Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/ekBsNW_Oz0LEZg70u12mYmhT54Y.roa
File:                     ekBsNW_Oz0LEZg70u12mYmhT54Y.roa (raw, json)
Hash identifier:          jbbXYzbGhRN5czwUS4jJmmG20hbh73dUylkbgzPGii8=
Subject key identifier:   7A:40:6C:35:6F:CE:CF:42:C4:66:0E:F4:BB:5D:A6:62:68:53:E7:86
Certificate issuer:       /CN=9d5138e1facf7b65dbb575fa7d47240c278b34df
Certificate serial:       0185703983A999F0411E8A0156BAC9114BFA
Authority key identifier: 9D:51:38:E1:FA:CF:7B:65:DB:B5:75:FA:7D:47:24:0C:27:8B:34:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nVE44frPe2XbtXX6fUckDCeLNN8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/ekBsNW_Oz0LEZg70u12mYmhT54Y.roa
Signing time:             Mon 02 Jan 2023 02:04:55 +0000
ROA not before:           Mon 02 Jan 2023 02:04:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        2a0b:8100::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 04 Jul 2023 14:15:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:39:83:a9:99:f0:41:1e:8a:01:56:ba:c9:11:4b:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d5138e1facf7b65dbb575fa7d47240c278b34df
        Validity
            Not Before: Jan  2 02:04:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7a406c356fcecf42c4660ef4bb5da6626853e786
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:80:f6:9f:22:8a:67:cd:cb:42:99:79:c0:da:
                    e2:04:93:ba:d5:5e:b1:08:41:4b:0b:ad:ae:d7:39:
                    70:f6:01:af:38:5c:c3:80:f6:39:f3:49:e5:90:27:
                    8e:ba:4d:2d:0a:3a:e6:52:1d:8b:88:72:c2:57:24:
                    ec:61:a5:b7:30:fd:29:f0:95:c1:58:26:26:ee:d0:
                    0a:88:2f:36:2b:7e:ed:8a:5f:42:f5:16:61:96:de:
                    2e:24:74:91:34:35:99:9c:3b:c5:01:ab:8b:5a:8c:
                    34:90:57:e6:95:21:26:ae:80:e6:db:b5:f6:86:f6:
                    9d:7a:87:d4:b9:98:35:e2:4f:ed:7a:c3:c0:8a:ba:
                    6c:12:ae:09:f7:01:24:68:ec:1f:6d:aa:cf:3c:55:
                    71:93:c1:3c:d2:0a:32:55:9a:08:f8:7f:09:06:ea:
                    77:8b:b3:54:ba:0c:88:b2:10:9a:a6:42:b2:a1:3c:
                    66:2d:29:46:60:24:90:f6:59:e3:0b:2e:1b:69:7f:
                    9c:ad:ce:44:7a:b2:20:a2:1b:54:ec:67:6a:27:be:
                    a8:78:0d:80:e2:13:16:1a:bb:6a:4b:8b:c8:a6:4c:
                    d8:eb:12:4c:ff:03:0f:68:a9:47:f9:07:10:91:ce:
                    6f:7d:fc:0c:6b:d5:77:59:12:9d:7c:f5:a0:a7:8d:
                    8d:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:40:6C:35:6F:CE:CF:42:C4:66:0E:F4:BB:5D:A6:62:68:53:E7:86
            X509v3 Authority Key Identifier:
                keyid:9D:51:38:E1:FA:CF:7B:65:DB:B5:75:FA:7D:47:24:0C:27:8B:34:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nVE44frPe2XbtXX6fUckDCeLNN8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/ekBsNW_Oz0LEZg70u12mYmhT54Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/nVE44frPe2XbtXX6fUckDCeLNN8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:8100::/32

