Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/vqfk6O9-ZvwBw9yjzQug_yNDCtg.roa
File:                     vqfk6O9-ZvwBw9yjzQug_yNDCtg.roa (raw, json)
Hash identifier:          HELJOCuYnhefWQzAXkuOI8MBq8wK3lBMuzh2aG4ZobA=
Subject key identifier:   BE:A7:E4:E8:EF:7E:66:FC:01:C3:DC:A3:CD:0B:A0:FF:23:43:0A:D8
Certificate issuer:       /CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Certificate serial:       0190E64DED6C08D415B9A6BD10E05839699B
Authority key identifier: C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/vqfk6O9-ZvwBw9yjzQug_yNDCtg.roa
Signing time:             Wed 24 Jul 2024 19:53:04 +0000
ROA not before:           Wed 24 Jul 2024 19:53:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44331
IP address blocks:        2a07:2486:fe0::/44 maxlen: 44
                          2a07:2486:fe0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 14 Aug 2024 16:53:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:e6:4d:ed:6c:08:d4:15:b9:a6:bd:10:e0:58:39:69:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
        Validity
            Not Before: Jul 24 19:53:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bea7e4e8ef7e66fc01c3dca3cd0ba0ff23430ad8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:69:a0:23:c0:75:e7:fd:62:91:96:a2:12:8e:
                    08:f6:49:25:03:e2:2e:89:89:6b:fe:1d:4d:25:8e:
                    5a:26:de:5e:14:73:13:2a:4a:bd:60:45:e4:03:a9:
                    39:fb:09:c6:5e:1d:1c:a4:bc:29:15:50:9d:17:34:
                    01:48:6f:d9:e7:11:7c:4b:47:7a:6b:78:9c:5d:b8:
                    c2:56:da:01:09:e0:c3:95:93:c4:8a:82:c7:96:2b:
                    9f:64:fb:c7:49:4d:4d:bb:0b:95:ae:06:b8:83:f5:
                    ef:5d:dd:04:22:25:c6:36:a9:5f:55:05:64:68:21:
                    26:a9:4d:44:8b:dc:bd:9b:ea:2d:c8:b7:04:08:a5:
                    e6:e6:99:71:b6:12:18:af:44:0a:86:f9:7a:4d:f9:
                    64:44:a4:d3:ea:42:b7:b5:ef:2a:60:83:11:4d:1b:
                    f4:16:26:fc:69:d5:3d:e7:57:fe:21:54:10:2e:ae:
                    45:a6:7f:df:b0:f1:68:e1:6f:21:00:9c:aa:7f:1a:
                    2b:b1:e2:bd:47:da:96:d1:b6:79:9f:53:92:70:06:
                    69:2d:3c:01:ea:82:55:23:28:dc:41:d9:08:0a:4a:
                    0b:2b:02:2b:42:10:c8:24:0b:cc:05:23:ea:3e:83:
                    90:1a:b5:e9:52:8b:b3:c2:58:8a:6e:f9:ab:8d:b2:
                    99:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:A7:E4:E8:EF:7E:66:FC:01:C3:DC:A3:CD:0B:A0:FF:23:43:0A:D8
            X509v3 Authority Key Identifier:
