Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/c36f83-8b35-4d05-a334-f98c483015d7/1/_l9SYgL8T3flw6-yf4DvJa18Bps.roa
File:                     _l9SYgL8T3flw6-yf4DvJa18Bps.roa (raw, json)
Hash identifier:          TkI6twFsivYhD4hwHNCKnsQvIdtiC8LGXI2bQbk3f7g=
Subject key identifier:   FE:5F:52:62:02:FC:4F:77:E5:C3:AF:B2:7F:80:EF:25:AD:7C:06:9B
Certificate issuer:       /CN=d301991fc343f358c0f2eebae55cf2da34521c7a
Certificate serial:       01856F5DAEF969FADB9D98D0152E59F47500
Authority key identifier: D3:01:99:1F:C3:43:F3:58:C0:F2:EE:BA:E5:5C:F2:DA:34:52:1C:7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0wGZH8ND81jA8u665Vzy2jRSHHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/c36f83-8b35-4d05-a334-f98c483015d7/1/_l9SYgL8T3flw6-yf4DvJa18Bps.roa
Signing time:             Sun 01 Jan 2023 22:04:48 +0000
ROA not before:           Sun 01 Jan 2023 22:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15703
IP address blocks:        2a00:a7c0:1026::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:30:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:5d:ae:f9:69:fa:db:9d:98:d0:15:2e:59:f4:75:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d301991fc343f358c0f2eebae55cf2da34521c7a
        Validity
            Not Before: Jan  1 22:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fe5f526202fc4f77e5c3afb27f80ef25ad7c069b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:a0:7d:85:84:78:9d:73:6c:8f:8f:a2:de:ca:
                    b5:66:5a:b5:1b:c7:d6:8b:e2:66:72:ce:8d:c0:7d:
                    5d:3f:d2:b0:98:a6:47:67:72:07:53:fa:2f:12:94:
                    53:fd:67:15:f8:c8:b4:ce:77:0c:35:2d:1c:3c:9a:
                    fb:b7:5d:0d:55:b6:6d:c8:4d:ca:5a:6c:81:e6:59:
                    d2:8c:d2:d0:76:ed:c6:f4:4d:c7:89:da:2a:bb:dd:
                    ef:8d:c6:ea:5f:f0:89:57:b7:72:2f:78:6e:cf:ea:
                    55:1f:04:f4:82:c3:92:4d:9e:37:de:6d:5b:55:f1:
                    ed:a3:ac:3e:27:ed:e5:e4:bf:8e:b3:ae:a0:f0:69:
                    09:85:88:e6:58:00:f4:a7:f4:92:0c:52:7a:4b:c3:
                    de:02:da:dc:64:0b:d8:ac:d3:3b:c7:8d:ab:68:cf:
                    a5:e4:d1:84:88:02:18:1a:12:12:33:d7:e7:9d:aa:
                    3d:b7:d6:09:25:62:13:77:d6:72:ab:e1:5c:74:fb:
                    bb:17:18:a6:22:07:fd:67:d9:e5:62:5d:28:f0:8c:
                    9f:c7:cb:d2:4c:97:b7:da:f0:4f:7d:3b:98:a1:39:
                    df:7a:0b:ef:95:61:e0:a0:26:bf:6f:72:32:2b:03:
                    d0:b7:20:8a:b8:58:5b:6d:75:bd:4f:b0:d1:42:3c:
                    65:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:5F:52:62:02:FC:4F:77:E5:C3:AF:B2:7F:80:EF:25:AD:7C:06:9B
            X509v3 Authority Key Identifier:
                keyid:D3:01:99:1F:C3:43:F3:58:C0:F2:EE:BA:E5:5C:F2:DA:34:52:1C:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0wGZH8ND81jA8u665Vzy2jRSHHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/c36f83-8b35-4d05-a334-f98c483015d7/1/_l9SYgL8T3flw6-yf4DvJa18Bps.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/c36f83-8b35-4d05-a334-f98c483015d7/1/0wGZH8ND81jA8u665Vzy2jRSHHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:a7c0:1026::/48

