Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/n3NHuKP-OvgcQh29-7_uLIRI-1M.roa
File:                     n3NHuKP-OvgcQh29-7_uLIRI-1M.roa (raw, json)
Hash identifier:          80AxDWvve47jRc+D9nfyqUn2NO3Vgb3pOs0GiKI19gU=
Subject key identifier:   9F:73:47:B8:A3:FE:3A:F8:1C:42:1D:BD:FB:BF:EE:2C:84:48:FB:53
Certificate issuer:       /CN=2b6d7e5191f81ff0a19f102b1718ab4f9e0ea3a0
Certificate serial:       018A232373741D5BA6FA51BD65F5F2EA3CE9
Authority key identifier: 2B:6D:7E:51:91:F8:1F:F0:A1:9F:10:2B:17:18:AB:4F:9E:0E:A3:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/n3NHuKP-OvgcQh29-7_uLIRI-1M.roa
Signing time:             Wed 23 Aug 2023 16:04:00 +0000
ROA not before:           Wed 23 Aug 2023 16:04:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61992
IP address blocks:        2a0e:eac0:2030::/44 maxlen: 44
                          2a0e:eac0:1003::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:23:23:73:74:1d:5b:a6:fa:51:bd:65:f5:f2:ea:3c:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b6d7e5191f81ff0a19f102b1718ab4f9e0ea3a0
        Validity
            Not Before: Aug 23 16:04:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9f7347b8a3fe3af81c421dbdfbbfee2c8448fb53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:ea:51:a9:bd:94:c1:9e:e2:fd:ca:fa:42:2b:
                    ab:3c:92:9d:5d:12:9a:18:d5:f6:d4:45:33:fb:0f:
                    50:9e:44:ab:5c:f5:6c:f3:9b:c6:37:ae:d2:bd:d6:
                    3a:bd:a7:3a:9f:8a:27:e9:30:60:c9:d9:87:72:fa:
                    ed:3d:b9:30:55:f8:8d:7a:7e:fb:9e:79:41:db:8c:
                    a4:4c:92:cc:d4:2a:a9:c3:e5:d9:d8:2d:c2:5e:14:
                    9f:91:66:11:2b:e5:e3:d9:eb:f6:18:71:6d:bd:66:
                    2c:28:31:46:e3:e9:0a:3e:c6:7b:13:91:f9:2b:a3:
                    0a:0d:01:5b:b6:95:5a:f1:c4:40:e9:18:0a:73:15:
                    06:7f:a9:5e:97:24:5e:9e:49:a3:9c:bd:28:43:e0:
                    f7:c7:9d:24:f8:87:96:07:b6:d1:de:12:50:0c:29:
                    16:49:5a:fb:db:5b:53:a8:2f:e9:b9:b6:fc:8e:38:
                    0e:20:3f:46:92:0b:af:8a:db:cb:10:28:fa:5c:6f:
                    33:8a:97:70:f7:b2:3c:96:27:43:b8:14:38:69:e9:
                    73:fe:fc:df:3d:3f:56:e1:45:b5:0f:14:d3:d1:e2:
                    7e:f1:f9:03:1e:54:58:0f:e3:2c:66:17:eb:f1:ba:
                    a4:a2:93:66:e7:76:d9:be:44:b0:8b:a9:38:0b:2b:
                    28:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:73:47:B8:A3:FE:3A:F8:1C:42:1D:BD:FB:BF:EE:2C:84:48:FB:53
            X509v3 Authority Key Identifier:
                keyid:2B:6D:7E:51:91:F8:1F:F0:A1:9F:10:2B:17:18:AB:4F:9E:0E:A3:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/n3NHuKP-OvgcQh29-7_uLIRI-1M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/K21-UZH4H_ChnxArFxirT54Oo6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:eac0:1003::/48
