Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/36177f-7cd8-4bd3-8689-213d64beff71/1/t8XCLYYtn3uZjSgGfjE3CcYxILM.roa
File:                     t8XCLYYtn3uZjSgGfjE3CcYxILM.roa (raw, json)
Hash identifier:          0/xcpjuSZPHYpBXPKuJ2XWLDRCT3ICeKBydne/3HB+o=
Subject key identifier:   B7:C5:C2:2D:86:2D:9F:7B:99:8D:28:06:7E:31:37:09:C6:31:20:B3
Certificate issuer:       /CN=ab9f84c6a48d5c6dfe64149873b148d1120b009b
Certificate serial:       0186C5712969343B516FBC3483EB3F0DBB89
Authority key identifier: AB:9F:84:C6:A4:8D:5C:6D:FE:64:14:98:73:B1:48:D1:12:0B:00:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q5-ExqSNXG3-ZBSYc7FI0RILAJs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/36177f-7cd8-4bd3-8689-213d64beff71/1/t8XCLYYtn3uZjSgGfjE3CcYxILM.roa
Signing time:             Thu 09 Mar 2023 08:16:13 +0000
ROA not before:           Thu 09 Mar 2023 08:16:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58075
IP address blocks:        2a0a:47c0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 09 Mar 2023 10:56:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:c5:71:29:69:34:3b:51:6f:bc:34:83:eb:3f:0d:bb:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab9f84c6a48d5c6dfe64149873b148d1120b009b
        Validity
            Not Before: Mar  9 08:16:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b7c5c22d862d9f7b998d28067e313709c63120b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:b5:1c:37:4e:72:1f:f2:7e:eb:66:b7:e2:97:
                    4e:9b:ae:c6:72:c8:ed:58:4d:9b:19:36:1e:e8:85:
                    0a:84:fd:4c:b0:76:fb:e2:3b:64:39:87:64:ea:9d:
                    7a:a3:dd:62:1a:a2:94:00:1e:bb:a3:04:e1:b1:2b:
                    60:31:97:2f:85:0f:de:e7:e4:3a:ff:64:d4:f9:53:
                    06:c9:78:f3:6b:eb:92:75:6b:d7:e3:94:9c:b6:16:
                    4b:90:28:b2:cc:08:cd:81:9b:cb:22:8b:55:81:6b:
                    b5:23:92:ea:b1:52:fa:d2:cb:20:84:50:1e:4e:a3:
                    27:2d:5e:36:4e:70:c5:d1:a7:3e:8e:d3:64:74:50:
                    c0:e3:0d:b2:cd:6b:6d:c7:67:d3:31:21:dd:25:96:
                    57:c3:82:28:a7:1c:a9:85:ca:b3:dc:6b:c5:0b:9c:
                    04:04:0d:33:35:c5:2a:22:18:b9:cb:5d:55:5b:7a:
                    f5:75:ae:62:8e:6f:98:e8:5f:78:69:c6:e1:bc:0c:
                    5d:a5:ad:c6:6d:f3:a8:0a:d6:1c:a5:92:a7:9a:95:
                    7f:38:69:11:06:5d:30:67:80:a9:f3:e2:e5:76:ec:
                    15:0d:0e:60:6f:47:8e:45:6d:52:c6:ca:c3:34:f5:
                    0c:8c:48:2f:1e:64:88:12:72:9d:01:07:12:0f:51:
                    c4:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:C5:C2:2D:86:2D:9F:7B:99:8D:28:06:7E:31:37:09:C6:31:20:B3
            X509v3 Authority Key Identifier:
