Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/E68alr5CB1t2ok-x82uAdE9tcW8.roa
File:                     E68alr5CB1t2ok-x82uAdE9tcW8.roa (raw, json)
Hash identifier:          zW7/7F+cEUBZyhRIDQPYSEjBzp8IKFh6rFRGahtiuWs=
Subject key identifier:   13:AF:1A:96:BE:42:07:5B:76:A2:4F:B1:F3:6B:80:74:4F:6D:71:6F
Certificate issuer:       /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial:       0186BC3B7D3EDB36F16ED16B2E17A7EEA1C7
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/E68alr5CB1t2ok-x82uAdE9tcW8.roa
Signing time:             Tue 07 Mar 2023 13:21:00 +0000
ROA not before:           Tue 07 Mar 2023 13:21:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208510
IP address blocks:        2a0a:280:1900::/40 maxlen: 48

Validation:               Failed, certificate revoked on Thu 09 Mar 2023 08:25:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:bc:3b:7d:3e:db:36:f1:6e:d1:6b:2e:17:a7:ee:a1:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
        Validity
            Not Before: Mar  7 13:21:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=13af1a96be42075b76a24fb1f36b80744f6d716f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:40:02:85:a1:6c:15:4c:8e:6b:9a:48:c7:16:
                    d7:4a:f9:19:0b:24:95:5a:89:7e:64:66:b6:d5:43:
                    31:a0:cb:3d:54:b8:9b:1a:e6:4a:30:61:4a:b1:f5:
                    6d:cf:47:1a:26:cd:40:11:b0:1f:37:80:31:ef:e2:
                    e3:26:c7:54:0d:23:1f:67:ed:c9:85:33:53:1f:37:
                    76:2f:55:33:c6:b0:49:84:23:79:f8:09:8b:01:94:
                    13:ba:18:46:34:60:f9:47:55:b5:ba:ae:aa:47:99:
                    9c:4a:e5:32:e4:2e:85:7d:a0:93:35:47:cf:36:7d:
                    81:b0:0c:7b:97:94:9f:22:0f:94:b5:c9:52:20:91:
                    5f:4e:d5:ca:e4:d0:e2:ef:84:c3:ef:c5:67:65:91:
                    fc:8f:36:14:a6:c9:10:08:6e:ef:43:85:74:c3:be:
                    62:1c:6f:73:e3:f9:59:fd:aa:d4:df:b0:23:43:1c:
                    21:51:d0:5b:05:39:08:d0:b3:ab:a7:34:e4:a1:c1:
                    ca:12:7d:dc:08:05:92:da:bb:f0:fe:b9:f0:1f:0b:
                    ba:a9:50:1f:9c:93:0f:ab:21:10:61:df:38:de:76:
                    28:23:5e:da:77:80:83:81:55:31:f9:3f:eb:62:85:
                    4d:79:35:e3:b7:25:27:14:8c:80:21:49:33:a9:0c:
                    ff:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:AF:1A:96:BE:42:07:5B:76:A2:4F:B1:F3:6B:80:74:4F:6D:71:6F
            X509v3 Authority Key Identifier:
                keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/E68alr5CB1t2ok-x82uAdE9tcW8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:280:1900::/40

    Signature Algorithm: sha256WithRSAEncryption
         87:b2:16:07:d2:1b:02:a7:94:34:99:10:2e:b4:a0:ff:55:9f:
         b0:c4:a8:c7:bf:64:2e:ae:d7:74:18:a5:7e:0a:03:b1:67:ac:
         b4:ea:10:ee:6a:75:f0:43:9e:83:dd:06:d2:af:fa:40:50:40:
         09:bb:fb:8a:a3:5e:91:bc:95:07:05:9d:6e:95:45:52:26:e1:
         50:eb:54:46:85:f0:19:3a:cb:5c:af:29:d3:e7:c2:52:ef:ce:
         86:0c:6a:d0:44:bc:4e:53:fa:32:f1:ff:7c:3b:b4:8a:a2:d0:
         6a:06:68:26:98:56:3f:af:fd:57:49:91:64:c6:41:ef:c4:d7:
         d2:87:41:22:b5:d5:b8:8c:1a:7b:82:3b:fc:50:89:6e:35:4f:
         39:ae:55:68:b8:59:41:b6:3f:d8:fa:0a:49:37:a3:1a:61:95:
         8b:f5:94:6b:3d:38:54:99:d3:7f:14:2a:0f:ba:98:c9:64:6d:
         10:29:92:fd:69:c9:15:10:66:9d:30:d3:01:a8:13:35:ad:47:
         ea:a0:ae:22:b1:21:6a:df:dd:80:6b:2e:f0:b7:ba:d3:62:10:
         f1:ef:9c:b7:cf:b9:d4:6b:8e:e6:39:1c:ea:bf:d6:64:28:37:
         58:ed:8e:af:b2:7b:6b:62:99:39:08:55:f7:ac:94:24:80:65:
         58:f1:05:99
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYa8O30+2zbxbtFrLhen7qHHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwMzA3MTMyMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2FmMWE5NmJlNDIwNzViNzZhMjRmYjFmMzZiODA3NDRmNmQ3MTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0AChaFsFUyOa5pIxxbXSvkZCySV
Wol+ZGa21UMxoMs9VLibGuZKMGFKsfVtz0caJs1AEbAfN4Ax7+LjJsdUDSMfZ+3J
hTNTHzd2L1UzxrBJhCN5+AmLAZQTuhhGNGD5R1W1uq6qR5mcSuUy5C6FfaCTNUfP
Nn2BsAx7l5SfIg+UtclSIJFfTtXK5NDi74TD78VnZZH8jzYUpskQCG7vQ4V0w75i
HG9z4/lZ/arU37AjQxwhUdBbBTkI0LOrpzTkocHKEn3cCAWS2rvw/rnwHwu6qVAf
nJMPqyEQYd843nYoI17ad4CDgVUx+T/rYoVNeTXjtyUnFIyAIUkzqQz/eQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFBOvGpa+QgdbdqJPsfNrgHRPbXFvMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvRTY4YWxyNUNCMXQyb2steDgydUFkRTl0Y1c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgBkw
DQYJKoZIhvcNAQELBQADggEBAIeyFgfSGwKnlDSZEC60oP9Vn7DEqMe/ZC6u13QY
pX4KA7FnrLTqEO5qdfBDnoPdBtKv+kBQQAm7+4qjXpG8lQcFnW6VRVIm4VDrVEaF
8Bk6y1yvKdPnwlLvzoYMatBEvE5T+jLx/3w7tIqi0GoGaCaYVj+v/VdJkWTGQe/E
19KHQSK11biMGnuCO/xQiW41TzmuVWi4WUG2P9j6Ckk3oxphlYv1lGs9OFSZ038U
Kg+6mMlkbRApkv1pyRUQZp0w0wGoEzWtR+qgriKxIWrf3YBrLvC3utNiEPHvnLfP
udRrjuY5HOq/1mQoN1jtjq+ye2timTkIVfeslCSAZVjxBZk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:06 2024 by rpki-client on console-ams.rpki-client.org