Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/a12a30-d60f-4032-8863-21253ea9f3a4/1/rnXG7erNTrP0MJ45oG6YGwWTZv4.roa
File:                     rnXG7erNTrP0MJ45oG6YGwWTZv4.roa (raw, json)
Hash identifier:          Krnbn6sbRGlr7Eqs3lVYtLm2zvh6aq7PfKyplVozl5c=
Subject key identifier:   AE:75:C6:ED:EA:CD:4E:B3:F4:30:9E:39:A0:6E:98:1B:05:93:66:FE
Certificate issuer:       /CN=1fe02dbee62c98f01f20f4770d16a47f79abe32c
Certificate serial:       01856CB82D366D8BED8E518CC54C225788E7
Authority key identifier: 1F:E0:2D:BE:E6:2C:98:F0:1F:20:F4:77:0D:16:A4:7F:79:AB:E3:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H-AtvuYsmPAfIPR3DRakf3mr4yw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/a12a30-d60f-4032-8863-21253ea9f3a4/1/rnXG7erNTrP0MJ45oG6YGwWTZv4.roa
Signing time:             Sun 01 Jan 2023 09:44:47 +0000
ROA not before:           Sun 01 Jan 2023 09:44:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206202
IP address blocks:        2a01:9e00:ac00::/40 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:b8:2d:36:6d:8b:ed:8e:51:8c:c5:4c:22:57:88:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fe02dbee62c98f01f20f4770d16a47f79abe32c
        Validity
            Not Before: Jan  1 09:44:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ae75c6edeacd4eb3f4309e39a06e981b059366fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:00:61:55:e8:c3:ea:df:ba:15:f3:d6:b3:25:
                    cb:1d:95:7a:b5:0e:a2:38:a5:db:33:47:14:31:bc:
                    80:7b:d7:7b:60:f7:a8:d3:3b:9a:bf:6f:8e:47:df:
                    bd:21:4b:11:ec:b5:3b:ae:64:2c:f2:8e:1b:f8:68:
                    1f:b6:0a:f7:4e:40:0c:b6:43:bb:2c:70:a2:d3:89:
                    43:4d:ae:91:a0:11:ae:d1:22:36:90:75:0e:c9:09:
                    92:83:94:28:9a:75:d8:82:98:ff:eb:ed:06:09:c3:
                    94:e9:c9:65:91:cb:d5:79:b5:3c:ec:a0:d0:e4:0f:
                    72:fe:fa:cc:97:73:e6:0b:67:06:48:4e:d9:8c:ef:
                    23:1d:8a:51:f0:7d:7c:68:77:6b:16:0d:a4:c9:7b:
                    5e:1f:9e:d5:ca:db:6c:77:1b:03:3e:4a:19:a2:d3:
                    79:62:2f:36:41:1e:09:6e:42:19:72:a2:5a:92:16:
                    77:bb:9d:bb:17:e7:48:99:9e:6d:c1:d4:30:e6:6f:
                    ed:ad:af:59:50:60:1d:a1:91:d4:16:99:a1:15:3a:
                    3d:28:d3:01:d2:2e:d7:3c:0d:de:ee:21:c3:13:bf:
                    40:9b:f4:59:d6:f9:8b:a8:a2:bb:fd:2d:b6:50:f4:
                    17:85:bc:77:14:a5:fc:ff:01:38:7f:23:ed:0f:59:
                    f9:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:75:C6:ED:EA:CD:4E:B3:F4:30:9E:39:A0:6E:98:1B:05:93:66:FE
            X509v3 Authority Key Identifier:
                keyid:1F:E0:2D:BE:E6:2C:98:F0:1F:20:F4:77:0D:16:A4:7F:79:AB:E3:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-AtvuYsmPAfIPR3DRakf3mr4yw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/a12a30-d60f-4032-8863-21253ea9f3a4/1/rnXG7erNTrP0MJ45oG6YGwWTZv4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/a12a30-d60f-4032-8863-21253ea9f3a4/1/H-AtvuYsmPAfIPR3DRakf3mr4yw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a01:9e00:ac00::/40

