Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/6riYLCQd-C9HLoG-gzuCiBq5OEM.roa
File:                     6riYLCQd-C9HLoG-gzuCiBq5OEM.roa (raw, json)
Hash identifier:          snIVaj1f0mjMrCGzp67rDPxSLjOHw+p3VkDY2TMWc28=
Subject key identifier:   EA:B8:98:2C:24:1D:F8:2F:47:2E:81:BE:83:3B:82:88:1A:B9:38:43
Certificate issuer:       /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial:       018837FFB51295B86C04DF2270084EC93819
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/6riYLCQd-C9HLoG-gzuCiBq5OEM.roa
Signing time:             Sat 20 May 2023 07:11:24 +0000
ROA not before:           Sat 20 May 2023 07:11:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198516
IP address blocks:        2a0e:aa06:4e0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:37:ff:b5:12:95:b8:6c:04:df:22:70:08:4e:c9:38:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
        Validity
            Not Before: May 20 07:11:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eab8982c241df82f472e81be833b82881ab93843
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:77:45:74:aa:a3:3d:b6:ca:18:c5:ea:00:01:
                    57:bd:7d:7d:73:22:48:0a:6e:fd:4c:9d:c3:0c:d7:
                    4a:f1:42:42:ae:41:3c:91:94:d0:ba:cd:5f:42:d7:
                    ad:92:ed:01:a8:0d:f1:24:ca:40:c2:15:9a:30:d3:
                    10:e7:64:e2:50:9f:30:ba:50:07:45:72:36:e3:13:
                    6a:c9:12:7f:ff:40:e8:31:11:3f:b2:53:93:7b:8f:
                    8d:c4:6d:8a:b3:a6:4d:6d:17:98:95:a1:66:3b:69:
                    4e:d1:c6:e3:2e:fc:2a:c6:36:6a:bd:65:b4:94:bb:
                    76:95:c3:6b:cd:54:7a:0e:f9:05:e5:88:94:f9:6d:
                    e4:8c:27:d0:a2:6e:1e:80:fe:c4:55:5a:53:16:26:
                    42:94:ab:3a:41:5f:f0:9f:ac:fe:e6:9a:46:67:8e:
                    1d:c3:bd:7d:da:87:61:3d:29:1c:93:f4:a5:5c:a0:
                    ce:b5:c4:45:68:17:66:02:ad:e4:c8:6c:b7:c3:1c:
                    69:24:6a:25:97:26:2f:28:ff:fb:fc:ea:74:37:2a:
                    e7:61:8a:65:4d:99:2e:10:6b:37:e2:f6:d2:b0:14:
                    76:df:9b:d8:53:ba:f5:57:a1:f5:08:60:0f:01:13:
                    23:ac:8e:ed:08:8f:fc:00:44:7a:bc:97:b6:f7:64:
                    37:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:B8:98:2C:24:1D:F8:2F:47:2E:81:BE:83:3B:82:88:1A:B9:38:43
            X509v3 Authority Key Identifier:
                keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/6riYLCQd-C9HLoG-gzuCiBq5OEM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:aa06:4e0::/44

    Signature Algorithm: sha256WithRSAEncryption
         25:0f:5d:0d:4c:68:60:7f:6a:a6:d9:6f:22:31:62:85:ab:48:
         7f:da:2a:60:34:05:c9:7a:1c:22:aa:47:35:96:73:7c:d5:03:
         4c:79:4a:1b:21:1f:30:77:71:73:d2:c1:f1:ee:f9:2e:53:5c:
         e3:d1:d0:69:df:32:c8:35:11:0a:a4:2a:28:40:0e:d2:15:88:
         a1:7a:97:13:d5:7b:33:03:40:d6:c9:dd:33:58:e8:1d:ac:60:
         84:49:c1:30:87:ae:24:26:fb:07:54:8d:d9:b4:2a:19:09:47:
         22:03:dd:35:62:ce:99:f1:43:1c:5a:e6:ba:0b:99:4f:fc:10:
         d8:32:c4:c8:3d:1d:73:f9:89:99:93:03:6f:26:ec:81:32:39:
         04:f8:16:30:32:a5:1b:d3:e5:61:9e:82:ec:74:33:3c:5c:21:
         1c:d2:0c:65:2a:26:37:ae:e2:09:93:0d:64:f2:3b:21:09:83:
         1b:e0:b9:4a:97:05:e3:d3:4f:3f:2e:b5:2d:f4:5e:b3:45:d6:
         aa:a7:50:bc:ed:91:52:57:83:3b:fc:19:f6:2b:6b:5d:25:a4:
         e3:4d:bc:b4:5e:87:67:bf:42:55:33:8b:59:d9:cf:c5:a7:32:
         21:e8:0f:86:dc:29:0d:da:10:a7:9b:77:fc:eb:4a:a8:35:5c:
         7c:e9:bc:45
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYg3/7USlbhsBN8icAhOyTgZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwNTIwMDcxMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWI4OTgyYzI0MWRmODJmNDcyZTgxYmU4MzNiODI4ODFhYjkzODQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3dFdKqjPbbKGMXqAAFXvX19cyJI
Cm79TJ3DDNdK8UJCrkE8kZTQus1fQtetku0BqA3xJMpAwhWaMNMQ52TiUJ8wulAH
RXI24xNqyRJ//0DoMRE/slOTe4+NxG2Ks6ZNbReYlaFmO2lO0cbjLvwqxjZqvWW0
lLt2lcNrzVR6DvkF5YiU+W3kjCfQom4egP7EVVpTFiZClKs6QV/wn6z+5ppGZ44d
w7192odhPSkck/SlXKDOtcRFaBdmAq3kyGy3wxxpJGollyYvKP/7/Op0NyrnYYpl
TZkuEGs34vbSsBR235vYU7r1V6H1CGAPARMjrI7tCI/8AER6vJe292Q34QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOq4mCwkHfgvRy6BvoM7gogauThDMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvNnJpWUxDUWQtQzlITG9HLWd6dUNpQnE1T0VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6qBgTg
MA0GCSqGSIb3DQEBCwUAA4IBAQAlD10NTGhgf2qm2W8iMWKFq0h/2ipgNAXJehwi
qkc1lnN81QNMeUobIR8wd3Fz0sHx7vkuU1zj0dBp3zLINREKpCooQA7SFYihepcT
1XszA0DWyd0zWOgdrGCEScEwh64kJvsHVI3ZtCoZCUciA901Ys6Z8UMcWua6C5lP
/BDYMsTIPR1z+YmZkwNvJuyBMjkE+BYwMqUb0+VhnoLsdDM8XCEc0gxlKiY3ruIJ
kw1k8jshCYMb4LlKlwXj008/LrUt9F6zRdaqp1C87ZFSV4M7/Bn2K2tdJaTjTby0
Xodnv0JVM4tZ2c/FpzIh6A+G3CkN2hCnm3f860qoNVx86bxF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:37 2024 by rpki-client on console-fra.rpki-client.org