Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/i9M3LMkykdi1iEE_W0EwEBuA7uI.roa
File:                     i9M3LMkykdi1iEE_W0EwEBuA7uI.roa (raw, json)
Hash identifier:          00wfP+ckTXNdwGLKEi55/9sQGmZ8tx8SyHJ4VqeH8jc=
Subject key identifier:   8B:D3:37:2C:C9:32:91:D8:B5:88:41:3F:5B:41:30:10:1B:80:EE:E2
Certificate issuer:       /CN=6d39ce4c29ab3f802f9de933f4495026c4d0ee4a
Certificate serial:       018A48CFAD7A5CA7BC43F137363016635399
Authority key identifier: 6D:39:CE:4C:29:AB:3F:80:2F:9D:E9:33:F4:49:50:26:C4:D0:EE:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bTnOTCmrP4Avnekz9ElQJsTQ7ko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/i9M3LMkykdi1iEE_W0EwEBuA7uI.roa
Signing time:             Wed 30 Aug 2023 23:38:04 +0000
ROA not before:           Wed 30 Aug 2023 23:38:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41745
IP address blocks:        2a03:afc0:9::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:48:cf:ad:7a:5c:a7:bc:43:f1:37:36:30:16:63:53:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d39ce4c29ab3f802f9de933f4495026c4d0ee4a
        Validity
            Not Before: Aug 30 23:38:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8bd3372cc93291d8b588413f5b4130101b80eee2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:a0:f3:41:77:54:23:fe:a5:0a:8f:91:f9:1a:
                    6b:4c:d7:7f:da:d9:15:93:5d:ac:18:00:a2:e3:44:
                    4b:73:2a:47:68:a4:e6:ff:68:2e:77:09:90:d6:91:
                    d7:8d:e8:bd:ed:f6:57:0c:28:79:54:08:df:16:20:
                    6f:e3:83:06:93:db:1c:ba:98:cf:37:96:55:33:44:
                    35:ad:fb:bc:5c:d4:33:a4:93:66:62:52:3e:9d:16:
                    a1:1f:65:5a:da:3f:6f:44:03:67:55:74:b7:87:13:
                    50:07:19:b3:dc:81:4e:0b:b3:d0:c8:72:c0:3e:8c:
                    03:b1:0b:b8:72:d2:6a:ea:ad:51:47:de:ec:07:10:
                    0c:da:14:12:42:bb:ba:0a:c2:bc:3a:b6:aa:d4:8d:
                    91:3e:d0:ac:55:f6:ba:11:a7:49:b1:6d:df:42:bd:
                    cc:20:d9:be:fc:b9:6c:91:08:5a:69:ed:af:2d:23:
                    cd:7f:5d:f0:6e:75:fd:f4:c4:48:ad:f1:d9:21:21:
                    ab:08:08:8c:ce:a9:b6:0b:9b:51:a5:d3:8f:33:ee:
                    e6:53:47:cf:9b:e5:bd:70:ca:28:8f:30:0e:ce:2a:
                    6c:6d:6f:15:25:a1:0a:6f:74:59:58:a6:c7:2d:bb:
                    38:f0:d7:a0:27:f5:3d:71:6b:df:de:a5:0a:9d:39:
                    8c:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:D3:37:2C:C9:32:91:D8:B5:88:41:3F:5B:41:30:10:1B:80:EE:E2
            X509v3 Authority Key Identifier:
                keyid:6D:39:CE:4C:29:AB:3F:80:2F:9D:E9:33:F4:49:50:26:C4:D0:EE:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bTnOTCmrP4Avnekz9ElQJsTQ7ko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/i9M3LMkykdi1iEE_W0EwEBuA7uI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/bTnOTCmrP4Avnekz9ElQJsTQ7ko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a03:afc0:9::/48

