Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/rwWR2JQBAubch4xXOB0pm_2IHow.roa
File:                     rwWR2JQBAubch4xXOB0pm_2IHow.roa (raw, json)
Hash identifier:          dPNgZf8wxcDnuZW8s+vRW9EBHDf2amOIwFieBGCglSA=
Subject key identifier:   AF:05:91:D8:94:01:02:E6:DC:87:8C:57:38:1D:29:9B:FD:88:1E:8C
Certificate issuer:       /CN=9c556767201c50f6b2a955db6a1e6e011dfa5d44
Certificate serial:       01856D41AD809E191B3CD0E6345B8EAB4EA6
Authority key identifier: 9C:55:67:67:20:1C:50:F6:B2:A9:55:DB:6A:1E:6E:01:1D:FA:5D:44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nFVnZyAcUPayqVXbah5uAR36XUQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/rwWR2JQBAubch4xXOB0pm_2IHow.roa
Signing time:             Sun 01 Jan 2023 12:14:58 +0000
ROA not before:           Sun 01 Jan 2023 12:14:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56817
IP address blocks:        2a0d:ff40::/29 maxlen: 29

Validation:               Failed, certificate revoked on Fri 10 Feb 2023 10:56:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:41:ad:80:9e:19:1b:3c:d0:e6:34:5b:8e:ab:4e:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9c556767201c50f6b2a955db6a1e6e011dfa5d44
        Validity
            Not Before: Jan  1 12:14:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=af0591d8940102e6dc878c57381d299bfd881e8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:c5:49:68:74:fd:13:f5:f9:e8:79:a3:a5:b7:
                    f3:76:74:63:4f:bb:a1:e5:99:b0:61:d0:f3:45:21:
                    b1:62:06:b9:bf:24:3b:9f:c4:89:d6:c6:f3:28:f4:
                    01:ef:d1:02:49:6d:eb:cf:15:93:91:0b:18:8c:0c:
                    6f:63:b8:aa:bb:83:44:19:1e:41:48:11:fb:ff:c8:
                    8d:b8:ba:fa:09:38:12:5b:43:8d:de:b9:7f:09:d2:
                    f9:b4:66:4c:f3:81:4b:ee:5f:b0:a3:6a:82:c6:ec:
                    5f:47:be:38:31:b3:20:2f:79:6b:4a:6e:e7:7a:88:
                    1b:dc:44:2c:3c:7b:b2:9f:6e:d1:3c:82:3d:c6:60:
                    ac:0e:3f:4b:59:9f:ed:f4:4b:e6:08:7e:0e:24:0c:
                    46:3c:49:2d:bb:c3:e9:91:c2:37:c6:fb:d0:ed:20:
                    23:9a:b0:c7:f6:74:12:a7:2f:f0:78:bd:75:54:f0:
                    74:ca:68:85:47:dc:98:44:c4:28:2f:6f:eb:99:8a:
                    f7:69:74:c7:13:c8:dd:32:54:86:d9:b2:e1:e4:9d:
                    fb:03:19:e7:a8:8c:4a:0e:21:5f:8a:3c:df:98:7e:
                    d0:9e:ac:38:f1:15:48:91:a3:49:7f:5e:2d:57:54:
                    71:69:0a:b5:5d:c4:ba:8b:44:94:27:5b:f9:7e:d7:
                    59:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:05:91:D8:94:01:02:E6:DC:87:8C:57:38:1D:29:9B:FD:88:1E:8C
            X509v3 Authority Key Identifier:
                keyid:9C:55:67:67:20:1C:50:F6:B2:A9:55:DB:6A:1E:6E:01:1D:FA:5D:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFVnZyAcUPayqVXbah5uAR36XUQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/rwWR2JQBAubch4xXOB0pm_2IHow.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/nFVnZyAcUPayqVXbah5uAR36XUQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:ff40::/29

