Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/y-Xt5S9TSC2ChShigdo50pkSmnU.roa
File:                     y-Xt5S9TSC2ChShigdo50pkSmnU.roa (raw, json)
Hash identifier:          TwqJfLd2vmVRmCX3whWSjUWZllEKegWErj6a7x+oyLE=
Subject key identifier:   CB:E5:ED:E5:2F:53:48:2D:82:85:28:62:81:DA:39:D2:99:12:9A:75
Certificate issuer:       /CN=38203463eb944b25c65135ca47bdbdab646f3984
Certificate serial:       01856E141ED6DECD068A63B755DF120681E2
Authority key identifier: 38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/y-Xt5S9TSC2ChShigdo50pkSmnU.roa
Signing time:             Sun 01 Jan 2023 16:04:50 +0000
ROA not before:           Sun 01 Jan 2023 16:04:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208136
IP address blocks:        2a00:8860:d00::/40 maxlen: 64
                          2a00:8861:d00::/40 maxlen: 64

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:14:1e:d6:de:cd:06:8a:63:b7:55:df:12:06:81:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38203463eb944b25c65135ca47bdbdab646f3984
        Validity
            Not Before: Jan  1 16:04:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cbe5ede52f53482d8285286281da39d299129a75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:2f:0f:2c:be:40:5e:62:44:28:f4:7d:b9:fb:
                    51:19:c8:f8:e6:a3:33:18:ee:fd:dc:2b:5f:ab:48:
                    6e:c4:40:8e:f8:aa:5e:68:1a:00:c8:b7:5f:35:d7:
                    8b:f3:93:96:8e:56:6a:4e:7f:ff:6b:31:21:99:35:
                    68:a7:24:4c:af:ce:0a:50:ce:b3:23:4c:9c:ec:78:
                    cd:42:6c:f3:ae:44:fd:d9:02:82:38:1c:75:85:81:
                    5c:86:54:ee:41:0c:79:92:84:ef:1e:14:17:62:44:
                    9b:61:01:68:3f:ff:1c:63:87:38:83:ba:24:2a:c7:
                    1b:73:ae:2c:b7:ee:82:06:2a:1f:36:79:09:47:d7:
                    0d:e7:ce:57:43:b8:f7:2a:f4:09:6f:94:cc:6e:2f:
                    d9:f8:cd:1a:e3:41:57:0f:4c:4f:90:71:8d:3f:03:
                    40:7e:57:21:90:ea:b2:02:cb:89:80:78:2c:6d:76:
                    ee:9c:fa:88:39:92:7b:c5:6e:06:36:73:9b:a1:30:
                    66:0e:d1:4c:e0:0b:81:46:b3:8b:37:7c:6a:4f:bb:
                    1a:af:88:ae:42:6e:ce:bc:cd:47:45:87:b7:76:f1:
                    db:c6:15:c0:62:b2:13:e9:48:7f:38:9d:a7:bb:95:
                    75:ba:a3:ae:83:b1:8b:5d:fb:ef:cb:45:61:ea:62:
                    f7:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:E5:ED:E5:2F:53:48:2D:82:85:28:62:81:DA:39:D2:99:12:9A:75
            X509v3 Authority Key Identifier:
                keyid:38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/y-Xt5S9TSC2ChShigdo50pkSmnU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:8860:d00::/40
