Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/Zwm2re9J8oIRtv9cEljiJDrDckk.roa
File:                     Zwm2re9J8oIRtv9cEljiJDrDckk.roa (raw, json)
Hash identifier:          Ur/rnWync184tnxkxT2QO3f1u8L2kQcySNWfQrwXg3Q=
Subject key identifier:   67:09:B6:AD:EF:49:F2:82:11:B6:FF:5C:12:58:E2:24:3A:C3:72:49
Certificate issuer:       /CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Certificate serial:       01856D4AE78A18B00226E55BBFAD2098D6FC
Authority key identifier: C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/Zwm2re9J8oIRtv9cEljiJDrDckk.roa
Signing time:             Sun 01 Jan 2023 12:25:03 +0000
ROA not before:           Sun 01 Jan 2023 12:25:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3303
IP address blocks:        2a07:2902:400::/38 maxlen: 38

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:4a:e7:8a:18:b0:02:26:e5:5b:bf:ad:20:98:d6:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
        Validity
            Not Before: Jan  1 12:25:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6709b6adef49f28211b6ff5c1258e2243ac37249
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:8a:e1:6c:b8:fb:2e:9c:15:6f:26:07:a6:b0:
                    8a:1f:1e:09:a1:86:71:9f:cd:b3:75:5c:8b:73:2d:
                    c2:31:74:32:1a:98:b0:20:84:28:61:7a:a4:de:6f:
                    9a:4f:8e:29:fd:ca:6d:ef:0a:d0:7c:47:2c:42:0e:
                    6f:13:d1:a7:6c:18:a1:f5:ec:ac:bc:18:0f:ea:68:
                    43:bf:50:2c:3d:7d:e2:98:7d:d0:1a:00:b0:92:05:
                    5f:5d:97:13:58:40:01:de:ca:93:26:14:43:c2:7a:
                    e6:78:5f:7b:e1:3d:0a:2c:79:6a:00:64:bd:89:24:
                    a3:42:7d:b4:67:97:f7:86:27:f3:2e:4c:91:da:bd:
                    3c:e8:6a:10:ec:c6:65:7a:47:ae:1a:2a:5a:5c:9f:
                    06:c7:3d:19:82:fb:43:06:e0:ad:0f:18:ee:7f:a3:
                    2a:e5:72:a7:11:c4:99:1c:1b:eb:0b:97:e3:9d:73:
                    aa:2e:55:92:c8:cb:22:2e:2e:57:db:df:55:8f:de:
                    6a:d5:55:a4:08:49:f3:55:f8:31:e6:cd:59:12:55:
                    a5:4f:bb:aa:75:fb:a2:ce:e9:60:a3:69:ea:54:4c:
                    05:9b:9b:29:41:b2:e3:37:b6:89:f0:5d:2d:0a:ae:
                    46:d5:a2:2d:7d:76:8d:01:37:62:f1:8d:2b:58:13:
                    bb:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:09:B6:AD:EF:49:F2:82:11:B6:FF:5C:12:58:E2:24:3A:C3:72:49
            X509v3 Authority Key Identifier:
                keyid:C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/Zwm2re9J8oIRtv9cEljiJDrDckk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:2902:400::/38

    Signature Algorithm: sha256WithRSAEncryption
         36:d2:f2:ba:df:5c:d3:7e:d3:a7:4c:cb:57:42:b0:f1:8b:d0:
         f0:f7:63:1b:c1:c9:b0:4e:f5:f3:bb:00:55:ef:b2:45:84:7b:
         ae:df:72:89:51:ca:69:cf:98:0f:f0:f8:c4:04:84:31:7a:db:
         d3:63:05:d4:c6:85:87:1a:23:e5:36:20:8b:c0:9b:0b:60:68:
         3a:37:7c:18:e1:74:e1:ac:4c:88:bc:64:2b:0a:d6:a4:f5:2d:
         1e:38:37:60:dd:c7:0c:1b:d1:42:6e:fb:20:a2:9e:ec:23:e3:
         c4:0c:cb:b6:d2:5f:91:b9:68:22:d0:1a:5b:dd:01:50:25:24:
         ed:4b:df:0f:ac:cb:a1:2c:43:f8:84:de:cf:ad:4a:ab:59:dc:
         18:66:2b:ff:99:08:ff:76:e8:04:f7:02:8e:ee:38:3a:b2:1a:
         31:cc:85:93:a9:d3:27:39:85:d7:ba:ee:41:be:f0:bb:0a:13:
         b1:8e:f5:f9:d5:3d:97:7e:bd:3e:5d:7a:8d:76:dc:85:e0:a3:
         06:21:8f:44:42:c3:aa:31:23:81:57:ff:a0:8f:2f:3e:85:c7:
         8d:21:72:29:36:b6:7e:78:00:13:f1:70:cb:fe:b0:22:5d:44:
         5d:e1:a2:5a:1e:4a:2f:3b:d9:6e:82:f0:a2:e8:a1:54:0c:67:
         f4:98:a4:66
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtSueKGLACJuVbv60gmNb8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NWM2ODNjYjFlYjljMGY0OWI5NjdlM2JkOWI4Yjg0Y2Yw
OTliYjgwHhcNMjMwMTAxMTIyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzA5YjZhZGVmNDlmMjgyMTFiNmZmNWMxMjU4ZTIyNDNhYzM3MjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIrhbLj7LpwVbyYHprCKHx4JoYZx
n82zdVyLcy3CMXQyGpiwIIQoYXqk3m+aT44p/cpt7wrQfEcsQg5vE9GnbBih9eys
vBgP6mhDv1AsPX3imH3QGgCwkgVfXZcTWEAB3sqTJhRDwnrmeF974T0KLHlqAGS9
iSSjQn20Z5f3hifzLkyR2r086GoQ7MZlekeuGipaXJ8Gxz0ZgvtDBuCtDxjuf6Mq
5XKnEcSZHBvrC5fjnXOqLlWSyMsiLi5X299Vj95q1VWkCEnzVfgx5s1ZElWlT7uq
dfuizulgo2nqVEwFm5spQbLjN7aJ8F0tCq5G1aItfXaNATdi8Y0rWBO7AQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGcJtq3vSfKCEbb/XBJY4iQ6w3JJMB8GA1UdIwQY
MBaAFMRcaDyx65wPSbln472bi4TPCZu4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYt
ODhkMmRmMTBkMTViLzEvWndtMnJlOUo4b0lSdHY5Y0VsamlKRHJEY2trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYtODhkMmRmMTBkMTVi
LzEveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgcpAgQw
DQYJKoZIhvcNAQELBQADggEBADbS8rrfXNN+06dMy1dCsPGL0PD3YxvBybBO9fO7
AFXvskWEe67fcolRymnPmA/w+MQEhDF629NjBdTGhYcaI+U2IIvAmwtgaDo3fBjh
dOGsTIi8ZCsK1qT1LR44N2Ddxwwb0UJu+yCinuwj48QMy7bSX5G5aCLQGlvdAVAl
JO1L3w+sy6EsQ/iE3s+tSqtZ3BhmK/+ZCP926AT3Ao7uODqyGjHMhZOp0yc5hde6
7kG+8LsKE7GO9fnVPZd+vT5deo123IXgowYhj0RCw6oxI4FX/6CPLz6Fx40hcik2
tn54ABPxcMv+sCJdRF3holoeSi872W6C8KLooVQMZ/SYpGY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:54 2024 by rpki-client on console-ams.rpki-client.org