                keyid:AB:9F:84:C6:A4:8D:5C:6D:FE:64:14:98:73:B1:48:D1:12:0B:00:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q5-ExqSNXG3-ZBSYc7FI0RILAJs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/36177f-7cd8-4bd3-8689-213d64beff71/1/t8XCLYYtn3uZjSgGfjE3CcYxILM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/36177f-7cd8-4bd3-8689-213d64beff71/1/q5-ExqSNXG3-ZBSYc7FI0RILAJs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:47c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         47:a1:93:35:e1:22:f0:7a:4a:90:da:c8:ca:ba:81:b8:e2:0f:
         10:fd:17:31:cf:f4:2f:ee:6c:91:bd:1b:e1:03:f2:4d:15:2c:
         94:10:36:f4:13:8c:8e:a0:b0:30:dd:fd:ee:ae:61:a9:55:06:
         28:7d:14:cf:c5:a2:db:8a:fd:35:4a:46:88:b7:15:22:9a:fc:
         4e:5a:95:a6:fc:f4:f0:a1:47:7b:fc:28:5e:49:67:d0:f7:2f:
         2c:bb:ca:02:cd:d2:1a:b2:9b:3d:cf:da:c9:00:00:2b:53:20:
         95:23:d0:0b:97:e9:f5:47:b9:52:8c:1c:2f:a3:fb:58:b6:2e:
         8a:25:bc:50:77:e8:0a:03:71:50:f4:48:05:c1:fa:db:a6:d6:
         f3:3a:e5:bf:6a:d1:34:7a:a4:62:5f:70:2d:bb:ca:97:06:05:
         5c:e2:38:ff:f9:20:fb:61:5e:88:b9:59:c9:fa:3f:00:d1:b1:
         be:e8:d0:44:36:ce:f2:88:89:95:67:d7:1f:1f:ae:0d:7f:21:
         25:dc:a7:59:6e:a5:04:f5:52:73:2a:b6:5d:e2:6d:5f:cd:77:
         f3:4d:b8:f3:5c:74:60:0c:51:bb:91:44:f2:9d:e6:55:72:68:
         13:da:7f:0f:93:b0:8c:ca:77:3e:31:ce:bd:59:dc:d5:7f:aa:
         1e:65:b3:a8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYbFcSlpNDtRb7w0g+s/DbuJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWY4NGM2YTQ4ZDVjNmRmZTY0MTQ5ODczYjE0OGQxMTIw
YjAwOWIwHhcNMjMwMzA5MDgxNjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2M1YzIyZDg2MmQ5ZjdiOTk4ZDI4MDY3ZTMxMzcwOWM2MzEyMGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbUcN05yH/J+62a34pdOm67Gcsjt
WE2bGTYe6IUKhP1MsHb74jtkOYdk6p16o91iGqKUAB67owThsStgMZcvhQ/e5+Q6
/2TU+VMGyXjza+uSdWvX45ScthZLkCiyzAjNgZvLIotVgWu1I5LqsVL60ssghFAe
TqMnLV42TnDF0ac+jtNkdFDA4w2yzWttx2fTMSHdJZZXw4Iopxyphcqz3GvFC5wE
BA0zNcUqIhi5y11VW3r1da5ijm+Y6F94acbhvAxdpa3GbfOoCtYcpZKnmpV/OGkR
Bl0wZ4Cp8+LlduwVDQ5gb0eORW1SxsrDNPUMjEgvHmSIEnKdAQcSD1HEOQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLfFwi2GLZ97mY0oBn4xNwnGMSCzMB8GA1UdIwQY
MBaAFKufhMakjVxt/mQUmHOxSNESCwCbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTUtRXhxU05YRzMtWkJTWWM3RkkwUklMQUpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zNjE3N2YtN2NkOC00YmQzLTg2ODkt
MjEzZDY0YmVmZjcxLzEvdDhYQ0xZWXRuM3VaalNnR2ZqRTNDY1l4SUxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8zNjE3N2YtN2NkOC00YmQzLTg2ODktMjEzZDY0YmVmZjcx
LzEvcTUtRXhxU05YRzMtWkJTWWM3RkkwUklMQUpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgpHwAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBHoZM14SLwekqQ2sjKuoG44g8Q/Rcxz/Qv7myR
vRvhA/JNFSyUEDb0E4yOoLAw3f3urmGpVQYofRTPxaLbiv01SkaItxUimvxOWpWm
/PTwoUd7/CheSWfQ9y8su8oCzdIasps9z9rJAAArUyCVI9ALl+n1R7lSjBwvo/tY
ti6KJbxQd+gKA3FQ9EgFwfrbptbzOuW/atE0eqRiX3Atu8qXBgVc4jj/+SD7YV6I
uVnJ+j8A0bG+6NBENs7yiImVZ9cfH64NfyEl3KdZbqUE9VJzKrZd4m1fzXfzTbjz
XHRgDFG7kUTyneZVcmgT2n8Pk7CMync+Mc69WdzVf6oeZbOo
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:00 2024 by rpki-client on console-ams.rpki-client.org