Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/Ruyy8g5753PKH4ial4Ar_66sOKw.roa
File:                     Ruyy8g5753PKH4ial4Ar_66sOKw.roa (raw, json)
Hash identifier:          +6/CaNj4KVSIYGYrB0VC52mp0D9DNt6J6/1dR9naF8c=
Subject key identifier:   46:EC:B2:F2:0E:7B:E7:73:CA:1F:88:9A:97:80:2B:FF:AE:AC:38:AC
Certificate issuer:       /CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
Certificate serial:       018B1DE73DD1030B008DE0440F2E7F64DD8C
Authority key identifier: D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/Ruyy8g5753PKH4ial4Ar_66sOKw.roa
Signing time:             Wed 11 Oct 2023 08:42:55 +0000
ROA not before:           Wed 11 Oct 2023 08:42:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210680
IP address blocks:        2a09:c280::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:30:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:1d:e7:3d:d1:03:0b:00:8d:e0:44:0f:2e:7f:64:dd:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
        Validity
            Not Before: Oct 11 08:42:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=46ecb2f20e7be773ca1f889a97802bffaeac38ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:7f:71:5e:6b:3e:70:18:ae:dd:b4:94:44:e8:
                    4a:5b:90:88:69:8d:5d:61:07:c4:9f:11:1e:51:a5:
                    8e:91:8a:3b:52:d9:cf:f7:dc:89:67:ab:8a:5c:85:
                    2b:9f:17:52:fe:18:36:5f:e7:35:50:bd:3d:af:59:
                    7f:88:9c:d7:af:44:7a:51:b0:5d:1a:ce:8b:9e:25:
                    9c:b1:49:65:2d:d2:26:70:34:2b:9f:5d:4f:8c:63:
                    69:2d:a8:c1:fd:10:30:9e:50:6b:f8:fc:69:6a:14:
                    13:16:47:21:6d:4c:71:7e:5b:c2:23:c3:36:35:76:
                    55:7e:d8:9b:5e:67:51:6c:55:75:d1:0e:17:81:1b:
                    52:23:43:8a:07:4c:87:f5:a1:59:1e:a6:98:5b:4d:
                    07:fd:7b:a1:d1:94:91:b2:0e:df:90:15:95:92:5e:
                    f7:ba:f3:86:1b:37:99:1f:b2:78:af:3f:1e:34:8b:
                    44:24:b2:2c:3d:b0:30:8f:de:e9:86:fa:a5:47:58:
                    2e:62:8e:2f:6d:bd:31:2e:39:39:2e:a9:31:5b:8a:
                    d0:a4:ed:53:b9:2c:f6:ad:a0:67:a7:b1:12:fe:ff:
                    47:3a:e5:d6:96:3b:4f:4e:91:bc:94:5f:4e:e3:e7:
                    25:7f:dc:4b:de:33:cd:e7:cb:be:c2:cf:c4:fa:4a:
                    f7:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:EC:B2:F2:0E:7B:E7:73:CA:1F:88:9A:97:80:2B:FF:AE:AC:38:AC
            X509v3 Authority Key Identifier:
                keyid:D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/Ruyy8g5753PKH4ial4Ar_66sOKw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:c280::/29

    Signature Algorithm: sha256WithRSAEncryption
         98:44:26:28:bf:3d:f6:77:5c:a1:b4:14:62:b1:66:95:a1:e2:
         15:b8:37:41:9e:be:6e:7c:10:fe:9a:bf:ee:e0:0d:e7:70:56:
         ec:94:61:58:53:8a:c1:1d:6b:88:df:a4:c6:90:e6:20:a6:a3:
         02:2e:a5:3e:60:57:09:0a:2c:47:10:83:51:0d:8f:17:e1:2e:
         e7:74:55:a3:49:5a:2f:7f:f2:90:02:e6:5d:29:e9:d0:e6:36:
         07:84:43:10:c7:d0:74:65:ab:69:ae:9f:44:49:30:49:95:5d:
         5f:58:7b:c7:f5:82:eb:e4:f1:0d:2f:04:26:7c:49:f3:aa:13:
         33:23:a6:fb:42:2a:8d:cc:4c:4d:e9:a5:7e:04:2f:d2:f2:8c:
         a6:5c:c8:30:04:d7:0d:7e:de:18:d1:61:2c:25:35:83:07:a8:
         0f:03:c3:b4:b0:bf:6a:ae:33:31:52:96:e9:0a:32:5f:f3:45:
         8f:f4:56:fd:20:c2:cd:9f:4b:e9:c8:d1:2c:23:f8:13:90:3e:
         00:96:11:9c:78:49:66:af:4c:26:4c:ee:9c:33:d3:d1:36:d8:
         6f:fa:00:27:31:b5:67:1a:fd:54:50:da:f8:b5:8e:9c:37:e4:
         f9:54:77:7c:86:ec:cc:d6:d8:da:92:ef:03:8d:e1:1d:a3:42:
         da:c7:c6:e8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYsd5z3RAwsAjeBEDy5/ZN2MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZTY3MzNmYTIzOWM1ZmIwYzQzOGM4MmY3YzIzMGY1NWQ0
NzhjYjEwHhcNMjMxMDExMDg0MjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmVjYjJmMjBlN2JlNzczY2ExZjg4OWE5NzgwMmJmZmFlYWMzOGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqX9xXms+cBiu3bSUROhKW5CIaY1d
YQfEnxEeUaWOkYo7UtnP99yJZ6uKXIUrnxdS/hg2X+c1UL09r1l/iJzXr0R6UbBd
Gs6LniWcsUllLdImcDQrn11PjGNpLajB/RAwnlBr+PxpahQTFkchbUxxflvCI8M2
NXZVftibXmdRbFV10Q4XgRtSI0OKB0yH9aFZHqaYW00H/Xuh0ZSRsg7fkBWVkl73
uvOGGzeZH7J4rz8eNItEJLIsPbAwj97phvqlR1guYo4vbb0xLjk5LqkxW4rQpO1T
uSz2raBnp7ES/v9HOuXWljtPTpG8lF9O4+clf9xL3jPN58u+ws/E+kr3HQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEbssvIOe+dzyh+ImpeAK/+urDisMB8GA1UdIwQY
MBaAFNXmcz+iOcX7DEOMgvfCMPVdR4yxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQt
YTM4YjY3OTVmYjI0LzEvUnV5eThnNTc1M1BLSDRpYWw0QXJfNjZzT0t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQtYTM4YjY3OTVmYjI0
LzEvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgnCgDAN
BgkqhkiG9w0BAQsFAAOCAQEAmEQmKL899ndcobQUYrFmlaHiFbg3QZ6+bnwQ/pq/
7uAN53BW7JRhWFOKwR1riN+kxpDmIKajAi6lPmBXCQosRxCDUQ2PF+Eu53RVo0la
L3/ykALmXSnp0OY2B4RDEMfQdGWraa6fREkwSZVdX1h7x/WC6+TxDS8EJnxJ86oT
MyOm+0IqjcxMTemlfgQv0vKMplzIMATXDX7eGNFhLCU1gweoDwPDtLC/aq4zMVKW
6QoyX/NFj/RW/SDCzZ9L6cjRLCP4E5A+AJYRnHhJZq9MJkzunDPT0TbYb/oAJzG1
Zxr9VFDa+LWOnDfk+VR3fIbszNbY2pLvA43hHaNC2sfG6A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:15 2024 by rpki-client on console-fra.rpki-client.org