Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/JmgH2iEcCDmBkx8Wxv0yQ1LSi-0.roa
File:                     JmgH2iEcCDmBkx8Wxv0yQ1LSi-0.roa (raw, json)
Hash identifier:          9TvQx+ywqYq6Q8FA9TPizMexfMnhujs4UquXckSMb50=
Subject key identifier:   26:68:07:DA:21:1C:08:39:81:93:1F:16:C6:FD:32:43:52:D2:8B:ED
Certificate issuer:       /CN=4d88eb730ab1a501ea36ea3482d764544e141111
Certificate serial:       018C69648EE4360A146ABD4E1FB6FE0E3C3F
Authority key identifier: 4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/JmgH2iEcCDmBkx8Wxv0yQ1LSi-0.roa
Signing time:             Thu 14 Dec 2023 17:34:06 +0000
ROA not before:           Thu 14 Dec 2023 17:34:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204508
IP address blocks:        2a04:f280::/40 maxlen: 128

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:69:64:8e:e4:36:0a:14:6a:bd:4e:1f:b6:fe:0e:3c:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d88eb730ab1a501ea36ea3482d764544e141111
        Validity
            Not Before: Dec 14 17:34:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=266807da211c083981931f16c6fd324352d28bed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:ab:87:5f:8c:4d:b1:c8:50:85:a4:06:bf:a8:
                    52:37:27:11:80:31:6f:d9:69:af:c1:77:e2:13:57:
                    07:e2:63:b8:d1:ac:f4:4c:c7:46:68:5e:6b:e6:2e:
                    2f:5f:32:ad:e8:e3:65:e3:71:5c:20:d5:84:91:d9:
                    e3:87:82:69:3a:9c:e6:10:56:7a:f1:31:29:a1:69:
                    72:e6:71:7a:8f:1b:ed:5b:13:3b:ae:42:b7:b2:42:
                    b4:ca:5c:6e:ce:ad:51:34:b1:56:94:12:85:98:65:
                    38:c3:3c:3e:b6:35:79:c5:58:4f:5b:ff:50:35:1f:
                    f4:4f:3c:5e:39:82:4c:6d:a5:55:e0:89:ca:e8:3e:
                    5a:21:80:87:08:69:7c:b5:fd:13:76:2e:4e:49:8a:
                    5a:f3:27:ee:d4:ee:41:9d:02:ae:ee:50:06:02:62:
                    32:49:84:1e:34:13:6a:d7:8e:18:72:37:c5:0d:5f:
                    8b:17:05:01:16:e6:4f:2b:17:d1:33:cb:d6:aa:50:
                    55:f5:33:ae:6e:ed:08:7f:5d:7b:f8:c9:c0:80:e1:
                    19:c1:f6:63:ed:0d:72:3d:32:d9:7f:8a:bf:3a:f8:
                    34:b8:2f:f5:a3:f4:a8:e6:27:a1:71:bd:ee:fe:eb:
                    d5:71:62:60:56:a3:ad:bd:c0:8f:d3:e8:2e:38:86:
                    29:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:68:07:DA:21:1C:08:39:81:93:1F:16:C6:FD:32:43:52:D2:8B:ED
            X509v3 Authority Key Identifier:
                keyid:4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/JmgH2iEcCDmBkx8Wxv0yQ1LSi-0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/TYjrcwqxpQHqNuo0gtdkVE4UERE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a04:f280::/40

