Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/fwqCi-KS5CR2Zskwwdi11BJ_mr8.roa
File:                     fwqCi-KS5CR2Zskwwdi11BJ_mr8.roa (raw, json)
Hash identifier:          6t1dziR8EmgjHQ/z7TmpCwXAwSstafEQJFw/h6QqQMA=
Subject key identifier:   7F:0A:82:8B:E2:92:E4:24:76:66:C9:30:C1:D8:B5:D4:12:7F:9A:BF
Certificate issuer:       /CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
Certificate serial:       01856F54A69F5213D87C73AFD9C0F53C550F
Authority key identifier: 87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/fwqCi-KS5CR2Zskwwdi11BJ_mr8.roa
Signing time:             Sun 01 Jan 2023 21:54:56 +0000
ROA not before:           Sun 01 Jan 2023 21:54:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207945
IP address blocks:        2a0f:6b80::/29 maxlen: 29

Validation:               Failed, certificate revoked on Wed 13 Sep 2023 19:32:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:54:a6:9f:52:13:d8:7c:73:af:d9:c0:f5:3c:55:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
        Validity
            Not Before: Jan  1 21:54:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7f0a828be292e4247666c930c1d8b5d4127f9abf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:c5:3e:8e:98:30:e2:af:33:48:06:bf:93:bd:
                    ba:f1:de:78:1d:6b:02:ca:2c:5f:a5:bf:dc:91:e1:
                    5c:8d:f5:ba:75:b9:fc:86:d1:c9:0c:a4:e1:ab:9c:
                    83:b1:2a:e5:63:0f:cc:5a:22:d6:5d:00:26:3f:65:
                    d6:75:65:b4:6a:04:51:0b:22:db:d1:4c:b6:57:81:
                    76:8c:24:a4:05:70:c0:52:04:55:05:0f:86:52:04:
                    65:8b:8a:d9:7f:ac:35:ec:b8:a9:3f:5c:e6:7a:02:
                    78:fc:38:b0:97:a3:2b:01:31:2d:4f:27:f4:70:74:
                    3e:b2:d0:db:15:15:ff:19:d4:7c:d4:08:3f:25:59:
                    96:fb:43:48:01:ee:8d:3c:82:e4:9b:40:ae:72:06:
                    c3:f3:cc:12:ee:af:34:bd:d3:07:1a:9b:68:74:0a:
                    8d:b0:6b:bd:8f:f4:bd:c0:a8:be:f0:da:3c:63:95:
                    4b:0e:1d:24:fa:5f:36:b0:da:6d:49:42:a8:76:fa:
                    a2:84:42:3b:ff:da:8f:58:e4:b9:8a:b2:6f:7d:d9:
                    b9:be:f7:7f:7e:56:b7:17:30:48:40:38:02:f7:46:
                    97:3b:9f:be:75:d5:bf:4a:36:3f:ed:59:e6:b5:df:
                    47:0b:3b:3b:95:e0:73:e3:7b:53:86:fe:58:81:f5:
                    25:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:0A:82:8B:E2:92:E4:24:76:66:C9:30:C1:D8:B5:D4:12:7F:9A:BF
            X509v3 Authority Key Identifier:
                keyid:87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/fwqCi-KS5CR2Zskwwdi11BJ_mr8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:6b80::/29

    Signature Algorithm: sha256WithRSAEncryption
         40:50:f6:86:62:be:04:08:e6:18:13:67:86:83:aa:18:a1:8c:
         d8:62:be:59:9a:65:e5:99:b1:45:51:e3:ec:05:ec:18:b6:82:
         4a:ea:b9:3d:f5:37:3e:0f:2e:03:45:22:55:2a:e1:51:fc:53:
         4e:2a:3d:13:e6:73:97:59:f5:22:6a:c9:bd:8d:5b:50:0b:5d:
         a7:70:78:d5:ef:82:f2:3b:66:b8:99:1f:86:c6:11:d0:cd:14:
         40:9f:f3:a4:c9:9d:46:87:95:91:05:b5:01:99:bf:c1:28:8e:
         a7:4e:a4:97:84:8f:51:b6:04:ee:d5:b7:44:53:c3:8a:6a:31:
         90:91:fa:cc:7f:74:6d:0b:18:61:73:e9:62:1b:f3:26:90:b3:
         9b:f2:61:10:ff:56:98:98:1a:99:01:db:da:af:44:ff:d2:82:
         49:d9:8a:dc:1a:fd:8d:97:5f:d7:99:6f:7f:6b:64:62:f3:c4:
         cc:22:4a:61:6a:aa:5a:19:7e:78:c8:a9:57:11:6e:a9:fb:72:
         55:6c:31:f3:1e:e9:d6:f0:34:ef:4b:98:0f:fd:69:83:69:d2:
         c4:fb:71:b0:b7:21:e6:05:8d:f7:d2:a8:42:8b:d5:05:1b:be:
         60:3c:ff:6f:f7:74:57:d6:a3:75:1e:be:16:62:02:2e:e9:05:
         e2:e0:59:bc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvVKafUhPYfHOv2cD1PFUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGI1OTFiNWQ4ZjA3NmVhZjQ3MmUzZWE0NWQzYjVjOGUx
MzUwYTEwHhcNMjMwMTAxMjE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjBhODI4YmUyOTJlNDI0NzY2NmM5MzBjMWQ4YjVkNDEyN2Y5YWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMU+jpgw4q8zSAa/k7268d54HWsC
yixfpb/ckeFcjfW6dbn8htHJDKThq5yDsSrlYw/MWiLWXQAmP2XWdWW0agRRCyLb
0Uy2V4F2jCSkBXDAUgRVBQ+GUgRli4rZf6w17LipP1zmegJ4/Diwl6MrATEtTyf0
cHQ+stDbFRX/GdR81Ag/JVmW+0NIAe6NPILkm0CucgbD88wS7q80vdMHGptodAqN
sGu9j/S9wKi+8No8Y5VLDh0k+l82sNptSUKodvqihEI7/9qPWOS5irJvfdm5vvd/
fla3FzBIQDgC90aXO5++ddW/SjY/7Vnmtd9HCzs7leBz43tThv5YgfUlVwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFH8KgovikuQkdmbJMMHYtdQSf5q/MB8GA1UdIwQY
MBaAFIdLWRtdjwdur0cuPqRdO1yOE1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQt
MGM2YTY3ODIwYTU4LzEvZndxQ2ktS1M1Q1IyWnNrd3dkaTExQkpfbXI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQtMGM2YTY3ODIwYTU4
LzEvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg9rgDAN
BgkqhkiG9w0BAQsFAAOCAQEAQFD2hmK+BAjmGBNnhoOqGKGM2GK+WZpl5ZmxRVHj
7AXsGLaCSuq5PfU3Pg8uA0UiVSrhUfxTTio9E+Zzl1n1ImrJvY1bUAtdp3B41e+C
8jtmuJkfhsYR0M0UQJ/zpMmdRoeVkQW1AZm/wSiOp06kl4SPUbYE7tW3RFPDimox
kJH6zH90bQsYYXPpYhvzJpCzm/JhEP9WmJgamQHb2q9E/9KCSdmK3Br9jZdf15lv
f2tkYvPEzCJKYWqqWhl+eMipVxFuqftyVWwx8x7p1vA070uYD/1pg2nSxPtxsLch
5gWN99KoQovVBRu+YDz/b/d0V9ajdR6+FmICLukF4uBZvA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:27 2024 by rpki-client on console-ams.rpki-client.org