                  2a00:8861:d00::/40

    Signature Algorithm: sha256WithRSAEncryption
         0b:44:7b:d9:e4:ee:6b:df:6d:67:51:dc:26:eb:da:27:bc:0c:
         d7:5b:4f:74:20:99:b0:80:aa:1e:34:02:60:2e:3c:70:93:6b:
         4f:a1:b3:56:91:2c:3c:26:54:a2:8d:18:ae:4b:70:12:6e:52:
         f7:90:3d:5e:a7:4c:50:99:c9:1d:a9:3c:2f:53:95:d3:6a:bc:
         e0:4b:e5:e7:d9:60:cd:28:49:c3:84:b4:ae:e0:dc:72:66:ef:
         4d:d4:96:cc:3f:ae:0f:b7:e7:3a:8b:83:2a:ad:20:5d:11:2f:
         ef:a8:96:5a:8a:bb:3c:bc:1d:7d:58:60:22:88:c3:da:00:6d:
         14:65:ed:0f:e9:57:6d:23:dd:5b:37:a7:02:4d:b8:fe:49:7f:
         f7:0a:93:cc:54:1c:09:96:40:2f:4e:e5:c4:da:5d:37:0b:57:
         f8:16:3f:59:25:10:f7:7c:d6:5c:70:4e:a5:5d:56:48:8b:92:
         d2:db:db:6f:e3:cc:27:94:56:22:94:5f:75:6d:a9:af:5e:04:
         3d:1e:9e:03:e0:b5:2f:75:8e:b3:4d:91:f7:0c:5b:d5:9e:fa:
         9a:a0:30:31:e7:74:c6:62:45:7d:88:17:fa:70:bd:d7:f9:5a:
         c4:2f:48:93:22:0e:39:b9:cf:90:51:04:db:ad:ce:9b:29:3c:
         99:fc:fe:31
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYVuFB7W3s0GimO3Vd8SBoHiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MjAzNDYzZWI5NDRiMjVjNjUxMzVjYTQ3YmRiZGFiNjQ2
ZjM5ODQwHhcNMjMwMTAxMTYwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmU1ZWRlNTJmNTM0ODJkODI4NTI4NjI4MWRhMzlkMjk5MTI5YTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiy8PLL5AXmJEKPR9uftRGcj45qMz
GO793Ctfq0huxECO+KpeaBoAyLdfNdeL85OWjlZqTn//azEhmTVopyRMr84KUM6z
I0yc7HjNQmzzrkT92QKCOBx1hYFchlTuQQx5koTvHhQXYkSbYQFoP/8cY4c4g7ok
Kscbc64st+6CBiofNnkJR9cN585XQ7j3KvQJb5TMbi/Z+M0a40FXD0xPkHGNPwNA
flchkOqyAsuJgHgsbXbunPqIOZJ7xW4GNnOboTBmDtFM4AuBRrOLN3xqT7sar4iu
Qm7OvM1HRYe3dvHbxhXAYrIT6Uh/OJ2nu5V1uqOug7GLXfvvy0Vh6mL3pwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFMvl7eUvU0gtgoUoYoHaOdKZEpp1MB8GA1UdIwQY
MBaAFDggNGPrlEslxlE1yke9vatkbzmEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1Nzgt
NTg5MzUxNzliOTg1LzEveS1YdDVTOVRTQzJDaFNoaWdkbzUwcGtTbW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1NzgtNTg5MzUxNzliOTg1
LzEvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKgCIYA0D
BgAqAIhhDTANBgkqhkiG9w0BAQsFAAOCAQEAC0R72eTua99tZ1HcJuvaJ7wM11tP
dCCZsICqHjQCYC48cJNrT6GzVpEsPCZUoo0YrktwEm5S95A9XqdMUJnJHak8L1OV
02q84Evl59lgzShJw4S0ruDccmbvTdSWzD+uD7fnOouDKq0gXREv76iWWoq7PLwd
fVhgIojD2gBtFGXtD+lXbSPdWzenAk24/kl/9wqTzFQcCZZAL07lxNpdNwtX+BY/
WSUQ93zWXHBOpV1WSIuS0tvbb+PMJ5RWIpRfdW2pr14EPR6eA+C1L3WOs02R9wxb
1Z76mqAwMed0xmJFfYgX+nC91/laxC9IkyIOObnPkFEE263Omyk8mfz+MQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:07 2024 by rpki-client on console-ams.rpki-client.org