    Signature Algorithm: sha256WithRSAEncryption
         66:bf:db:04:77:1a:73:8e:fa:25:8b:d2:46:a6:ba:ec:0c:3e:
         55:03:c5:80:6b:86:fd:7f:4c:d3:bd:ce:69:e6:a4:d6:8c:74:
         da:aa:c6:e4:57:f7:6a:01:b3:a6:2d:14:a5:bc:f7:b7:61:e1:
         fc:72:c5:3a:67:0c:23:15:bf:83:40:f9:35:47:93:0f:81:ef:
         e7:6c:7d:bd:52:9f:0b:43:36:46:7f:ce:fa:66:0e:7c:56:7e:
         cd:4a:6e:16:78:7e:66:ad:1a:cc:db:71:a2:97:8d:f5:9f:56:
         c5:50:3f:e8:bb:03:7d:1f:44:a4:2c:f9:50:2d:2c:24:3c:d8:
         0a:1a:32:49:b7:d5:7f:b7:a2:39:15:81:1a:e2:fa:c2:fd:59:
         70:9e:c4:f8:d4:b1:39:c1:e8:b1:9b:f5:27:62:93:82:59:bc:
         53:b7:2c:66:03:4a:f2:45:28:95:11:34:99:4c:39:86:5e:67:
         b6:d5:b7:b4:f2:41:b5:d5:61:b7:0f:31:75:a2:f2:7b:72:de:
         dc:9a:35:94:72:a4:4e:d8:c8:1a:74:f1:80:0f:c1:c5:2b:7f:
         c7:31:8f:bf:4c:ab:49:3b:49:28:01:b0:84:48:1b:9b:97:0b:
         c1:94:a0:5b:7e:ac:a6:64:c5:6a:dc:64:5e:28:16:28:80:18:
         86:3f:f0:8c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVsuC02bYvtjlGMxUwiV4jnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTAyZGJlZTYyYzk4ZjAxZjIwZjQ3NzBkMTZhNDdmNzlh
YmUzMmMwHhcNMjMwMTAxMDk0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTc1YzZlZGVhY2Q0ZWIzZjQzMDllMzlhMDZlOTgxYjA1OTM2NmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApABhVejD6t+6FfPWsyXLHZV6tQ6i
OKXbM0cUMbyAe9d7YPeo0zuav2+OR9+9IUsR7LU7rmQs8o4b+Ggftgr3TkAMtkO7
LHCi04lDTa6RoBGu0SI2kHUOyQmSg5QomnXYgpj/6+0GCcOU6cllkcvVebU87KDQ
5A9y/vrMl3PmC2cGSE7ZjO8jHYpR8H18aHdrFg2kyXteH57VyttsdxsDPkoZotN5
Yi82QR4JbkIZcqJakhZ3u527F+dImZ5twdQw5m/tra9ZUGAdoZHUFpmhFTo9KNMB
0i7XPA3e7iHDE79Am/RZ1vmLqKK7/S22UPQXhbx3FKX8/wE4fyPtD1n5wQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFK51xu3qzU6z9DCeOaBumBsFk2b+MB8GA1UdIwQY
MBaAFB/gLb7mLJjwHyD0dw0WpH95q+MsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1BdHZ1WXNtUEFmSVBSM0RSYWtmM21yNHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9hMTJhMzAtZDYwZi00MDMyLTg4NjMt
MjEyNTNlYTlmM2E0LzEvcm5YRzdlck5UclAwTUo0NW9HNllHd1dUWnY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9hMTJhMzAtZDYwZi00MDMyLTg4NjMtMjEyNTNlYTlmM2E0
LzEvSC1BdHZ1WXNtUEFmSVBSM0RSYWtmM21yNHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgGeAKww
DQYJKoZIhvcNAQELBQADggEBAGa/2wR3GnOO+iWL0kamuuwMPlUDxYBrhv1/TNO9
zmnmpNaMdNqqxuRX92oBs6YtFKW897dh4fxyxTpnDCMVv4NA+TVHkw+B7+dsfb1S
nwtDNkZ/zvpmDnxWfs1KbhZ4fmatGszbcaKXjfWfVsVQP+i7A30fRKQs+VAtLCQ8
2AoaMkm31X+3ojkVgRri+sL9WXCexPjUsTnB6LGb9Sdik4JZvFO3LGYDSvJFKJUR
NJlMOYZeZ7bVt7TyQbXVYbcPMXWi8nty3tyaNZRypE7YyBp08YAPwcUrf8cxj79M
q0k7SSgBsIRIG5uXC8GUoFt+rKZkxWrcZF4oFiiAGIY/8Iw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:07 2024 by rpki-client on console-fra.rpki-client.org