Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/6nPUK53V_IQKF64iT32PW2dJeEE.roa
File:                     6nPUK53V_IQKF64iT32PW2dJeEE.roa (raw, json)
Hash identifier:          V63YHl62ld87IYFbYStgYk/v4WyOx4Z792Ja4lliVg4=
Subject key identifier:   EA:73:D4:2B:9D:D5:FC:84:0A:17:AE:22:4F:7D:8F:5B:67:49:78:41
Certificate issuer:       /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial:       01856BC0F4C9A2E090B29B14AAD19CB10134
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/6nPUK53V_IQKF64iT32PW2dJeEE.roa
Signing time:             Sun 01 Jan 2023 05:14:45 +0000
ROA not before:           Sun 01 Jan 2023 05:14:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204916
IP address blocks:        2a10:2ec0::/29 maxlen: 36
                          2a0c:ab00::/29 maxlen: 36

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:c0:f4:c9:a2:e0:90:b2:9b:14:aa:d1:9c:b1:01:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
        Validity
            Not Before: Jan  1 05:14:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ea73d42b9dd5fc840a17ae224f7d8f5b67497841
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:03:d9:ed:ad:65:40:06:35:30:85:72:7e:18:
                    81:ae:e8:56:c0:eb:88:53:de:fd:62:a8:13:14:e5:
                    f7:79:3b:c5:29:20:a1:be:d6:87:59:5f:5e:76:96:
                    06:b1:de:9d:4c:ab:24:a1:33:13:a4:74:2c:07:ce:
                    fe:af:ff:e1:e0:6a:37:30:b0:e6:1d:97:c8:59:bb:
                    23:bf:0e:e5:74:27:68:75:25:f9:69:94:d8:3a:ad:
                    4e:d0:24:b8:3a:f8:18:1f:d4:c0:19:0b:85:70:0d:
                    2e:3c:ba:5d:e2:d6:9d:ef:b0:22:25:30:84:f0:e3:
                    17:2d:8c:e8:60:ac:90:89:a1:fd:7e:d3:39:57:41:
                    a8:0c:af:05:7e:0a:47:31:d8:49:54:1f:f9:64:66:
                    c2:3b:c8:82:71:22:0c:3c:69:18:1b:18:10:48:c3:
                    66:56:42:2f:b1:5c:f8:1d:32:d3:6b:21:80:9d:14:
                    c5:49:83:5a:5c:e2:3b:f0:ec:2f:64:48:19:fb:f3:
                    1f:59:02:93:26:4a:0f:55:8b:3e:86:b1:47:9c:3e:
                    be:1a:60:89:2e:c5:b1:a2:79:e2:33:c8:cc:67:7e:
                    0e:8a:d8:2d:aa:6e:6f:8c:c6:01:93:11:23:6c:b5:
                    e4:6b:9f:e9:a6:3c:95:08:7f:57:11:94:83:1d:03:
                    d2:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:73:D4:2B:9D:D5:FC:84:0A:17:AE:22:4F:7D:8F:5B:67:49:78:41
            X509v3 Authority Key Identifier:
                keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/6nPUK53V_IQKF64iT32PW2dJeEE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:ab00::/29
                  2a10:2ec0::/29

    Signature Algorithm: sha256WithRSAEncryption
         d8:3a:7d:d4:45:92:6d:54:23:93:91:ac:9d:ae:64:8c:1f:73:
         f9:e0:fb:13:50:81:d9:41:b9:17:91:3b:cb:52:73:88:8c:d0:
         f9:ba:eb:90:4f:35:c7:f3:1c:1f:3d:4a:41:9a:71:3c:26:79:
         b6:4e:ff:ef:03:ff:37:ff:77:92:e2:d8:a1:cb:8a:00:a6:57:
         96:df:67:6d:db:59:ac:7a:51:33:ca:62:f1:5e:5c:73:f5:f9:
         3d:fd:49:68:b5:5d:95:0b:94:be:fd:0d:ff:3e:c2:c8:39:0f:
         9f:cf:56:29:f1:f0:a5:3d:e4:18:fa:41:d5:40:5d:e7:64:d3:
         f0:bb:d2:eb:59:c3:67:e1:95:c4:fd:1b:8a:0a:f3:1b:98:c4:
         0d:61:c6:25:c9:58:02:99:04:bd:79:ad:3c:2e:ba:f3:0d:46:
         8a:c8:b5:75:63:7e:2b:a7:fa:10:e8:50:68:8d:72:f4:79:7c:
         57:e2:d4:7b:a2:c8:f1:b6:ba:4f:b3:9c:dc:63:08:04:22:01:
         42:ac:53:0a:4b:62:bd:be:d5:b9:6a:90:2f:6b:c8:34:2a:ef:
         03:c0:0a:4e:2c:12:b8:f5:3a:3e:89:cd:39:b4:3f:df:2a:56:
         73:02:68:17:16:4b:e7:a1:8a:e7:55:ba:41:9e:89:e1:dd:39:
         ec:29:93:1c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVrwPTJouCQspsUqtGcsQE0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjMwMTAxMDUxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTczZDQyYjlkZDVmYzg0MGExN2FlMjI0ZjdkOGY1YjY3NDk3ODQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQPZ7a1lQAY1MIVyfhiBruhWwOuI
U979YqgTFOX3eTvFKSChvtaHWV9edpYGsd6dTKskoTMTpHQsB87+r//h4Go3MLDm
HZfIWbsjvw7ldCdodSX5aZTYOq1O0CS4OvgYH9TAGQuFcA0uPLpd4tad77AiJTCE
8OMXLYzoYKyQiaH9ftM5V0GoDK8FfgpHMdhJVB/5ZGbCO8iCcSIMPGkYGxgQSMNm
VkIvsVz4HTLTayGAnRTFSYNaXOI78OwvZEgZ+/MfWQKTJkoPVYs+hrFHnD6+GmCJ
LsWxonniM8jMZ34Oitgtqm5vjMYBkxEjbLXka5/ppjyVCH9XEZSDHQPS1wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOpz1Cud1fyECheuIk99j1tnSXhBMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvNm5QVUs1M1ZfSVFLRjY0aVQzMlBXMmRKZUVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgyrAAMF
AyoQLsAwDQYJKoZIhvcNAQELBQADggEBANg6fdRFkm1UI5ORrJ2uZIwfc/ng+xNQ
gdlBuReRO8tSc4iM0Pm665BPNcfzHB89SkGacTwmebZO/+8D/zf/d5Li2KHLigCm
V5bfZ23bWax6UTPKYvFeXHP1+T39SWi1XZULlL79Df8+wsg5D5/PVinx8KU95Bj6
QdVAXedk0/C70utZw2fhlcT9G4oK8xuYxA1hxiXJWAKZBL15rTwuuvMNRorItXVj
fiun+hDoUGiNcvR5fFfi1HuiyPG2uk+znNxjCAQiAUKsUwpLYr2+1blqkC9ryDQq
7wPACk4sErj1Oj6JzTm0P98qVnMCaBcWS+ehiudVukGeieHdOewpkxw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:31 2024 by rpki-client on console-ams.rpki-client.org