Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/i__zMJ0WCoIS6RJTe4c2a_Gt4f0.roa
File:                     i__zMJ0WCoIS6RJTe4c2a_Gt4f0.roa (raw, json)
Hash identifier:          etC3x/uxGu6aBnBfKLaW+0YvWjf5dNdWNkj2egBrECI=
Subject key identifier:   8B:FF:F3:30:9D:16:0A:82:12:E9:12:53:7B:87:36:6B:F1:AD:E1:FD
Certificate issuer:       /CN=ccad68f7e8abadf4472623343a32561507224189
Certificate serial:       018AB2CAE9F28C064A0066FD9B47EBAC8283
Authority key identifier: CC:AD:68:F7:E8:AB:AD:F4:47:26:23:34:3A:32:56:15:07:22:41:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zK1o9-irrfRHJiM0OjJWFQciQYk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/i__zMJ0WCoIS6RJTe4c2a_Gt4f0.roa
Signing time:             Wed 20 Sep 2023 13:32:37 +0000
ROA not before:           Wed 20 Sep 2023 13:32:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216463
IP address blocks:        2a02:f680::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:b2:ca:e9:f2:8c:06:4a:00:66:fd:9b:47:eb:ac:82:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ccad68f7e8abadf4472623343a32561507224189
        Validity
            Not Before: Sep 20 13:32:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8bfff3309d160a8212e912537b87366bf1ade1fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:a6:26:39:97:9a:c3:39:71:31:d5:b7:54:cc:
                    1d:18:43:0a:27:18:f3:80:7a:c9:13:13:f8:c4:53:
                    77:83:c3:42:23:69:a7:5a:6d:f3:be:e5:c9:9d:1e:
                    f7:19:75:a4:8c:d3:03:62:66:32:2f:c0:e1:aa:12:
                    84:d8:b3:52:70:98:ea:12:46:10:20:31:5c:c8:92:
                    c4:17:31:66:c7:75:ec:a4:6e:23:6c:5b:58:51:3c:
                    3e:54:c3:31:4c:c7:05:ba:5e:f5:aa:bb:27:69:93:
                    8c:72:f0:27:5c:51:b7:eb:1a:f1:9c:d6:a7:94:61:
                    16:e0:d7:87:ce:c0:e1:50:96:a5:fd:69:44:23:88:
                    12:2e:15:c2:11:03:3d:2e:ae:49:b4:21:e9:79:23:
                    45:7e:fc:ca:dc:9c:3f:0e:55:4c:ce:37:59:6d:e2:
                    46:56:7a:4e:94:24:bd:e3:d9:e8:15:0a:b4:bd:26:
                    90:44:3c:15:88:46:5b:00:bc:25:dc:f3:73:a5:0f:
                    ca:60:12:db:3d:e3:f7:7b:6a:ef:42:68:66:0e:1e:
                    4f:86:71:5a:59:70:be:5e:77:a4:b7:61:ed:e5:1c:
                    64:91:ea:e7:66:0c:5f:fd:76:b1:1d:6d:13:7e:46:
                    b5:f2:e5:76:dc:5e:9f:30:95:67:c8:e0:53:10:59:
                    f2:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:FF:F3:30:9D:16:0A:82:12:E9:12:53:7B:87:36:6B:F1:AD:E1:FD
            X509v3 Authority Key Identifier:
                keyid:CC:AD:68:F7:E8:AB:AD:F4:47:26:23:34:3A:32:56:15:07:22:41:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zK1o9-irrfRHJiM0OjJWFQciQYk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/i__zMJ0WCoIS6RJTe4c2a_Gt4f0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a02:f680::/29