    Signature Algorithm: sha256WithRSAEncryption
         4e:1c:f7:84:88:5d:cc:af:0d:1e:39:9c:75:f4:d6:9e:d0:fb:
         09:c9:f7:d4:11:64:b2:ea:8e:2b:3d:9e:dc:8e:49:6b:53:90:
         cf:1f:20:14:44:e8:b8:ec:f1:19:0b:4e:e4:43:82:e3:b5:db:
         e1:d7:b8:02:36:69:d5:54:54:da:98:ee:7d:57:77:31:b4:bb:
         e1:06:d0:b1:14:e3:4f:ad:00:91:3b:8b:97:c5:63:a0:b4:37:
         46:46:fe:b7:51:a1:15:ca:0b:d3:8b:64:ba:89:01:35:54:78:
         c2:a2:da:3c:20:2b:d5:d9:77:1e:ad:81:7f:5b:da:ce:2e:00:
         e8:eb:ce:62:9e:09:e0:ef:7e:b6:f1:87:8f:dd:db:75:a9:d1:
         7e:73:2b:f9:fc:9f:7c:e4:12:d5:4c:69:d1:42:e8:0b:ed:ec:
         6f:4c:72:1e:fd:f2:49:6c:68:74:68:a3:80:49:2e:e8:21:8e:
         4a:8c:a6:71:aa:8a:6a:ac:d2:2f:65:16:c4:46:bf:4b:e2:46:
         0c:f2:aa:cf:08:5b:9e:4c:d1:81:df:25:ef:6a:ed:f3:16:7f:
         72:13:5e:62:5d:cf:74:ac:68:81:75:0d:4c:c0:68:db:2d:52:
         26:79:c3:0e:82:f8:91:66:d0:83:bd:ae:7f:ca:e7:f9:31:01:
         dc:7e:d5:b3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvXa75afrbnZjQFS5Z9HUAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMDE5OTFmYzM0M2YzNThjMGYyZWViYWU1NWNmMmRhMzQ1
MjFjN2EwHhcNMjMwMTAxMjIwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTVmNTI2MjAyZmM0Zjc3ZTVjM2FmYjI3ZjgwZWYyNWFkN2MwNjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6B9hYR4nXNsj4+i3sq1Zlq1G8fW
i+Jmcs6NwH1dP9KwmKZHZ3IHU/ovEpRT/WcV+Mi0zncMNS0cPJr7t10NVbZtyE3K
WmyB5lnSjNLQdu3G9E3Hidoqu93vjcbqX/CJV7dyL3huz+pVHwT0gsOSTZ433m1b
VfHto6w+J+3l5L+Os66g8GkJhYjmWAD0p/SSDFJ6S8PeAtrcZAvYrNM7x42raM+l
5NGEiAIYGhISM9fnnao9t9YJJWITd9Zyq+FcdPu7FximIgf9Z9nlYl0o8Iyfx8vS
TJe32vBPfTuYoTnfegvvlWHgoCa/b3IyKwPQtyCKuFhbbXW9T7DRQjxliwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFP5fUmIC/E935cOvsn+A7yWtfAabMB8GA1UdIwQY
MBaAFNMBmR/DQ/NYwPLuuuVc8to0Uhx6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHdHWkg4TkQ4MWpBOHU2NjVWenkyalJTSEhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9jMzZmODMtOGIzNS00ZDA1LWEzMzQt
Zjk4YzQ4MzAxNWQ3LzEvX2w5U1lnTDhUM2ZsdzYteWY0RHZKYTE4QnBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9jMzZmODMtOGIzNS00ZDA1LWEzMzQtZjk4YzQ4MzAxNWQ3
LzEvMHdHWkg4TkQ4MWpBOHU2NjVWenkyalJTSEhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgCnwBAm
MA0GCSqGSIb3DQEBCwUAA4IBAQBOHPeEiF3Mrw0eOZx19Nae0PsJyffUEWSy6o4r
PZ7cjklrU5DPHyAUROi47PEZC07kQ4Ljtdvh17gCNmnVVFTamO59V3cxtLvhBtCx
FONPrQCRO4uXxWOgtDdGRv63UaEVygvTi2S6iQE1VHjCoto8ICvV2XcerYF/W9rO
LgDo685ingng73628YeP3dt1qdF+cyv5/J985BLVTGnRQugL7exvTHIe/fJJbGh0
aKOASS7oIY5KjKZxqopqrNIvZRbERr9L4kYM8qrPCFueTNGB3yXvau3zFn9yE15i
Xc90rGiBdQ1MwGjbLVImecMOgviRZtCDva5/yuf5MQHcftWz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:36 2024 by rpki-client on console-fra.rpki-client.org