Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b910bf-e49b-4cdc-be79-4dd4dc3391ac/1/FqsP9YfHth4uVIZqQ8Byn3UZ0mY.roa
File:                     FqsP9YfHth4uVIZqQ8Byn3UZ0mY.roa (raw, json)
Hash identifier:          SCd5vMKvtAQCd52Ij9ud//p8q3McTB/iRIKuMZfU5Mw=
Subject key identifier:   16:AB:0F:F5:87:C7:B6:1E:2E:54:86:6A:43:C0:72:9F:75:19:D2:66
Certificate issuer:       /CN=2fcb30fd7d6e449493ec7cb0d9f78600458be21b
Certificate serial:       018C2F8A4B48DB4FED742706DF59DD5E1122
Authority key identifier: 2F:CB:30:FD:7D:6E:44:94:93:EC:7C:B0:D9:F7:86:00:45:8B:E2:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L8sw_X1uRJST7Hyw2feGAEWL4hs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/b910bf-e49b-4cdc-be79-4dd4dc3391ac/1/FqsP9YfHth4uVIZqQ8Byn3UZ0mY.roa
Signing time:             Sun 03 Dec 2023 11:57:21 +0000
ROA not before:           Sun 03 Dec 2023 11:57:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208328
IP address blocks:        2a0d:b287:ec00::/40 maxlen: 40

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:2f:8a:4b:48:db:4f:ed:74:27:06:df:59:dd:5e:11:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2fcb30fd7d6e449493ec7cb0d9f78600458be21b
        Validity
            Not Before: Dec  3 11:57:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=16ab0ff587c7b61e2e54866a43c0729f7519d266
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:5e:fc:4c:e4:d0:f5:42:ea:b2:5d:df:d5:2f:
                    8d:fe:96:5a:ae:19:fe:72:5b:81:99:d7:60:a5:0d:
                    84:72:51:a1:e3:15:03:29:3a:5a:bf:9d:ee:8d:16:
                    ce:97:cd:04:ff:61:34:18:62:4a:0d:65:88:49:3c:
                    8e:2f:ac:4d:b7:6d:83:10:f8:e5:bb:86:53:f5:b7:
                    19:b8:3f:88:3e:28:55:da:16:03:85:c2:d8:a4:9f:
                    a3:f8:05:f4:be:c6:f6:ab:09:4b:90:1b:b4:ef:54:
                    88:64:b7:2c:1d:f3:c0:06:5c:b8:8e:7b:8f:28:a7:
                    e8:48:b4:aa:36:8d:55:4f:cc:42:6e:37:72:2c:ad:
                    e6:cd:f5:cc:09:31:9d:26:c1:f7:61:4b:d4:4d:5e:
                    50:7b:e8:a1:77:a6:d2:13:54:59:bb:53:da:5c:de:
                    7d:5c:a1:d3:d1:fc:c8:c6:10:79:d5:95:a1:85:81:
                    79:44:0d:dc:5a:16:56:26:c0:0a:96:6a:31:93:7b:
                    be:2e:b7:de:04:4a:22:c0:cf:2a:3a:0b:9e:2e:0d:
                    04:b0:6a:18:6b:e7:b4:bc:95:56:a4:64:cc:7b:2f:
                    38:ab:b4:b5:25:f2:c8:09:35:c2:dd:c8:6a:5d:6b:
                    b7:69:a2:89:df:c2:36:4f:2b:68:9b:65:8d:f0:35:
                    c9:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:AB:0F:F5:87:C7:B6:1E:2E:54:86:6A:43:C0:72:9F:75:19:D2:66
            X509v3 Authority Key Identifier:
                keyid:2F:CB:30:FD:7D:6E:44:94:93:EC:7C:B0:D9:F7:86:00:45:8B:E2:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L8sw_X1uRJST7Hyw2feGAEWL4hs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b910bf-e49b-4cdc-be79-4dd4dc3391ac/1/FqsP9YfHth4uVIZqQ8Byn3UZ0mY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b910bf-e49b-4cdc-be79-4dd4dc3391ac/1/L8sw_X1uRJST7Hyw2feGAEWL4hs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:b287:ec00::/40

