Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/vZ_-7Cqww8R2vndxqp7jyKoJNpM.roa
File:                     vZ_-7Cqww8R2vndxqp7jyKoJNpM.roa (raw, json)
Hash identifier:          1d9zmSBMUigKaClF1sT2TJK39GxQAmwmETlOmDZfiDg=
Subject key identifier:   BD:9F:FE:EC:2A:B0:C3:C4:76:BE:77:71:AA:9E:E3:C8:AA:09:36:93
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       01906EE1034D8F5F48D02BB777C06C1FA834
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/vZ_-7Cqww8R2vndxqp7jyKoJNpM.roa
Signing time:             Mon 01 Jul 2024 15:19:18 +0000
ROA not before:           Mon 01 Jul 2024 15:19:18 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     53356
IP address blocks:        2a07:9201::/32 maxlen: 32
                          2a09:340::/32 maxlen: 32
                          2a09:c440::/32 maxlen: 32
                          2a0c:5d40::/32 maxlen: 32
                          2a0c:a584::/32 maxlen: 32
                          2a10:dfc0::/32 maxlen: 32
                          2a10:fac0::/32 maxlen: 32
                          2a11:580::/32 maxlen: 32
                          2a11:1600::/32 maxlen: 32
                          2a11:2a80::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 04 Jul 2024 12:21:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:6e:e1:03:4d:8f:5f:48:d0:2b:b7:77:c0:6c:1f:a8:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Jul  1 15:19:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bd9ffeec2ab0c3c476be7771aa9ee3c8aa093693
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:d1:9b:80:df:89:fb:0a:78:1b:92:10:af:64:
                    3f:80:c9:6d:95:aa:2e:31:97:f2:34:7a:6f:5d:ca:
                    7c:3d:19:de:f1:95:1b:13:ba:23:0a:ce:98:0c:9c:
                    aa:d9:ba:f1:6a:31:68:d8:bc:23:bc:f8:3a:a2:09:
                    f8:8d:73:2b:01:81:f1:55:93:4f:56:13:b4:d1:66:
                    4d:fb:f8:f5:07:2f:e4:bd:1f:1e:a7:4b:1b:6b:5a:
                    27:3e:d6:cf:98:b7:bc:8f:dc:ba:be:6b:7f:c2:93:
                    4a:f5:41:d9:1f:4e:6b:20:08:e7:83:ef:d0:97:4c:
                    ea:2d:8b:87:7a:b1:03:ff:c0:26:4e:4d:d5:ac:65:
                    91:31:7c:67:87:bc:83:e2:78:7e:ad:13:e2:8f:0e:
                    e5:fb:ad:e3:ee:13:88:8a:e9:13:97:d3:5c:fe:da:
                    ff:34:7e:bf:53:59:48:d9:9f:2c:e0:39:15:7a:da:
                    3c:bf:3c:81:c3:7f:d2:bc:02:41:01:ae:2f:7e:bc:
                    f9:98:9f:b4:16:10:13:c6:9c:cc:30:52:2c:16:0e:
                    f1:86:47:49:2e:fc:8c:f8:dd:75:4c:66:f8:f6:aa:
                    eb:36:77:85:5f:b9:a5:58:5c:29:87:bc:1c:a9:6d:
                    93:33:95:eb:52:67:5b:58:94:41:c2:f8:f1:f5:ea:
                    bf:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:9F:FE:EC:2A:B0:C3:C4:76:BE:77:71:AA:9E:E3:C8:AA:09:36:93
