Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b716ad-ed04-4de4-b994-4aab2d68fa5a/1/9nATOz3k-Ub98YNwuKl4Kl_Q7dw.roa
File:                     9nATOz3k-Ub98YNwuKl4Kl_Q7dw.roa (raw, json)
Hash identifier:          F054s9Xqeh8S9D/eTNNmWVk/3Dfyd9qbemyPSdMjxVs=
Subject key identifier:   F6:70:13:3B:3D:E4:F9:46:FD:F1:83:70:B8:A9:78:2A:5F:D0:ED:DC
Certificate issuer:       /CN=8d1bef730527aae1ecf8fb3085659d6fdfeed797
Certificate serial:       018C883F97E91B30F530481F6FDB2A737FCF
Authority key identifier: 8D:1B:EF:73:05:27:AA:E1:EC:F8:FB:30:85:65:9D:6F:DF:EE:D7:97
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRvvcwUnquHs-PswhWWdb9_u15c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/b716ad-ed04-4de4-b994-4aab2d68fa5a/1/9nATOz3k-Ub98YNwuKl4Kl_Q7dw.roa
Signing time:             Wed 20 Dec 2023 17:21:58 +0000
ROA not before:           Wed 20 Dec 2023 17:21:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216185
IP address blocks:        2a14:4280:1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:88:3f:97:e9:1b:30:f5:30:48:1f:6f:db:2a:73:7f:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1bef730527aae1ecf8fb3085659d6fdfeed797
        Validity
            Not Before: Dec 20 17:21:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f670133b3de4f946fdf18370b8a9782a5fd0eddc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:02:61:b1:a9:43:e5:15:ec:91:cb:f1:0c:08:
                    e2:56:5e:c3:51:16:f6:39:7e:6b:d5:d0:ea:00:62:
                    00:68:cb:8d:d9:c1:f4:2d:6a:4e:a2:6d:f0:6b:48:
                    6a:e4:f9:aa:1e:41:01:04:74:e6:b6:86:2f:02:07:
                    38:d6:b9:bf:c8:40:70:2a:be:cf:6f:71:69:cd:ec:
                    0d:bf:94:f4:c7:c2:04:e6:a0:5b:1a:cc:42:86:88:
                    ad:24:bc:8d:e5:c1:f4:b5:de:54:b3:ef:e5:12:ec:
                    ed:d7:90:2a:94:78:fd:cd:09:b1:26:b3:58:eb:03:
                    e6:eb:fb:59:ad:c1:92:4f:1f:21:e8:01:95:3c:c6:
                    43:f6:f8:a6:4f:64:3e:c4:e3:8e:b5:f2:92:b1:87:
                    f2:33:a1:2a:aa:94:c2:80:80:14:29:6b:e7:b8:f7:
                    c8:54:33:c7:f7:23:06:0d:50:b6:f5:f3:a6:fc:72:
                    f8:9d:6b:f8:00:2c:de:bc:8a:33:4c:06:7a:27:38:
                    70:f7:9f:f0:42:68:2b:4e:36:2c:72:0c:d6:aa:58:
                    2b:a5:ee:0c:4f:ee:a3:e0:a3:59:5c:1c:21:6a:09:
                    1e:38:f4:63:26:ae:69:2c:7f:8d:e7:72:86:f2:4d:
                    92:19:e5:ec:f2:78:b0:d5:68:a6:ea:8c:70:64:5c:
                    32:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:70:13:3B:3D:E4:F9:46:FD:F1:83:70:B8:A9:78:2A:5F:D0:ED:DC
            X509v3 Authority Key Identifier:
