Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/moNj4ixkx5Qlhfk28lprhUAfOiQ.roa
File:                     moNj4ixkx5Qlhfk28lprhUAfOiQ.roa (raw, json)
Hash identifier:          pRyoKrr+FhdkpvB/yXBb+BUBGpuAByKhdmPnhPa8c3U=
Subject key identifier:   9A:83:63:E2:2C:64:C7:94:25:85:F9:36:F2:5A:6B:85:40:1F:3A:24
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       0192342628690CD7A1CCAF69829188B0F464
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/moNj4ixkx5Qlhfk28lprhUAfOiQ.roa
Signing time:             Fri 27 Sep 2024 15:42:48 +0000
ROA not before:           Fri 27 Sep 2024 15:42:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     53356
IP address blocks:        2a07:9200::/32 maxlen: 32
                          2a07:9202::/32 maxlen: 32
                          2a07:9203::/32 maxlen: 32
                          2a07:9204::/32 maxlen: 32
                          2a07:9205::/32 maxlen: 32
                          2a09:342::/32 maxlen: 32
                          2a09:346::/32 maxlen: 32
                          2a0c:a582::/32 maxlen: 32
                          2a0c:a583::/32 maxlen: 32
                          2a0c:a585::/32 maxlen: 32
                          2a0c:a587::/32 maxlen: 32
                          2a10:dfc1::/32 maxlen: 32
                          2a10:dfc2::/32 maxlen: 32
                          2a10:dfc3::/32 maxlen: 32
                          2a10:dfc4::/32 maxlen: 32
                          2a10:dfc5::/32 maxlen: 32
                          2a10:dfc6::/32 maxlen: 32
                          2a10:dfc7::/32 maxlen: 32

Validation:               Failed, certificate revoked on Sun 06 Oct 2024 19:12:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:34:26:28:69:0c:d7:a1:cc:af:69:82:91:88:b0:f4:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Sep 27 15:42:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9a8363e22c64c7942585f936f25a6b85401f3a24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:70:32:a2:38:7f:f8:df:4d:ab:d4:91:d7:65:
                    f4:b9:0b:b1:3f:b2:49:ec:6a:3e:44:e5:ae:75:c0:
                    23:62:f3:aa:b6:54:55:b4:fd:35:b3:7d:f8:6f:4e:
                    cb:78:f1:73:64:25:23:1e:7e:eb:e8:89:ae:f7:f3:
                    28:22:63:5e:d3:47:01:f7:6f:b8:a0:b7:01:c7:a2:
                    aa:f3:1d:30:12:31:5b:48:d5:6e:14:cf:74:00:17:
                    99:3c:d2:22:a6:10:7e:db:93:e9:f8:ec:26:10:1b:
                    e7:ca:06:76:82:34:2f:ad:81:47:1c:3d:a6:20:e1:
                    1d:4d:3f:75:64:42:1d:ca:88:29:25:f1:aa:68:de:
                    75:83:18:2a:6f:8c:5c:ab:b9:15:51:6b:f0:a6:0b:
                    2f:4a:56:f3:47:26:f9:03:22:c8:a2:a3:50:33:4b:
                    24:ab:8a:a3:c3:71:33:ad:ba:c7:26:ee:79:39:e6:
                    81:eb:79:61:54:d6:e6:15:94:85:2d:c9:01:1a:4e:
                    d0:94:e2:12:3f:c9:0d:1c:80:8d:49:cc:b9:bb:46:
                    5a:08:e2:b3:5b:8d:09:d1:5a:c3:fa:0f:8b:c0:ea:
                    8d:93:1d:a0:db:6f:0f:63:fc:eb:c6:b7:92:c8:05:
