Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/1-jr7bcZSGCljHPRakfBLZN23Bgo.roa
File:                     1-jr7bcZSGCljHPRakfBLZN23Bgo.roa (raw, json)
Hash identifier:          wGRi/yQS6TVcqBKc+SwpfSPPfTrklhnB8j+iEEGiaI4=
Subject key identifier:   FA:3A:FB:6D:C6:52:18:29:63:1C:F4:5A:91:F0:4B:64:DD:B7:06:0A
Certificate issuer:       /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial:       018CC5DC15BD5D9C3B8499C9DF9772214883
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/1-jr7bcZSGCljHPRakfBLZN23Bgo.roa
Signing time:             Mon 01 Jan 2024 16:29:44 +0000
ROA not before:           Mon 01 Jan 2024 16:29:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209641
IP address blocks:        2a09:6904::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 16 Jan 2024 14:08:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:15:bd:5d:9c:3b:84:99:c9:df:97:72:21:48:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
        Validity
            Not Before: Jan  1 16:29:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fa3afb6dc6521829631cf45a91f04b64ddb7060a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:13:18:30:65:fe:4e:e4:3b:e1:42:88:32:c8:
                    b8:17:52:3e:69:86:f4:22:f1:76:7a:44:d3:15:59:
                    eb:1a:18:50:dc:ff:b9:f1:e4:a8:f7:dd:84:f9:70:
                    e9:be:3f:e2:74:fc:fd:b0:7d:6b:e3:dc:38:b9:0b:
                    5f:ca:33:69:71:6c:1b:9b:97:f6:e5:09:0e:23:93:
                    f1:ba:03:32:e4:b1:29:b9:ca:a4:4f:c6:0f:44:81:
                    34:c9:64:02:d7:95:a9:c5:d6:9f:68:7b:4d:55:fd:
                    32:dc:e5:ff:1a:ab:f7:b6:c5:10:b8:17:65:f1:b6:
                    d7:d9:b6:75:8c:eb:32:03:27:5f:2d:6f:25:8e:49:
                    c3:0c:da:68:5a:37:fa:38:17:a7:70:35:ef:2d:bd:
                    82:12:99:0f:1e:d5:62:e0:85:de:bb:66:a1:22:8a:
                    62:ef:ac:ef:6b:9d:e6:7b:6c:94:fd:d9:ac:7b:07:
                    1d:38:6a:9d:aa:cb:e3:e7:8d:98:f8:e9:63:7c:cf:
                    73:92:90:66:8f:b2:7b:8f:a8:d4:3d:3c:b2:45:fc:
                    2b:d2:bb:5e:d5:21:51:fb:dc:11:1e:28:16:c0:f3:
                    1c:64:3a:87:ce:2b:54:cb:eb:d2:f8:8b:4a:81:fd:
                    ba:dd:23:3a:59:26:d4:ae:4d:b1:62:c4:da:27:55:
                    93:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:3A:FB:6D:C6:52:18:29:63:1C:F4:5A:91:F0:4B:64:DD:B7:06:0A
            X509v3 Authority Key Identifier:
                keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/1-jr7bcZSGCljHPRakfBLZN23Bgo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:6904::/32

    Signature Algorithm: sha256WithRSAEncryption
         48:36:27:d4:63:cf:9f:61:18:56:56:39:f8:bc:23:55:27:e9:
         d8:7a:a5:3c:02:28:6e:58:fa:00:b5:52:ab:ab:97:74:db:99:
         13:37:59:f4:41:2a:89:20:30:01:02:72:31:4a:68:37:e1:76:
         1c:5d:c7:4e:01:7f:3d:28:51:ef:fd:e5:4d:9c:33:31:a8:b7:
         f4:d2:b6:c1:e5:74:9f:c3:9d:fb:a6:8f:3b:8f:92:91:40:97:
         1c:54:18:97:c1:74:21:55:b6:9f:50:ee:dc:cf:68:71:81:12:
         d0:e8:37:e5:a8:87:67:ec:76:b1:9c:41:27:51:ad:14:e9:43:
         66:ba:d2:ec:6f:82:58:c9:bd:80:92:45:13:6a:11:dd:e7:70:
         0a:a0:bf:7e:43:d2:dc:d1:41:b0:d5:88:6e:9f:48:fb:ff:88:
         d5:a0:cd:40:69:2b:b2:72:9d:0f:79:68:aa:a3:be:10:af:54:
         90:66:f1:48:cd:ef:48:e9:c1:a5:84:d2:6e:97:14:c7:da:1d:
         a4:fb:86:60:ed:4a:67:89:5b:58:b7:58:90:db:95:8c:a7:5e:
         3d:a5:95:71:9a:94:94:89:21:bd:6e:7a:0d:d4:9d:54:ab:13:
         8e:d4:c2:bb:0e:29:4e:77:7a:3f:4d:c4:52:85:6d:77:f5:2c:
         cb:27:ae:4f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzF3BW9XZw7hJnJ35dyIUiDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjQwMTAxMTYyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTNhZmI2ZGM2NTIxODI5NjMxY2Y0NWE5MWYwNGI2NGRkYjcwNjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRMYMGX+TuQ74UKIMsi4F1I+aYb0
IvF2ekTTFVnrGhhQ3P+58eSo992E+XDpvj/idPz9sH1r49w4uQtfyjNpcWwbm5f2
5QkOI5PxugMy5LEpucqkT8YPRIE0yWQC15WpxdafaHtNVf0y3OX/Gqv3tsUQuBdl
8bbX2bZ1jOsyAydfLW8ljknDDNpoWjf6OBencDXvLb2CEpkPHtVi4IXeu2ahIopi
76zva53me2yU/dmsewcdOGqdqsvj542Y+OljfM9zkpBmj7J7j6jUPTyyRfwr0rte
1SFR+9wRHigWwPMcZDqHzitUy+vS+ItKgf263SM6WSbUrk2xYsTaJ1WT2wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPo6+23GUhgpYxz0WpHwS2TdtwYKMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvMS1qcjdiY1pTR0NsakhQUmFrZkJMWk4yM0Jnby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjAvNzllZjRmLWUzOGUtNDRkYS1hNjU3LTIxNTkzNzZkM2E2
NC8xL1BzVUt0TXozTGoxZ3dKLVdRQm5Xd0RURkNtdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoJaQQw
DQYJKoZIhvcNAQELBQADggEBAEg2J9Rjz59hGFZWOfi8I1Un6dh6pTwCKG5Y+gC1
Uqurl3TbmRM3WfRBKokgMAECcjFKaDfhdhxdx04Bfz0oUe/95U2cMzGot/TStsHl
dJ/DnfumjzuPkpFAlxxUGJfBdCFVtp9Q7tzPaHGBEtDoN+Woh2fsdrGcQSdRrRTp
Q2a60uxvgljJvYCSRRNqEd3ncAqgv35D0tzRQbDViG6fSPv/iNWgzUBpK7JynQ95
aKqjvhCvVJBm8UjN70jpwaWE0m6XFMfaHaT7hmDtSmeJW1i3WJDblYynXj2llXGa
lJSJIb1ueg3UnVSrE47UwrsOKU53ej9NxFKFbXf1LMsnrk8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:17 2024 by rpki-client on console-fra.rpki-client.org