Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/z9uGxaQrAzskn6tO4cZLfFUTaEs.roa
File:                     z9uGxaQrAzskn6tO4cZLfFUTaEs.roa (raw, json)
Hash identifier:          iS5kYRP9tiKv/zmBP7VecaEV+d3v9LH5DdrqR0oxWv4=
Subject key identifier:   CF:DB:86:C5:A4:2B:03:3B:24:9F:AB:4E:E1:C6:4B:7C:55:13:68:4B
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       0185739006268503902743B5B43566453FE2
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/z9uGxaQrAzskn6tO4cZLfFUTaEs.roa
Signing time:             Mon 02 Jan 2023 17:38:16 +0000
ROA not before:           Mon 02 Jan 2023 17:38:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210323
IP address blocks:        2a0b:b87:ffee::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 09 May 2023 11:57:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:90:06:26:85:03:90:27:43:b5:b4:35:66:45:3f:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  2 17:38:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cfdb86c5a42b033b249fab4ee1c64b7c5513684b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:5a:ce:a6:dc:12:95:68:fc:43:83:c9:f2:6d:
                    44:a8:a8:81:44:8d:9a:ce:ce:8f:03:7d:32:cc:e3:
                    af:d7:48:1e:60:e7:d2:3d:b0:ae:49:64:63:46:10:
                    ab:95:86:eb:31:68:c5:7f:94:45:64:9c:67:92:9c:
                    95:b9:d0:af:e3:ba:df:1f:f0:d0:68:41:38:b7:60:
                    a8:4c:ee:22:67:9f:7b:b4:3e:a7:5b:6f:00:d2:83:
                    47:2c:69:1a:14:b0:df:e6:f8:ef:04:4e:18:f2:79:
                    f6:be:52:30:73:58:63:ac:53:32:98:b9:69:21:2c:
                    4c:89:9c:ce:b7:58:a8:d8:a6:1e:8a:5c:f5:e8:bc:
                    6c:a6:a7:f1:aa:c0:97:b0:f1:08:32:ea:6a:fc:0f:
                    f6:08:10:c4:eb:1d:33:3e:38:dd:27:f5:81:7b:03:
                    86:84:0d:ea:44:da:7b:84:34:83:20:2a:ba:a1:cb:
                    c9:fa:4f:a8:1e:a2:fb:d2:07:98:6e:2a:fe:11:11:
                    d7:62:d3:fb:10:54:50:f8:bd:3b:d1:3f:37:aa:5e:
                    0d:63:d2:a2:fe:29:43:32:d3:65:d2:89:26:ef:a3:
                    d2:92:fc:89:93:6f:0a:71:41:53:1b:02:55:60:5e:
                    c7:9f:3f:57:36:76:33:3d:72:fe:72:95:f2:3d:cd:
                    7c:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:DB:86:C5:A4:2B:03:3B:24:9F:AB:4E:E1:C6:4B:7C:55:13:68:4B
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/z9uGxaQrAzskn6tO4cZLfFUTaEs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:b87:ffee::/48

    Signature Algorithm: sha256WithRSAEncryption
         95:07:26:be:b5:db:6f:17:cc:99:67:b0:db:a2:d2:b5:49:e5:
         43:c2:d2:11:1f:ff:d8:46:30:7f:74:cd:a2:bd:de:68:5f:6a:
         b0:f9:ab:a7:58:6a:05:11:fd:f3:17:d5:6b:4c:4f:3e:3e:0e:
         7a:3c:05:cb:cc:c7:0d:d4:4d:0a:29:e1:b4:10:fd:ce:0b:33:
         3f:4b:6d:fc:aa:32:70:d5:ee:9a:68:31:47:cf:96:84:05:f0:
         ff:0d:d5:6b:71:ec:3c:5b:7b:88:3f:59:4a:a8:84:93:bf:7b:
         28:34:4d:97:19:df:94:17:0d:07:39:c8:54:a5:99:cc:c1:8e:
         89:83:98:a3:51:d3:1f:70:e2:8f:a7:5a:19:aa:ed:4b:35:68:
         d2:fc:8a:68:2a:b7:8f:fd:d1:4e:22:1d:43:b8:87:40:5e:a9:
         22:d8:13:8c:76:69:cd:40:cc:15:cc:76:a3:4f:76:19:3b:d3:
         eb:30:00:ac:99:04:de:9e:86:03:58:8c:7b:c4:9e:9d:51:e9:
         32:07:9b:74:3e:0a:eb:68:5e:f7:60:20:c7:6f:cc:09:af:e7:
         33:d2:c2:67:da:24:b8:cf:30:7d:2d:22:66:bc:09:37:17:d8:
         65:6c:3f:b4:a6:ca:61:55:21:49:b6:cf:c2:70:6c:43:1a:f7:
         1e:54:9f:22
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzkAYmhQOQJ0O1tDVmRT/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmRiODZjNWE0MmIwMzNiMjQ5ZmFiNGVlMWM2NGI3YzU1MTM2ODRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVrOptwSlWj8Q4PJ8m1EqKiBRI2a
zs6PA30yzOOv10geYOfSPbCuSWRjRhCrlYbrMWjFf5RFZJxnkpyVudCv47rfH/DQ
aEE4t2CoTO4iZ597tD6nW28A0oNHLGkaFLDf5vjvBE4Y8nn2vlIwc1hjrFMymLlp
ISxMiZzOt1io2KYeilz16LxspqfxqsCXsPEIMupq/A/2CBDE6x0zPjjdJ/WBewOG
hA3qRNp7hDSDICq6ocvJ+k+oHqL70geYbir+ERHXYtP7EFRQ+L070T83ql4NY9Ki
/ilDMtNl0okm76PSkvyJk28KcUFTGwJVYF7Hnz9XNnYzPXL+cpXyPc18vwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFM/bhsWkKwM7JJ+rTuHGS3xVE2hLMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvejl1R3hhUXJBenNrbjZ0TzRjWkxmRlVUYUVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh//u
MA0GCSqGSIb3DQEBCwUAA4IBAQCVBya+tdtvF8yZZ7DbotK1SeVDwtIRH//YRjB/
dM2ivd5oX2qw+aunWGoFEf3zF9VrTE8+Pg56PAXLzMcN1E0KKeG0EP3OCzM/S238
qjJw1e6aaDFHz5aEBfD/DdVrcew8W3uIP1lKqISTv3soNE2XGd+UFw0HOchUpZnM
wY6Jg5ijUdMfcOKPp1oZqu1LNWjS/IpoKreP/dFOIh1DuIdAXqki2BOMdmnNQMwV
zHajT3YZO9PrMACsmQTenoYDWIx7xJ6dUekyB5t0PgrraF73YCDHb8wJr+cz0sJn
2iS4zzB9LSJmvAk3F9hlbD+0psphVSFJts/CcGxDGvceVJ8i
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:40 2024 by rpki-client on console-ams.rpki-client.org