Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/f55757-5965-4270-beab-a0d6dbfac6eb/1/K4Q9UICc3in7JKmKhz6fC3D9bok.roa
File:                     K4Q9UICc3in7JKmKhz6fC3D9bok.roa (raw, json)
Hash identifier:          t0fiIz7ZAHu076UpjP0pTd+vXwyDpKmsEs2LKjNaDek=
Subject key identifier:   2B:84:3D:50:80:9C:DE:29:FB:24:A9:8A:87:3E:9F:0B:70:FD:6E:89
Certificate issuer:       /CN=3f3bf511774b6e1d706bb2727b3d3125775a912f
Certificate serial:       0185711E44B722E58E1C4944CCFF7C22BECA
Authority key identifier: 3F:3B:F5:11:77:4B:6E:1D:70:6B:B2:72:7B:3D:31:25:77:5A:91:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pzv1EXdLbh1wa7Jyez0xJXdakS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/f55757-5965-4270-beab-a0d6dbfac6eb/1/K4Q9UICc3in7JKmKhz6fC3D9bok.roa
Signing time:             Mon 02 Jan 2023 06:14:47 +0000
ROA not before:           Mon 02 Jan 2023 06:14:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        2a0a:144::/35 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:1e:44:b7:22:e5:8e:1c:49:44:cc:ff:7c:22:be:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f3bf511774b6e1d706bb2727b3d3125775a912f
        Validity
            Not Before: Jan  2 06:14:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2b843d50809cde29fb24a98a873e9f0b70fd6e89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:5e:db:18:56:84:e2:fe:cf:3a:3e:2b:50:f2:
                    2e:05:75:be:9a:2c:fc:cb:53:bd:b8:24:76:8e:c2:
                    9e:87:24:1e:81:f3:99:c1:47:4e:ff:4a:43:9a:43:
                    8d:61:a3:b8:61:e3:96:18:32:d6:0c:dc:c3:44:d5:
                    4d:90:6e:63:77:bf:d6:43:9d:85:57:6b:f4:2f:d6:
                    c4:24:52:5c:e5:23:02:38:d6:fb:c3:de:01:18:89:
                    92:56:65:8c:80:d5:88:46:95:8a:04:91:e8:cc:d5:
                    d2:46:c0:c5:13:21:59:f7:f4:96:77:31:b0:88:5c:
                    d9:bc:b3:d3:a9:e0:8c:26:1f:58:15:8b:79:a1:8f:
                    fe:83:5c:63:49:cf:35:38:9a:72:81:c4:cc:48:cd:
                    08:d1:ea:a0:28:17:07:f9:7f:ad:d0:6a:3c:f2:ec:
                    10:d3:bf:ad:f0:74:b9:cd:7d:bf:b4:60:3a:9a:da:
                    d0:81:c3:59:fe:fe:bc:81:73:c6:d0:48:56:73:70:
                    6a:54:db:6c:11:b9:6d:4b:c3:f8:38:8c:e9:23:60:
                    ee:5f:04:49:b6:95:c2:19:0c:e7:b1:1d:65:11:da:
                    64:80:57:e5:d4:33:bb:7f:fc:2a:18:5f:fb:2a:b0:
                    f2:5b:e9:bd:f7:a3:eb:9f:aa:6b:44:66:26:19:b3:
                    2e:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:84:3D:50:80:9C:DE:29:FB:24:A9:8A:87:3E:9F:0B:70:FD:6E:89
            X509v3 Authority Key Identifier:
                keyid:3F:3B:F5:11:77:4B:6E:1D:70:6B:B2:72:7B:3D:31:25:77:5A:91:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pzv1EXdLbh1wa7Jyez0xJXdakS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f55757-5965-4270-beab-a0d6dbfac6eb/1/K4Q9UICc3in7JKmKhz6fC3D9bok.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f55757-5965-4270-beab-a0d6dbfac6eb/1/Pzv1EXdLbh1wa7Jyez0xJXdakS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:144::/35