                  2a0e:eac0:2030::/44

    Signature Algorithm: sha256WithRSAEncryption
         a7:8a:9c:71:fe:09:3c:24:fd:98:c5:42:6a:83:e1:8a:f7:ee:
         b6:91:d7:2c:cd:1b:fc:50:a6:2a:03:8f:57:9b:22:22:2a:3a:
         3c:57:89:c9:c5:1a:44:76:5c:44:92:e3:12:09:46:81:6b:ef:
         97:5a:a4:f0:4d:bf:85:5d:65:18:35:c2:50:f5:04:d7:6b:f0:
         96:3f:13:0a:17:cb:d5:3d:c6:a9:de:7d:ad:3b:a1:92:5d:84:
         87:65:58:d0:3f:46:b0:8d:07:49:69:92:97:71:1a:93:56:87:
         c3:89:31:a0:bc:e5:43:48:8c:95:55:08:f8:bb:f2:23:d8:7c:
         39:77:6b:bc:bd:24:05:49:5f:bb:e4:50:00:da:39:8c:1c:6c:
         54:5e:d5:60:1e:6b:50:46:20:2f:f4:e0:dc:07:08:42:40:d4:
         e2:e0:be:f8:8a:ea:20:3a:ab:33:be:a2:69:79:d3:5a:bd:df:
         a8:49:ad:a0:d5:0e:4c:ff:d4:86:2e:90:21:3f:97:56:85:57:
         ec:bc:9e:a8:d2:bd:3b:11:45:76:ed:85:48:4b:a8:22:76:d5:
         c3:07:86:55:2c:f8:59:ff:4e:5f:19:d6:f9:95:a9:4e:1b:b5:
         38:db:55:c1:af:e9:f6:fb:66:98:8e:eb:d9:2d:92:ba:1d:4f:
         82:83:30:8e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYojI3N0HVum+lG9ZfXy6jzpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNmQ3ZTUxOTFmODFmZjBhMTlmMTAyYjE3MThhYjRmOWUw
ZWEzYTAwHhcNMjMwODIzMTYwNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjczNDdiOGEzZmUzYWY4MWM0MjFkYmRmYmJmZWUyYzg0NDhmYjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjepRqb2UwZ7i/cr6QiurPJKdXRKa
GNX21EUz+w9QnkSrXPVs85vGN67SvdY6vac6n4on6TBgydmHcvrtPbkwVfiNen77
nnlB24ykTJLM1Cqpw+XZ2C3CXhSfkWYRK+Xj2ev2GHFtvWYsKDFG4+kKPsZ7E5H5
K6MKDQFbtpVa8cRA6RgKcxUGf6lelyRenkmjnL0oQ+D3x50k+IeWB7bR3hJQDCkW
SVr721tTqC/pubb8jjgOID9GkguvitvLECj6XG8zipdw97I8lidDuBQ4aelz/vzf
PT9W4UW1DxTT0eJ+8fkDHlRYD+MsZhfr8bqkopNm53bZvkSwi6k4CysoVwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ9zR7ij/jr4HEIdvfu/7iyESPtTMB8GA1UdIwQY
MBaAFCttflGR+B/woZ8QKxcYq0+eDqOgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzIxLVVaSDRIX0NobnhBckZ4aXJUNTRPbzZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hYjMxNTYtYjA2MS00OWZjLWIxZjAt
MDBjYTMxMjZiM2ZlLzEvbjNOSHVLUC1PdmdjUWgyOS03X3VMSVJJLTFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hYjMxNTYtYjA2MS00OWZjLWIxZjAtMDBjYTMxMjZiM2Zl
LzEvSzIxLVVaSDRIX0NobnhBckZ4aXJUNTRPbzZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg7qwBAD
AwcEKg7qwCAwMA0GCSqGSIb3DQEBCwUAA4IBAQCnipxx/gk8JP2YxUJqg+GK9+62
kdcszRv8UKYqA49XmyIiKjo8V4nJxRpEdlxEkuMSCUaBa++XWqTwTb+FXWUYNcJQ
9QTXa/CWPxMKF8vVPcap3n2tO6GSXYSHZVjQP0awjQdJaZKXcRqTVofDiTGgvOVD
SIyVVQj4u/Ij2Hw5d2u8vSQFSV+75FAA2jmMHGxUXtVgHmtQRiAv9ODcBwhCQNTi
4L74iuogOqszvqJpedNavd+oSa2g1Q5M/9SGLpAhP5dWhVfsvJ6o0r07EUV27YVI
S6gidtXDB4ZVLPhZ/05fGdb5lalOG7U421XBr+n2+2aYjuvZLZK6HU+CgzCO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:23 2024 by rpki-client on console-fra.rpki-client.org