                keyid:C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/vqfk6O9-ZvwBw9yjzQug_yNDCtg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:2486:fe0::/44

    Signature Algorithm: sha256WithRSAEncryption
         69:3b:b3:8b:2e:68:83:55:ba:ad:a0:52:10:a6:26:57:e9:8d:
         24:77:3f:10:1c:ed:fd:0a:ae:d5:14:ad:17:cd:50:b9:2c:c8:
         4c:34:e8:a6:a8:83:16:68:c5:2e:7e:b4:e3:57:ab:64:90:ef:
         ad:d5:e1:48:f9:17:04:60:75:ea:df:b6:c7:e9:51:47:a7:67:
         85:07:2d:ae:6b:f0:82:17:cb:3e:ef:72:88:fa:f8:a2:9a:4e:
         cd:e6:8b:2a:65:86:11:4b:b7:8b:a5:e3:68:3e:0b:08:83:c5:
         6d:fe:49:c4:d4:ec:e3:f0:25:79:b3:8d:f6:97:5a:8f:1a:d4:
         8d:b6:e6:c8:da:c0:7b:56:9f:59:ff:45:8e:a3:86:2e:9d:c1:
         a3:72:4d:46:44:e2:83:3f:f5:31:aa:5e:f2:af:f5:aa:93:8b:
         e5:05:2f:eb:28:31:43:1d:57:98:c0:e6:14:0a:9a:ac:55:69:
         a7:7d:89:5f:33:48:42:55:cc:be:6d:c7:9b:02:bb:7d:5c:f5:
         47:65:6b:71:32:14:87:d9:fb:3a:9b:40:72:91:42:d4:e9:8b:
         64:9a:e7:40:d9:78:6d:37:e3:10:4b:a7:bf:29:44:5f:41:74:
         19:7e:f6:ea:fc:72:7e:40:7f:a3:62:5e:6d:4f:90:30:4a:fd:
         ae:54:e2:8d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZDmTe1sCNQVuaa9EOBYOWmbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMzZlOGMyMTZmMDVhOWQ5ZTAzMjdmMTIyMmJmMTIxOThh
YmE1ZGEwHhcNMjQwNzI0MTk1MzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWE3ZTRlOGVmN2U2NmZjMDFjM2RjYTNjZDBiYTBmZjIzNDMwYWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4GmgI8B15/1ikZaiEo4I9kklA+Iu
iYlr/h1NJY5aJt5eFHMTKkq9YEXkA6k5+wnGXh0cpLwpFVCdFzQBSG/Z5xF8S0d6
a3icXbjCVtoBCeDDlZPEioLHliufZPvHSU1NuwuVrga4g/XvXd0EIiXGNqlfVQVk
aCEmqU1Ei9y9m+otyLcECKXm5plxthIYr0QKhvl6TflkRKTT6kK3te8qYIMRTRv0
Fib8adU951f+IVQQLq5Fpn/fsPFo4W8hAJyqfxorseK9R9qW0bZ5n1OScAZpLTwB
6oJVIyjcQdkICkoLKwIrQhDIJAvMBSPqPoOQGrXpUouzwliKbvmrjbKZVwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFL6n5Ojvfmb8AcPco80LoP8jQwrYMB8GA1UdIwQY
MBaAFMI26MIW8FqdngMn8SIr8SGYq6XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgt
Mzg0ZmZjZTc3ZjUyLzEvdnFmazZPOS1adndCdzl5anpRdWdfeU5EQ3RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgtMzg0ZmZjZTc3ZjUy
LzEvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgckhg/g
MA0GCSqGSIb3DQEBCwUAA4IBAQBpO7OLLmiDVbqtoFIQpiZX6Y0kdz8QHO39Cq7V
FK0XzVC5LMhMNOimqIMWaMUufrTjV6tkkO+t1eFI+RcEYHXq37bH6VFHp2eFBy2u
a/CCF8s+73KI+viimk7N5osqZYYRS7eLpeNoPgsIg8Vt/knE1Ozj8CV5s432l1qP
GtSNtubI2sB7Vp9Z/0WOo4YuncGjck1GROKDP/Uxql7yr/Wqk4vlBS/rKDFDHVeY
wOYUCpqsVWmnfYlfM0hCVcy+bcebArt9XPVHZWtxMhSH2fs6m0BykULU6YtkmudA
2XhtN+MQS6e/KURfQXQZfvbq/HJ+QH+jYl5tT5AwSv2uVOKN
-----END CERTIFICATE-----
Generated at Wed Aug 14 22:47:11 2024 by rpki-client on console-ams.rpki-client.org