Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JQrbS2bpgVutxTA5eovSaCT80vE.roa
File:                     JQrbS2bpgVutxTA5eovSaCT80vE.roa (raw, json)
Hash identifier:          pxGgKO2m9zXP29uBdDMMschA1RyRMvfaqVTjVSvARms=
Subject key identifier:   25:0A:DB:4B:66:E9:81:5B:AD:C5:30:39:7A:8B:D2:68:24:FC:D2:F1
Certificate issuer:       /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial:       01857230FECADCF3FC66118CDBAC8E01C8C4
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JQrbS2bpgVutxTA5eovSaCT80vE.roa
Signing time:             Mon 02 Jan 2023 11:14:51 +0000
ROA not before:           Mon 02 Jan 2023 11:14:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62240
IP address blocks:        2a09:9447::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 17 Jul 2023 16:47:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:30:fe:ca:dc:f3:fc:66:11:8c:db:ac:8e:01:c8:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
        Validity
            Not Before: Jan  2 11:14:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=250adb4b66e9815badc530397a8bd26824fcd2f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:3b:7f:2e:c8:9f:77:74:c8:eb:85:47:11:0c:
                    0b:0b:89:40:ee:a5:42:0d:9e:d2:5f:d4:c4:05:c5:
                    b1:00:5d:35:a8:0e:b4:b2:9b:49:bb:59:8b:55:88:
                    92:36:0b:ee:77:ef:25:c9:62:a3:95:4e:76:e3:90:
                    c8:bc:0c:10:db:37:e2:ba:28:93:80:83:8a:d4:b1:
                    b8:cb:e6:11:78:06:18:95:44:a6:cb:5d:ce:9a:96:
                    0e:11:f3:cd:ad:89:03:d2:4a:e4:fc:1b:08:ac:8a:
                    b7:ae:26:96:97:89:8d:6c:ee:34:86:68:75:96:f7:
                    f1:5f:da:a0:8e:aa:3d:3a:e5:78:94:49:7f:c2:df:
                    f5:0d:a6:b2:f3:17:f8:e1:9b:76:25:99:d7:cc:81:
                    c5:db:e0:5e:e8:16:a9:98:9e:28:86:32:fb:6f:34:
                    15:f9:07:40:06:49:80:99:33:75:f5:45:93:28:fa:
                    69:53:09:97:34:ca:41:01:3a:78:cd:3f:0b:ce:27:
                    45:4a:33:64:b6:9b:a1:1a:40:72:98:d3:c5:b2:48:
                    d7:a5:06:be:b5:60:ca:45:06:f5:de:9f:c0:46:ec:
                    49:88:28:0a:44:e8:32:a3:30:16:03:80:6e:1b:c3:
                    43:36:c9:b8:5a:67:04:58:26:08:4a:73:37:b9:ec:
                    3a:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:0A:DB:4B:66:E9:81:5B:AD:C5:30:39:7A:8B:D2:68:24:FC:D2:F1
            X509v3 Authority Key Identifier:
                keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JQrbS2bpgVutxTA5eovSaCT80vE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:9447::/32

    Signature Algorithm: sha256WithRSAEncryption
         78:08:95:93:b6:ca:1b:05:0a:d8:6a:0b:71:1d:78:d7:7a:09:
         32:d6:a3:ca:77:86:1f:ef:a5:b9:95:12:9d:c0:85:6b:4d:b0:
         9f:25:da:8f:1e:8a:09:aa:04:4b:8e:4f:38:1f:40:2c:63:f7:
         c6:10:22:1b:e0:32:d2:c3:fd:36:79:d7:ed:8c:10:81:8b:af:
         1f:8b:db:e1:46:d5:75:45:73:3c:97:19:37:50:29:d8:ea:0f:
         e9:2d:d7:c7:17:bd:ab:d7:26:37:03:de:94:8a:df:0f:67:94:
         75:af:5d:73:b7:de:c2:c6:da:39:7a:72:68:b5:b9:76:79:1b:
         05:f6:88:f7:88:2f:9c:ee:3c:ea:17:de:e1:41:86:13:57:b8:
         b1:70:43:99:e3:6f:79:c3:dc:da:d6:bd:91:3d:3c:f0:6d:ff:
         b1:f6:bc:fb:8e:b1:97:97:f8:9a:9b:c3:e9:a5:46:d8:a8:c6:
         1f:1a:8d:e1:2c:4c:56:f2:61:28:28:ea:9c:22:4b:14:74:2b:
         3b:75:bf:89:4d:cf:e6:f9:d6:ad:d5:45:f9:bf:14:36:fb:f1:
         6b:0d:69:f5:0c:01:40:38:53:2d:59:70:9a:91:4f:1e:71:f0:
         73:00:9b:2d:1d:eb:24:4d:9f:38:4f:5e:71:72:b6:03:0f:df:
         50:50:ff:a6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVyMP7K3PP8ZhGM26yOAcjEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjMwMTAyMTExNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTBhZGI0YjY2ZTk4MTViYWRjNTMwMzk3YThiZDI2ODI0ZmNkMmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTt/Lsifd3TI64VHEQwLC4lA7qVC
DZ7SX9TEBcWxAF01qA60sptJu1mLVYiSNgvud+8lyWKjlU5245DIvAwQ2zfiuiiT
gIOK1LG4y+YReAYYlUSmy13OmpYOEfPNrYkD0krk/BsIrIq3riaWl4mNbO40hmh1
lvfxX9qgjqo9OuV4lEl/wt/1Daay8xf44Zt2JZnXzIHF2+Be6BapmJ4ohjL7bzQV
+QdABkmAmTN19UWTKPppUwmXNMpBATp4zT8LzidFSjNktpuhGkBymNPFskjXpQa+
tWDKRQb13p/ARuxJiCgKROgyozAWA4BuG8NDNsm4WmcEWCYISnM3uew6YwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCUK20tm6YFbrcUwOXqL0mgk/NLxMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvSlFyYlMyYnBnVnV0eFRBNWVvdlNhQ1Q4MHZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgmURzAN
BgkqhkiG9w0BAQsFAAOCAQEAeAiVk7bKGwUK2GoLcR1413oJMtajyneGH++luZUS
ncCFa02wnyXajx6KCaoES45POB9ALGP3xhAiG+Ay0sP9NnnX7YwQgYuvH4vb4UbV
dUVzPJcZN1Ap2OoP6S3Xxxe9q9cmNwPelIrfD2eUda9dc7fewsbaOXpyaLW5dnkb
BfaI94gvnO486hfe4UGGE1e4sXBDmeNvecPc2ta9kT088G3/sfa8+46xl5f4mpvD
6aVG2KjGHxqN4SxMVvJhKCjqnCJLFHQrO3W/iU3P5vnWrdVF+b8UNvvxaw1p9QwB
QDhTLVlwmpFPHnHwcwCbLR3rJE2fOE9ecXK2Aw/fUFD/pg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:55 2024 by rpki-client on console-ams.rpki-client.org