Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/I4-6ykdMVyDdOr67d-lX27yjYqg.roa
File:                     I4-6ykdMVyDdOr67d-lX27yjYqg.roa (raw, json)
Hash identifier:          kmJeYHX/axnRiphM59fhHrbd31zJZvuLveIEBIbkN38=
Subject key identifier:   23:8F:BA:CA:47:4C:57:20:DD:3A:BE:BB:77:E9:57:DB:BC:A3:62:A8
Certificate issuer:       /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial:       018571C310212D93C9B7052C3A0EF23CF483
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/I4-6ykdMVyDdOr67d-lX27yjYqg.roa
Signing time:             Mon 02 Jan 2023 09:14:47 +0000
ROA not before:           Mon 02 Jan 2023 09:14:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207080
IP address blocks:        2a0b:6b86:400::/40 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:c3:10:21:2d:93:c9:b7:05:2c:3a:0e:f2:3c:f4:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
        Validity
            Not Before: Jan  2 09:14:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=238fbaca474c5720dd3abebb77e957dbbca362a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:b0:0f:f0:54:a6:4a:5f:0b:78:24:cd:de:98:
                    af:a3:71:db:f7:d9:e2:15:02:a4:ab:6b:07:7b:66:
                    4e:b6:22:05:36:fe:b6:ae:63:28:e7:46:ea:c0:a2:
                    89:06:5f:14:e4:e4:0e:24:02:b4:33:b7:f9:06:7e:
                    74:9c:df:fb:36:b0:7d:c2:a7:35:e4:12:0a:dd:2f:
                    05:6b:6c:8a:78:0a:2c:f6:b6:81:2d:75:17:25:54:
                    79:48:5b:1f:ff:69:17:7a:85:1f:ea:0a:16:ef:5e:
                    93:23:b5:66:77:96:1b:cd:21:fb:ef:aa:14:6d:b4:
                    5f:f7:cd:de:5d:e7:d5:56:09:94:50:d9:17:14:7e:
                    e5:23:94:c1:3b:39:ff:51:3e:41:ce:ec:22:24:98:
                    cb:91:d8:4c:ce:f7:43:d8:2f:37:90:46:d2:8b:3d:
                    b7:44:c3:fe:d5:d0:a9:97:35:83:26:e5:b0:25:29:
                    15:ba:55:ee:58:4b:af:fa:0d:99:89:f8:cc:bb:c7:
                    51:75:36:44:9e:e6:84:d5:25:e8:03:cb:f3:cd:f4:
                    6d:b5:ca:be:c4:a4:6b:0c:4a:11:10:da:8e:1b:e1:
                    c7:b5:e7:ca:09:37:a8:60:65:9f:5c:27:5b:2e:ad:
                    6a:5a:0b:ca:58:f4:0b:f5:0e:9f:7d:81:a8:ec:74:
                    38:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:8F:BA:CA:47:4C:57:20:DD:3A:BE:BB:77:E9:57:DB:BC:A3:62:A8
            X509v3 Authority Key Identifier:
                keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/I4-6ykdMVyDdOr67d-lX27yjYqg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:6b86:400::/40

    Signature Algorithm: sha256WithRSAEncryption
         15:e1:9f:f9:73:d5:7b:f2:c0:b9:e5:2f:7a:c7:d0:83:e1:28:
         81:d2:50:58:df:2e:c6:ee:25:80:fd:0e:94:d3:00:75:30:29:
         9d:fe:d2:6e:c1:50:7a:e5:46:9a:bf:48:b2:50:76:1e:48:4f:
         17:cf:58:ba:eb:fc:5f:26:b7:e6:60:b8:4d:99:6e:ab:4b:32:
         f0:7e:c5:80:e4:2e:fc:49:7d:48:aa:2c:38:15:d9:e1:6f:83:
         bc:dd:e7:72:d9:d9:54:2f:01:0f:97:6a:fd:57:f7:e1:27:12:
         4a:5b:5e:7b:87:76:58:63:9d:07:2d:3b:6c:dc:77:ed:b2:cf:
         38:b0:49:56:b7:fe:28:3d:3e:7c:bf:0f:3e:80:d2:ab:04:67:
         da:32:ff:1a:04:f9:36:23:14:b3:8c:fc:d2:5b:6c:e3:d8:92:
         03:64:3c:8c:1c:44:22:95:9f:3c:4c:63:40:96:d5:ed:04:01:
         0c:5c:ee:c3:31:32:b2:0c:0a:f0:a0:92:65:a1:fe:f0:20:dc:
         21:0d:c7:e1:40:18:85:d7:be:3e:19:ec:a7:6b:74:9b:a2:03:
         13:3f:81:9e:a7:56:7a:9b:3f:49:cc:e1:02:8b:9e:bd:1d:fe:
         ce:21:91:f8:ee:63:a1:43:fe:83:05:b9:f8:78:58:db:a8:1b:
         ba:7a:80:40
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVxwxAhLZPJtwUsOg7yPPSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjMwMTAyMDkxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzhmYmFjYTQ3NGM1NzIwZGQzYWJlYmI3N2U5NTdkYmJjYTM2MmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLAP8FSmSl8LeCTN3pivo3Hb99ni
FQKkq2sHe2ZOtiIFNv62rmMo50bqwKKJBl8U5OQOJAK0M7f5Bn50nN/7NrB9wqc1
5BIK3S8Fa2yKeAos9raBLXUXJVR5SFsf/2kXeoUf6goW716TI7Vmd5YbzSH776oU
bbRf983eXefVVgmUUNkXFH7lI5TBOzn/UT5BzuwiJJjLkdhMzvdD2C83kEbSiz23
RMP+1dCplzWDJuWwJSkVulXuWEuv+g2ZifjMu8dRdTZEnuaE1SXoA8vzzfRttcq+
xKRrDEoRENqOG+HHtefKCTeoYGWfXCdbLq1qWgvKWPQL9Q6ffYGo7HQ49wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCOPuspHTFcg3Tq+u3fpV9u8o2KoMB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvSTQtNnlrZE1WeURkT3I2N2QtbFgyN3lqWXFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgtrhgQw
DQYJKoZIhvcNAQELBQADggEBABXhn/lz1XvywLnlL3rH0IPhKIHSUFjfLsbuJYD9
DpTTAHUwKZ3+0m7BUHrlRpq/SLJQdh5ITxfPWLrr/F8mt+ZguE2ZbqtLMvB+xYDk
LvxJfUiqLDgV2eFvg7zd53LZ2VQvAQ+Xav1X9+EnEkpbXnuHdlhjnQctO2zcd+2y
zziwSVa3/ig9Pny/Dz6A0qsEZ9oy/xoE+TYjFLOM/NJbbOPYkgNkPIwcRCKVnzxM
Y0CW1e0EAQxc7sMxMrIMCvCgkmWh/vAg3CENx+FAGIXXvj4Z7KdrdJuiAxM/gZ6n
VnqbP0nM4QKLnr0d/s4hkfjuY6FD/oMFufh4WNuoG7p6gEA=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:02 2024 by rpki-client on console-ams.rpki-client.org