    Signature Algorithm: sha256WithRSAEncryption
         61:a6:85:5e:5e:a0:f2:58:b9:1a:ec:7d:39:3a:3c:07:d1:e3:
         eb:01:78:e4:ca:64:9f:68:0b:a8:c0:6d:ca:40:4b:5b:36:29:
         ba:d2:29:d1:f6:7f:57:58:55:a3:90:5a:4b:40:32:9b:1d:1b:
         cc:2e:28:8b:03:4f:4d:c2:cf:ea:4f:a5:bf:8f:ea:6d:9a:73:
         42:bd:96:6c:80:39:24:f4:e5:87:99:4f:98:64:20:59:7c:26:
         2b:2c:de:2c:ac:d3:d0:1e:2b:75:93:6e:8f:6f:24:e0:1c:14:
         56:54:19:b7:0e:2a:84:b3:53:cb:fd:85:cb:f2:da:c8:97:f4:
         bb:c7:a4:23:78:bd:f3:a3:43:cb:77:00:9a:34:6a:43:c0:e8:
         42:d9:c5:6b:7d:5c:36:00:6c:72:1c:4f:65:14:61:53:0b:6a:
         e7:d3:e5:05:39:45:c4:9c:0f:90:ce:90:08:2e:30:34:ba:8f:
         21:f5:ed:3f:79:48:15:4a:8a:01:4d:f8:89:1f:56:1a:59:16:
         72:9c:d4:90:35:52:ee:5d:47:b6:5f:d0:64:af:36:fa:74:cf:
         80:3a:45:2b:1e:95:9a:f5:8b:33:90:6f:ad:33:7f:23:94:8a:
         74:9c:1b:cf:43:52:2b:3e:4a:85:1f:57:cc:03:19:51:c9:8b:
         52:bd:0a:b6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtQa2AnhkbPNDmNFuOq06mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTU2NzY3MjAxYzUwZjZiMmE5NTVkYjZhMWU2ZTAxMWRm
YTVkNDQwHhcNMjMwMTAxMTIxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjA1OTFkODk0MDEwMmU2ZGM4NzhjNTczODFkMjk5YmZkODgxZThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8VJaHT9E/X56HmjpbfzdnRjT7uh
5ZmwYdDzRSGxYga5vyQ7n8SJ1sbzKPQB79ECSW3rzxWTkQsYjAxvY7iqu4NEGR5B
SBH7/8iNuLr6CTgSW0ON3rl/CdL5tGZM84FL7l+wo2qCxuxfR744MbMgL3lrSm7n
eogb3EQsPHuyn27RPII9xmCsDj9LWZ/t9EvmCH4OJAxGPEktu8PpkcI3xvvQ7SAj
mrDH9nQSpy/weL11VPB0ymiFR9yYRMQoL2/rmYr3aXTHE8jdMlSG2bLh5J37Axnn
qIxKDiFfijzfmH7Qnqw48RVIkaNJf14tV1RxaQq1XcS6i0SUJ1v5ftdZtQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFK8FkdiUAQLm3IeMVzgdKZv9iB6MMB8GA1UdIwQY
MBaAFJxVZ2cgHFD2sqlV22oebgEd+l1EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZWblp5QWNVUGF5cVZYYmFoNXVBUjM2WFVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82ZGFjODYtMjI0Yi00YWU1LWIyYTgt
NDk2YmE4MjQ5MmNlLzEvcndXUjJKUUJBdWJjaDR4WE9CMHBtXzJJSG93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82ZGFjODYtMjI0Yi00YWU1LWIyYTgtNDk2YmE4MjQ5MmNl
LzEvbkZWblp5QWNVUGF5cVZYYmFoNXVBUjM2WFVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg3/QDAN
BgkqhkiG9w0BAQsFAAOCAQEAYaaFXl6g8li5Gux9OTo8B9Hj6wF45Mpkn2gLqMBt
ykBLWzYputIp0fZ/V1hVo5BaS0Aymx0bzC4oiwNPTcLP6k+lv4/qbZpzQr2WbIA5
JPTlh5lPmGQgWXwmKyzeLKzT0B4rdZNuj28k4BwUVlQZtw4qhLNTy/2Fy/LayJf0
u8ekI3i986NDy3cAmjRqQ8DoQtnFa31cNgBschxPZRRhUwtq59PlBTlFxJwPkM6Q
CC4wNLqPIfXtP3lIFUqKAU34iR9WGlkWcpzUkDVS7l1Htl/QZK82+nTPgDpFKx6V
mvWLM5BvrTN/I5SKdJwbz0NSKz5KhR9XzAMZUcmLUr0Ktg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:06 2024 by rpki-client on console-ams.rpki-client.org