Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/FtXHIWscoTzaJP5eYh6l66UVbW0.roa
File:                     FtXHIWscoTzaJP5eYh6l66UVbW0.roa (raw, json)
Hash identifier:          8Rn7rTadHFOpswQjEVWIzlW0EBjqzJHFdTwgvHFuK9o=
Subject key identifier:   16:D5:C7:21:6B:1C:A1:3C:DA:24:FE:5E:62:1E:A5:EB:A5:15:6D:6D
Certificate issuer:       /CN=e9be181aabdb195513a26c67b621e2986818d03d
Certificate serial:       018DEF8AD0B140B374FA58DB2259242702F5
Authority key identifier: E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/FtXHIWscoTzaJP5eYh6l66UVbW0.roa
Signing time:             Wed 28 Feb 2024 11:47:48 +0000
ROA not before:           Wed 28 Feb 2024 11:47:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     213220
IP address blocks:        2a09:3905::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Apr 2024 19:22:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:ef:8a:d0:b1:40:b3:74:fa:58:db:22:59:24:27:02:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9be181aabdb195513a26c67b621e2986818d03d
        Validity
            Not Before: Feb 28 11:47:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=16d5c7216b1ca13cda24fe5e621ea5eba5156d6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:bf:ee:58:05:42:82:d4:fa:11:b3:c1:10:74:
                    5c:5d:a9:ee:3f:6a:85:df:26:a6:38:0c:1b:09:e5:
                    65:e5:78:28:aa:95:c5:6f:e4:9d:ab:c6:45:70:fe:
                    70:48:19:3a:62:fd:08:d2:23:4a:de:a7:60:8f:14:
                    9e:93:01:b5:93:8a:31:c0:47:c5:10:00:d5:1c:d9:
                    9d:1d:52:97:cf:fa:c5:68:18:b7:cc:2b:76:88:36:
                    8a:34:1b:a8:a6:b0:29:b6:51:e7:81:92:de:f3:78:
                    83:40:6e:09:b8:c4:9c:89:ca:19:ad:f9:c3:08:c3:
                    94:ad:2c:a5:8b:84:4a:01:73:11:00:e9:ec:ba:70:
                    49:1f:72:de:87:09:ac:33:66:99:fe:cb:6e:fe:b7:
                    77:35:55:af:d4:d6:e7:f3:01:d9:4a:b4:a4:c3:12:
                    10:5e:eb:47:59:8a:9c:1e:0b:0a:ed:95:4d:f2:d8:
                    c7:d3:57:c6:b5:54:ed:9f:96:5b:12:70:e3:a1:bf:
                    5f:8b:15:aa:c9:5b:3d:89:2d:b5:13:8d:69:71:39:
                    11:c4:79:a2:1b:9b:9e:56:03:86:da:cd:17:2b:87:
                    35:18:e4:dc:3b:3d:73:54:0f:79:68:50:63:00:7a:
                    ef:fb:55:38:d1:f2:13:71:b5:7a:20:45:f9:23:6c:
                    8f:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:D5:C7:21:6B:1C:A1:3C:DA:24:FE:5E:62:1E:A5:EB:A5:15:6D:6D
            X509v3 Authority Key Identifier:
                keyid:E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/FtXHIWscoTzaJP5eYh6l66UVbW0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:3905::/32

    Signature Algorithm: sha256WithRSAEncryption
         6a:b1:e7:45:04:d4:a5:a6:7c:94:a7:e3:58:4d:7e:8e:81:95:
         74:96:05:97:4f:52:76:04:4f:14:07:1a:71:ea:73:73:2f:d8:
         46:0f:fc:da:af:77:e5:13:e9:de:d1:f7:b0:bd:7e:ff:52:53:
         56:c3:42:5b:1c:7c:16:5c:7b:3c:7b:99:a8:c5:9b:14:49:ca:
         fb:1e:b0:cc:fc:02:18:0c:49:c8:e4:85:b8:f5:60:1f:a8:a5:
         3c:9e:91:08:97:91:62:65:1d:50:92:06:7a:8f:67:ea:dc:2f:
         b6:cf:f8:56:db:3c:42:66:71:62:79:01:e1:dc:36:eb:0c:0a:
         d4:46:35:25:78:be:9e:d3:c5:55:16:d7:1a:b9:19:a9:78:0f:
         a5:6b:22:79:ec:07:a2:55:5b:ed:75:da:11:ea:a6:30:9d:51:
         e3:ad:01:05:ba:3f:31:fa:97:56:93:a1:68:1b:0a:ce:bf:0a:
         e1:84:b9:58:59:83:b0:03:ef:11:df:da:56:01:b1:dc:a5:cc:
         1d:56:1e:ed:7f:e5:f1:2e:fa:f6:a7:28:75:fb:d4:f2:9d:db:
         ac:51:d9:23:5f:ae:c7:41:dd:b4:21:50:e5:0d:d3:d6:1b:41:
         13:9a:9c:3c:44:f1:bf:d2:6f:3f:29:1f:5e:a0:21:d6:68:b1:
         fb:dc:6e:52
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY3vitCxQLN0+ljbIlkkJwL1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YmUxODFhYWJkYjE5NTUxM2EyNmM2N2I2MjFlMjk4Njgx
OGQwM2QwHhcNMjQwMjI4MTE0NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmQ1YzcyMTZiMWNhMTNjZGEyNGZlNWU2MjFlYTVlYmE1MTU2ZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwL/uWAVCgtT6EbPBEHRcXanuP2qF
3yamOAwbCeVl5XgoqpXFb+Sdq8ZFcP5wSBk6Yv0I0iNK3qdgjxSekwG1k4oxwEfF
EADVHNmdHVKXz/rFaBi3zCt2iDaKNBuoprAptlHngZLe83iDQG4JuMScicoZrfnD
CMOUrSyli4RKAXMRAOnsunBJH3LehwmsM2aZ/stu/rd3NVWv1Nbn8wHZSrSkwxIQ
XutHWYqcHgsK7ZVN8tjH01fGtVTtn5ZbEnDjob9fixWqyVs9iS21E41pcTkRxHmi
G5ueVgOG2s0XK4c1GOTcOz1zVA95aFBjAHrv+1U40fITcbV6IEX5I2yP4QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBbVxyFrHKE82iT+XmIepeulFW1tMB8GA1UdIwQY
MBaAFOm+GBqr2xlVE6JsZ7Yh4phoGNA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUt
ZjAwOGRkODNlMzJhLzEvRnRYSElXc2NvVHphSlA1ZVloNmw2NlVWYlcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUtZjAwOGRkODNlMzJh
LzEvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgk5BTAN
BgkqhkiG9w0BAQsFAAOCAQEAarHnRQTUpaZ8lKfjWE1+joGVdJYFl09SdgRPFAca
cepzcy/YRg/82q935RPp3tH3sL1+/1JTVsNCWxx8Flx7PHuZqMWbFEnK+x6wzPwC
GAxJyOSFuPVgH6ilPJ6RCJeRYmUdUJIGeo9n6twvts/4Vts8QmZxYnkB4dw26wwK
1EY1JXi+ntPFVRbXGrkZqXgPpWsieewHolVb7XXaEeqmMJ1R460BBbo/MfqXVpOh
aBsKzr8K4YS5WFmDsAPvEd/aVgGx3KXMHVYe7X/l8S769qcodfvU8p3brFHZI1+u
x0HdtCFQ5Q3T1htBE5qcPETxv9JvPykfXqAh1mix+9xuUg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:03 2024 by rpki-client on console-fra.rpki-client.org