Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/qhXsJ7K6wySK0OxYaPuPTEWIPFY.roa
File:                     qhXsJ7K6wySK0OxYaPuPTEWIPFY.roa (raw, json)
Hash identifier:          z+3Ol1w7pHnx9o8XBOo4qwDDnuC0jqMNapxQZO927Jk=
Subject key identifier:   AA:15:EC:27:B2:BA:C3:24:8A:D0:EC:58:68:FB:8F:4C:45:88:3C:56
Certificate issuer:       /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial:       01856F2FFE5A57B291A95AA0DF13AEBE4110
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/qhXsJ7K6wySK0OxYaPuPTEWIPFY.roa
Signing time:             Sun 01 Jan 2023 21:14:54 +0000
ROA not before:           Sun 01 Jan 2023 21:14:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210110
IP address blocks:        2a0e:aa07:e02f::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sat 16 Sep 2023 05:10:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:2f:fe:5a:57:b2:91:a9:5a:a0:df:13:ae:be:41:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
        Validity
            Not Before: Jan  1 21:14:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aa15ec27b2bac3248ad0ec5868fb8f4c45883c56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:8c:a7:fa:e0:c1:4f:96:f7:7f:ad:c8:a2:69:
                    a2:30:45:c0:81:fd:ba:f7:d3:c3:a9:7e:f5:f0:8b:
                    e5:f3:e1:ee:3e:2d:63:97:d6:ba:c8:92:0c:80:49:
                    8c:fe:a0:0b:53:ee:44:22:11:d4:90:6a:62:79:e6:
                    c5:7c:82:22:c2:9d:3f:0d:40:4f:98:e2:f5:8c:34:
                    c1:fb:f6:3e:fb:f2:6c:ef:c5:cd:41:f0:01:a8:0a:
                    9a:b3:4d:aa:ce:52:d6:b8:c1:61:0d:78:1e:08:7d:
                    80:7f:92:ba:2f:be:c6:f8:4e:8a:06:9f:54:c4:a2:
                    20:d8:f7:f4:cb:94:5c:58:06:f2:b1:4e:b9:3f:56:
                    b7:99:ae:cb:f9:58:1e:76:7d:db:32:94:94:63:ee:
                    be:32:06:26:5f:a1:89:17:1d:76:e2:39:62:02:07:
                    b4:84:69:ac:ac:27:a2:09:b8:c8:9c:1a:01:aa:f4:
                    6d:ee:fd:df:2a:c1:b7:bf:bc:22:48:52:cc:02:53:
                    7c:08:51:b7:0f:20:f3:12:81:bf:fc:83:a2:19:f5:
                    4d:34:ef:a3:ea:b0:53:c9:05:2f:c8:1b:d9:d6:5f:
                    77:21:f9:b1:cd:da:2e:ad:94:b6:96:61:20:9d:e6:
                    30:6a:ca:0a:24:98:cc:8e:62:b6:0f:13:c0:84:c2:
                    6e:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:15:EC:27:B2:BA:C3:24:8A:D0:EC:58:68:FB:8F:4C:45:88:3C:56
            X509v3 Authority Key Identifier:
                keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/qhXsJ7K6wySK0OxYaPuPTEWIPFY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:aa07:e02f::/48

    Signature Algorithm: sha256WithRSAEncryption
         3d:e1:46:3c:3f:1a:60:70:f6:c2:9f:93:b8:74:41:7a:c5:cb:
         76:16:86:4e:b3:e7:60:0e:8f:82:67:b1:60:b8:4d:2a:ee:06:
         c5:1b:3a:91:e6:ec:de:4d:7d:6a:55:47:73:69:7f:c7:81:44:
         9d:dc:a9:0a:82:54:e8:c4:6b:da:03:31:9e:cb:81:84:97:ce:
         5c:60:34:4d:ff:91:0b:a0:87:7e:14:d6:f6:75:f7:50:4b:79:
         b7:97:d6:7a:85:37:74:6f:ca:60:02:ad:bb:68:35:bd:f9:ca:
         57:66:05:a5:a2:60:7d:63:62:0d:ba:40:e3:51:cd:21:98:37:
         6e:d5:97:9f:cc:fc:d5:e0:60:5c:a1:54:ed:51:e1:88:4d:35:
         42:cb:ef:78:bb:e0:06:3e:bd:41:07:b2:59:48:32:6b:49:65:
         7e:98:0c:c6:fe:50:2d:2f:cf:fa:ee:2c:03:25:26:c9:e1:50:
         3b:5e:2f:7a:34:9d:be:57:cd:64:4e:32:f0:47:b5:17:31:e5:
         40:bb:a5:f2:f0:d4:cf:61:b0:8d:fa:a0:75:05:71:b4:c4:6f:
         65:8a:4a:ef:ca:75:21:21:4c:b8:15:9c:40:bb:21:8e:f2:5a:
         82:22:ca:6a:f9:6e:be:4d:0b:ef:a5:30:0f:e5:cf:0a:20:83:
         e0:0e:fc:96
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvL/5aV7KRqVqg3xOuvkEQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwMTAxMjExNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTE1ZWMyN2IyYmFjMzI0OGFkMGVjNTg2OGZiOGY0YzQ1ODgzYzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYyn+uDBT5b3f63IommiMEXAgf26
99PDqX718Ivl8+HuPi1jl9a6yJIMgEmM/qALU+5EIhHUkGpieebFfIIiwp0/DUBP
mOL1jDTB+/Y++/Js78XNQfABqAqas02qzlLWuMFhDXgeCH2Af5K6L77G+E6KBp9U
xKIg2Pf0y5RcWAbysU65P1a3ma7L+Vgedn3bMpSUY+6+MgYmX6GJFx124jliAge0
hGmsrCeiCbjInBoBqvRt7v3fKsG3v7wiSFLMAlN8CFG3DyDzEoG//IOiGfVNNO+j
6rBTyQUvyBvZ1l93IfmxzdourZS2lmEgneYwasoKJJjMjmK2DxPAhMJuFQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKoV7CeyusMkitDsWGj7j0xFiDxWMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvcWhYc0o3SzZ3eVNLME94WWFQdVBURVdJUEZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6qB+Av
MA0GCSqGSIb3DQEBCwUAA4IBAQA94UY8PxpgcPbCn5O4dEF6xct2FoZOs+dgDo+C
Z7FguE0q7gbFGzqR5uzeTX1qVUdzaX/HgUSd3KkKglToxGvaAzGey4GEl85cYDRN
/5ELoId+FNb2dfdQS3m3l9Z6hTd0b8pgAq27aDW9+cpXZgWlomB9Y2INukDjUc0h
mDdu1ZefzPzV4GBcoVTtUeGITTVCy+94u+AGPr1BB7JZSDJrSWV+mAzG/lAtL8/6
7iwDJSbJ4VA7Xi96NJ2+V81kTjLwR7UXMeVAu6Xy8NTPYbCN+qB1BXG0xG9likrv
ynUhIUy4FZxAuyGO8lqCIspq+W6+TQvvpTAP5c8KIIPgDvyW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:11 2024 by rpki-client on console-ams.rpki-client.org