Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/0CbMMpkU6QVNbl3C6pNgCrfmA_s.roa
File:                     0CbMMpkU6QVNbl3C6pNgCrfmA_s.roa (raw, json)
Hash identifier:          YYyk9tlBxwLu6YqRqvuKY8qKSZzO9svgEW6IrOIOShA=
Subject key identifier:   D0:26:CC:32:99:14:E9:05:4D:6E:5D:C2:EA:93:60:0A:B7:E6:03:FB
Certificate issuer:       /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial:       018570B06064323B54C30935C579731A1532
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/0CbMMpkU6QVNbl3C6pNgCrfmA_s.roa
Signing time:             Mon 02 Jan 2023 04:14:45 +0000
ROA not before:           Mon 02 Jan 2023 04:14:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8100
IP address blocks:        2a05:b0c6:300::/40 maxlen: 40

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:b0:60:64:32:3b:54:c3:09:35:c5:79:73:1a:15:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
        Validity
            Not Before: Jan  2 04:14:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d026cc329914e9054d6e5dc2ea93600ab7e603fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:7f:88:2a:0f:10:83:11:bf:20:71:b9:55:ff:
                    58:4e:db:90:4b:40:9b:fe:10:a4:64:6b:04:ed:c2:
                    4a:e3:0a:a1:5c:03:80:a3:85:8a:8d:17:ac:f9:ab:
                    3c:e4:64:8d:b5:49:7a:39:7c:bd:6e:66:38:bf:53:
                    2c:b5:f9:91:17:21:10:92:46:23:04:5a:8f:b7:d2:
                    a4:bb:5e:56:6c:f4:66:75:8d:9d:cf:f1:60:ec:74:
                    3d:60:b1:0b:72:86:e7:48:f0:84:f5:ea:af:39:26:
                    62:23:c7:33:f8:9e:61:24:02:d5:38:8d:b3:3c:58:
                    53:76:19:9f:f8:eb:a2:7a:e1:de:cb:cb:b7:15:f4:
                    cd:15:3a:04:af:a1:41:94:fa:07:45:d0:71:f6:99:
                    5a:be:2f:53:b0:30:be:6f:1b:6e:a7:55:b4:e1:6b:
                    31:63:4e:67:ee:17:1a:24:b2:17:f6:b6:74:e8:53:
                    3f:fb:75:78:b9:8d:ba:14:0b:3f:dd:3a:2a:f3:31:
                    58:aa:82:28:fc:d0:97:eb:62:44:cf:2a:7f:72:a2:
                    34:40:59:06:4c:55:ed:73:9e:e9:37:83:77:a1:85:
                    1f:9c:43:f8:0b:f8:43:27:05:5f:14:86:6d:91:1b:
                    8e:92:30:33:3d:e5:e6:8b:63:6c:1e:ff:1f:4c:28:
                    c5:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:26:CC:32:99:14:E9:05:4D:6E:5D:C2:EA:93:60:0A:B7:E6:03:FB
            X509v3 Authority Key Identifier:
                keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/0CbMMpkU6QVNbl3C6pNgCrfmA_s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:b0c6:300::/40

    Signature Algorithm: sha256WithRSAEncryption
         1b:ed:a6:e5:13:fa:17:65:a8:04:c2:c6:b5:6e:36:fc:fc:1b:
         59:7d:2d:8d:e9:4f:07:ca:e1:21:c5:b4:b2:73:c3:80:7a:e1:
         f8:af:bd:00:a7:aa:8f:15:fd:c3:f6:86:7e:d0:bc:7c:73:93:
         e9:5b:a1:67:cb:93:c7:6e:ba:1e:26:34:95:7e:ee:f7:9f:63:
         c1:06:cc:0c:33:c0:d5:b7:a3:58:8a:de:6e:65:96:14:69:f4:
         20:38:7f:d0:c1:14:78:6c:d3:26:91:41:b9:1b:80:9a:dc:22:
         e3:03:b0:3a:e7:da:65:5d:2a:62:39:96:1c:2b:7a:39:fe:4d:
         cf:75:2d:64:0d:9e:16:0f:26:dc:46:0c:b8:c4:1a:78:fa:50:
         e0:e0:f1:42:c2:80:68:c9:8e:21:6a:0e:e9:fc:25:e1:80:97:
         6c:f5:fb:8d:d0:fe:cc:ba:ec:d9:87:63:90:16:07:61:7b:52:
         b6:37:33:ac:33:e8:ab:94:74:08:3e:43:cb:89:1b:74:b2:06:
         8b:49:0f:c2:db:fd:82:e1:1e:b8:c7:c9:05:d4:d7:2b:5a:cf:
         24:3f:19:64:58:48:74:7f:20:a0:e1:7d:49:06:4c:7c:a1:2c:
         e4:7b:ba:1d:9a:de:92:8c:81:2d:1e:01:55:97:83:7d:63:5f:
         e8:10:fe:a2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVwsGBkMjtUwwk1xXlzGhUyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjMwMTAyMDQxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDI2Y2MzMjk5MTRlOTA1NGQ2ZTVkYzJlYTkzNjAwYWI3ZTYwM2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAln+IKg8QgxG/IHG5Vf9YTtuQS0Cb
/hCkZGsE7cJK4wqhXAOAo4WKjRes+as85GSNtUl6OXy9bmY4v1MstfmRFyEQkkYj
BFqPt9Kku15WbPRmdY2dz/Fg7HQ9YLELcobnSPCE9eqvOSZiI8cz+J5hJALVOI2z
PFhTdhmf+OuieuHey8u3FfTNFToEr6FBlPoHRdBx9plavi9TsDC+bxtup1W04Wsx
Y05n7hcaJLIX9rZ06FM/+3V4uY26FAs/3Toq8zFYqoIo/NCX62JEzyp/cqI0QFkG
TFXtc57pN4N3oYUfnEP4C/hDJwVfFIZtkRuOkjAzPeXmi2NsHv8fTCjFUwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNAmzDKZFOkFTW5dwuqTYAq35gP7MB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvMENiTU1wa1U2UVZOYmwzQzZwTmdDcmZtQV9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgWwxgMw
DQYJKoZIhvcNAQELBQADggEBABvtpuUT+hdlqATCxrVuNvz8G1l9LY3pTwfK4SHF
tLJzw4B64fivvQCnqo8V/cP2hn7QvHxzk+lboWfLk8duuh4mNJV+7vefY8EGzAwz
wNW3o1iK3m5llhRp9CA4f9DBFHhs0yaRQbkbgJrcIuMDsDrn2mVdKmI5lhwrejn+
Tc91LWQNnhYPJtxGDLjEGnj6UODg8ULCgGjJjiFqDun8JeGAl2z1+43Q/sy67NmH
Y5AWB2F7UrY3M6wz6KuUdAg+Q8uJG3SyBotJD8Lb/YLhHrjHyQXU1ytazyQ/GWRY
SHR/IKDhfUkGTHyhLOR7uh2a3pKMgS0eAVWXg31jX+gQ/qI=
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:07 2024 by rpki-client on console-ams.rpki-client.org