    Signature Algorithm: sha256WithRSAEncryption
         11:9e:4d:4f:81:0c:c8:e6:27:b3:7b:55:92:78:47:fb:c5:bb:
         73:36:54:01:45:b2:d7:5f:5a:35:09:7c:70:57:c9:19:a3:8f:
         05:e6:92:06:d2:ce:60:32:47:52:f2:d2:36:4d:a8:3f:28:e6:
         04:2f:36:92:d6:a7:b7:ae:66:56:a8:5c:e6:08:36:d3:63:05:
         f2:34:3c:0c:47:2a:86:09:9e:2d:73:37:45:63:4c:27:0f:cb:
         4b:1c:8d:60:53:3c:86:7b:ac:6b:59:77:dc:05:68:a1:fa:f1:
         b4:34:0a:89:8b:e9:35:8a:94:dc:21:e6:dd:58:62:b0:03:64:
         10:ae:65:86:72:b6:d9:b7:4d:59:56:1d:01:12:ba:1e:2c:a2:
         ca:a0:25:72:12:48:dc:87:ca:ef:23:67:00:87:2c:4f:79:24:
         fc:e7:fb:87:08:39:32:9a:d1:51:c2:a3:b8:e8:09:9a:be:e0:
         b5:10:d7:33:d5:66:c4:ec:20:7c:ce:ae:b0:64:73:68:3c:d1:
         01:22:8b:67:12:f0:c5:27:72:d2:2e:3b:e2:0a:4f:17:2c:6f:
         0a:a2:ef:8b:a7:df:55:6b:ec:17:a7:88:49:ef:6a:40:e6:c8:
         5d:53:c6:4e:60:e6:45:c0:ab:25:9f:c1:73:dd:1c:1d:f5:46:
         a2:8a:09:5a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwOYOpmfBBHooBVrrJEUv6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNTEzOGUxZmFjZjdiNjVkYmI1NzVmYTdkNDcyNDBjMjc4
YjM0ZGYwHhcNMjMwMTAyMDIwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTQwNmMzNTZmY2VjZjQyYzQ2NjBlZjRiYjVkYTY2MjY4NTNlNzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg4D2nyKKZ83LQpl5wNriBJO61V6x
CEFLC62u1zlw9gGvOFzDgPY580nlkCeOuk0tCjrmUh2LiHLCVyTsYaW3MP0p8JXB
WCYm7tAKiC82K37til9C9RZhlt4uJHSRNDWZnDvFAauLWow0kFfmlSEmroDm27X2
hvadeofUuZg14k/tesPAirpsEq4J9wEkaOwfbarPPFVxk8E80goyVZoI+H8JBup3
i7NUugyIshCapkKyoTxmLSlGYCSQ9lnjCy4baX+crc5EerIgohtU7GdqJ76oeA2A
4hMWGrtqS4vIpkzY6xJM/wMPaKlH+QcQkc5vffwMa9V3WRKdfPWgp42NQQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHpAbDVvzs9CxGYO9LtdpmJoU+eGMB8GA1UdIwQY
MBaAFJ1ROOH6z3tl27V1+n1HJAwnizTfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblZFNDRmclBlMlhidFhYNmZVY2tEQ2VMTk44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDAxZmYtODMyMy00Yjg5LWJlM2Qt
YzJlZmViM2IzMmE1LzEvZWtCc05XX096MExFWmc3MHUxMm1ZbWhUNTRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDAxZmYtODMyMy00Yjg5LWJlM2QtYzJlZmViM2IzMmE1
LzEvblZFNDRmclBlMlhidFhYNmZVY2tEQ2VMTk44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKguBADAN
BgkqhkiG9w0BAQsFAAOCAQEAEZ5NT4EMyOYns3tVknhH+8W7czZUAUWy119aNQl8
cFfJGaOPBeaSBtLOYDJHUvLSNk2oPyjmBC82ktant65mVqhc5gg202MF8jQ8DEcq
hgmeLXM3RWNMJw/LSxyNYFM8hnusa1l33AVoofrxtDQKiYvpNYqU3CHm3VhisANk
EK5lhnK22bdNWVYdARK6HiyiyqAlchJI3IfK7yNnAIcsT3kk/Of7hwg5MprRUcKj
uOgJmr7gtRDXM9VmxOwgfM6usGRzaDzRASKLZxLwxSdy0i474gpPFyxvCqLvi6ff
VWvsF6eISe9qQObIXVPGTmDmRcCrJZ/Bc90cHfVGoooJWg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:00 2024 by rpki-client on console-fra.rpki-client.org