Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b910bf-e49b-4cdc-be79-4dd4dc3391ac/1/id_7yTfRWQK75ma7jUiNU3c7V8c.roa
File:                     id_7yTfRWQK75ma7jUiNU3c7V8c.roa (raw, json)
Hash identifier:          4WAME3++hqM9j7eZE89OWCKcWB4EYh6Ty95I2r4d4p0=
Subject key identifier:   89:DF:FB:C9:37:D1:59:02:BB:E6:66:BB:8D:48:8D:53:77:3B:57:C7
Certificate issuer:       /CN=2fcb30fd7d6e449493ec7cb0d9f78600458be21b
Certificate serial:       018CC2DAC5CB5ADDE916CB37020E9AFDFE6A
Authority key identifier: 2F:CB:30:FD:7D:6E:44:94:93:EC:7C:B0:D9:F7:86:00:45:8B:E2:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L8sw_X1uRJST7Hyw2feGAEWL4hs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/b910bf-e49b-4cdc-be79-4dd4dc3391ac/1/id_7yTfRWQK75ma7jUiNU3c7V8c.roa
Signing time:             Mon 01 Jan 2024 02:29:26 +0000
ROA not before:           Mon 01 Jan 2024 02:29:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212516
IP address blocks:        2a0d:b287:ec30::/46 maxlen: 46

Validation:               Failed, certificate revoked on Sat 27 Jan 2024 12:11:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:da:c5:cb:5a:dd:e9:16:cb:37:02:0e:9a:fd:fe:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2fcb30fd7d6e449493ec7cb0d9f78600458be21b
        Validity
            Not Before: Jan  1 02:29:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=89dffbc937d15902bbe666bb8d488d53773b57c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:55:c5:fc:8f:fc:e6:be:90:dd:af:0b:e4:ef:
                    99:c1:05:42:dc:67:b6:88:5c:78:8d:ff:f6:9e:d2:
                    13:d6:d0:31:d6:23:47:34:7b:ac:5d:f1:55:72:ef:
                    b7:d5:84:f9:cd:87:e2:da:a5:f7:62:6c:1c:aa:94:
                    4c:fe:c2:31:68:03:08:6b:b3:26:00:f2:ac:aa:a2:
                    bb:7a:ba:9d:72:58:21:12:23:a7:74:6e:3b:1a:05:
                    ff:9f:c4:21:86:2f:a0:15:b7:59:ea:f4:2b:50:71:
                    92:49:36:c2:d1:81:83:e9:66:42:d3:34:e7:e3:4a:
                    3e:30:6f:a7:b4:ed:b6:e8:93:72:2c:89:2c:2a:75:
                    77:e6:b5:05:97:70:0b:81:aa:15:77:ed:ae:15:cf:
                    ce:b2:60:83:bd:d3:60:e3:06:e4:e4:b3:f4:7d:bd:
                    77:94:2d:37:00:a0:ce:ad:7f:3c:9b:d1:db:ef:91:
                    0b:02:5b:25:df:14:18:f4:ac:25:be:fd:a1:06:af:
                    75:d3:20:8c:43:2f:ae:9e:f5:54:7d:84:c2:f9:a8:
                    75:3e:3d:d2:fb:a1:02:d2:a1:26:9b:9b:fb:2d:1d:
                    5e:45:02:e4:ac:e0:1b:08:c6:d5:32:68:e5:34:85:
                    c7:8d:e7:6e:2f:7c:13:83:e0:d0:84:2b:46:1f:e4:
                    8f:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:DF:FB:C9:37:D1:59:02:BB:E6:66:BB:8D:48:8D:53:77:3B:57:C7
            X509v3 Authority Key Identifier:
