Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/yYmWTGAfGYz8bNJrfoRQhWgKLfg.roa
File:                     yYmWTGAfGYz8bNJrfoRQhWgKLfg.roa (raw, json)
Hash identifier:          cbIZjkbaWzD53bpJPskEd+2YNfx/76IqfFMXd6LSTCo=
Subject key identifier:   C9:89:96:4C:60:1F:19:8C:FC:6C:D2:6B:7E:84:50:85:68:0A:2D:F8
Certificate issuer:       /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial:       01856F2FEE07A4F3ED6F4E955B76D43B8428
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/yYmWTGAfGYz8bNJrfoRQhWgKLfg.roa
Signing time:             Sun 01 Jan 2023 21:14:50 +0000
ROA not before:           Sun 01 Jan 2023 21:14:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205794
IP address blocks:        2a0e:aa07:e039::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:2f:ee:07:a4:f3:ed:6f:4e:95:5b:76:d4:3b:84:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
        Validity
            Not Before: Jan  1 21:14:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c989964c601f198cfc6cd26b7e845085680a2df8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:d5:91:de:92:23:07:23:2b:07:46:0d:69:9d:
                    0e:91:97:78:e2:32:70:db:89:d5:3b:31:04:ea:90:
                    ff:51:0d:b5:52:a7:6a:1e:1f:93:9b:18:52:54:8e:
                    b7:6b:26:5b:14:0c:7b:e4:c6:54:28:b6:16:ce:63:
                    90:cb:2a:e7:5a:57:24:7e:0a:12:68:ff:cd:34:c8:
                    62:a9:5c:5c:74:96:36:85:23:59:c9:19:58:2e:b5:
                    8a:f3:ac:07:f6:f3:22:11:d2:fa:e4:4c:74:93:39:
                    aa:be:74:ae:a7:44:f6:3e:40:de:93:c4:2e:65:9e:
                    9a:d3:fd:ba:0d:61:d9:37:3f:87:cf:3c:98:60:66:
                    a9:04:03:10:a3:27:a3:93:dc:6e:ad:c7:60:f3:a0:
                    92:ab:18:d1:3e:39:65:34:c2:54:ac:eb:4c:9a:14:
                    53:15:6c:cd:75:e8:22:33:7e:9b:34:03:86:09:b5:
                    04:1c:d9:ac:d6:51:76:11:9c:d1:8e:c1:12:5e:19:
                    f6:98:87:75:ff:b1:0c:31:93:80:51:65:2d:4e:28:
                    93:fc:78:09:21:eb:0a:4a:6a:f9:0c:eb:14:03:f0:
                    48:29:e5:14:09:74:cd:f3:98:53:a6:a8:11:99:44:
                    b2:4c:bd:ea:f1:5f:5f:6b:a4:a9:ca:8d:1c:ff:05:
                    c3:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:89:96:4C:60:1F:19:8C:FC:6C:D2:6B:7E:84:50:85:68:0A:2D:F8
            X509v3 Authority Key Identifier:
                keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/yYmWTGAfGYz8bNJrfoRQhWgKLfg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:aa07:e039::/48

    Signature Algorithm: sha256WithRSAEncryption
         86:ac:d1:b1:d3:8a:59:04:df:5b:17:76:ea:e2:de:09:1e:eb:
         bd:5f:4f:25:d0:1b:0e:64:44:04:bb:a0:24:dd:98:3f:8d:0b:
         a3:2c:6c:0a:e3:ab:39:65:85:9b:61:f9:55:52:b6:2a:92:97:
         a1:75:b7:1b:fb:74:39:30:ed:0e:af:eb:27:51:2c:68:e5:99:
         9b:f9:bd:36:d6:49:02:61:21:ed:40:b3:4b:23:ba:96:1b:56:
         66:18:15:2f:a8:83:a6:ef:1c:01:9d:d7:42:3b:b8:bb:9c:98:
         25:66:51:bc:41:ad:d6:2a:33:36:fd:1a:99:f1:d5:84:40:e7:
         fe:0b:9f:0b:b0:73:89:72:d9:33:92:a9:1f:02:2e:94:40:44:
         d2:fc:a3:8e:d5:cc:c0:3d:ed:27:4a:fb:6a:d8:57:12:1b:b8:
         74:4f:71:78:f6:66:24:a8:8d:33:ee:10:a1:22:4c:a6:00:c4:
         76:2d:18:ea:72:a7:c0:89:6d:3b:1a:37:47:6f:f8:3d:79:51:
         07:be:0f:e8:f9:f5:9d:45:11:24:a8:c8:a7:97:d5:09:5e:1e:
         3d:16:c3:cb:e9:b2:b1:74:fc:82:b6:22:61:c2:51:7e:1e:a4:
         16:63:3f:ed:59:c8:b0:68:79:57:a9:85:6d:c0:24:f7:d5:71:
         07:af:0f:92
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvL+4HpPPtb06VW3bUO4QoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwMTAxMjExNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTg5OTY0YzYwMWYxOThjZmM2Y2QyNmI3ZTg0NTA4NTY4MGEyZGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotWR3pIjByMrB0YNaZ0OkZd44jJw
24nVOzEE6pD/UQ21UqdqHh+TmxhSVI63ayZbFAx75MZUKLYWzmOQyyrnWlckfgoS
aP/NNMhiqVxcdJY2hSNZyRlYLrWK86wH9vMiEdL65Ex0kzmqvnSup0T2PkDek8Qu
ZZ6a0/26DWHZNz+HzzyYYGapBAMQoyejk9xurcdg86CSqxjRPjllNMJUrOtMmhRT
FWzNdegiM36bNAOGCbUEHNms1lF2EZzRjsESXhn2mId1/7EMMZOAUWUtTiiT/HgJ
IesKSmr5DOsUA/BIKeUUCXTN85hTpqgRmUSyTL3q8V9fa6Spyo0c/wXDPwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMmJlkxgHxmM/GzSa36EUIVoCi34MB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEveVltV1RHQWZHWXo4Yk5KcmZvUlFoV2dLTGZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6qB+A5
MA0GCSqGSIb3DQEBCwUAA4IBAQCGrNGx04pZBN9bF3bq4t4JHuu9X08l0BsOZEQE
u6Ak3Zg/jQujLGwK46s5ZYWbYflVUrYqkpehdbcb+3Q5MO0Or+snUSxo5Zmb+b02
1kkCYSHtQLNLI7qWG1ZmGBUvqIOm7xwBnddCO7i7nJglZlG8Qa3WKjM2/RqZ8dWE
QOf+C58LsHOJctkzkqkfAi6UQETS/KOO1czAPe0nSvtq2FcSG7h0T3F49mYkqI0z
7hChIkymAMR2LRjqcqfAiW07GjdHb/g9eVEHvg/o+fWdRREkqMinl9UJXh49FsPL
6bKxdPyCtiJhwlF+HqQWYz/tWciwaHlXqYVtwCT31XEHrw+S
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:11 2024 by rpki-client on console-ams.rpki-client.org