Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/W-vU6dkn8XL3GcPpxaQEIxAo_Vo.roa
File:                     W-vU6dkn8XL3GcPpxaQEIxAo_Vo.roa (raw, json)
Hash identifier:          ABvxYLVNwI/neHyLJOxETIYMXgydeaJZ3nmf4LxF4XE=
Subject key identifier:   5B:EB:D4:E9:D9:27:F1:72:F7:19:C3:E9:C5:A4:04:23:10:28:FD:5A
Certificate issuer:       /CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Certificate serial:       0191EBDD84EFCF9C0498922F8662071E32CE
Authority key identifier: C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/W-vU6dkn8XL3GcPpxaQEIxAo_Vo.roa
Signing time:             Fri 13 Sep 2024 14:50:48 +0000
ROA not before:           Fri 13 Sep 2024 14:50:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     214194
IP address blocks:        2a07:2486:401e::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 07 Nov 2024 14:21:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:eb:dd:84:ef:cf:9c:04:98:92:2f:86:62:07:1e:32:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
        Validity
            Not Before: Sep 13 14:50:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5bebd4e9d927f172f719c3e9c5a404231028fd5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:3c:59:51:e0:af:cd:4d:58:c4:b2:1b:dd:84:
                    02:04:e0:ad:77:aa:6c:99:00:b1:e8:78:50:97:d9:
                    fc:1f:c6:86:12:f3:87:49:6e:87:b5:e7:96:d4:22:
                    2a:26:9d:2b:59:1d:03:ff:88:ef:eb:1d:9b:ca:dc:
                    8b:fa:7b:3b:ad:71:b3:72:0b:09:c8:37:3e:8b:74:
                    f7:54:ac:7d:96:5e:9d:ca:1d:ad:ee:22:6b:2a:10:
                    2d:17:a2:48:e7:89:8a:95:86:0c:17:bb:ca:b0:db:
                    03:3a:e9:f8:93:3b:2a:b0:6d:aa:79:78:39:70:51:
                    47:ae:04:b1:89:82:4e:2c:0a:da:f3:95:da:05:8c:
                    6b:eb:e0:e3:c3:fa:93:07:c0:2b:5e:57:f2:28:34:
                    51:4b:58:d3:2c:2d:3c:6c:e8:7c:b8:22:1b:e4:b1:
                    cf:80:3d:f1:e9:8d:a3:d9:6c:bc:67:b0:21:3a:12:
                    9c:22:9b:ed:6e:d6:ff:0e:8a:01:69:d4:2e:79:2a:
                    5e:b0:ca:08:9c:0f:31:8b:e7:9c:e0:c9:27:80:d9:
                    d6:2d:31:ee:7c:75:16:0c:ce:2a:84:35:ee:c8:96:
                    53:9a:c4:ac:ba:c1:c1:f3:80:80:7e:e8:e6:df:96:
                    fc:0b:b9:85:a9:6d:e3:35:e4:cd:d1:41:91:80:83:
                    a5:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:EB:D4:E9:D9:27:F1:72:F7:19:C3:E9:C5:A4:04:23:10:28:FD:5A
            X509v3 Authority Key Identifier:
                keyid:C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/W-vU6dkn8XL3GcPpxaQEIxAo_Vo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:2486:401e::/48