                keyid:2F:CB:30:FD:7D:6E:44:94:93:EC:7C:B0:D9:F7:86:00:45:8B:E2:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L8sw_X1uRJST7Hyw2feGAEWL4hs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b910bf-e49b-4cdc-be79-4dd4dc3391ac/1/id_7yTfRWQK75ma7jUiNU3c7V8c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b910bf-e49b-4cdc-be79-4dd4dc3391ac/1/L8sw_X1uRJST7Hyw2feGAEWL4hs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:b287:ec30::/46

    Signature Algorithm: sha256WithRSAEncryption
         72:87:57:c1:6d:d1:92:fe:03:de:7a:b0:46:25:0a:58:a6:4f:
         e9:a7:5e:56:45:bc:cd:9c:cd:5a:ba:a8:55:c4:6c:0d:fe:11:
         54:8e:0a:d1:ae:e5:c5:e7:aa:3b:5c:b8:22:8e:12:a2:94:28:
         d6:25:c1:89:4c:c3:d7:65:dc:af:ea:86:8a:71:c5:06:df:ef:
         4b:3b:83:82:26:4d:04:5e:da:f5:77:af:70:71:59:fc:a8:25:
         f6:64:18:3a:2a:fe:a8:c1:5b:5e:c4:a0:2b:20:78:b5:79:16:
         21:17:e7:8e:f7:8d:f7:3c:5a:79:5d:af:3a:b9:c6:97:2e:8b:
         25:68:c0:e0:ea:08:63:64:25:6c:63:f6:88:db:a2:01:f7:dc:
         c6:89:90:bb:be:5e:32:5e:cd:0c:b7:20:bc:d2:66:d4:21:f6:
         7e:92:26:50:f6:e4:35:0a:af:a6:dd:46:8d:bf:a8:0b:60:2d:
         6c:90:6f:1a:96:65:2c:16:f0:4f:e0:b4:28:e1:be:a7:74:e5:
         16:37:53:69:89:ad:b9:9d:39:47:89:a2:b8:5f:ba:df:db:bc:
         30:bc:18:33:d5:d5:c3:3b:9e:8c:c0:8d:3b:d4:3d:91:00:e0:
         79:a2:73:b7:ac:e3:88:0f:7c:d1:aa:6b:39:82:bc:f3:95:4c:
         26:2d:b6:78
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzC2sXLWt3pFss3Ag6a/f5qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmY2IzMGZkN2Q2ZTQ0OTQ5M2VjN2NiMGQ5Zjc4NjAwNDU4
YmUyMWIwHhcNMjQwMTAxMDIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWRmZmJjOTM3ZDE1OTAyYmJlNjY2YmI4ZDQ4OGQ1Mzc3M2I1N2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1XF/I/85r6Q3a8L5O+ZwQVC3Ge2
iFx4jf/2ntIT1tAx1iNHNHusXfFVcu+31YT5zYfi2qX3YmwcqpRM/sIxaAMIa7Mm
APKsqqK7erqdclghEiOndG47GgX/n8Qhhi+gFbdZ6vQrUHGSSTbC0YGD6WZC0zTn
40o+MG+ntO226JNyLIksKnV35rUFl3ALgaoVd+2uFc/OsmCDvdNg4wbk5LP0fb13
lC03AKDOrX88m9Hb75ELAlsl3xQY9Kwlvv2hBq910yCMQy+unvVUfYTC+ah1Pj3S
+6EC0qEmm5v7LR1eRQLkrOAbCMbVMmjlNIXHjeduL3wTg+DQhCtGH+SPcwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFInf+8k30VkCu+Zmu41IjVN3O1fHMB8GA1UdIwQY
MBaAFC/LMP19bkSUk+x8sNn3hgBFi+IbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDhzd19YMXVSSlNUN0h5dzJmZUdBRVdMNGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iOTEwYmYtZTQ5Yi00Y2RjLWJlNzkt
NGRkNGRjMzM5MWFjLzEvaWRfN3lUZlJXUUs3NW1hN2pVaU5VM2M3VjhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iOTEwYmYtZTQ5Yi00Y2RjLWJlNzktNGRkNGRjMzM5MWFj
LzEvTDhzd19YMXVSSlNUN0h5dzJmZUdBRVdMNGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKg2yh+ww
MA0GCSqGSIb3DQEBCwUAA4IBAQByh1fBbdGS/gPeerBGJQpYpk/pp15WRbzNnM1a
uqhVxGwN/hFUjgrRruXF56o7XLgijhKilCjWJcGJTMPXZdyv6oaKccUG3+9LO4OC
Jk0EXtr1d69wcVn8qCX2ZBg6Kv6owVtexKArIHi1eRYhF+eO9433PFp5Xa86ucaX
LoslaMDg6ghjZCVsY/aI26IB99zGiZC7vl4yXs0MtyC80mbUIfZ+kiZQ9uQ1Cq+m
3UaNv6gLYC1skG8almUsFvBP4LQo4b6ndOUWN1Npia25nTlHiaK4X7rf27wwvBgz
1dXDO56MwI071D2RAOB5onO3rOOID3zRqms5grzzlUwmLbZ4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:52 2024 by rpki-client on console-fra.rpki-client.org