Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Im9vBHsx_uFHRO9sH_NN_lEgztM.roa
File:                     Im9vBHsx_uFHRO9sH_NN_lEgztM.roa (raw, json)
Hash identifier:          llw5Hy3qdzSUFb98HYeD6fDikXWPs7LPJYFr/bVSTYc=
Subject key identifier:   22:6F:6F:04:7B:31:FE:E1:47:44:EF:6C:1F:F3:4D:FE:51:20:CE:D3
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       0185739004A3C53E9F5690C1DAF1D062A0F1
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Im9vBHsx_uFHRO9sH_NN_lEgztM.roa
Signing time:             Mon 02 Jan 2023 17:38:16 +0000
ROA not before:           Mon 02 Jan 2023 17:38:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208885
IP address blocks:        2a0b:b86:ffe4::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:90:04:a3:c5:3e:9f:56:90:c1:da:f1:d0:62:a0:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  2 17:38:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=226f6f047b31fee14744ef6c1ff34dfe5120ced3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:23:d8:78:63:09:5b:c6:c1:9c:c7:2e:ee:40:
                    48:75:58:f1:42:c3:19:ab:ef:9c:eb:d8:0b:b7:f9:
                    4e:e6:37:a9:61:71:b8:9c:d2:08:c6:6a:81:11:7b:
                    86:19:54:f1:3c:62:b6:56:06:ad:14:e5:69:c3:60:
                    72:a7:91:02:6f:30:5d:35:61:b6:fc:87:04:bd:67:
                    66:08:72:f7:8f:0e:c3:ee:e4:f9:e3:8a:eb:7f:20:
                    78:ce:fc:d8:2b:84:eb:60:6c:8b:41:8d:e3:b5:7a:
                    07:91:fc:90:c7:41:53:61:c5:a6:46:40:09:ff:35:
                    38:4e:7d:3d:87:16:12:a0:39:59:4e:48:8d:7d:14:
                    32:da:00:a0:37:02:fc:dd:bd:97:34:7e:62:8f:a9:
                    7d:69:b7:13:07:80:d4:62:21:5c:52:85:6d:df:70:
                    8d:fa:06:3d:79:b7:ab:a7:9b:67:33:61:c3:95:74:
                    77:5d:2e:a8:d7:ec:95:84:71:42:3b:dc:42:ad:b6:
                    37:b8:4b:89:e8:2b:54:d6:84:73:1d:04:90:7c:35:
                    13:c5:b1:4f:92:15:02:22:5f:30:e4:ba:53:f4:02:
                    d0:30:24:05:60:f6:06:76:b9:92:56:8c:36:43:fe:
                    83:97:99:a5:a6:c3:f9:d8:46:25:33:2d:47:19:6f:
                    7d:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:6F:6F:04:7B:31:FE:E1:47:44:EF:6C:1F:F3:4D:FE:51:20:CE:D3
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Im9vBHsx_uFHRO9sH_NN_lEgztM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:b86:ffe4::/48

    Signature Algorithm: sha256WithRSAEncryption
         c7:a1:aa:07:40:3e:c5:73:a4:52:5d:b8:fc:e6:99:25:da:2e:
         24:91:ba:d3:54:bd:bb:02:30:26:52:3e:36:64:9d:33:fa:bb:
         45:93:65:8d:6a:56:00:d7:58:88:e6:3d:b8:93:8c:6e:0f:e6:
         9b:bf:ab:22:9e:f8:b9:1f:a2:a7:f6:88:5c:e2:fc:8d:5c:c0:
         9b:36:a2:4a:83:8c:0a:4c:06:10:f0:63:cf:9e:72:73:66:14:
         cb:8c:58:90:4e:ec:bf:d9:ac:d9:a9:57:1d:c6:b5:a5:2b:9e:
         1b:d2:f2:6c:d9:9f:d3:ca:76:a7:55:7a:cd:a7:98:c5:42:8a:
         b0:66:a2:78:dc:8f:73:56:1d:02:ea:c7:63:88:0e:4c:27:06:
         11:b8:ed:4a:03:a8:81:25:ea:0b:1c:d0:91:9f:be:d2:4d:5f:
         7b:5b:de:e9:94:ca:a1:3b:8a:af:64:f1:a9:eb:42:f0:92:cb:
         d4:18:3d:81:c2:a4:fd:4a:7e:2a:84:f0:31:37:d3:31:8f:ef:
         0f:b6:bc:02:c2:14:43:1c:99:a1:d9:9b:b1:6c:c2:80:85:0b:
         10:60:eb:1a:85:c6:14:f1:71:37:98:34:9b:ce:fb:ea:aa:62:
         d1:15:3a:25:5e:20:12:3e:71:17:83:87:48:5e:9f:9c:20:14:
         fa:c6:7f:23
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzkASjxT6fVpDB2vHQYqDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjZmNmYwNDdiMzFmZWUxNDc0NGVmNmMxZmYzNGRmZTUxMjBjZWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiPYeGMJW8bBnMcu7kBIdVjxQsMZ
q++c69gLt/lO5jepYXG4nNIIxmqBEXuGGVTxPGK2VgatFOVpw2Byp5ECbzBdNWG2
/IcEvWdmCHL3jw7D7uT544rrfyB4zvzYK4TrYGyLQY3jtXoHkfyQx0FTYcWmRkAJ
/zU4Tn09hxYSoDlZTkiNfRQy2gCgNwL83b2XNH5ij6l9abcTB4DUYiFcUoVt33CN
+gY9eberp5tnM2HDlXR3XS6o1+yVhHFCO9xCrbY3uEuJ6CtU1oRzHQSQfDUTxbFP
khUCIl8w5LpT9ALQMCQFYPYGdrmSVow2Q/6Dl5mlpsP52EYlMy1HGW99SQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCJvbwR7Mf7hR0TvbB/zTf5RIM7TMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvSW05dkJIc3hfdUZIUk85c0hfTk5fbEVnenRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLhv/k
MA0GCSqGSIb3DQEBCwUAA4IBAQDHoaoHQD7Fc6RSXbj85pkl2i4kkbrTVL27AjAm
Uj42ZJ0z+rtFk2WNalYA11iI5j24k4xuD+abv6sinvi5H6Kn9ohc4vyNXMCbNqJK
g4wKTAYQ8GPPnnJzZhTLjFiQTuy/2azZqVcdxrWlK54b0vJs2Z/TynanVXrNp5jF
QoqwZqJ43I9zVh0C6sdjiA5MJwYRuO1KA6iBJeoLHNCRn77STV97W97plMqhO4qv
ZPGp60LwksvUGD2BwqT9Sn4qhPAxN9Mxj+8PtrwCwhRDHJmh2ZuxbMKAhQsQYOsa
hcYU8XE3mDSbzvvqqmLRFTolXiASPnEXg4dIXp+cIBT6xn8j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:49 2024 by rpki-client on console-fra.rpki-client.org