                    94:8e:77:1d:40:7b:31:a4:d2:be:d0:10:41:52:37:
                    9a:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:83:63:E2:2C:64:C7:94:25:85:F9:36:F2:5A:6B:85:40:1F:3A:24
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/moNj4ixkx5Qlhfk28lprhUAfOiQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:9200::/32
                  2a07:9202::-2a07:9205:ffff:ffff:ffff:ffff:ffff:ffff
                  2a09:342::/32
                  2a09:346::/32
                  2a0c:a582::/31
                  2a0c:a585::/32
                  2a0c:a587::/32
                  2a10:dfc1::-2a10:dfc7:ffff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         72:0d:70:39:ae:93:d2:de:88:5c:c0:6e:ac:2a:21:da:ad:b4:
         e1:8e:55:b6:b0:05:0e:da:a0:b3:33:94:09:dd:d2:76:3b:1b:
         0f:6f:f3:23:f1:36:13:8d:f5:b3:f7:27:16:c8:84:6a:83:e6:
         6b:c7:2a:b6:e8:8b:c3:37:d0:cf:2c:fa:49:39:19:bd:62:df:
         f7:96:80:2e:ac:55:b6:5e:88:4c:cd:3d:e0:01:38:bc:66:68:
         06:bf:88:64:7e:31:31:e4:a6:50:c7:e9:a0:65:57:b5:bd:32:
         3a:98:49:14:cd:9f:63:d5:d5:e5:da:a4:3a:2a:02:e8:c0:3d:
         8c:93:cf:9d:4b:02:63:91:ac:10:2a:09:d5:42:1d:0a:aa:58:
         2c:1f:1d:12:b9:73:1e:0e:29:9b:32:2e:7d:3e:04:c1:d7:f1:
         83:22:db:94:e0:4d:b8:a2:8b:6b:8b:14:7a:4f:45:ac:d4:f5:
         c5:ff:c6:b4:73:01:28:94:02:5e:25:d2:37:5d:d3:cc:84:76:
         99:5f:f7:ca:b5:cd:2d:ca:71:9e:c3:09:24:e0:31:33:9e:af:
         40:1a:9d:0a:54:19:31:27:90:63:b0:66:42:e5:0a:74:ff:17:
         72:d5:41:b5:f4:b0:95:e9:43:32:cd:b1:bd:9b:27:af:66:01:
         df:b1:ee:4c
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZI0JihpDNehzK9pgpGIsPRkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwOTI3MTU0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTgzNjNlMjJjNjRjNzk0MjU4NWY5MzZmMjVhNmI4NTQwMWYzYTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXAyojh/+N9Nq9SR12X0uQuxP7JJ
7Go+ROWudcAjYvOqtlRVtP01s334b07LePFzZCUjHn7r6Imu9/MoImNe00cB92+4
oLcBx6Kq8x0wEjFbSNVuFM90ABeZPNIiphB+25Pp+OwmEBvnygZ2gjQvrYFHHD2m
IOEdTT91ZEIdyogpJfGqaN51gxgqb4xcq7kVUWvwpgsvSlbzRyb5AyLIoqNQM0sk
q4qjw3EzrbrHJu55OeaB63lhVNbmFZSFLckBGk7QlOISP8kNHICNScy5u0ZaCOKz
W40J0VrD+g+LwOqNkx2g228PY/zrxreSyAWUjncdQHsxpNK+0BBBUjea5wIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFJqDY+IsZMeUJYX5NvJaa4VAHzokMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvbW9OajRpeGt4NVFsaGZrMjhscHJoVUFmT2lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAAjBKAwUAKgeSADAO
AwUBKgeSAgMFASoHkgQDBQAqCQNCAwUAKgkDRgMFASoMpYIDBQAqDKWFAwUAKgyl
hzAOAwUAKhDfwQMFAyoQ38AwDQYJKoZIhvcNAQELBQADggEBAHINcDmuk9LeiFzA
bqwqIdqttOGOVbawBQ7aoLMzlAnd0nY7Gw9v8yPxNhON9bP3JxbIhGqD5mvHKrbo
i8M30M8s+kk5Gb1i3/eWgC6sVbZeiEzNPeABOLxmaAa/iGR+MTHkplDH6aBlV7W9
MjqYSRTNn2PV1eXapDoqAujAPYyTz51LAmORrBAqCdVCHQqqWCwfHRK5cx4OKZsy
Ln0+BMHX8YMi25TgTbiii2uLFHpPRazU9cX/xrRzASiUAl4l0jdd08yEdplf98q1
zS3KcZ7DCSTgMTOer0AanQpUGTEnkGOwZkLlCnT/F3LVQbX0sJXpQzLNsb2bJ69m
Ad+x7kw=
-----END CERTIFICATE-----