Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/bjoAvLnRInY0o2eVhFZN97SPQX0.roa
File:                     bjoAvLnRInY0o2eVhFZN97SPQX0.roa (raw, json)
Hash identifier:          dGTXMRMzlq/wRtKetvP/nA69sCeF41PkqMd0HIeJ5eQ=
Subject key identifier:   6E:3A:00:BC:B9:D1:22:76:34:A3:67:95:84:56:4D:F7:B4:8F:41:7D
Certificate issuer:       /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial:       018E8A86F92E697074D315F5F3F831EC0825
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/bjoAvLnRInY0o2eVhFZN97SPQX0.roa
Signing time:             Fri 29 Mar 2024 14:04:45 +0000
ROA not before:           Fri 29 Mar 2024 14:04:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215427
IP address blocks:        2a10:9600::/29 maxlen: 29
                          2a13:c140::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Apr 2024 11:25:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:8a:86:f9:2e:69:70:74:d3:15:f5:f3:f8:31:ec:08:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
        Validity
            Not Before: Mar 29 14:04:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6e3a00bcb9d1227634a3679584564df7b48f417d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:66:1b:da:7b:87:be:5b:18:dc:6d:f3:2d:72:
                    97:2e:f0:39:29:66:bd:83:d8:d7:56:72:5b:d4:f4:
                    75:d8:3d:e8:d3:53:49:2c:5c:f7:07:a9:20:08:0a:
                    4e:31:9e:d3:42:c3:2c:3e:f2:e9:0e:07:0e:79:35:
                    97:85:53:d8:63:45:8e:c0:12:03:73:7f:ef:60:d9:
                    72:18:2f:e4:32:d8:11:4b:2c:4e:62:61:23:e2:48:
                    d5:1a:1c:ad:97:e6:20:5f:50:81:6a:c6:ff:aa:c2:
                    c6:29:91:1b:5d:10:c5:54:2d:b2:92:6a:f8:45:ae:
                    ef:a5:ff:55:8a:b6:55:8d:73:1d:3e:49:26:bb:7b:
                    aa:42:78:6e:f0:21:55:79:71:a1:54:cf:b3:0a:0f:
                    e6:e0:de:09:a3:e1:88:de:34:c4:00:3d:85:77:54:
                    f3:7f:10:dc:58:ed:c0:da:25:02:ba:35:5d:75:ca:
                    eb:47:f0:1b:b9:8d:c2:15:73:8b:c5:7c:a5:d1:9d:
                    6d:f9:23:0c:c8:2d:bb:ef:f5:b7:be:a6:98:1b:89:
                    e7:d8:a5:eb:fa:07:48:83:b0:a8:78:76:a9:ca:89:
                    bb:1f:53:c8:01:01:1f:d7:b8:9e:50:4a:51:5e:d0:
                    e5:ab:b7:d9:49:5a:b3:1b:83:a0:55:71:4e:b9:ac:
                    a2:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:3A:00:BC:B9:D1:22:76:34:A3:67:95:84:56:4D:F7:B4:8F:41:7D
            X509v3 Authority Key Identifier:
                keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/bjoAvLnRInY0o2eVhFZN97SPQX0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:9600::/29
                  2a13:c140::/29

    Signature Algorithm: sha256WithRSAEncryption
         25:63:ff:06:73:82:a9:66:55:b4:4a:8a:f9:6d:91:90:c3:43:
         fd:42:bf:94:7f:9f:60:09:2c:31:67:7b:70:f3:ef:16:57:7b:
         6d:99:18:7d:18:f5:b1:2c:8e:3f:6d:a1:a3:2e:55:40:a5:14:
         e2:09:a7:b3:a7:91:54:ea:a2:3b:75:ff:f4:f6:a7:ee:5e:76:
         f7:56:30:61:4d:59:28:2d:99:a4:67:4e:cd:b3:6e:1c:7c:06:
         42:77:5d:d1:a1:51:9b:a5:78:ba:bf:93:8e:bf:41:f3:a3:0a:
         65:06:89:ae:59:e7:31:b0:3d:4f:16:2f:e1:63:8e:a9:bf:a1:
         e1:f1:33:20:33:9a:fe:4e:bc:dc:2a:c9:a1:86:bc:9f:fa:57:
         1d:34:41:91:0b:ce:f5:f6:6e:a4:b7:e5:f5:1c:cf:65:bb:b2:
         df:b6:b8:25:3b:dd:b5:96:ef:35:43:3a:ad:c5:ef:f7:c2:b9:
         03:ed:9c:7e:f1:03:58:cd:fa:d6:f1:20:e9:e3:7d:6e:88:8a:
         77:c5:ae:00:81:40:00:7b:1b:71:1f:34:99:0f:1f:9a:01:41:
         cf:90:6b:0b:ea:6f:81:87:1e:08:72:12:fa:28:88:43:87:f1:
         d3:63:50:8c:c5:76:c6:ba:80:dc:84:b4:29:f4:4f:55:08:93:
         6e:11:cf:d0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY6KhvkuaXB00xX18/gx7AglMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjQwMzI5MTQwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTNhMDBiY2I5ZDEyMjc2MzRhMzY3OTU4NDU2NGRmN2I0OGY0MTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmYb2nuHvlsY3G3zLXKXLvA5KWa9
g9jXVnJb1PR12D3o01NJLFz3B6kgCApOMZ7TQsMsPvLpDgcOeTWXhVPYY0WOwBID
c3/vYNlyGC/kMtgRSyxOYmEj4kjVGhytl+YgX1CBasb/qsLGKZEbXRDFVC2ykmr4
Ra7vpf9VirZVjXMdPkkmu3uqQnhu8CFVeXGhVM+zCg/m4N4Jo+GI3jTEAD2Fd1Tz
fxDcWO3A2iUCujVddcrrR/AbuY3CFXOLxXyl0Z1t+SMMyC277/W3vqaYG4nn2KXr
+gdIg7CoeHapyom7H1PIAQEf17ieUEpRXtDlq7fZSVqzG4OgVXFOuayiZwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFG46ALy50SJ2NKNnlYRWTfe0j0F9MB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvYmpvQXZMblJJblkwbzJlVmhGWk45N1NQUVgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhCWAAMF
AyoTwUAwDQYJKoZIhvcNAQELBQADggEBACVj/wZzgqlmVbRKivltkZDDQ/1Cv5R/
n2AJLDFne3Dz7xZXe22ZGH0Y9bEsjj9toaMuVUClFOIJp7OnkVTqojt1//T2p+5e
dvdWMGFNWSgtmaRnTs2zbhx8BkJ3XdGhUZuleLq/k46/QfOjCmUGia5Z5zGwPU8W
L+Fjjqm/oeHxMyAzmv5OvNwqyaGGvJ/6Vx00QZELzvX2bqS35fUcz2W7st+2uCU7
3bWW7zVDOq3F7/fCuQPtnH7xA1jN+tbxIOnjfW6IinfFrgCBQAB7G3EfNJkPH5oB
Qc+Qawvqb4GHHghyEvooiEOH8dNjUIzFdsa6gNyEtCn0T1UIk24Rz9A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:17 2024 by rpki-client on console-fra.rpki-client.org