Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/NAomgk2_fu_G-CrU5zMpSmzxZtc.roa
File:                     NAomgk2_fu_G-CrU5zMpSmzxZtc.roa (raw, json)
Hash identifier:          fC/Kx16kKw+mbOVmtlQKM6ZEVOEcQZKtVqZwAjbWfIE=
Subject key identifier:   34:0A:26:82:4D:BF:7E:EF:C6:F8:2A:D4:E7:33:29:4A:6C:F1:66:D7
Certificate issuer:       /CN=7bab6c11d41162db0306858f83e5e65121132a6b
Certificate serial:       01856CF87EF9EA9CBCC5386B615515C2DA99
Authority key identifier: 7B:AB:6C:11:D4:11:62:DB:03:06:85:8F:83:E5:E6:51:21:13:2A:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e6tsEdQRYtsDBoWPg-XmUSETKms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/NAomgk2_fu_G-CrU5zMpSmzxZtc.roa
Signing time:             Sun 01 Jan 2023 10:55:02 +0000
ROA not before:           Sun 01 Jan 2023 10:55:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212845
IP address blocks:        2a07:22c1:4::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:30:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:f8:7e:f9:ea:9c:bc:c5:38:6b:61:55:15:c2:da:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7bab6c11d41162db0306858f83e5e65121132a6b
        Validity
            Not Before: Jan  1 10:55:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=340a26824dbf7eefc6f82ad4e733294a6cf166d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:8b:5c:e8:6f:90:6b:e4:01:a2:55:41:d1:de:
                    ed:0b:db:48:41:d7:04:ca:0f:ca:24:aa:fa:88:8e:
                    93:dc:94:44:32:c4:5a:96:70:f2:66:2c:2c:46:6c:
                    2f:36:29:4f:30:e5:43:f5:b6:6b:91:db:03:a6:92:
                    aa:e1:cf:f9:c4:20:0c:93:50:e3:a6:f5:60:6e:80:
                    f9:45:1f:4b:81:25:a8:a8:aa:1a:51:83:da:91:00:
                    6a:34:5e:cb:0e:72:08:67:bb:3e:ea:1c:a8:6a:ce:
                    08:55:d9:ae:58:e7:f8:c5:e9:bf:5e:89:a2:a9:1c:
                    f9:63:85:05:3e:61:aa:88:34:2a:ef:65:39:cc:81:
                    8d:d4:02:3c:14:7d:69:95:ca:0e:27:48:47:cc:69:
                    83:0c:3b:e7:d2:79:70:ab:5d:05:da:3f:d2:c8:72:
                    90:95:3e:a3:52:41:94:3f:38:22:6b:e2:23:87:64:
                    11:ef:86:ed:af:bc:f7:48:ff:72:8d:84:f1:d9:20:
                    01:83:69:79:9d:2b:da:79:a0:c2:25:b0:cf:64:b9:
                    af:18:d7:a4:c2:9c:04:e1:c8:70:56:33:ac:f7:f4:
                    37:a0:ea:36:51:ba:f3:af:8d:3c:41:a8:bd:ca:10:
                    0e:e1:b5:13:2f:af:91:e4:66:54:f8:ff:1e:bd:88:
                    78:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:0A:26:82:4D:BF:7E:EF:C6:F8:2A:D4:E7:33:29:4A:6C:F1:66:D7
            X509v3 Authority Key Identifier:
                keyid:7B:AB:6C:11:D4:11:62:DB:03:06:85:8F:83:E5:E6:51:21:13:2A:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6tsEdQRYtsDBoWPg-XmUSETKms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/NAomgk2_fu_G-CrU5zMpSmzxZtc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/e6tsEdQRYtsDBoWPg-XmUSETKms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:22c1:4::/48

