:22:5f:b3:
                    7c:c5:53:51:f7:20:91:d9:b1:ee:0f:3c:79:50:60:
                    b3:fb:04:c2:22:94:6d:3f:7e:c4:ac:f4:cb:b5:f3:
                    78:02:d0:65:e0:20:5e:4b:22:a9:cb:88:10:e1:e7:
                    34:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:DF:BA:A2:2E:6D:06:08:10:29:E5:ED:DD:95:F5:6C:5B:7B:AB:09
            X509v3 Authority Key Identifier:
                keyid:ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/z9-6oi5tBggQKeXt3ZX1bFt7qwk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:1a40:7b00::/44

    Signature Algorithm: sha256WithRSAEncryption
         82:f7:6e:e7:1b:f5:c1:65:d2:45:d2:fe:eb:a3:06:19:17:77:
         b7:94:2e:00:2e:be:3c:d0:5f:6e:52:b5:a9:45:25:f8:b5:a5:
         3a:20:d6:e3:d7:6d:54:dd:54:4a:a3:c5:7d:3d:55:41:e2:94:
         3c:93:2b:fe:b7:80:92:34:59:d4:c7:d7:d3:10:09:46:1b:f4:
         5d:f4:ac:cc:9a:f9:4b:50:b0:c3:3d:7a:7b:d1:43:48:25:98:
         cb:1d:0d:16:b6:e0:a6:61:81:e1:ef:39:3b:44:8e:f0:c1:89:
         0f:8d:02:6c:35:29:e8:e4:cb:59:d4:fa:68:7f:8a:bf:62:80:
         20:a6:b7:64:e7:64:65:e7:06:02:3f:03:a7:f1:96:17:d2:44:
         fb:dc:40:39:ed:de:d3:70:e2:36:15:39:41:4c:51:06:9c:54:
         ca:47:7c:87:b3:9c:cb:fa:14:f2:2d:ea:e1:c9:c9:6b:1d:a1:
         26:d8:74:b2:77:47:e8:87:61:bf:4e:d3:d3:4b:7c:4a:68:e6:
         0e:65:81:74:8a:fa:5b:34:54:ca:ea:0c:c0:ab:02:f7:22:e8:
         d1:e5:2f:e5:df:b8:3b:c9:90:1a:18:76:a0:df:2e:0f:6a:90:
         2d:c7:75:18:7a:2c:b4:a3:38:d4:6e:f9:f9:f8:cd:2d:37:ee:
         93:b7:fd:27
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYWCGDrVk9wJm7RoaXmwOBdGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNzdlNmI5MjViM2I3YTdhYmI5Mjg4NWQ1NWQ3MzNkYzVm
YTYyZDIwHhcNMjMwMTA1MTMyMTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmRmYmFhMjJlNmQwNjA4MTAyOWU1ZWRkZDk1ZjU2YzViN2JhYjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyZzSIDz/qHa0Hh46MFAtKT0+tJV
0IXqEkwx74HxIcTV0AqFDMEJ9e0j4BueFPd48xuFX3TZWSfwkrVxnafVYsgy/vfA
V2nqnTh/dYtn/ZOCAQIw250bamOdCZsYDblI/C02xB++WvNCpQvLrLqqRqjsWT/n
ZY8dOET+n9+SKqXGfqvn1mI0muEFq54CIZhKr+8Fv9NdvNr+MVcNuCkJEDqlRJa9
o0b9rTVFhUpLrAnKG/fj3K8rs5ssDb3ooios896ILUrIHcG4Fu0uN4giX7N8xVNR
9yCR2bHuDzx5UGCz+wTCIpRtP37ErPTLtfN4AtBl4CBeSyKpy4gQ4ec02QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFM/fuqIubQYIECnl7d2V9Wxbe6sJMB8GA1UdIwQY
MBaAFO135rkls7enq7kohdVdcz3F+mLSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMt
OTI4MTlkZThhMDM2LzEvejktNm9pNXRCZ2dRS2VYdDNaWDFiRnQ3cXdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMtOTI4MTlkZThhMDM2
LzEvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg0aQHsA
MA0GCSqGSIb3DQEBCwUAA4IBAQCC927nG/XBZdJF0v7rowYZF3e3lC4ALr480F9u
UrWpRSX4taU6INbj121U3VRKo8V9PVVB4pQ8kyv+t4CSNFnUx9fTEAlGG/Rd9KzM
mvlLULDDPXp70UNIJZjLHQ0WtuCmYYHh7zk7RI7wwYkPjQJsNSno5MtZ1Ppof4q/
YoAgprdk52Rl5wYCPwOn8ZYX0kT73EA57d7TcOI2FTlBTFEGnFTKR3yHs5zL+hTy
LerhyclrHaEm2HSyd0foh2G/TtPTS3xKaOYOZYF0ivpbNFTK6gzAqwL3IujR5S/l
37g7yZAaGHag3y4PapAtx3UYeiy0ozjUbvn5+M0tN+6Tt/0n
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:41 2024 by rpki-client on console-fra.rpki-client.org