Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/_84p8xm3k1pL06jQVMt_uM_J2iA.roa
File:                     _84p8xm3k1pL06jQVMt_uM_J2iA.roa (raw, json)
Hash identifier:          Q7bmIWbvWWLHzBlMEoAXeUp9Y6Sr3gur5GNyviJXbRg=
Subject key identifier:   FF:CE:29:F3:19:B7:93:5A:4B:D3:A8:D0:54:CB:7F:B8:CF:C9:DA:20
Certificate issuer:       /CN=ccad68f7e8abadf4472623343a32561507224189
Certificate serial:       018CC492C77630EFE6385A0B6D5C3D3782C2
Authority key identifier: CC:AD:68:F7:E8:AB:AD:F4:47:26:23:34:3A:32:56:15:07:22:41:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zK1o9-irrfRHJiM0OjJWFQciQYk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/_84p8xm3k1pL06jQVMt_uM_J2iA.roa
Signing time:             Mon 01 Jan 2024 10:30:02 +0000
ROA not before:           Mon 01 Jan 2024 10:30:02 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216463
IP address blocks:        2a02:f680::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 27 Feb 2024 19:27:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:92:c7:76:30:ef:e6:38:5a:0b:6d:5c:3d:37:82:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ccad68f7e8abadf4472623343a32561507224189
        Validity
            Not Before: Jan  1 10:30:02 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ffce29f319b7935a4bd3a8d054cb7fb8cfc9da20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:9e:70:d6:8f:8b:7f:83:98:02:31:8d:a6:12:
                    33:4e:66:89:4e:40:34:04:0c:8c:97:e9:3b:d4:69:
                    f7:61:eb:a9:c5:e7:f4:e4:27:6a:5c:9e:be:9b:24:
                    17:da:36:61:b2:b1:62:de:35:fe:fb:e4:86:92:28:
                    e3:ba:f2:86:9e:ac:f5:fe:c2:fe:eb:6a:9b:26:5e:
                    d7:fc:f3:c8:f4:26:2a:f9:45:3e:60:1c:bd:66:72:
                    75:8a:46:30:b9:e9:75:89:f8:e6:85:d0:ff:c3:c1:
                    90:a6:c2:a6:0e:37:8e:ac:ee:83:76:f8:11:55:b0:
                    eb:9f:44:1e:c1:fe:9f:9b:06:b0:45:98:ae:a7:5d:
                    80:b0:19:5c:44:fa:5d:2e:01:86:70:0b:55:75:16:
                    9d:21:b9:84:c7:6c:b1:54:2b:b8:89:18:0a:4b:bf:
                    cc:b4:7f:88:a1:c4:2a:e3:08:7b:41:4b:66:8b:37:
                    67:9d:59:d0:3c:c6:43:5f:8d:62:db:de:56:2b:0f:
                    9c:61:4c:b6:35:8a:35:ac:fa:17:02:39:52:0c:6a:
                    8c:d6:0c:bf:68:e2:26:b8:2a:19:eb:bb:a6:0f:cf:
                    cb:5e:54:c4:ff:31:ac:4a:ac:fd:10:8b:49:30:86:
                    35:ff:58:44:be:b3:9e:34:c3:e4:59:f4:00:e8:50:
                    80:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:CE:29:F3:19:B7:93:5A:4B:D3:A8:D0:54:CB:7F:B8:CF:C9:DA:20
            X509v3 Authority Key Identifier:
                keyid:CC:AD:68:F7:E8:AB:AD:F4:47:26:23:34:3A:32:56:15:07:22:41:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zK1o9-irrfRHJiM0OjJWFQciQYk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/_84p8xm3k1pL06jQVMt_uM_J2iA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a02:f680::/29

