Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/BxNrx6OlcVdjm2JnxtyW_2PmIO0.roa
File:                     BxNrx6OlcVdjm2JnxtyW_2PmIO0.roa (raw, json)
Hash identifier:          Z34hFc2+O1Cwp77hKMqrPKY//zDT5PAkCV0WQuyWIlU=
Subject key identifier:   07:13:6B:C7:A3:A5:71:57:63:9B:62:67:C6:DC:96:FF:63:E6:20:ED
Certificate issuer:       /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial:       01856F2FF1E7846EE670444A4201E3E1BD9A
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/BxNrx6OlcVdjm2JnxtyW_2PmIO0.roa
Signing time:             Sun 01 Jan 2023 21:14:51 +0000
ROA not before:           Sun 01 Jan 2023 21:14:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208370
IP address blocks:        2a0e:aa07:e010::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:2f:f1:e7:84:6e:e6:70:44:4a:42:01:e3:e1:bd:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
        Validity
            Not Before: Jan  1 21:14:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=07136bc7a3a57157639b6267c6dc96ff63e620ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:7d:84:bc:21:88:b9:fe:b2:36:1d:0d:f0:38:
                    4d:c2:e4:7d:60:37:db:2e:51:3e:e4:4a:d7:38:87:
                    ac:1b:57:06:1a:45:f6:67:34:c0:96:b6:c4:6e:9b:
                    1f:9e:93:ca:8a:f3:7e:01:cf:27:76:ff:05:2c:69:
                    be:0c:8f:4c:7b:af:87:69:c7:12:ca:22:ec:ce:bf:
                    c8:be:9b:90:8f:c6:ba:fd:c3:74:ed:bd:bd:be:3d:
                    83:6f:e5:6a:d8:b3:a7:58:51:e5:2c:fa:e8:a9:55:
                    a1:3b:68:54:17:9a:dd:f7:2c:b2:f0:9d:6a:af:97:
                    9e:22:d6:67:f0:80:ec:b0:27:60:04:09:ce:15:c6:
                    a1:ea:15:31:37:59:8d:da:71:b1:0b:3a:b6:55:dc:
                    c4:f9:c6:ca:9b:3c:97:f8:c3:73:ce:e7:70:e8:19:
                    78:17:8c:ae:15:ec:cb:70:e6:bf:15:af:73:81:8c:
                    55:cf:17:d5:42:6f:6b:a6:bb:35:52:6f:a1:59:d8:
                    63:40:3f:52:f8:75:78:c6:2f:7c:93:e6:fd:e0:1f:
                    85:f4:00:6e:14:7b:22:a3:e0:09:96:c4:5c:72:ba:
                    fe:d6:28:b7:84:17:9e:dc:87:98:7a:de:1a:fa:9e:
                    6e:5e:19:d2:68:55:ce:7a:ce:57:ab:9e:e3:76:08:
                    91:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:13:6B:C7:A3:A5:71:57:63:9B:62:67:C6:DC:96:FF:63:E6:20:ED
            X509v3 Authority Key Identifier:
                keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/BxNrx6OlcVdjm2JnxtyW_2PmIO0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:aa07:e010::/48

    Signature Algorithm: sha256WithRSAEncryption
         72:c9:11:2f:39:e4:f6:56:dd:26:ad:e2:b9:6e:22:10:82:a1:
         8d:c5:06:a1:1a:0d:1f:fa:c8:ff:b3:32:5e:49:09:f9:3a:1e:
         7f:fc:75:23:d9:d8:40:79:fa:43:b0:4f:37:f9:c8:7e:cf:f6:
         ee:d0:8e:cf:ad:6a:1b:43:b4:ba:42:bd:69:a1:f2:87:67:8d:
         48:3d:e7:db:4b:c6:ae:5a:32:57:09:73:fa:4e:79:66:aa:00:
         46:8b:63:15:7d:d9:a0:a8:10:78:09:60:bf:a9:5e:ac:69:12:
         7a:e7:d9:a4:dc:e2:71:e6:35:08:b5:79:d0:e7:5c:bf:c3:3d:
         0a:3d:67:0c:5b:8f:8f:b1:3d:c5:32:13:27:27:f3:09:f8:44:
         eb:2d:89:dc:9e:bb:63:01:58:be:c9:a1:57:95:3d:8e:29:0c:
         05:81:3d:08:ac:76:ce:23:d9:a5:ad:69:f2:3e:15:40:0c:cf:
         23:14:95:ca:b3:eb:42:a1:a4:cc:cd:98:47:54:aa:42:fb:27:
         d0:ae:91:dc:eb:f8:c0:6c:ea:60:3b:45:0b:0a:ce:45:c4:0a:
         00:30:67:42:18:0b:d2:d2:52:52:05:80:11:ad:37:5d:ef:e0:
         2a:7a:f9:d9:fc:c9:71:3b:b1:67:94:90:e5:31:db:2e:bf:05:
         87:70:c6:b5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvL/HnhG7mcERKQgHj4b2aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwMTAxMjExNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzEzNmJjN2EzYTU3MTU3NjM5YjYyNjdjNmRjOTZmZjYzZTYyMGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmX2EvCGIuf6yNh0N8DhNwuR9YDfb
LlE+5ErXOIesG1cGGkX2ZzTAlrbEbpsfnpPKivN+Ac8ndv8FLGm+DI9Me6+HaccS
yiLszr/IvpuQj8a6/cN07b29vj2Db+Vq2LOnWFHlLProqVWhO2hUF5rd9yyy8J1q
r5eeItZn8IDssCdgBAnOFcah6hUxN1mN2nGxCzq2VdzE+cbKmzyX+MNzzudw6Bl4
F4yuFezLcOa/Fa9zgYxVzxfVQm9rprs1Um+hWdhjQD9S+HV4xi98k+b94B+F9ABu
FHsio+AJlsRccrr+1ii3hBee3IeYet4a+p5uXhnSaFXOes5Xq57jdgiRRQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAcTa8ejpXFXY5tiZ8bclv9j5iDtMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvQnhOcng2T2xjVmRqbTJKbnh0eVdfMlBtSU8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6qB+AQ
MA0GCSqGSIb3DQEBCwUAA4IBAQByyREvOeT2Vt0mreK5biIQgqGNxQahGg0f+sj/
szJeSQn5Oh5//HUj2dhAefpDsE83+ch+z/bu0I7PrWobQ7S6Qr1pofKHZ41IPefb
S8auWjJXCXP6TnlmqgBGi2MVfdmgqBB4CWC/qV6saRJ659mk3OJx5jUItXnQ51y/
wz0KPWcMW4+PsT3FMhMnJ/MJ+ETrLYncnrtjAVi+yaFXlT2OKQwFgT0IrHbOI9ml
rWnyPhVADM8jFJXKs+tCoaTMzZhHVKpC+yfQrpHc6/jAbOpgO0ULCs5FxAoAMGdC
GAvS0lJSBYARrTdd7+AqevnZ/MlxO7FnlJDlMdsuvwWHcMa1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:10 2024 by rpki-client on console-ams.rpki-client.org