Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/32QmHVr0-gwdLzdyIP1bpDqYD3o.roa
File:                     32QmHVr0-gwdLzdyIP1bpDqYD3o.roa (raw, json)
Hash identifier:          YvJ/ySoqpLGQQguh950aMgMJqUI2c2SnL8Tr4LuFLHE=
Subject key identifier:   DF:64:26:1D:5A:F4:FA:0C:1D:2F:37:72:20:FD:5B:A4:3A:98:0F:7A
Certificate issuer:       /CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Certificate serial:       01927D4BCA859EC15F1FF45D6D5F2358907B
Authority key identifier: B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/32QmHVr0-gwdLzdyIP1bpDqYD3o.roa
Signing time:             Fri 11 Oct 2024 20:36:11 +0000
ROA not before:           Fri 11 Oct 2024 20:36:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     35196
IP address blocks:        2a0a:f587::/32 maxlen: 32
                          2a0e:fb44::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 17 Oct 2024 19:44:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:7d:4b:ca:85:9e:c1:5f:1f:f4:5d:6d:5f:23:58:90:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
        Validity
            Not Before: Oct 11 20:36:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=df64261d5af4fa0c1d2f377220fd5ba43a980f7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:e2:76:7b:50:07:04:58:d9:d7:e3:4a:e7:26:
                    e5:ee:42:1f:96:20:19:41:9a:f4:73:07:ac:f7:90:
                    65:f3:9d:33:68:af:ef:bf:5f:62:12:4e:48:b3:97:
                    0d:51:57:13:59:9d:88:14:52:af:94:ad:04:5b:66:
                    14:90:b4:67:31:d4:18:75:38:c5:3a:77:ff:e5:09:
                    42:e1:aa:77:16:f4:f0:5b:96:17:11:ec:fd:d2:57:
                    87:c9:df:25:88:1c:e2:29:44:43:0d:88:f6:43:47:
                    8f:67:62:99:b0:b1:d9:67:41:e8:32:40:b4:e2:93:
                    e0:e7:40:ff:17:81:a1:b2:0b:39:7a:a8:8e:cb:a0:
                    a5:94:03:b7:bf:cd:d7:4b:9a:a1:2a:66:2b:d3:8f:
                    de:94:a0:ce:db:56:04:56:cc:2a:70:97:d3:8c:67:
                    54:d7:4c:77:20:b3:39:e2:46:a3:5e:cd:07:0b:5a:
                    3b:d8:9e:ea:59:6b:83:e0:4a:cc:ff:5d:73:2c:5b:
                    52:5b:3c:90:1d:b8:aa:f9:df:19:fd:aa:79:6a:e8:
                    cb:05:9c:3b:51:98:79:1b:18:36:fc:bf:b0:5c:5a:
                    61:ef:14:0f:d2:f7:5e:d9:cb:db:07:ab:4b:b8:b8:
                    eb:8d:71:76:17:22:2b:48:26:52:8d:70:24:d2:8b:
                    c2:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:64:26:1D:5A:F4:FA:0C:1D:2F:37:72:20:FD:5B:A4:3A:98:0F:7A
            X509v3 Authority Key Identifier:
                keyid:B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/32QmHVr0-gwdLzdyIP1bpDqYD3o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:f587::/32