    Signature Algorithm: sha256WithRSAEncryption
         7b:34:f9:93:c7:3d:6e:4e:e3:98:4d:97:04:e4:a6:05:59:e2:
         f7:62:55:d0:bc:b0:6d:1d:2b:4a:3b:1c:82:29:e0:af:ae:92:
         5d:f4:e3:12:41:76:13:58:a7:58:13:fe:14:48:98:01:bc:ad:
         cc:90:37:87:a2:bc:2e:39:09:3a:47:05:88:fa:5b:09:18:a9:
         29:22:ed:61:6a:bd:4b:10:8b:4c:21:51:30:aa:27:22:cc:33:
         36:c1:58:43:e1:3a:ce:a6:1c:be:0a:45:6c:b8:6a:3b:57:21:
         71:06:cb:f8:63:98:ee:fd:47:eb:5e:cc:57:7b:e3:b5:0b:8d:
         00:9f:f5:6b:e0:13:34:6c:80:5c:b7:ab:af:0a:c2:cd:6c:25:
         21:89:39:0e:44:3c:81:2f:05:e5:c1:dd:98:46:23:89:e4:d1:
         64:1e:62:85:bc:1e:6b:ca:9e:e1:07:13:39:b6:d6:c5:cb:6d:
         c5:db:20:0b:b7:76:71:78:2b:b9:62:07:6a:c6:ae:73:1b:4f:
         fe:a5:9a:01:50:2a:f1:7a:a3:ee:c7:db:3b:5d:d4:99:19:85:
         11:05:21:af:55:3e:10:fc:26:ba:cd:bb:c0:2d:0e:95:77:7c:
         a2:31:9f:80:b3:03:34:d4:c6:06:28:d7:7b:15:46:7b:39:3a:
         bc:9f:43:8c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYpIz616XKe8Q/E3NjAWY1OZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMzljZTRjMjlhYjNmODAyZjlkZTkzM2Y0NDk1MDI2YzRk
MGVlNGEwHhcNMjMwODMwMjMzODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmQzMzcyY2M5MzI5MWQ4YjU4ODQxM2Y1YjQxMzAxMDFiODBlZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraDzQXdUI/6lCo+R+RprTNd/2tkV
k12sGACi40RLcypHaKTm/2gudwmQ1pHXjei97fZXDCh5VAjfFiBv44MGk9scupjP
N5ZVM0Q1rfu8XNQzpJNmYlI+nRahH2Va2j9vRANnVXS3hxNQBxmz3IFOC7PQyHLA
PowDsQu4ctJq6q1RR97sBxAM2hQSQru6CsK8Oraq1I2RPtCsVfa6EadJsW3fQr3M
INm+/LlskQhaae2vLSPNf13wbnX99MRIrfHZISGrCAiMzqm2C5tRpdOPM+7mU0fP
m+W9cMoojzAOzipsbW8VJaEKb3RZWKbHLbs48NegJ/U9cWvf3qUKnTmMqwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIvTNyzJMpHYtYhBP1tBMBAbgO7iMB8GA1UdIwQY
MBaAFG05zkwpqz+AL53pM/RJUCbE0O5KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlRuT1RDbXJQNEF2bmVrejlFbFFKc1RRN2tvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80NGU4ZjUtMzU4NC00OTBlLTk5Nzkt
Y2RjMzFkNWZiOGE0LzEvaTlNM0xNa3lrZGkxaUVFX1cwRXdFQnVBN3VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS80NGU4ZjUtMzU4NC00OTBlLTk5NzktY2RjMzFkNWZiOGE0
LzEvYlRuT1RDbXJQNEF2bmVrejlFbFFKc1RRN2tvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgOvwAAJ
MA0GCSqGSIb3DQEBCwUAA4IBAQB7NPmTxz1uTuOYTZcE5KYFWeL3YlXQvLBtHStK
OxyCKeCvrpJd9OMSQXYTWKdYE/4USJgBvK3MkDeHorwuOQk6RwWI+lsJGKkpIu1h
ar1LEItMIVEwqicizDM2wVhD4TrOphy+CkVsuGo7VyFxBsv4Y5ju/UfrXsxXe+O1
C40An/Vr4BM0bIBct6uvCsLNbCUhiTkORDyBLwXlwd2YRiOJ5NFkHmKFvB5ryp7h
BxM5ttbFy23F2yALt3ZxeCu5Ygdqxq5zG0/+pZoBUCrxeqPux9s7XdSZGYURBSGv
VT4Q/Ca6zbvALQ6Vd3yiMZ+AswM01MYGKNd7FUZ7OTq8n0OM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:44 2024 by rpki-client on console-ams.rpki-client.org