    Signature Algorithm: sha256WithRSAEncryption
         02:19:83:8b:26:b7:2c:4b:b1:df:a9:ef:45:d3:83:64:75:95:
         6c:05:5e:ef:0e:d0:ab:54:9b:ee:ce:a6:a2:1c:e3:5e:a6:42:
         a5:64:44:cb:1e:c8:a9:d7:2b:68:21:14:55:bf:61:0a:89:4f:
         e8:aa:2f:0e:87:d4:06:4c:f7:c3:4e:8f:87:04:c5:9c:c7:80:
         01:76:9c:95:c5:6d:a5:0d:b7:e4:15:85:64:a7:9a:a7:6b:53:
         4e:bc:33:45:6c:37:db:4f:1b:df:0d:37:cf:fe:56:ee:21:3a:
         81:87:09:60:93:fa:90:d4:68:b9:e2:57:41:fb:c3:4d:c0:c7:
         7f:b8:ef:6e:0c:7b:e0:d4:4f:2a:d0:91:51:54:c1:63:81:9c:
         c3:90:10:3b:0e:0a:11:5d:7f:91:f7:48:43:a0:e3:fc:25:7e:
         af:70:6e:93:8e:12:b0:3b:a3:ca:20:56:d5:29:78:d0:67:4c:
         3b:d1:3d:14:fa:3a:52:4f:1d:3e:d7:1c:96:6f:b8:da:af:a1:
         e2:09:ae:90:65:79:17:88:51:da:d7:9f:c6:25:d5:23:63:38:
         80:c1:93:1d:10:ef:1f:71:8a:e8:11:11:de:35:af:fa:21:90:
         a8:a5:d3:ec:44:ba:27:93:8d:37:29:3e:22:60:2b:dc:07:0c:
         e1:b1:ce:b4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVs+H756py8xThrYVUVwtqZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYWI2YzExZDQxMTYyZGIwMzA2ODU4ZjgzZTVlNjUxMjEx
MzJhNmIwHhcNMjMwMTAxMTA1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDBhMjY4MjRkYmY3ZWVmYzZmODJhZDRlNzMzMjk0YTZjZjE2NmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgItc6G+Qa+QBolVB0d7tC9tIQdcE
yg/KJKr6iI6T3JREMsRalnDyZiwsRmwvNilPMOVD9bZrkdsDppKq4c/5xCAMk1Dj
pvVgboD5RR9LgSWoqKoaUYPakQBqNF7LDnIIZ7s+6hyoas4IVdmuWOf4xem/Xomi
qRz5Y4UFPmGqiDQq72U5zIGN1AI8FH1plcoOJ0hHzGmDDDvn0nlwq10F2j/SyHKQ
lT6jUkGUPzgia+Ijh2QR74btr7z3SP9yjYTx2SABg2l5nSvaeaDCJbDPZLmvGNek
wpwE4chwVjOs9/Q3oOo2Ubrzr408Qai9yhAO4bUTL6+R5GZU+P8evYh4eQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDQKJoJNv37vxvgq1OczKUps8WbXMB8GA1UdIwQY
MBaAFHurbBHUEWLbAwaFj4Pl5lEhEyprMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZ0c0VkUVJZdHNEQm9XUGctWG1VU0VUS21zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9kMzM0YWQtNTI0MC00ZGFhLWEwNTAt
OWY1YmY3MzY3MjBlLzEvTkFvbWdrMl9mdV9HLUNyVTV6TXBTbXp4WnRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9kMzM0YWQtNTI0MC00ZGFhLWEwNTAtOWY1YmY3MzY3MjBl
LzEvZTZ0c0VkUVJZdHNEQm9XUGctWG1VU0VUS21zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgciwQAE
MA0GCSqGSIb3DQEBCwUAA4IBAQACGYOLJrcsS7Hfqe9F04NkdZVsBV7vDtCrVJvu
zqaiHONepkKlZETLHsip1ytoIRRVv2EKiU/oqi8Oh9QGTPfDTo+HBMWcx4ABdpyV
xW2lDbfkFYVkp5qna1NOvDNFbDfbTxvfDTfP/lbuITqBhwlgk/qQ1Gi54ldB+8NN
wMd/uO9uDHvg1E8q0JFRVMFjgZzDkBA7DgoRXX+R90hDoOP8JX6vcG6TjhKwO6PK
IFbVKXjQZ0w70T0U+jpSTx0+1xyWb7jar6HiCa6QZXkXiFHa15/GJdUjYziAwZMd
EO8fcYroERHeNa/6IZCopdPsRLonk403KT4iYCvcBwzhsc60
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:35 2024 by rpki-client on console-ams.rpki-client.org