                keyid:8D:1B:EF:73:05:27:AA:E1:EC:F8:FB:30:85:65:9D:6F:DF:EE:D7:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRvvcwUnquHs-PswhWWdb9_u15c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b716ad-ed04-4de4-b994-4aab2d68fa5a/1/9nATOz3k-Ub98YNwuKl4Kl_Q7dw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b716ad-ed04-4de4-b994-4aab2d68fa5a/1/jRvvcwUnquHs-PswhWWdb9_u15c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:4280:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         8e:b3:11:f2:31:a0:2a:1a:5c:1f:2c:d3:0c:64:8b:2e:f1:e6:
         f5:41:29:c0:12:07:c3:0b:e2:6e:04:71:94:12:55:d3:6f:c0:
         f2:a4:1f:d6:4c:f2:8d:3e:14:11:41:24:95:ac:34:3d:de:0c:
         21:c1:03:fa:6e:fc:3e:e5:3e:39:0e:3d:de:f2:ac:5b:09:74:
         86:82:c8:6d:80:25:eb:b7:aa:99:fd:3d:81:19:5c:2b:e5:3a:
         65:eb:d5:40:15:d0:9a:e7:4c:7a:6c:80:01:0f:98:03:8e:dd:
         59:8d:db:d0:e8:c8:41:48:a8:0e:73:a7:70:47:07:00:e7:73:
         89:0b:db:1f:22:4a:0f:40:f1:4d:3d:ae:1e:7d:c1:0d:2e:1c:
         6a:08:ad:ee:56:1e:a2:58:39:3a:1c:58:86:65:55:4c:42:f0:
         f2:ab:6c:2d:8d:cc:25:ac:32:8c:62:9f:3e:6d:09:43:df:76:
         af:d3:b3:4a:ec:d8:aa:fa:54:76:67:64:0f:f8:0e:e5:d8:4b:
         ec:13:3d:ab:5b:a8:07:4a:11:94:be:aa:a9:3d:f0:73:83:6d:
         f6:72:95:33:bc:62:c7:82:19:2a:01:61:65:61:b0:08:74:67:
         ad:0d:c6:f2:ba:61:71:f2:46:0e:bb:b9:1c:4a:a2:24:47:46:
         35:79:b5:2b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYyIP5fpGzD1MEgfb9sqc3/PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWJlZjczMDUyN2FhZTFlY2Y4ZmIzMDg1NjU5ZDZmZGZl
ZWQ3OTcwHhcNMjMxMjIwMTcyMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjcwMTMzYjNkZTRmOTQ2ZmRmMTgzNzBiOGE5NzgyYTVmZDBlZGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQJhsalD5RXskcvxDAjiVl7DURb2
OX5r1dDqAGIAaMuN2cH0LWpOom3wa0hq5PmqHkEBBHTmtoYvAgc41rm/yEBwKr7P
b3FpzewNv5T0x8IE5qBbGsxChoitJLyN5cH0td5Us+/lEuzt15AqlHj9zQmxJrNY
6wPm6/tZrcGSTx8h6AGVPMZD9vimT2Q+xOOOtfKSsYfyM6EqqpTCgIAUKWvnuPfI
VDPH9yMGDVC29fOm/HL4nWv4ACzevIozTAZ6Jzhw95/wQmgrTjYscgzWqlgrpe4M
T+6j4KNZXBwhagkeOPRjJq5pLH+N53KG8k2SGeXs8niw1Wim6oxwZFwyowIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPZwEzs95PlG/fGDcLipeCpf0O3cMB8GA1UdIwQY
MBaAFI0b73MFJ6rh7Pj7MIVlnW/f7teXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJ2dmN3VW5xdUhzLVBzd2hXV2RiOV91MTVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iNzE2YWQtZWQwNC00ZGU0LWI5OTQt
NGFhYjJkNjhmYTVhLzEvOW5BVE96M2stVWI5OFlOd3VLbDRLbF9RN2R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9iNzE2YWQtZWQwNC00ZGU0LWI5OTQtNGFhYjJkNjhmYTVh
LzEvalJ2dmN3VW5xdUhzLVBzd2hXV2RiOV91MTVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhRCgAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQCOsxHyMaAqGlwfLNMMZIsu8eb1QSnAEgfDC+Ju
BHGUElXTb8DypB/WTPKNPhQRQSSVrDQ93gwhwQP6bvw+5T45Dj3e8qxbCXSGgsht
gCXrt6qZ/T2BGVwr5Tpl69VAFdCa50x6bIABD5gDjt1ZjdvQ6MhBSKgOc6dwRwcA
53OJC9sfIkoPQPFNPa4efcENLhxqCK3uVh6iWDk6HFiGZVVMQvDyq2wtjcwlrDKM
Yp8+bQlD33av07NK7Niq+lR2Z2QP+A7l2EvsEz2rW6gHShGUvqqpPfBzg232cpUz
vGLHghkqAWFlYbAIdGetDcbyumFx8kYOu7kcSqIkR0Y1ebUr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:04 2024 by rpki-client on console-fra.rpki-client.org