Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/bdelnyryZhT0mvuDaRwxIq1dKRg.roa
File:                     bdelnyryZhT0mvuDaRwxIq1dKRg.roa (raw, json)
Hash identifier:          ELz3RTeRqFWL+hT/bghjOu3vpj9zyt/Wo0ipDJQ3yAM=
Subject key identifier:   6D:D7:A5:9F:2A:F2:66:14:F4:9A:FB:83:69:1C:31:22:AD:5D:29:18
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       018B6361807C24051DF0C6695EE06442ACE0
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/bdelnyryZhT0mvuDaRwxIq1dKRg.roa
Signing time:             Tue 24 Oct 2023 20:30:16 +0000
ROA not before:           Tue 24 Oct 2023 20:30:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198231
IP address blocks:        2a0d:77c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:63:61:80:7c:24:05:1d:f0:c6:69:5e:e0:64:42:ac:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Oct 24 20:30:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6dd7a59f2af26614f49afb83691c3122ad5d2918
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:44:82:f9:67:fb:cc:4e:63:2a:47:0e:63:0c:
                    e7:09:c5:91:1a:e4:6e:19:e6:62:4f:64:de:08:ac:
                    c3:19:f6:11:04:2b:5b:18:4c:c0:41:fc:43:a0:c2:
                    90:77:c0:b9:bf:25:e0:66:aa:80:a2:e4:28:78:6d:
                    8f:15:f7:cd:8c:d2:66:80:0f:07:7d:c4:1d:84:4f:
                    04:8b:3a:a4:6d:aa:db:0e:dd:43:8d:d3:1f:a3:bf:
                    1b:5a:e9:73:f0:a6:4b:db:08:a3:ae:54:12:cd:ab:
                    a5:52:64:f3:6c:ab:0f:73:c7:16:3f:cc:79:38:fc:
                    bc:35:b8:d8:36:3e:b3:20:49:63:8b:a8:b2:d2:67:
                    f1:c9:0b:90:72:95:b8:e3:b6:91:04:59:6a:af:0b:
                    2f:09:84:2a:4f:21:fa:64:e1:0e:4f:90:c3:e0:d5:
                    fd:a9:4e:14:be:5d:7c:67:cd:af:be:a8:cb:d8:8f:
                    bc:0f:58:04:db:67:c6:5e:a6:f3:bd:31:46:d8:5d:
                    8a:ad:f6:68:b5:81:f2:3c:d3:e8:10:fb:cd:41:0f:
                    60:c8:f2:e5:51:9d:f4:b5:2e:e0:51:71:9d:53:11:
                    b6:4b:22:5c:ff:a0:17:fd:49:c6:5a:98:45:33:90:
                    45:99:f9:a1:8c:26:b6:94:a7:7f:7d:05:c0:f0:05:
                    77:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:D7:A5:9F:2A:F2:66:14:F4:9A:FB:83:69:1C:31:22:AD:5D:29:18
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/bdelnyryZhT0mvuDaRwxIq1dKRg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:77c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         45:c4:52:4c:93:9c:41:78:7d:4c:e3:03:5e:ab:ae:2e:14:8f:
         3e:f7:91:44:37:64:8a:15:b3:07:bd:40:4f:60:af:1b:76:89:
         21:9c:f4:e0:63:c1:c9:84:c9:66:dd:59:52:80:f1:98:a1:7d:
         f0:6d:61:4c:ae:c3:ba:e7:0c:96:99:70:9e:62:23:3b:7f:22:
         84:d7:a8:22:30:6b:8b:83:80:86:93:51:12:e3:bb:c3:09:58:
         4e:bb:b4:6b:5d:97:ba:a7:8a:06:27:81:77:17:55:f2:9a:3e:
         8b:70:3c:0e:24:fc:62:d7:e0:b0:ea:c3:d3:f9:69:7e:b9:99:
         0a:fd:c7:76:1a:f6:51:aa:6e:0e:2f:01:57:ad:d3:35:c7:48:
         70:09:19:6a:15:32:ec:4a:ba:61:d9:38:2f:4c:f0:03:4d:9c:
         bd:d7:02:25:8d:ac:71:fc:25:68:e8:a5:d7:61:fa:cd:17:5b:
         8b:72:a1:61:e2:de:5b:e4:ca:e6:d1:db:d5:6e:74:fd:59:97:
         4f:ab:b3:e9:85:96:bb:a6:19:49:d8:d1:e2:d7:91:4f:dd:93:
         62:95:46:a2:80:6f:56:b5:9e:c6:16:d9:13:05:89:16:5a:49:
         1a:0a:7b:39:d8:7a:6e:9e:3e:1c:42:70:01:44:09:f0:8f:fd:
         1a:ac:e8:09
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYtjYYB8JAUd8MZpXuBkQqzgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMxMDI0MjAzMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGQ3YTU5ZjJhZjI2NjE0ZjQ5YWZiODM2OTFjMzEyMmFkNWQyOTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kSC+Wf7zE5jKkcOYwznCcWRGuRu
GeZiT2TeCKzDGfYRBCtbGEzAQfxDoMKQd8C5vyXgZqqAouQoeG2PFffNjNJmgA8H
fcQdhE8EizqkbarbDt1DjdMfo78bWulz8KZL2wijrlQSzaulUmTzbKsPc8cWP8x5
OPy8NbjYNj6zIElji6iy0mfxyQuQcpW447aRBFlqrwsvCYQqTyH6ZOEOT5DD4NX9
qU4Uvl18Z82vvqjL2I+8D1gE22fGXqbzvTFG2F2KrfZotYHyPNPoEPvNQQ9gyPLl
UZ30tS7gUXGdUxG2SyJc/6AX/UnGWphFM5BFmfmhjCa2lKd/fQXA8AV3fQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFG3XpZ8q8mYU9Jr7g2kcMSKtXSkYMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvYmRlbG55cnlaaFQwbXZ1RGFSd3hJcTFkS1JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg13wDAN
BgkqhkiG9w0BAQsFAAOCAQEARcRSTJOcQXh9TOMDXquuLhSPPveRRDdkihWzB71A
T2CvG3aJIZz04GPByYTJZt1ZUoDxmKF98G1hTK7DuucMlplwnmIjO38ihNeoIjBr
i4OAhpNREuO7wwlYTru0a12XuqeKBieBdxdV8po+i3A8DiT8YtfgsOrD0/lpfrmZ
Cv3Hdhr2UapuDi8BV63TNcdIcAkZahUy7Eq6Ydk4L0zwA02cvdcCJY2scfwlaOil
12H6zRdbi3KhYeLeW+TK5tHb1W50/VmXT6uz6YWWu6YZSdjR4teRT92TYpVGooBv
VrWexhbZEwWJFlpJGgp7Odh6bp4+HEJwAUQJ8I/9GqzoCQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:39 2024 by rpki-client on console-ams.rpki-client.org