Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/DrAhFIK3IWkp6-GP0tkFCzVWBY4.roa
File:                     DrAhFIK3IWkp6-GP0tkFCzVWBY4.roa (raw, json)
Hash identifier:          b/GATAy306ImMGL8pNYtDhbrhVF+7o4zC91FNr1aXuY=
Subject key identifier:   0E:B0:21:14:82:B7:21:69:29:EB:E1:8F:D2:D9:05:0B:35:56:05:8E
Certificate issuer:       /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial:       018FDCC0B4D4D39E328BB58BDBE90356BC41
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/DrAhFIK3IWkp6-GP0tkFCzVWBY4.roa
Signing time:             Mon 03 Jun 2024 06:19:27 +0000
ROA not before:           Mon 03 Jun 2024 06:19:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     53667
IP address blocks:        2a06:cac0::/29 maxlen: 36
                          2a12:6640::/29 maxlen: 36

Validation:               Failed, certificate revoked on Fri 06 Sep 2024 21:40:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:dc:c0:b4:d4:d3:9e:32:8b:b5:8b:db:e9:03:56:bc:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
        Validity
            Not Before: Jun  3 06:19:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0eb0211482b7216929ebe18fd2d9050b3556058e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:97:cc:00:e1:9a:5b:fe:4d:d2:a7:d3:2d:8e:
                    6c:0e:94:7f:cf:1f:ad:72:e5:2d:33:95:ca:bc:3b:
                    d4:f0:a4:7a:00:a9:b1:49:67:d8:b5:17:d9:c6:f4:
                    cc:c3:e0:02:88:43:e7:2d:19:8e:b5:e6:26:1c:2d:
                    bd:a8:93:b6:22:d8:ad:15:89:51:dc:7a:30:6d:91:
                    9c:bc:38:b1:9d:62:07:fa:85:f6:08:2f:47:cd:85:
                    f5:69:c8:8b:87:6b:9d:0f:5c:c2:e9:cd:f9:b3:84:
                    16:50:36:4a:45:5f:57:af:ea:56:eb:11:90:cc:50:
                    3b:fa:0c:84:db:7d:23:2a:89:12:4a:2b:a7:54:4e:
                    a5:ac:15:4a:c7:81:d4:16:0a:5b:14:94:d8:bb:f4:
                    33:99:98:31:d5:63:39:db:9b:42:de:af:dd:45:a2:
                    b0:d1:dc:e4:39:4b:a7:a3:4a:9d:ac:32:bd:6d:8a:
                    86:93:07:da:d3:1d:6d:05:3e:46:7e:d7:40:0a:ca:
                    79:f6:1f:a0:44:cd:c5:b1:0b:1c:4c:a2:7e:49:ee:
                    b6:40:00:64:6b:3a:e1:eb:ae:bf:17:a8:6d:c5:09:
                    a2:7e:d6:8e:91:38:22:30:af:10:59:bd:8a:3a:64:
                    19:9a:18:c2:06:63:ea:26:42:de:b2:6f:d4:90:cc:
                    6b:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:B0:21:14:82:B7:21:69:29:EB:E1:8F:D2:D9:05:0B:35:56:05:8E
            X509v3 Authority Key Identifier:
                keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/DrAhFIK3IWkp6-GP0tkFCzVWBY4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:cac0::/29
                  2a12:6640::/29

    Signature Algorithm: sha256WithRSAEncryption
         6e:7a:aa:03:45:e1:4e:e4:98:26:8e:84:85:0f:fe:53:c8:4a:
         26:f8:3e:ac:3d:c8:50:8f:93:a0:f2:2a:ea:9b:84:72:e3:e2:
         f5:dc:f4:ae:cb:d7:99:aa:b4:6a:30:cd:d9:d9:7e:31:9a:98:
         aa:70:bc:52:31:38:0f:80:de:11:44:e9:d7:eb:34:c2:bb:44:
         a5:af:8c:4d:57:7f:50:34:95:cb:23:65:3d:e6:df:49:ed:7f:
         27:95:5d:9b:a3:7e:eb:5d:fb:9f:20:d5:52:43:03:fd:7f:6e:
         4e:b4:74:91:69:22:4d:aa:d5:58:b1:4f:87:90:1a:4c:3a:94:
         9a:c9:97:20:71:d0:8c:26:a2:ce:95:ed:d4:7c:85:df:a1:99:
         30:a1:fe:76:dc:32:75:38:2d:3c:35:a9:d8:1e:ee:01:e5:7b:
         c6:92:de:60:41:2c:e7:5a:8c:a9:c4:2d:b3:29:b6:02:05:16:
         3c:ad:d4:65:f5:89:6f:50:d2:5f:1f:fb:4c:8d:10:fb:8d:d5:
         a8:c7:89:cf:aa:25:4b:96:a9:be:36:bd:e7:78:69:dc:0c:a1:
         ea:55:ca:61:3f:f5:ed:25:8a:bc:12:59:70:d9:7a:ca:47:74:
         2c:30:95:d2:b0:7d:67:94:9f:fc:52:c1:f8:f1:f8:54:e5:22:
         0f:ff:1f:d4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY/cwLTU054yi7WL2+kDVrxBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwNjAzMDYxOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWIwMjExNDgyYjcyMTY5MjllYmUxOGZkMmQ5MDUwYjM1NTYwNThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpfMAOGaW/5N0qfTLY5sDpR/zx+t
cuUtM5XKvDvU8KR6AKmxSWfYtRfZxvTMw+ACiEPnLRmOteYmHC29qJO2ItitFYlR
3HowbZGcvDixnWIH+oX2CC9HzYX1aciLh2udD1zC6c35s4QWUDZKRV9Xr+pW6xGQ
zFA7+gyE230jKokSSiunVE6lrBVKx4HUFgpbFJTYu/QzmZgx1WM525tC3q/dRaKw
0dzkOUuno0qdrDK9bYqGkwfa0x1tBT5GftdACsp59h+gRM3FsQscTKJ+Se62QABk
azrh666/F6htxQmiftaOkTgiMK8QWb2KOmQZmhjCBmPqJkLesm/UkMxr+wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFA6wIRSCtyFpKevhj9LZBQs1VgWOMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvRHJBaEZJSzNJV2twNi1HUDB0a0ZDelZXQlk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgbKwAMF
AyoSZkAwDQYJKoZIhvcNAQELBQADggEBAG56qgNF4U7kmCaOhIUP/lPISib4Pqw9
yFCPk6DyKuqbhHLj4vXc9K7L15mqtGowzdnZfjGamKpwvFIxOA+A3hFE6dfrNMK7
RKWvjE1Xf1A0lcsjZT3m30ntfyeVXZujfutd+58g1VJDA/1/bk60dJFpIk2q1Vix
T4eQGkw6lJrJlyBx0Iwmos6V7dR8hd+hmTCh/nbcMnU4LTw1qdge7gHle8aS3mBB
LOdajKnELbMptgIFFjyt1GX1iW9Q0l8f+0yNEPuN1ajHic+qJUuWqb42ved4adwM
oepVymE/9e0lirwSWXDZespHdCwwldKwfWeUn/xSwfjx+FTlIg//H9Q=
-----END CERTIFICATE-----
Generated at Fri Sep 6 23:12:44 2024 by rpki-client on console-ams.rpki-client.org