    Signature Algorithm: sha256WithRSAEncryption
         14:cb:c8:7c:03:2e:fa:b0:d8:18:1c:4e:5f:bb:d1:0a:7f:a5:
         8d:63:d4:88:bf:50:ec:9f:fa:2a:1a:8b:29:a9:f8:06:b0:4a:
         10:2d:9a:88:43:cc:4f:00:e6:e1:62:d2:fc:34:9f:53:ad:e9:
         d9:e5:d4:bd:5e:03:c8:2c:b5:c8:86:39:af:bf:cd:72:75:76:
         4d:b5:c1:a1:96:2e:7a:d7:d3:76:d7:ff:f5:9e:cc:7d:e5:6a:
         94:08:02:2b:10:7f:69:a5:0c:f6:72:d4:21:91:a6:81:df:72:
         db:54:6d:5e:b6:80:53:21:fa:1b:34:9d:15:a0:92:4d:1c:80:
         c2:c7:7a:e7:b0:89:fc:e5:02:9f:4a:bf:f9:c7:ef:b9:1d:ba:
         10:6f:0c:82:8a:4e:13:10:00:d3:ad:2b:be:b9:fa:a8:0d:c8:
         90:ec:b8:f8:0e:54:28:24:61:12:bb:31:33:18:c0:bc:e8:26:
         eb:92:50:28:09:4a:8b:db:dd:ef:49:5a:4d:1b:11:e1:26:c0:
         1d:18:42:ae:e9:be:55:c2:d4:8e:70:bc:1b:d2:74:0b:37:56:
         e0:1c:52:8d:20:55:77:70:90:fc:e7:8a:b3:c8:5c:00:7e:0b:
         df:7b:0d:1a:62:e2:1a:b6:ef:db:20:9b:ad:85:13:fa:b2:4a:
         9b:3e:7e:14
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVxHkS3IuWOHElEzP98Ir7KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmM2JmNTExNzc0YjZlMWQ3MDZiYjI3MjdiM2QzMTI1Nzc1
YTkxMmYwHhcNMjMwMTAyMDYxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjg0M2Q1MDgwOWNkZTI5ZmIyNGE5OGE4NzNlOWYwYjcwZmQ2ZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgV7bGFaE4v7POj4rUPIuBXW+miz8
y1O9uCR2jsKehyQegfOZwUdO/0pDmkONYaO4YeOWGDLWDNzDRNVNkG5jd7/WQ52F
V2v0L9bEJFJc5SMCONb7w94BGImSVmWMgNWIRpWKBJHozNXSRsDFEyFZ9/SWdzGw
iFzZvLPTqeCMJh9YFYt5oY/+g1xjSc81OJpygcTMSM0I0eqgKBcH+X+t0Go88uwQ
07+t8HS5zX2/tGA6mtrQgcNZ/v68gXPG0EhWc3BqVNtsEbltS8P4OIzpI2DuXwRJ
tpXCGQznsR1lEdpkgFfl1DO7f/wqGF/7KrDyW+m996Prn6prRGYmGbMutQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCuEPVCAnN4p+ySpioc+nwtw/W6JMB8GA1UdIwQY
MBaAFD879RF3S24dcGuycns9MSV3WpEvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHp2MUVYZExiaDF3YTdKeWV6MHhKWGRha1M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9mNTU3NTctNTk2NS00MjcwLWJlYWIt
YTBkNmRiZmFjNmViLzEvSzRROVVJQ2MzaW43SkttS2h6NmZDM0Q5Ym9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9mNTU3NTctNTk2NS00MjcwLWJlYWItYTBkNmRiZmFjNmVi
LzEvUHp2MUVYZExiaDF3YTdKeWV6MHhKWGRha1M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYFKgoBRAAw
DQYJKoZIhvcNAQELBQADggEBABTLyHwDLvqw2BgcTl+70Qp/pY1j1Ii/UOyf+ioa
iymp+AawShAtmohDzE8A5uFi0vw0n1Ot6dnl1L1eA8gstciGOa+/zXJ1dk21waGW
LnrX03bX//WezH3lapQIAisQf2mlDPZy1CGRpoHfcttUbV62gFMh+hs0nRWgkk0c
gMLHeuewifzlAp9Kv/nH77kduhBvDIKKThMQANOtK765+qgNyJDsuPgOVCgkYRK7
MTMYwLzoJuuSUCgJSovb3e9JWk0bEeEmwB0YQq7pvlXC1I5wvBvSdAs3VuAcUo0g
VXdwkPznirPIXAB+C997DRpi4hq279sgm62FE/qySps+fhQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:22 2024 by rpki-client on console-ams.rpki-client.org