Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/k7qxnU9ur72qJE9rffCUazpJsVw.roa
File:                     k7qxnU9ur72qJE9rffCUazpJsVw.roa (raw, json)
Hash identifier:          pGBuwdofgaeqE/B46a+nkGf/8iTwuqVqmujS7eQcjgQ=
Subject key identifier:   93:BA:B1:9D:4F:6E:AF:BD:AA:24:4F:6B:7D:F0:94:6B:3A:49:B1:5C
Certificate issuer:       /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial:       0192D373D6F0CB7458B6686B5431C8FEE79D
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/k7qxnU9ur72qJE9rffCUazpJsVw.roa
Signing time:             Mon 28 Oct 2024 14:07:17 +0000
ROA not before:           Mon 28 Oct 2024 14:07:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209641
IP address blocks:        2a0e:4bc7::/32 maxlen: 32
                          2a0e:5385::/32 maxlen: 32
                          2a0e:5901::/32 maxlen: 32
                          2a0e:5906::/32 maxlen: 32
                          2a0e:8080::/32 maxlen: 32
                          2a0e:8082::/32 maxlen: 32
                          2a0e:ccc5::/32 maxlen: 32
                          2a0f:b4c1::/32 maxlen: 32
                          2a0f:c081::/32 maxlen: 32
                          2a0f:c087::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 31 Oct 2024 19:07:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:d3:73:d6:f0:cb:74:58:b6:68:6b:54:31:c8:fe:e7:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
        Validity
            Not Before: Oct 28 14:07:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=93bab19d4f6eafbdaa244f6b7df0946b3a49b15c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:47:0b:3a:59:f2:6f:58:06:af:f4:cb:98:89:
                    e5:d7:d8:1f:fc:b2:20:8b:bf:ad:6e:fd:59:1b:1e:
                    3f:81:d8:f9:34:e5:e8:73:bd:3b:be:0f:6c:59:94:
                    4b:ec:55:ee:aa:0d:3d:0d:db:2f:1a:74:f3:07:4e:
                    ea:1a:51:46:1d:79:fb:48:1f:80:e8:bf:c0:c1:ad:
                    23:a3:1f:1f:42:bd:d3:a7:61:30:e1:0c:df:22:57:
                    69:31:0f:26:8f:64:2c:94:9e:8a:27:f3:a0:bb:7a:
                    1d:74:e6:da:ac:55:c8:ed:b7:6a:49:96:cf:1d:82:
                    5b:1b:c5:94:5a:64:81:fc:20:d4:e9:9a:a6:51:95:
                    f8:4f:11:7f:4e:82:ba:7a:20:0c:60:d1:89:1f:52:
                    9a:b8:73:79:fd:a5:19:c3:c0:24:ab:26:4f:c6:20:
                    6d:c2:60:ae:7e:69:da:21:5a:97:1d:5f:16:a3:33:
                    90:32:4a:d5:14:c4:3f:00:b2:b8:7c:3e:32:6c:d6:
                    d4:13:1f:f0:4c:b1:64:e0:0a:f4:9b:91:65:c5:aa:
                    51:07:85:3f:d3:0c:53:bd:65:c2:4b:d7:11:cf:fa:
                    fa:b5:12:0e:14:f9:55:61:03:a4:8c:f2:85:4c:1a:
                    7f:9a:5e:64:c8:90:56:b1:a8:d2:7c:c3:f5:a5:e5:
                    8a:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:BA:B1:9D:4F:6E:AF:BD:AA:24:4F:6B:7D:F0:94:6B:3A:49:B1:5C
