Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/zF_xrpJaLdhgWJ7Q6W83N5AY17s.roa
File:                     zF_xrpJaLdhgWJ7Q6W83N5AY17s.roa (raw, json)
Hash identifier:          IUXeyqPFFGBWNQO0bRefJDG/r1gqdGrTD9Eeq2XQNi0=
Subject key identifier:   CC:5F:F1:AE:92:5A:2D:D8:60:58:9E:D0:E9:6F:37:37:90:18:D7:BB
Certificate issuer:       /CN=65a665b90069bd71850602e7400c529793269e39
Certificate serial:       018EE0DD0E24C550CB8FFAB5263027179AF8
Authority key identifier: 65:A6:65:B9:00:69:BD:71:85:06:02:E7:40:0C:52:97:93:26:9E:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/zF_xrpJaLdhgWJ7Q6W83N5AY17s.roa
Signing time:             Mon 15 Apr 2024 08:26:07 +0000
ROA not before:           Mon 15 Apr 2024 08:26:07 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215633
IP address blocks:        2a09:2b80:1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 17 Apr 2024 12:45:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:e0:dd:0e:24:c5:50:cb:8f:fa:b5:26:30:27:17:9a:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65a665b90069bd71850602e7400c529793269e39
        Validity
            Not Before: Apr 15 08:26:07 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=cc5ff1ae925a2dd860589ed0e96f37379018d7bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:fc:57:cb:23:45:6e:e9:7b:d3:ca:bc:a0:9a:
                    60:cb:05:12:ab:d6:14:29:a3:42:21:43:97:0e:94:
                    f5:60:1b:31:a3:b5:d8:78:5f:20:6b:62:83:1f:24:
                    fd:f3:87:51:33:e0:7f:5b:84:2b:c9:f3:5c:60:68:
                    8c:f8:db:ac:b0:90:0f:ae:f1:63:d3:ae:a9:03:5a:
                    56:ba:15:90:e2:d3:ff:97:b4:77:2e:b4:29:a6:30:
                    24:7c:49:b9:d7:a7:01:e9:f6:15:a8:98:5b:5a:f3:
                    fa:d8:75:35:bf:aa:57:ff:1c:c9:35:34:5e:b6:cd:
                    4e:54:a7:70:ca:0f:76:9b:5b:6b:f9:ee:82:12:5f:
                    a8:45:79:98:10:8e:00:ea:59:72:57:a2:81:2c:7e:
                    67:20:6b:71:a6:ab:9f:04:20:7a:ec:4e:b9:12:f2:
                    a9:95:f2:ea:c0:91:ee:dc:7c:eb:af:e5:98:eb:5f:
                    0b:cb:47:55:fc:3a:6f:47:2c:55:59:b2:82:bd:0c:
                    5f:68:1b:84:26:bf:60:e3:f5:0f:7c:06:cd:7d:06:
                    4b:d5:6f:e9:bb:dd:f8:1b:35:e3:11:ff:1c:9f:b1:
                    c8:f5:0e:be:9b:74:b9:26:f0:d1:db:e1:22:08:fc:
                    87:a5:58:4b:c4:52:a7:b1:9c:18:eb:bb:3a:fa:9d:
                    38:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:5F:F1:AE:92:5A:2D:D8:60:58:9E:D0:E9:6F:37:37:90:18:D7:BB
            X509v3 Authority Key Identifier:
                keyid:65:A6:65:B9:00:69:BD:71:85:06:02:E7:40:0C:52:97:93:26:9E:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/zF_xrpJaLdhgWJ7Q6W83N5AY17s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:2b80:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         5c:4f:c1:70:a1:52:38:85:78:dc:53:da:6d:f3:0b:54:85:51:
