Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/tnzZ6kffC75ab6wa_j-xlalCVDg.roa
File:                     tnzZ6kffC75ab6wa_j-xlalCVDg.roa (raw, json)
Hash identifier:          CxhWJcIdD9FcCe4Ik2CMCBVUJSx93yM/IYA+KL19F+g=
Subject key identifier:   B6:7C:D9:EA:47:DF:0B:BE:5A:6F:AC:1A:FE:3F:B1:95:A9:42:54:38
Certificate issuer:       /CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Certificate serial:       0185BAE890ECFAD987F35AEEC79FD221ACF5
Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/tnzZ6kffC75ab6wa_j-xlalCVDg.roa
Signing time:             Mon 16 Jan 2023 14:08:01 +0000
ROA not before:           Mon 16 Jan 2023 14:08:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210756
IP address blocks:        2a03:90c0:b0::/44 maxlen: 44

Validation:               Failed, certificate revoked on Fri 20 Jan 2023 07:20:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:ba:e8:90:ec:fa:d9:87:f3:5a:ee:c7:9f:d2:21:ac:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec
        Validity
            Not Before: Jan 16 14:08:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b67cd9ea47df0bbe5a6fac1afe3fb195a9425438
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:8a:4a:9e:75:7d:f3:69:5f:1e:2c:f1:d1:a3:
                    44:29:93:40:78:73:d3:6d:67:13:66:ed:c1:8f:ec:
                    cf:9f:de:4c:5e:1f:93:b7:7f:0c:3b:a3:f0:ed:0c:
                    be:df:8f:b1:2e:21:a5:64:0a:1b:a9:c6:15:bb:a5:
                    55:e6:b6:ce:fe:75:27:1f:a5:bd:7a:74:8e:e2:8e:
                    3f:56:f5:71:5f:21:ab:e6:db:2d:cc:69:db:17:85:
                    40:7e:90:fc:54:d4:7e:0f:17:8a:b4:bf:84:35:71:
                    de:5d:73:0b:41:3c:d5:41:a1:74:97:a3:28:d8:6e:
                    aa:7d:63:ea:2d:ce:e7:77:d5:a7:ab:13:6c:15:20:
                    13:e2:be:67:15:3a:80:d8:fd:f5:11:ce:96:2e:61:
                    15:2d:45:5c:9e:1b:9d:49:ee:5a:e9:2f:a7:67:53:
                    2b:da:4a:d9:b0:e8:79:85:69:9c:39:d1:55:02:7b:
                    e9:0a:74:93:2e:8c:cc:f5:f0:43:43:aa:42:b0:1a:
                    30:13:b5:83:ba:51:05:68:57:65:98:88:ac:fd:25:
                    56:d1:75:0d:60:43:02:3e:08:c7:04:82:f1:f0:29:
                    0d:d2:fb:48:07:2b:21:08:31:7b:04:46:30:e5:e4:
                    4f:1e:54:b9:12:87:1c:12:88:5e:5a:46:97:dc:4c:
                    35:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:7C:D9:EA:47:DF:0B:BE:5A:6F:AC:1A:FE:3F:B1:95:A9:42:54:38
            X509v3 Authority Key Identifier:
                keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/tnzZ6kffC75ab6wa_j-xlalCVDg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a03:90c0:b0::/44

    Signature Algorithm: sha256WithRSAEncryption
         b4:ba:9f:1f:66:b6:54:dc:60:d7:aa:08:ca:88:27:fc:1d:a0:
         9b:a1:3f:4c:ad:c3:5c:16:c1:89:3c:4a:eb:00:07:9e:0e:eb:
         9e:d7:2b:01:43:f2:7a:b8:d5:39:9e:f7:e1:c1:32:ba:06:f1:
         d0:96:96:a9:65:4e:79:e0:62:02:29:85:5f:2f:2b:59:34:65:
         44:34:bc:76:c8:32:e2:51:48:e4:72:b9:48:b6:fd:60:1d:c8:
         b1:43:c9:91:e3:9c:21:ec:20:7d:05:15:fe:21:b6:cd:a0:f4:
         10:26:96:f4:34:33:0b:96:98:ca:55:20:63:66:12:89:f0:9a:
         13:38:3c:2d:90:f4:f1:b1:ff:6d:69:f7:39:e9:bc:b9:5c:99:
         09:9c:4a:4f:ce:d4:75:e9:35:26:e6:d3:07:bf:89:90:81:c3:
         5a:4d:5b:cb:2f:f0:19:1b:9a:f9:bd:dd:42:7b:aa:c3:97:77:
         fe:48:99:f1:e1:d2:ca:eb:aa:2b:8f:c2:9b:10:64:c6:13:40:
         ec:fe:20:b4:11:82:0b:4a:6e:ae:dc:7b:ef:2b:d6:79:b6:f8:
         07:c9:7d:36:a9:d1:7c:15:3d:95:b6:25:48:21:7a:18:4c:ee:
         cb:d3:e1:93:fe:5e:66:21:6c:2c:b8:0a:51:e5:42:af:4a:3a:
         98:04:25:77
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYW66JDs+tmH81rux5/SIaz1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTRmNmE3NzM2OGI3Y2VjZmU2NzIyMGI0MzY1NzZiMWUw
MDhhZWMwHhcNMjMwMTE2MTQwODAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjdjZDllYTQ3ZGYwYmJlNWE2ZmFjMWFmZTNmYjE5NWE5NDI1NDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYpKnnV982lfHizx0aNEKZNAeHPT
bWcTZu3Bj+zPn95MXh+Tt38MO6Pw7Qy+34+xLiGlZAobqcYVu6VV5rbO/nUnH6W9
enSO4o4/VvVxXyGr5tstzGnbF4VAfpD8VNR+DxeKtL+ENXHeXXMLQTzVQaF0l6Mo
2G6qfWPqLc7nd9WnqxNsFSAT4r5nFTqA2P31Ec6WLmEVLUVcnhudSe5a6S+nZ1Mr
2krZsOh5hWmcOdFVAnvpCnSTLozM9fBDQ6pCsBowE7WDulEFaFdlmIis/SVW0XUN
YEMCPgjHBILx8CkN0vtIByshCDF7BEYw5eRPHlS5EoccEoheWkaX3Ew1dwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLZ82epH3wu+Wm+sGv4/sZWpQlQ4MB8GA1UdIwQY
MBaAFADk9qdzaLfOz+ZyILQ2V2seAIrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMt
YjA3ZDg0MTZhZTRhLzEvdG56WjZrZmZDNzVhYjZ3YV9qLXhsYWxDVkRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMtYjA3ZDg0MTZhZTRh
LzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgOQwACw
MA0GCSqGSIb3DQEBCwUAA4IBAQC0up8fZrZU3GDXqgjKiCf8HaCboT9MrcNcFsGJ
PErrAAeeDuue1ysBQ/J6uNU5nvfhwTK6BvHQlpapZU554GICKYVfLytZNGVENLx2
yDLiUUjkcrlItv1gHcixQ8mR45wh7CB9BRX+IbbNoPQQJpb0NDMLlpjKVSBjZhKJ
8JoTODwtkPTxsf9tafc56by5XJkJnEpPztR16TUm5tMHv4mQgcNaTVvLL/AZG5r5
vd1Ce6rDl3f+SJnx4dLK66orj8KbEGTGE0Ds/iC0EYILSm6u3HvvK9Z5tvgHyX02
qdF8FT2VtiVIIXoYTO7L0+GT/l5mIWwsuApR5UKvSjqYBCV3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:46 2024 by rpki-client on console-ams.rpki-client.org