Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/wQnI2ZbQW_9qwJYvGtkNwMC1BOI.roa
File:                     wQnI2ZbQW_9qwJYvGtkNwMC1BOI.roa (raw, json)
Hash identifier:          WOyw1FWUrKA1T+G1augs26p+GbAEV9TkxQKuTywNCtY=
Subject key identifier:   C1:09:C8:D9:96:D0:5B:FF:6A:C0:96:2F:1A:D9:0D:C0:C0:B5:04:E2
Certificate issuer:       /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial:       019184005F91947427E3C651D5A6FFCD5F68
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/wQnI2ZbQW_9qwJYvGtkNwMC1BOI.roa
Signing time:             Sat 24 Aug 2024 10:48:22 +0000
ROA not before:           Sat 24 Aug 2024 10:48:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     40676
IP address blocks:        2a11:f140::/29 maxlen: 29
                          2a12:440::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 29 Oct 2024 18:49:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:84:00:5f:91:94:74:27:e3:c6:51:d5:a6:ff:cd:5f:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
        Validity
            Not Before: Aug 24 10:48:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c109c8d996d05bff6ac0962f1ad90dc0c0b504e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:97:59:8a:7a:cf:1b:e8:bb:b0:69:1d:7c:d9:
                    f9:e5:21:e2:4d:43:08:ea:6c:c4:66:56:0a:2a:c7:
                    2d:f1:4f:1d:80:37:6d:dc:45:f7:2e:de:98:e8:a1:
                    08:fe:9f:96:df:5c:d0:bc:34:51:85:6f:ba:99:dd:
                    6d:6d:5a:fe:d0:0e:65:22:d3:92:19:07:74:4d:5f:
                    90:d5:53:36:85:58:39:ae:40:6f:25:c0:fb:ad:c3:
                    3b:24:6c:9e:04:24:0a:49:82:54:10:2f:df:bc:1f:
                    ef:61:1e:42:7f:68:06:77:54:f8:db:ba:e4:39:a4:
                    fc:51:62:a9:fb:58:6d:3a:f3:a4:50:8e:7d:fc:13:
                    c5:54:4f:21:ac:6a:97:e9:bd:db:d0:b7:bd:1a:e7:
                    95:36:f3:8f:87:18:eb:8a:31:d1:de:60:da:64:75:
                    aa:20:e1:27:68:c4:eb:16:a1:3a:50:1b:31:24:b9:
                    49:7b:1a:c4:0a:da:45:ce:9e:84:3a:79:20:2d:3a:
                    39:2e:87:c6:29:a2:4e:c9:7f:0f:d4:98:bb:cd:9e:
                    b8:ed:6a:4d:76:16:62:44:91:07:73:9f:a0:7c:fa:
                    3a:f0:07:a8:a2:b9:51:a9:a9:08:ff:41:3e:9b:c8:
                    73:35:0f:fd:01:28:3e:ce:bf:71:c8:bc:8e:a3:cf:
                    4e:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:09:C8:D9:96:D0:5B:FF:6A:C0:96:2F:1A:D9:0D:C0:C0:B5:04:E2
            X509v3 Authority Key Identifier:
                keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/wQnI2ZbQW_9qwJYvGtkNwMC1BOI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:f140::/29
                  2a12:440::/29

    Signature Algorithm: sha256WithRSAEncryption
         4d:5e:d0:1e:51:d1:83:1c:7c:08:44:b9:87:e1:31:6f:9f:90:
         9a:8c:45:ae:63:2b:8b:c1:5d:35:c1:b2:9a:c3:e8:ea:ac:7f:
         eb:c2:1f:af:8a:6e:96:d0:8e:0d:af:7c:96:94:bd:91:3d:96:
         21:87:30:e9:ea:14:44:e9:14:96:32:ee:69:59:02:9e:41:b8:
         e4:e8:6e:1a:b1:6e:ca:24:1b:9a:65:6f:e8:e8:15:3f:c5:e9:
         85:f4:0e:fe:86:15:e5:99:23:a6:ff:e6:57:d3:2b:82:9a:f1:
         fb:df:60:4f:b1:4a:a9:65:12:1b:70:b8:94:9f:b8:11:86:a4:
         3c:c4:20:66:d7:12:cc:80:ad:53:a5:6f:99:07:21:44:37:91:
         f0:7d:cf:5c:44:92:ab:54:7f:19:d5:36:40:67:e7:97:e7:04:
         21:84:ea:96:05:7d:e0:1d:85:eb:7e:05:d6:88:b8:b0:2c:26:
         23:d9:d5:4a:28:fd:d8:94:ff:c0:5d:41:cc:56:80:44:9e:d3:
         cf:96:8f:15:a1:c3:24:e2:9f:2e:53:c4:ad:64:cf:92:d3:df:
         32:7a:2a:e3:5b:00:85:cb:8e:17:e2:e5:09:3a:82:ff:ed:42:
         97:cf:24:e7:47:b0:53:c0:aa:c8:5d:9d:56:f8:98:74:a6:c0:
         3b:96:8a:39
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZGEAF+RlHQn48ZR1ab/zV9oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwODI0MTA0ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTA5YzhkOTk2ZDA1YmZmNmFjMDk2MmYxYWQ5MGRjMGMwYjUwNGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2pdZinrPG+i7sGkdfNn55SHiTUMI
6mzEZlYKKsct8U8dgDdt3EX3Lt6Y6KEI/p+W31zQvDRRhW+6md1tbVr+0A5lItOS
GQd0TV+Q1VM2hVg5rkBvJcD7rcM7JGyeBCQKSYJUEC/fvB/vYR5Cf2gGd1T427rk
OaT8UWKp+1htOvOkUI59/BPFVE8hrGqX6b3b0Le9GueVNvOPhxjrijHR3mDaZHWq
IOEnaMTrFqE6UBsxJLlJexrECtpFzp6EOnkgLTo5LofGKaJOyX8P1Ji7zZ647WpN
dhZiRJEHc5+gfPo68AeoorlRqakI/0E+m8hzNQ/9ASg+zr9xyLyOo89ONwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMEJyNmW0Fv/asCWLxrZDcDAtQTiMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvd1FuSTJaYlFXXzlxd0pZdkd0a053TUMxQk9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhHxQAMF
AyoSBEAwDQYJKoZIhvcNAQELBQADggEBAE1e0B5R0YMcfAhEuYfhMW+fkJqMRa5j
K4vBXTXBsprD6Oqsf+vCH6+KbpbQjg2vfJaUvZE9liGHMOnqFETpFJYy7mlZAp5B
uOTobhqxbsokG5plb+joFT/F6YX0Dv6GFeWZI6b/5lfTK4Ka8fvfYE+xSqllEhtw
uJSfuBGGpDzEIGbXEsyArVOlb5kHIUQ3kfB9z1xEkqtUfxnVNkBn55fnBCGE6pYF
feAdhet+BdaIuLAsJiPZ1Uoo/diU/8BdQcxWgESe08+WjxWhwyTiny5TxK1kz5LT
3zJ6KuNbAIXLjhfi5Qk6gv/tQpfPJOdHsFPAqshdnVb4mHSmwDuWijk=
-----END CERTIFICATE-----
Generated at Tue Oct 29 21:03:57 2024 by rpki-client on console-fra.rpki-client.org