    Signature Algorithm: sha256WithRSAEncryption
         4e:6c:5f:89:ca:4d:b1:27:bb:55:e6:f1:59:e6:2d:bd:88:b6:
         04:98:ab:77:c0:50:68:ae:6a:55:9c:62:5c:8e:7b:3e:1c:00:
         42:a2:00:e7:58:6a:7c:8d:ef:38:7d:3f:d4:c7:15:76:8c:e3:
         ac:0d:95:7a:09:dd:2e:63:d6:7f:0a:d8:d9:e6:e1:cb:d5:65:
         d7:dc:11:55:32:7d:13:63:96:74:fd:b2:49:2d:c6:83:62:8b:
         95:df:20:7c:da:e5:0d:b4:51:08:0a:1c:bb:d0:eb:06:50:8a:
         94:18:04:71:69:5e:0a:8a:94:20:55:eb:61:75:0a:99:eb:e2:
         26:6c:7b:40:b0:92:da:46:c8:a7:eb:86:fa:bb:1e:bf:19:82:
         d8:4a:d0:a4:5a:39:8b:54:62:e8:ba:e5:db:fa:f3:9d:ec:59:
         fb:3a:fe:d8:49:63:04:df:f8:80:a1:32:ea:30:b1:a9:4f:7a:
         43:60:15:2d:63:0c:1b:05:4c:d3:7b:ec:1f:e3:7b:7f:95:b3:
         a0:f1:0e:a2:92:03:69:1f:f0:70:6d:21:07:12:8e:10:46:94:
         08:76:02:51:c2:ac:1c:b8:f8:93:7f:23:08:76:8f:a0:31:62:
         e3:ad:0e:7f:25:54:c0:bd:98:94:c2:47:c2:7e:d8:d1:c5:d4:
         25:ed:97:70
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYqyyunyjAZKAGb9m0frrIKDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjYWQ2OGY3ZThhYmFkZjQ0NzI2MjMzNDNhMzI1NjE1MDcy
MjQxODkwHhcNMjMwOTIwMTMzMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmZmZjMzMDlkMTYwYTgyMTJlOTEyNTM3Yjg3MzY2YmYxYWRlMWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqYmOZeawzlxMdW3VMwdGEMKJxjz
gHrJExP4xFN3g8NCI2mnWm3zvuXJnR73GXWkjNMDYmYyL8DhqhKE2LNScJjqEkYQ
IDFcyJLEFzFmx3XspG4jbFtYUTw+VMMxTMcFul71qrsnaZOMcvAnXFG36xrxnNan
lGEW4NeHzsDhUJal/WlEI4gSLhXCEQM9Lq5JtCHpeSNFfvzK3Jw/DlVMzjdZbeJG
VnpOlCS949noFQq0vSaQRDwViEZbALwl3PNzpQ/KYBLbPeP3e2rvQmhmDh5PhnFa
WXC+Xnekt2Ht5RxkkernZgxf/XaxHW0Tfka18uV23F6fMJVnyOBTEFnymQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIv/8zCdFgqCEukSU3uHNmvxreH9MB8GA1UdIwQY
MBaAFMytaPfoq630RyYjNDoyVhUHIkGJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveksxbzktaXJyZlJISmlNME9qSldGUWNpUVlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS80YmJhMDgtYmUzNi00N2ViLWFiMmMt
NjM1OWY5MmUxZDJmLzEvaV9fek1KMFdDb0lTNlJKVGU0YzJhX0d0NGYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS80YmJhMDgtYmUzNi00N2ViLWFiMmMtNjM1OWY5MmUxZDJm
LzEveksxbzktaXJyZlJISmlNME9qSldGUWNpUVlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgL2gDAN
BgkqhkiG9w0BAQsFAAOCAQEATmxficpNsSe7VebxWeYtvYi2BJird8BQaK5qVZxi
XI57PhwAQqIA51hqfI3vOH0/1McVdozjrA2VegndLmPWfwrY2ebhy9Vl19wRVTJ9
E2OWdP2ySS3Gg2KLld8gfNrlDbRRCAocu9DrBlCKlBgEcWleCoqUIFXrYXUKmevi
Jmx7QLCS2kbIp+uG+rsevxmC2ErQpFo5i1Ri6Lrl2/rznexZ+zr+2EljBN/4gKEy
6jCxqU96Q2AVLWMMGwVM03vsH+N7f5WzoPEOopIDaR/wcG0hBxKOEEaUCHYCUcKs
HLj4k38jCHaPoDFi460OfyVUwL2YlMJHwn7Y0cXUJe2XcA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:40 2024 by rpki-client on console-fra.rpki-client.org