                  2a0e:fb44::/32

    Signature Algorithm: sha256WithRSAEncryption
         a6:5e:30:37:e2:c1:87:5b:2b:3b:78:d3:85:59:7d:28:f5:f9:
         9a:0a:7d:b9:83:34:7a:94:d9:07:c7:7e:e0:8f:30:7f:28:d5:
         35:51:8d:1e:49:4b:0e:3d:58:35:db:50:cc:25:41:e1:9e:01:
         63:fa:ff:3b:d9:f0:17:68:75:6f:a7:8f:f3:93:c3:0f:0c:09:
         3c:ac:9b:2c:a7:a9:38:9b:27:3e:08:2a:93:2b:da:eb:07:c6:
         58:c1:0a:be:07:12:36:26:6f:ae:a2:25:c7:51:ce:4b:3f:85:
         e9:d7:ee:b4:14:c5:d9:88:8d:8e:c5:50:92:66:c0:23:ce:ea:
         e8:1c:17:36:bc:90:35:82:c3:7f:0f:9a:67:37:7c:2e:73:2b:
         e5:93:9d:79:3b:b3:4e:39:90:f8:ea:8d:19:18:04:4d:8c:24:
         ff:68:2a:cd:e4:b9:5e:1f:9e:bc:7d:ab:40:be:0f:d8:27:9e:
         d2:0b:81:12:81:02:c7:78:ac:72:da:4b:2a:5e:0c:ea:e3:9c:
         74:4d:51:3a:ae:e5:c8:1f:99:86:ad:12:31:a5:0f:cd:36:f7:
         57:ea:ba:7e:c6:29:3f:5a:51:f0:30:f6:d9:b3:d5:09:19:e7:
         24:22:18:68:33:67:60:ee:6c:36:57:17:4a:52:e0:6b:00:8b:
         2b:8b:4b:e4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZJ9S8qFnsFfH/RdbV8jWJB7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjYxOWVmMjAwODQwZGZhOGZkNDM1NjdjN2E5NzhjMTUz
MTJkN2YwHhcNMjQxMDExMjAzNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjY0MjYxZDVhZjRmYTBjMWQyZjM3NzIyMGZkNWJhNDNhOTgwZjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+J2e1AHBFjZ1+NK5ybl7kIfliAZ
QZr0cwes95Bl850zaK/vv19iEk5Is5cNUVcTWZ2IFFKvlK0EW2YUkLRnMdQYdTjF
Onf/5QlC4ap3FvTwW5YXEez90leHyd8liBziKURDDYj2Q0ePZ2KZsLHZZ0HoMkC0
4pPg50D/F4Ghsgs5eqiOy6CllAO3v83XS5qhKmYr04/elKDO21YEVswqcJfTjGdU
10x3ILM54kajXs0HC1o72J7qWWuD4ErM/11zLFtSWzyQHbiq+d8Z/ap5aujLBZw7
UZh5Gxg2/L+wXFph7xQP0vde2cvbB6tLuLjrjXF2FyIrSCZSjXAk0ovCtwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFN9kJh1a9PoMHS83ciD9W6Q6mA96MB8GA1UdIwQY
MBaAFLD2Ge8gCEDfqP1DVnx6l4wVMS1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYt
MDY5NjYxNjc1MTA2LzEvMzJRbUhWcjAtZ3dkTHpkeUlQMWJwRHFZRDNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYtMDY5NjYxNjc1MTA2
LzEvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgr1hwMF
ACoO+0QwDQYJKoZIhvcNAQELBQADggEBAKZeMDfiwYdbKzt404VZfSj1+ZoKfbmD
NHqU2QfHfuCPMH8o1TVRjR5JSw49WDXbUMwlQeGeAWP6/zvZ8BdodW+nj/OTww8M
CTysmyynqTibJz4IKpMr2usHxljBCr4HEjYmb66iJcdRzks/henX7rQUxdmIjY7F
UJJmwCPO6ugcFza8kDWCw38Pmmc3fC5zK+WTnXk7s045kPjqjRkYBE2MJP9oKs3k
uV4fnrx9q0C+D9gnntILgRKBAsd4rHLaSypeDOrjnHRNUTqu5cgfmYatEjGlD802
91fqun7GKT9aUfAw9tmz1QkZ5yQiGGgzZ2DubDZXF0pS4GsAiyuLS+Q=
-----END CERTIFICATE-----
Generated at Thu Oct 17 22:34:22 2024 by rpki-client on console-ams.rpki-client.org