    Signature Algorithm: sha256WithRSAEncryption
         b1:b5:91:fe:67:93:c1:cf:3b:a4:1d:50:01:e2:33:f2:bd:e8:
         42:eb:57:59:d4:06:74:c3:ac:00:cc:5d:71:62:0b:d4:b9:22:
         93:d1:3c:46:df:31:c5:c0:70:c5:ac:8a:d3:46:cb:3c:c2:45:
         52:c1:f5:03:5a:08:3a:bf:32:32:6d:c0:77:1c:b5:b3:ed:10:
         b2:e7:b5:72:b2:1c:e7:7b:0c:1e:b5:7f:4e:fb:b4:21:19:95:
         3a:2c:ef:d0:c4:d1:56:cf:1a:d7:be:89:ad:da:b3:0e:23:76:
         8e:af:ec:bd:ff:89:f8:e3:18:65:05:c0:14:3d:31:62:ba:68:
         82:69:72:c2:28:90:3b:2b:6b:bd:f7:d7:e5:8d:f3:56:65:f0:
         a1:af:e0:57:55:13:a9:74:84:9a:48:82:16:06:bd:42:85:cc:
         15:f9:d2:7f:4c:2c:ac:6e:c4:be:f6:2d:f1:01:d5:e2:2d:93:
         0c:54:41:e9:4c:75:e6:f7:6e:80:a6:3c:d1:4b:2d:a8:0a:0d:
         1d:96:a3:31:fa:58:e6:ae:e4:5f:ad:1a:8d:65:3c:29:ee:cd:
         9e:f8:35:f2:dd:bd:6d:5f:6b:0a:bf:c8:8b:21:64:90:de:e7:
         fb:7a:e7:03:a9:03:f9:c1:a1:a8:bb:6c:6c:cd:80:a7:55:59:
         04:36:dc:68
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYxpZI7kNgoUar1OH7b+Djw/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkODhlYjczMGFiMWE1MDFlYTM2ZWEzNDgyZDc2NDU0NGUx
NDExMTEwHhcNMjMxMjE0MTczNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjY4MDdkYTIxMWMwODM5ODE5MzFmMTZjNmZkMzI0MzUyZDI4YmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKuHX4xNschQhaQGv6hSNycRgDFv
2WmvwXfiE1cH4mO40az0TMdGaF5r5i4vXzKt6ONl43FcINWEkdnjh4JpOpzmEFZ6
8TEpoWly5nF6jxvtWxM7rkK3skK0ylxuzq1RNLFWlBKFmGU4wzw+tjV5xVhPW/9Q
NR/0TzxeOYJMbaVV4InK6D5aIYCHCGl8tf0Tdi5OSYpa8yfu1O5BnQKu7lAGAmIy
SYQeNBNq144YcjfFDV+LFwUBFuZPKxfRM8vWqlBV9TOubu0If117+MnAgOEZwfZj
7Q1yPTLZf4q/Ovg0uC/1o/So5iehcb3u/uvVcWJgVqOtvcCP0+guOIYpywIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCZoB9ohHAg5gZMfFsb9MkNS0ovtMB8GA1UdIwQY
MBaAFE2I63MKsaUB6jbqNILXZFROFBERMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFlqcmN3cXhwUUhxTnVvMGd0ZGtWRTRVRVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jNDkzZWUtZjY2ZS00MjA4LWEzMWQt
NzI2ZjgzZDIzODkyLzEvSm1nSDJpRWNDRG1Ca3g4V3h2MHlRMUxTaS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jNDkzZWUtZjY2ZS00MjA4LWEzMWQtNzI2ZjgzZDIzODky
LzEvVFlqcmN3cXhwUUhxTnVvMGd0ZGtWRTRVRVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgTygAAw
DQYJKoZIhvcNAQELBQADggEBALG1kf5nk8HPO6QdUAHiM/K96ELrV1nUBnTDrADM
XXFiC9S5IpPRPEbfMcXAcMWsitNGyzzCRVLB9QNaCDq/MjJtwHcctbPtELLntXKy
HOd7DB61f077tCEZlTos79DE0VbPGte+ia3asw4jdo6v7L3/ifjjGGUFwBQ9MWK6
aIJpcsIokDsra7331+WN81Zl8KGv4FdVE6l0hJpIghYGvUKFzBX50n9MLKxuxL72
LfEB1eItkwxUQelMdeb3boCmPNFLLagKDR2WozH6WOau5F+tGo1lPCnuzZ74NfLd
vW1fawq/yIshZJDe5/t65wOpA/nBoai7bGzNgKdVWQQ23Gg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:14 2024 by rpki-client on console-ams.rpki-client.org