         b5:9d:b8:8c:05:67:2f:83:4e:7a:e0:54:41:be:29:ed:1f:eb:
         67:ec:40:a4:8d:a8:74:c9:3c:32:dd:f0:17:1d:6f:f3:2c:a6:
         49:6c:6e:53:75:c3:b9:20:c9:4e:b7:a0:e4:67:7d:1a:2a:79:
         2e:1d:4e:55:0a:3d:f7:dc:34:4b:c3:a3:19:d9:90:35:a2:b0:
         2a:d3:c1:b8:e3:c0:35:4d:1b:ae:09:e8:40:5d:d8:9b:ad:09:
         b3:a9:63:9d:5d:01:32:7b:03:86:84:dc:b6:1a:61:a9:aa:6c:
         b1:38:41:f8:52:25:55:64:31:6a:ef:c1:21:4d:8c:e7:58:a1:
         ee:8e:7a:d2:35:32:ef:8b:96:9d:b7:f3:ff:e4:05:cf:27:5f:
         b3:4f:08:f3:46:80:44:db:dd:e9:b2:65:14:dc:ad:71:28:2c:
         3e:57:05:e9:66:31:87:29:5a:14:4b:db:33:87:75:bb:1c:48:
         65:88:74:22:3b:0d:42:3e:54:c4:4d:0a:fd:28:c0:65:f0:51:
         70:07:5d:48:4f:7d:8e:32:e0:a2:43:9c:9b:5e:fc:b2:fe:5b:
         df:a9:98:ea:1c:7e:2b:80:76:14:de:50:9d:ab:5b:15:4d:2f:
         f6:ee:fa:c1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY7g3Q4kxVDLj/q1JjAnF5r4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YTY2NWI5MDA2OWJkNzE4NTA2MDJlNzQwMGM1Mjk3OTMy
NjllMzkwHhcNMjQwNDE1MDgyNjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzVmZjFhZTkyNWEyZGQ4NjA1ODllZDBlOTZmMzczNzkwMThkN2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/xXyyNFbul708q8oJpgywUSq9YU
KaNCIUOXDpT1YBsxo7XYeF8ga2KDHyT984dRM+B/W4QryfNcYGiM+NussJAPrvFj
066pA1pWuhWQ4tP/l7R3LrQppjAkfEm516cB6fYVqJhbWvP62HU1v6pX/xzJNTRe
ts1OVKdwyg92m1tr+e6CEl+oRXmYEI4A6llyV6KBLH5nIGtxpqufBCB67E65EvKp
lfLqwJHu3Hzrr+WY618Ly0dV/DpvRyxVWbKCvQxfaBuEJr9g4/UPfAbNfQZL1W/p
u934GzXjEf8cn7HI9Q6+m3S5JvDR2+EiCPyHpVhLxFKnsZwY67s6+p04sQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMxf8a6SWi3YYFie0OlvNzeQGNe7MB8GA1UdIwQY
MBaAFGWmZbkAab1xhQYC50AMUpeTJp45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmFabHVRQnB2WEdGQmdMblFBeFNsNU1tbmprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lNmQ4ODAtMzkwMy00YTExLWJhMjct
Yzk0NTdlYzgxMTUxLzEvekZfeHJwSmFMZGhnV0o3UTZXODNONUFZMTdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lNmQ4ODAtMzkwMy00YTExLWJhMjctYzk0NTdlYzgxMTUx
LzEvWmFabHVRQnB2WEdGQmdMblFBeFNsNU1tbmprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgkrgAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQBcT8FwoVI4hXjcU9pt8wtUhVG1nbiMBWcvg056
4FRBvintH+tn7ECkjah0yTwy3fAXHW/zLKZJbG5TdcO5IMlOt6DkZ30aKnkuHU5V
Cj333DRLw6MZ2ZA1orAq08G448A1TRuuCehAXdibrQmzqWOdXQEyewOGhNy2GmGp
qmyxOEH4UiVVZDFq78EhTYznWKHujnrSNTLvi5adt/P/5AXPJ1+zTwjzRoBE293p
smUU3K1xKCw+VwXpZjGHKVoUS9szh3W7HEhliHQiOw1CPlTETQr9KMBl8FFwB11I
T32OMuCiQ5ybXvyy/lvfqZjqHH4rgHYU3lCdq1sVTS/27vrB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:09 2024 by rpki-client on console-ams.rpki-client.org