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/vZ_-7Cqww8R2vndxqp7jyKoJNpM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:9201::/32
                  2a09:340::/32
                  2a09:c440::/32
                  2a0c:5d40::/32
                  2a0c:a584::/32
                  2a10:dfc0::/32
                  2a10:fac0::/32
                  2a11:580::/32
                  2a11:1600::/32
                  2a11:2a80::/32

    Signature Algorithm: sha256WithRSAEncryption
         79:ff:1a:15:44:23:14:e8:cc:ed:88:2e:cf:08:c3:c0:10:80:
         49:d5:23:51:65:fe:81:87:0c:bc:b1:f4:57:2c:35:65:9f:39:
         ed:42:e3:90:2b:8a:8d:7b:1d:5c:ac:0c:ef:5c:6a:57:e3:9c:
         02:97:fa:b9:80:62:f6:a7:65:7f:ae:84:91:7e:20:53:4c:a4:
         c2:90:0d:3e:cc:4f:e5:62:48:d9:31:7e:7d:8d:a2:49:27:72:
         43:7b:aa:2f:4c:fc:9b:61:45:39:aa:e6:31:96:03:46:df:6d:
         dd:8a:c2:9d:62:d6:7c:92:63:ca:e0:cb:ff:5e:43:19:8a:6b:
         4a:7b:c8:16:2b:6e:c2:5e:a0:6e:9c:a4:f1:9b:a1:01:0a:ed:
         6c:02:ea:9c:80:6d:29:be:12:28:4c:a9:9e:f4:76:24:64:ec:
         10:a3:25:71:e4:45:aa:2b:ac:45:d1:e2:11:3b:40:fb:01:a6:
         f1:7a:76:88:b3:e1:25:06:38:3a:da:68:f8:82:bf:9e:d5:7d:
         87:e9:e6:b0:06:72:19:bd:5b:2d:a4:b4:a0:84:c8:b9:e5:ce:
         6b:6a:89:cd:7b:f8:cf:6c:be:77:a2:e2:d3:a2:80:fe:e4:df:
         da:41:f3:04:e3:16:b4:ba:55:a3:70:17:b4:f2:95:d6:39:77:
         0c:1c:84:33
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZBu4QNNj19I0Cu3d8BsH6g0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNzAxMTUxOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDlmZmVlYzJhYjBjM2M0NzZiZTc3NzFhYTllZTNjOGFhMDkzNjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdGbgN+J+wp4G5IQr2Q/gMltlaou
MZfyNHpvXcp8PRne8ZUbE7ojCs6YDJyq2brxajFo2LwjvPg6ogn4jXMrAYHxVZNP
VhO00WZN+/j1By/kvR8ep0sba1onPtbPmLe8j9y6vmt/wpNK9UHZH05rIAjng+/Q
l0zqLYuHerED/8AmTk3VrGWRMXxnh7yD4nh+rRPijw7l+63j7hOIiukTl9Nc/tr/
NH6/U1lI2Z8s4DkVeto8vzyBw3/SvAJBAa4vfrz5mJ+0FhATxpzMMFIsFg7xhkdJ
LvyM+N11TGb49qrrNneFX7mlWFwph7wcqW2TM5XrUmdbWJRBwvjx9eq/AQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFL2f/uwqsMPEdr53caqe48iqCTaTMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvdlpfLTdDcXd3OFIydm5keHFwN2p5S29KTnBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwUAKgeSAQMF
ACoJA0ADBQAqCcRAAwUAKgxdQAMFACoMpYQDBQAqEN/AAwUAKhD6wAMFACoRBYAD
BQAqERYAAwUAKhEqgDANBgkqhkiG9w0BAQsFAAOCAQEAef8aFUQjFOjM7YguzwjD
wBCASdUjUWX+gYcMvLH0Vyw1ZZ857ULjkCuKjXsdXKwM71xqV+OcApf6uYBi9qdl
f66EkX4gU0ykwpANPsxP5WJI2TF+fY2iSSdyQ3uqL0z8m2FFOarmMZYDRt9t3YrC
nWLWfJJjyuDL/15DGYprSnvIFituwl6gbpyk8ZuhAQrtbALqnIBtKb4SKEypnvR2
JGTsEKMlceRFqiusRdHiETtA+wGm8Xp2iLPhJQY4Otpo+IK/ntV9h+nmsAZyGb1b
LaS0oITIueXOa2qJzXv4z2y+d6Li06KA/uTf2kHzBOMWtLpVo3AXtPKV1jl3DByE
Mw==
-----END CERTIFICATE-----