Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/iwznPPcaiZ3Sysy2w4XvuH6c2lc.roa
File:                     iwznPPcaiZ3Sysy2w4XvuH6c2lc.roa (raw, json)
Hash identifier:          SNCiRgmcws6iiPB0yez5ICtCN7o5TEBS2VihFUmnS7k=
Subject key identifier:   8B:0C:E7:3C:F7:1A:89:9D:D2:CA:CC:B6:C3:85:EF:B8:7E:9C:DA:57
Certificate issuer:       /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial:       01856F2FF9898AC17A05C9C6F7571739B372
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/iwznPPcaiZ3Sysy2w4XvuH6c2lc.roa
Signing time:             Sun 01 Jan 2023 21:14:53 +0000
ROA not before:           Sun 01 Jan 2023 21:14:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209391
IP address blocks:        2a0e:aa07:e031::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:2f:f9:89:8a:c1:7a:05:c9:c6:f7:57:17:39:b3:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
        Validity
            Not Before: Jan  1 21:14:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8b0ce73cf71a899dd2caccb6c385efb87e9cda57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:93:f6:de:5f:df:1a:2c:9f:20:4c:56:48:26:
                    fe:8c:f1:1d:da:7a:30:76:0e:05:1c:33:56:f6:71:
                    69:f9:4f:68:23:ce:57:e2:b7:ae:32:19:4a:14:03:
                    a2:0f:37:31:54:a7:aa:b4:20:69:f5:64:d6:20:6b:
                    84:03:8c:4b:67:5d:55:9e:35:55:4a:ee:54:c2:a4:
                    11:92:fe:6c:9f:e7:67:eb:28:b9:7f:dc:ec:62:b1:
                    fd:15:6e:3d:d7:65:a3:63:32:01:28:81:66:6a:46:
                    60:11:81:f7:7c:1d:17:1a:10:bb:00:71:04:fb:2a:
                    79:0b:cd:05:b9:55:9e:f7:49:19:c8:db:06:ee:e6:
                    0e:a5:a5:3a:ec:15:96:58:eb:85:b4:b8:1c:97:12:
                    14:b9:0a:98:cc:2c:04:20:e8:70:d5:53:2e:b0:ea:
                    f6:a2:e0:e7:2c:ea:b6:f7:b0:a9:d3:44:74:19:26:
                    7f:80:4c:25:9e:a4:db:84:30:2a:ef:c4:79:f7:d5:
                    2c:11:c3:05:4d:74:10:d2:88:63:0a:f5:b2:fd:4f:
                    a6:62:6a:08:32:68:0d:e6:fe:da:6d:7c:9b:95:39:
                    33:6e:6e:66:81:a2:3f:c2:2d:a6:c7:bb:f5:82:82:
                    eb:78:24:5a:f7:26:a8:13:b0:30:86:e6:80:d6:8c:
                    c3:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:0C:E7:3C:F7:1A:89:9D:D2:CA:CC:B6:C3:85:EF:B8:7E:9C:DA:57
            X509v3 Authority Key Identifier:
                keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/iwznPPcaiZ3Sysy2w4XvuH6c2lc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:aa07:e031::/48

    Signature Algorithm: sha256WithRSAEncryption
         16:ee:22:bd:f5:fa:fc:3e:9e:b1:11:78:a7:de:46:32:9c:10:
         04:3d:e1:79:bc:f6:1a:5b:f8:cf:65:43:3d:92:f8:ab:a8:c1:
         b6:64:b2:1b:72:ad:6c:12:2e:15:58:b7:4c:64:81:3b:f4:80:
         88:93:53:f4:14:64:d0:48:1c:60:58:b9:ce:23:59:f9:ef:1d:
         d0:1c:b9:88:ff:23:ff:62:0d:9b:5c:33:73:20:de:ee:c7:3e:
         12:26:6d:5c:0a:d7:36:45:17:31:fd:f7:1b:c8:39:3f:f6:80:
         a7:ea:32:97:17:73:e0:4f:34:0b:e7:35:35:ce:c4:be:d1:fc:
         e5:c3:11:3d:d3:ab:0e:4a:58:1b:34:94:f3:5a:b5:40:be:57:
         87:44:b5:e4:6b:4d:67:08:d0:13:74:25:53:1c:8b:d9:2d:7b:
         53:53:18:11:cb:ad:fb:1b:24:e9:d4:ad:cd:7f:9d:9a:fd:20:
         b4:e0:0f:1c:07:f6:51:96:ba:7a:48:79:be:48:fe:12:c5:25:
         75:f4:db:95:a4:70:60:b3:d5:14:27:bc:09:23:e0:a4:35:2f:
         3c:4e:3f:ed:a6:7e:50:c8:16:1e:0b:42:86:4e:43:f8:cb:63:
         cf:4b:54:5a:08:4c:f2:a4:0f:9b:6a:18:41:ff:55:62:73:5b:
         1e:bc:5b:cb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvL/mJisF6BcnG91cXObNyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwMTAxMjExNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjBjZTczY2Y3MWE4OTlkZDJjYWNjYjZjMzg1ZWZiODdlOWNkYTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJP23l/fGiyfIExWSCb+jPEd2now
dg4FHDNW9nFp+U9oI85X4reuMhlKFAOiDzcxVKeqtCBp9WTWIGuEA4xLZ11VnjVV
Su5UwqQRkv5sn+dn6yi5f9zsYrH9FW4912WjYzIBKIFmakZgEYH3fB0XGhC7AHEE
+yp5C80FuVWe90kZyNsG7uYOpaU67BWWWOuFtLgclxIUuQqYzCwEIOhw1VMusOr2
ouDnLOq297Cp00R0GSZ/gEwlnqTbhDAq78R599UsEcMFTXQQ0ohjCvWy/U+mYmoI
MmgN5v7abXyblTkzbm5mgaI/wi2mx7v1goLreCRa9yaoE7AwhuaA1ozDKwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIsM5zz3Gomd0srMtsOF77h+nNpXMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvaXd6blBQY2FpWjNTeXN5Mnc0WHZ1SDZjMmxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6qB+Ax
MA0GCSqGSIb3DQEBCwUAA4IBAQAW7iK99fr8Pp6xEXin3kYynBAEPeF5vPYaW/jP
ZUM9kvirqMG2ZLIbcq1sEi4VWLdMZIE79ICIk1P0FGTQSBxgWLnOI1n57x3QHLmI
/yP/Yg2bXDNzIN7uxz4SJm1cCtc2RRcx/fcbyDk/9oCn6jKXF3PgTzQL5zU1zsS+
0fzlwxE906sOSlgbNJTzWrVAvleHRLXka01nCNATdCVTHIvZLXtTUxgRy637GyTp
1K3Nf52a/SC04A8cB/ZRlrp6SHm+SP4SxSV19NuVpHBgs9UUJ7wJI+CkNS88Tj/t
pn5QyBYeC0KGTkP4y2PPS1RaCEzypA+bahhB/1Vic1sevFvL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:37 2024 by rpki-client on console-fra.rpki-client.org