Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/QsClb2tMhnkjIDLI-Se0hQ_WdJQ.roa
File:                     QsClb2tMhnkjIDLI-Se0hQ_WdJQ.roa (raw, json)
Hash identifier:          ZbbzVq2B/WHYWVIfuLT6bLXvltqR6AL804tJaG54b/8=
Subject key identifier:   42:C0:A5:6F:6B:4C:86:79:23:20:32:C8:F9:27:B4:85:0F:D6:74:94
Certificate issuer:       /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial:       0186B22A48D841DBADE7B69DE30D79C28304
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/QsClb2tMhnkjIDLI-Se0hQ_WdJQ.roa
Signing time:             Sun 05 Mar 2023 14:26:00 +0000
ROA not before:           Sun 05 Mar 2023 14:26:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213169
IP address blocks:        2a0e:aa07:4000::/40 maxlen: 40

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:b2:2a:48:d8:41:db:ad:e7:b6:9d:e3:0d:79:c2:83:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
        Validity
            Not Before: Mar  5 14:26:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=42c0a56f6b4c8679232032c8f927b4850fd67494
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:e7:c6:bb:5c:53:2f:8a:88:13:7c:34:46:77:
                    3a:d1:e4:cf:c6:9e:40:e2:d3:11:e5:e9:2e:d4:25:
                    d4:2f:44:06:88:43:8a:41:12:9b:3f:19:dd:99:60:
                    55:b9:82:8d:54:b0:26:df:bf:2c:e4:f7:ae:ee:28:
                    d3:14:11:2b:2a:7d:4b:8a:f7:c9:41:7c:40:1f:d3:
                    aa:7f:31:d0:a4:ed:12:e5:c4:9c:68:0a:12:82:95:
                    1f:c9:7d:ea:b0:ac:f4:07:1e:7f:04:97:49:cb:45:
                    e8:07:42:72:ae:36:c3:92:19:71:e8:67:94:32:05:
                    0d:74:83:eb:19:6e:ef:d1:48:56:49:9b:6c:ec:ad:
                    6a:d2:88:63:01:07:c3:12:14:83:4e:40:18:85:68:
                    5a:4c:95:78:a2:93:46:ce:e3:01:1c:f1:ca:0a:b6:
                    fe:5d:e2:79:fd:97:23:98:b2:2e:5a:92:9e:c4:e2:
                    83:f0:57:9b:02:5c:16:c0:6a:d2:eb:44:6e:33:fc:
                    55:3f:f7:fc:e1:74:3a:3a:07:2e:ca:04:63:2e:99:
                    d1:67:b1:5a:0c:a2:aa:03:6a:e9:02:e7:34:03:00:
                    d8:0b:f8:95:24:29:92:2e:b2:07:1a:86:fe:39:d0:
                    b4:3f:54:20:c5:f1:29:c1:c0:79:9f:6b:6f:9a:a3:
                    09:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:C0:A5:6F:6B:4C:86:79:23:20:32:C8:F9:27:B4:85:0F:D6:74:94
            X509v3 Authority Key Identifier:
                keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/QsClb2tMhnkjIDLI-Se0hQ_WdJQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:aa07:4000::/40

    Signature Algorithm: sha256WithRSAEncryption
         b6:e0:2a:f5:f9:8e:d8:f4:e8:e1:e7:90:28:78:26:2b:66:a0:
         c4:c1:ba:52:43:3e:a6:4a:e3:dd:6f:38:9a:11:5f:7e:14:fb:
         4a:de:89:b6:bd:ee:35:5c:53:4c:04:97:1a:1b:92:03:b6:38:
         0e:10:10:97:d5:4e:2e:80:b1:af:b1:65:0b:b4:66:f4:4f:b1:
         da:db:4b:f7:45:f5:14:08:05:8e:f5:5e:3d:d0:13:6d:0b:94:
         4f:5b:d7:62:6d:ef:7a:64:2a:da:12:ec:af:18:4c:df:6b:f8:
         39:40:52:7a:73:7e:f8:18:04:8f:40:1b:a2:ec:61:2b:7c:c9:
         b4:d4:b2:18:c3:8b:3b:5b:60:53:f4:23:23:b9:d9:41:d8:27:
         83:4e:fc:7b:22:8e:fc:ee:e9:07:3c:ef:85:cd:75:35:05:18:
         4e:bf:87:d5:75:4f:d8:49:ac:d2:f4:e2:65:8a:e9:b0:a4:ab:
         7f:18:63:80:8f:e7:0e:8e:13:45:a3:e5:fa:05:db:ae:76:fd:
         63:c1:7b:a6:ec:e9:8b:4c:54:60:a0:33:1e:52:59:4c:e5:b3:
         08:16:d1:e8:36:35:79:2c:2c:86:e2:d2:38:8c:e4:2f:7d:af:
         67:41:12:68:59:90:f1:87:7e:5b:26:4b:1e:18:71:bd:a1:15:
         12:9e:1c:bd
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYayKkjYQdut57ad4w15woMEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwMzA1MTQyNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmMwYTU2ZjZiNGM4Njc5MjMyMDMyYzhmOTI3YjQ4NTBmZDY3NDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApufGu1xTL4qIE3w0Rnc60eTPxp5A
4tMR5eku1CXUL0QGiEOKQRKbPxndmWBVuYKNVLAm378s5Peu7ijTFBErKn1LivfJ
QXxAH9OqfzHQpO0S5cScaAoSgpUfyX3qsKz0Bx5/BJdJy0XoB0JyrjbDkhlx6GeU
MgUNdIPrGW7v0UhWSZts7K1q0ohjAQfDEhSDTkAYhWhaTJV4opNGzuMBHPHKCrb+
XeJ5/ZcjmLIuWpKexOKD8FebAlwWwGrS60RuM/xVP/f84XQ6OgcuygRjLpnRZ7Fa
DKKqA2rpAuc0AwDYC/iVJCmSLrIHGob+OdC0P1QgxfEpwcB5n2tvmqMJ0QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFELApW9rTIZ5IyAyyPkntIUP1nSUMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvUXNDbGIydE1obmtqSURMSS1TZTBoUV9XZEpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg6qB0Aw
DQYJKoZIhvcNAQELBQADggEBALbgKvX5jtj06OHnkCh4JitmoMTBulJDPqZK491v
OJoRX34U+0reiba97jVcU0wElxobkgO2OA4QEJfVTi6Asa+xZQu0ZvRPsdrbS/dF
9RQIBY71Xj3QE20LlE9b12Jt73pkKtoS7K8YTN9r+DlAUnpzfvgYBI9AG6LsYSt8
ybTUshjDiztbYFP0IyO52UHYJ4NO/Hsijvzu6Qc874XNdTUFGE6/h9V1T9hJrNL0
4mWK6bCkq38YY4CP5w6OE0Wj5foF2652/WPBe6bs6YtMVGCgMx5SWUzlswgW0eg2
NXksLIbi0jiM5C99r2dBEmhZkPGHflsmSx4Ycb2hFRKeHL0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:11 2024 by rpki-client on console-ams.rpki-client.org