            X509v3 Authority Key Identifier:
                keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/k7qxnU9ur72qJE9rffCUazpJsVw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:4bc7::/32
                  2a0e:5385::/32
                  2a0e:5901::/32
                  2a0e:5906::/32
                  2a0e:8080::/32
                  2a0e:8082::/32
                  2a0e:ccc5::/32
                  2a0f:b4c1::/32
                  2a0f:c081::/32
                  2a0f:c087::/32

    Signature Algorithm: sha256WithRSAEncryption
         25:eb:08:57:ac:59:40:3d:c5:16:c3:cc:d4:6c:e4:6c:6d:a2:
         e1:5d:6e:23:24:03:b1:9c:05:1e:eb:91:83:3e:f4:d4:cd:49:
         93:2e:64:f2:2a:fa:b5:49:79:ea:11:7e:bf:a3:66:4a:68:8a:
         58:3e:91:e3:74:29:ca:3a:ee:cf:f9:23:ad:3b:65:31:17:49:
         43:87:6a:9b:2c:9a:3d:39:99:a7:30:95:89:fe:a6:0e:c0:4b:
         78:96:51:ee:68:e3:c9:1e:83:3e:79:3f:8c:18:ce:b1:71:39:
         05:86:e8:80:74:8b:8a:c6:96:ee:4b:26:ea:09:63:ca:e9:23:
         3d:7a:3f:6d:7f:8e:87:c6:4d:06:ee:02:75:f2:23:00:43:43:
         8c:95:21:f2:c8:bf:c3:de:0e:ec:c8:8d:0d:01:c2:7d:cb:36:
         84:2b:13:22:a9:a9:a7:a7:d1:55:58:86:93:35:ee:a4:56:d2:
         5c:80:c3:9e:73:8d:fc:57:18:0f:20:e4:1f:85:1f:d7:cd:d4:
         21:91:e8:ae:ef:97:c6:af:a2:68:60:47:f5:61:2f:8d:bb:c7:
         73:05:79:92:d2:69:72:b6:5b:c5:21:1c:3a:94:5d:b2:20:d8:
         a3:d0:23:a2:9d:72:6f:ef:01:ef:38:4b:72:d0:89:7c:7b:40:
         41:19:ed:0e
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZLTc9bwy3RYtmhrVDHI/uedMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjQxMDI4MTQwNzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2JhYjE5ZDRmNmVhZmJkYWEyNDRmNmI3ZGYwOTQ2YjNhNDliMTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4EcLOlnyb1gGr/TLmInl19gf/LIg
i7+tbv1ZGx4/gdj5NOXoc707vg9sWZRL7FXuqg09DdsvGnTzB07qGlFGHXn7SB+A
6L/Awa0jox8fQr3Tp2Ew4QzfIldpMQ8mj2QslJ6KJ/Ogu3oddObarFXI7bdqSZbP
HYJbG8WUWmSB/CDU6ZqmUZX4TxF/ToK6eiAMYNGJH1KauHN5/aUZw8AkqyZPxiBt
wmCufmnaIVqXHV8WozOQMkrVFMQ/ALK4fD4ybNbUEx/wTLFk4Ar0m5FlxapRB4U/
0wxTvWXCS9cRz/r6tRIOFPlVYQOkjPKFTBp/ml5kyJBWsajSfMP1peWKkQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFJO6sZ1Pbq+9qiRPa33wlGs6SbFcMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvazdxeG5VOXVyNzJxSkU5cmZmQ1VhenBKc1Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwUAKg5LxwMF
ACoOU4UDBQAqDlkBAwUAKg5ZBgMFACoOgIADBQAqDoCCAwUAKg7MxQMFACoPtMED
BQAqD8CBAwUAKg/AhzANBgkqhkiG9w0BAQsFAAOCAQEAJesIV6xZQD3FFsPM1Gzk
bG2i4V1uIyQDsZwFHuuRgz701M1Jky5k8ir6tUl56hF+v6NmSmiKWD6R43Qpyjru
z/kjrTtlMRdJQ4dqmyyaPTmZpzCVif6mDsBLeJZR7mjjyR6DPnk/jBjOsXE5BYbo
gHSLisaW7ksm6gljyukjPXo/bX+Oh8ZNBu4CdfIjAENDjJUh8si/w94O7MiNDQHC
fcs2hCsTIqmpp6fRVViGkzXupFbSXIDDnnON/FcYDyDkH4Uf183UIZHoru+Xxq+i
aGBH9WEvjbvHcwV5ktJpcrZbxSEcOpRdsiDYo9Ajop1yb+8B7zhLctCJfHtAQRnt
Dg==
-----END CERTIFICATE-----