Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/ASryETGBth9FvRtVBgTNy1vSuqQ.roa
File:                     ASryETGBth9FvRtVBgTNy1vSuqQ.roa (raw, json)
Hash identifier:          fOiXDA3a/h5PvchnFF3pxluBVeNxJmCBGA93hYjnvbk=
Subject key identifier:   01:2A:F2:11:31:81:B6:1F:45:BD:1B:55:06:04:CD:CB:5B:D2:BA:A4
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       018573900385A697BCFA9575D365AA407856
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/ASryETGBth9FvRtVBgTNy1vSuqQ.roa
Signing time:             Mon 02 Jan 2023 17:38:15 +0000
ROA not before:           Mon 02 Jan 2023 17:38:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207892
IP address blocks:        2a0b:b87:ffdb::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:90:03:85:a6:97:bc:fa:95:75:d3:65:aa:40:78:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  2 17:38:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=012af2113181b61f45bd1b550604cdcb5bd2baa4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:1a:7e:fa:8c:bd:9d:d7:5f:84:9b:3a:0f:c8:
                    bb:1e:78:99:73:27:50:7f:fd:fc:47:e5:8e:03:0d:
                    b5:89:ca:3b:2b:9f:5d:65:61:3f:6b:47:bc:b1:a6:
                    16:3a:bc:2a:cf:91:13:74:ee:54:84:b0:a4:c1:90:
                    96:5f:ba:b3:75:12:f2:86:4c:53:24:2f:0c:99:27:
                    63:15:c1:c6:1e:de:fa:dc:d4:0b:a7:4e:30:fe:fe:
                    d3:3d:8f:f2:19:2a:6e:e4:9c:63:03:f4:78:f9:4b:
                    29:0a:f9:34:40:dc:84:a8:7a:c0:8b:1e:e3:38:11:
                    27:06:b4:bf:34:11:86:82:80:23:ac:ec:0e:e1:f5:
                    d3:4c:64:7e:9a:9c:3d:65:f2:03:ba:69:55:ef:49:
                    9b:6e:19:e3:4f:09:46:ec:59:a1:9f:82:8a:6b:ab:
                    44:6e:b7:8e:33:80:89:a1:d9:59:54:d7:ff:2e:23:
                    65:53:8e:f1:0c:e7:48:27:05:43:d6:a0:10:55:fe:
                    46:1a:50:60:84:d6:8a:6a:df:1e:96:22:e2:f6:9b:
                    82:eb:38:40:50:20:5c:fc:02:fd:f0:c5:70:1e:37:
                    4e:59:3c:67:8c:b6:c5:ec:3c:80:4b:97:0d:9e:2f:
                    2e:25:2c:bc:da:1d:23:f2:c8:43:f4:4c:28:c2:61:
                    81:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:2A:F2:11:31:81:B6:1F:45:BD:1B:55:06:04:CD:CB:5B:D2:BA:A4
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/ASryETGBth9FvRtVBgTNy1vSuqQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:b87:ffdb::/48

    Signature Algorithm: sha256WithRSAEncryption
         a6:df:10:16:f0:9f:03:9b:b9:90:3e:a4:62:f4:a9:b7:89:2f:
         73:08:00:d2:04:58:69:bc:6d:bb:5c:4f:fe:fe:f4:80:cd:d5:
         7c:d8:c7:7c:a7:9b:8a:32:79:5f:3e:16:6e:ee:04:2f:e6:9d:
         18:4c:59:8b:0d:af:49:ed:d0:7f:d4:5e:d6:35:34:1d:e5:34:
         e3:a2:19:00:62:d7:9c:a0:bf:bc:7b:d1:a0:1d:8c:83:82:2d:
         3a:94:b6:62:47:52:e8:24:b8:e5:c0:b8:27:7e:a1:60:3d:52:
         36:61:98:63:d0:b9:47:de:16:83:4d:f6:b4:df:31:4d:bd:42:
         14:d9:c1:75:c1:6c:fa:df:eb:95:77:a4:49:70:89:7a:ee:16:
         b6:90:37:1e:b4:1b:fb:08:f5:c6:dc:5b:5d:15:04:b9:73:e2:
         8b:64:4a:08:f0:e6:2e:0a:3a:85:d5:ed:9a:b9:70:7e:eb:e5:
         09:5d:99:51:1e:20:ea:49:b7:a1:f9:31:74:d1:32:c0:4c:f3:
         4e:db:b7:c8:9b:50:3e:40:14:42:b6:e9:6b:d1:17:60:e2:59:
         e1:58:ef:df:ee:6c:b8:5a:01:11:6b:22:90:39:b6:85:d6:05:
         51:b0:14:50:ef:b2:f8:bb:e2:61:c4:c7:bd:38:7c:a7:bb:7a:
         71:4b:67:41
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzkAOFppe8+pV102WqQHhWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTJhZjIxMTMxODFiNjFmNDViZDFiNTUwNjA0Y2RjYjViZDJiYWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRp++oy9nddfhJs6D8i7HniZcydQ
f/38R+WOAw21ico7K59dZWE/a0e8saYWOrwqz5ETdO5UhLCkwZCWX7qzdRLyhkxT
JC8MmSdjFcHGHt763NQLp04w/v7TPY/yGSpu5JxjA/R4+UspCvk0QNyEqHrAix7j
OBEnBrS/NBGGgoAjrOwO4fXTTGR+mpw9ZfIDumlV70mbbhnjTwlG7Fmhn4KKa6tE
breOM4CJodlZVNf/LiNlU47xDOdIJwVD1qAQVf5GGlBghNaKat8eliLi9puC6zhA
UCBc/AL98MVwHjdOWTxnjLbF7DyAS5cNni8uJSy82h0j8shD9EwowmGBdwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAEq8hExgbYfRb0bVQYEzctb0rqkMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvQVNyeUVUR0J0aDlGdlJ0VkJnVE55MXZTdXFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh//b
MA0GCSqGSIb3DQEBCwUAA4IBAQCm3xAW8J8Dm7mQPqRi9Km3iS9zCADSBFhpvG27
XE/+/vSAzdV82Md8p5uKMnlfPhZu7gQv5p0YTFmLDa9J7dB/1F7WNTQd5TTjohkA
YtecoL+8e9GgHYyDgi06lLZiR1LoJLjlwLgnfqFgPVI2YZhj0LlH3haDTfa03zFN
vUIU2cF1wWz63+uVd6RJcIl67ha2kDcetBv7CPXG3FtdFQS5c+KLZEoI8OYuCjqF
1e2auXB+6+UJXZlRHiDqSbeh+TF00TLATPNO27fIm1A+QBRCtulr0Rdg4lnhWO/f
7my4WgERayKQObaF1gVRsBRQ77L4u+JhxMe9OHynu3pxS2dB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:48 2024 by rpki-client on console-fra.rpki-client.org