    Signature Algorithm: sha256WithRSAEncryption
         99:48:45:f6:ef:f0:6f:f3:9d:3b:0e:73:ef:2c:20:52:25:8a:
         fb:87:aa:ba:3c:44:d2:40:34:52:3f:65:bc:ce:b1:39:49:ea:
         21:c0:1a:64:ee:bd:b4:7c:a8:ed:85:7c:ca:eb:fe:3d:32:59:
         63:e2:24:c3:68:0d:06:8c:42:cb:d4:29:1c:25:4f:d8:ef:d2:
         bf:39:26:c3:8f:b5:6d:1c:00:f7:17:47:5d:ab:ba:4f:ea:72:
         34:ff:a9:8c:32:d7:b7:38:b2:2a:85:40:3e:92:45:75:a3:1e:
         85:d2:f8:32:5d:40:59:8f:1d:ab:3f:ff:3b:2d:e3:ba:eb:8d:
         ff:22:4e:5e:55:b4:59:e8:41:f2:7a:64:72:1f:e3:c6:5e:41:
         6f:12:47:2b:65:30:be:7d:36:c6:ff:7a:0e:c8:e3:a0:3c:9e:
         a6:a4:21:e0:2b:e4:3a:12:f2:78:9d:d4:a1:0b:d5:72:23:78:
         3e:3a:98:3b:24:d6:7b:57:e3:47:ec:22:b2:8c:af:37:70:e0:
         07:b6:0e:5e:d4:36:cf:69:24:c1:4b:e4:6f:a0:fc:20:a4:6d:
         d4:62:22:a4:bb:a5:b5:9e:e4:da:16:06:11:13:84:50:df:19:
         2e:d3:5e:58:c3:d2:e7:a8:55:6d:8c:6e:8e:57:cd:87:ef:9f:
         33:eb:1f:1e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZHr3YTvz5wEmJIvhmIHHjLOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMzZlOGMyMTZmMDVhOWQ5ZTAzMjdmMTIyMmJmMTIxOThh
YmE1ZGEwHhcNMjQwOTEzMTQ1MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmViZDRlOWQ5MjdmMTcyZjcxOWMzZTljNWE0MDQyMzEwMjhmZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojxZUeCvzU1YxLIb3YQCBOCtd6ps
mQCx6HhQl9n8H8aGEvOHSW6HteeW1CIqJp0rWR0D/4jv6x2bytyL+ns7rXGzcgsJ
yDc+i3T3VKx9ll6dyh2t7iJrKhAtF6JI54mKlYYMF7vKsNsDOun4kzsqsG2qeXg5
cFFHrgSxiYJOLAra85XaBYxr6+Djw/qTB8ArXlfyKDRRS1jTLC08bOh8uCIb5LHP
gD3x6Y2j2Wy8Z7AhOhKcIpvtbtb/DooBadQueSpesMoInA8xi+ec4MkngNnWLTHu
fHUWDM4qhDXuyJZTmsSsusHB84CAfujm35b8C7mFqW3jNeTN0UGRgIOlewIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFvr1OnZJ/Fy9xnD6cWkBCMQKP1aMB8GA1UdIwQY
MBaAFMI26MIW8FqdngMn8SIr8SGYq6XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgt
Mzg0ZmZjZTc3ZjUyLzEvVy12VTZka244WEwzR2NQcHhhUUVJeEFvX1ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgtMzg0ZmZjZTc3ZjUy
LzEvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgckhkAe
MA0GCSqGSIb3DQEBCwUAA4IBAQCZSEX27/Bv8507DnPvLCBSJYr7h6q6PETSQDRS
P2W8zrE5SeohwBpk7r20fKjthXzK6/49Mllj4iTDaA0GjELL1CkcJU/Y79K/OSbD
j7VtHAD3F0ddq7pP6nI0/6mMMte3OLIqhUA+kkV1ox6F0vgyXUBZjx2rP/87LeO6
643/Ik5eVbRZ6EHyemRyH+PGXkFvEkcrZTC+fTbG/3oOyOOgPJ6mpCHgK+Q6EvJ4
ndShC9VyI3g+Opg7JNZ7V+NH7CKyjK83cOAHtg5e1DbPaSTBS+RvoPwgpG3UYiKk
u6W1nuTaFgYRE4RQ3xku015Yw9LnqFVtjG6OV82H758z6x8e
-----END CERTIFICATE-----
Generated at Thu Nov 7 17:43:11 2024 by rpki-client on console-ams.rpki-client.org