    Signature Algorithm: sha256WithRSAEncryption
         2c:c9:6e:74:a0:6b:ad:9f:3b:80:b4:55:59:73:ef:e4:6b:bb:
         40:16:e3:80:b7:33:9e:d9:85:67:95:dc:08:6c:6c:7e:ed:a6:
         73:f1:f0:c9:45:9a:b8:33:49:04:3f:02:3e:d3:07:d8:20:45:
         7b:40:72:31:30:d7:08:e6:75:09:50:63:0b:76:9d:fd:3c:fa:
         91:c5:87:e9:30:e3:38:c2:34:41:7f:8b:19:d8:61:fa:b4:58:
         a0:c8:cc:d9:44:c9:da:3b:1b:23:a9:dd:e1:37:f8:8e:3f:40:
         ec:2b:1e:cf:40:aa:6b:aa:54:ff:10:f8:4a:7f:f1:23:87:de:
         cb:4c:3d:16:05:cd:57:ee:18:b7:bc:85:11:c8:a2:a7:fe:37:
         c7:e3:53:df:9c:2d:05:76:ff:da:8d:e2:d6:6f:09:ac:7b:50:
         13:00:df:f0:e6:b4:27:0d:e4:21:77:22:af:cd:61:d8:26:7c:
         70:9e:c4:ce:d8:75:82:23:82:1a:57:67:5d:29:bb:93:54:b0:
         ce:52:fb:fb:93:7c:1b:92:fa:53:21:2a:16:8f:8e:f7:67:42:
         35:21:0e:ec:49:b7:f6:91:2a:29:9d:b3:b3:4b:07:94:56:ca:
         ba:bd:28:66:d2:e7:09:40:4d:51:38:30:4a:a9:4a:2d:0e:94:
         32:88:2b:a9
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYwviktI20/tdCcG31ndXhEiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmY2IzMGZkN2Q2ZTQ0OTQ5M2VjN2NiMGQ5Zjc4NjAwNDU4
YmUyMWIwHhcNMjMxMjAzMTE1NzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmFiMGZmNTg3YzdiNjFlMmU1NDg2NmE0M2MwNzI5Zjc1MTlkMjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv178TOTQ9ULqsl3f1S+N/pZarhn+
cluBmddgpQ2EclGh4xUDKTpav53ujRbOl80E/2E0GGJKDWWISTyOL6xNt22DEPjl
u4ZT9bcZuD+IPihV2hYDhcLYpJ+j+AX0vsb2qwlLkBu071SIZLcsHfPABly4jnuP
KKfoSLSqNo1VT8xCbjdyLK3mzfXMCTGdJsH3YUvUTV5Qe+ihd6bSE1RZu1PaXN59
XKHT0fzIxhB51ZWhhYF5RA3cWhZWJsAKlmoxk3u+LrfeBEoiwM8qOgueLg0EsGoY
a+e0vJVWpGTMey84q7S1JfLICTXC3chqXWu3aaKJ38I2Tytom2WN8DXJEQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFBarD/WHx7YeLlSGakPAcp91GdJmMB8GA1UdIwQY
MBaAFC/LMP19bkSUk+x8sNn3hgBFi+IbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDhzd19YMXVSSlNUN0h5dzJmZUdBRVdMNGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iOTEwYmYtZTQ5Yi00Y2RjLWJlNzkt
NGRkNGRjMzM5MWFjLzEvRnFzUDlZZkh0aDR1VklacVE4QnluM1VaMG1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iOTEwYmYtZTQ5Yi00Y2RjLWJlNzktNGRkNGRjMzM5MWFj
LzEvTDhzd19YMXVSSlNUN0h5dzJmZUdBRVdMNGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg2yh+ww
DQYJKoZIhvcNAQELBQADggEBACzJbnSga62fO4C0VVlz7+Rru0AW44C3M57ZhWeV
3AhsbH7tpnPx8MlFmrgzSQQ/Aj7TB9ggRXtAcjEw1wjmdQlQYwt2nf08+pHFh+kw
4zjCNEF/ixnYYfq0WKDIzNlEydo7GyOp3eE3+I4/QOwrHs9AqmuqVP8Q+Ep/8SOH
3stMPRYFzVfuGLe8hRHIoqf+N8fjU9+cLQV2/9qN4tZvCax7UBMA3/DmtCcN5CF3
Iq/NYdgmfHCexM7YdYIjghpXZ10pu5NUsM5S+/uTfBuS+lMhKhaPjvdnQjUhDuxJ
t/aRKimds7NLB5RWyrq9KGbS5wlATVE4MEqpSi0OlDKIK6k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:07 2024 by rpki-client on console-ams.rpki-client.org