    Signature Algorithm: sha256WithRSAEncryption
         4c:72:46:22:ca:f0:74:b7:69:0a:d6:c7:f3:71:e8:e3:3d:f2:
         35:b5:71:6c:79:82:8e:61:f5:90:78:53:5a:18:8b:20:b2:b4:
         39:56:3c:b4:7c:f8:66:7f:60:53:93:b4:50:6d:dd:b2:dd:b0:
         5c:e2:31:14:eb:86:4a:2e:68:fb:8a:a7:f1:de:fa:7b:94:01:
         7b:e0:09:fd:85:f4:ed:22:4d:17:e0:8e:ea:67:42:7b:fc:90:
         cd:81:db:e2:57:7e:4a:d1:a8:c8:b1:9e:0a:54:71:ea:7b:9f:
         d2:2d:1f:cc:5f:46:3b:cb:f5:c6:8f:28:45:c7:99:4e:61:44:
         69:82:b5:43:38:ed:c6:b3:10:e2:7e:8e:39:e6:95:eb:81:87:
         24:88:aa:34:23:a2:8e:cc:8c:69:9c:5c:8d:0a:cc:0e:e8:f4:
         3a:e0:f4:87:58:2e:05:9c:b4:44:aa:c3:6d:de:d9:fe:3f:80:
         7d:ec:e0:fa:61:42:53:83:be:aa:66:0b:34:3f:76:7f:44:1a:
         c2:90:00:8b:70:ad:9e:dd:c1:57:f0:e5:c1:32:90:09:a1:95:
         8e:e8:f7:8e:a5:62:04:f1:cd:c4:00:ef:de:21:03:10:e2:6d:
         59:90:01:77:94:27:13:45:da:28:0f:49:e2:e8:e9:1d:57:fc:
         a2:f6:6f:01
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzEksd2MO/mOFoLbVw9N4LCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjYWQ2OGY3ZThhYmFkZjQ0NzI2MjMzNDNhMzI1NjE1MDcy
MjQxODkwHhcNMjQwMTAxMTAzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmNlMjlmMzE5Yjc5MzVhNGJkM2E4ZDA1NGNiN2ZiOGNmYzlkYTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJ5w1o+Lf4OYAjGNphIzTmaJTkA0
BAyMl+k71Gn3Yeupxef05CdqXJ6+myQX2jZhsrFi3jX+++SGkijjuvKGnqz1/sL+
62qbJl7X/PPI9CYq+UU+YBy9ZnJ1ikYwuel1ifjmhdD/w8GQpsKmDjeOrO6DdvgR
VbDrn0Qewf6fmwawRZiup12AsBlcRPpdLgGGcAtVdRadIbmEx2yxVCu4iRgKS7/M
tH+IocQq4wh7QUtmizdnnVnQPMZDX41i295WKw+cYUy2NYo1rPoXAjlSDGqM1gy/
aOImuCoZ67umD8/LXlTE/zGsSqz9EItJMIY1/1hEvrOeNMPkWfQA6FCAAQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFP/OKfMZt5NaS9Oo0FTLf7jPydogMB8GA1UdIwQY
MBaAFMytaPfoq630RyYjNDoyVhUHIkGJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveksxbzktaXJyZlJISmlNME9qSldGUWNpUVlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS80YmJhMDgtYmUzNi00N2ViLWFiMmMt
NjM1OWY5MmUxZDJmLzEvXzg0cDh4bTNrMXBMMDZqUVZNdF91TV9KMmlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS80YmJhMDgtYmUzNi00N2ViLWFiMmMtNjM1OWY5MmUxZDJm
LzEveksxbzktaXJyZlJISmlNME9qSldGUWNpUVlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgL2gDAN
BgkqhkiG9w0BAQsFAAOCAQEATHJGIsrwdLdpCtbH83Ho4z3yNbVxbHmCjmH1kHhT
WhiLILK0OVY8tHz4Zn9gU5O0UG3dst2wXOIxFOuGSi5o+4qn8d76e5QBe+AJ/YX0
7SJNF+CO6mdCe/yQzYHb4ld+StGoyLGeClRx6nuf0i0fzF9GO8v1xo8oRceZTmFE
aYK1QzjtxrMQ4n6OOeaV64GHJIiqNCOijsyMaZxcjQrMDuj0OuD0h1guBZy0RKrD
bd7Z/j+Afezg+mFCU4O+qmYLND92f0QawpAAi3Ctnt3BV/DlwTKQCaGVjuj3jqVi
BPHNxADv3iEDEOJtWZABd5QnE0XaKA9J4ujpHVf8ovZvAQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:34 2024 by rpki-client on console-ams.rpki-client.org