Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/JvQwvOCFvOFuJbaSoa9e732V_DY.roa
File:                     JvQwvOCFvOFuJbaSoa9e732V_DY.roa (raw, json)
Hash identifier:          Jv38pPOK2Pdq/wQD5RRNrmfV5qlth34vJqJDS6TwR5E=
Subject key identifier:   26:F4:30:BC:E0:85:BC:E1:6E:25:B6:92:A1:AF:5E:EF:7D:95:FC:36
Certificate issuer:       /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial:       018571C307BA1101A07B7A60D119746DF461
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/JvQwvOCFvOFuJbaSoa9e732V_DY.roa
Signing time:             Mon 02 Jan 2023 09:14:44 +0000
ROA not before:           Mon 02 Jan 2023 09:14:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        2a0b:6b86:f00::/40 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:c3:07:ba:11:01:a0:7b:7a:60:d1:19:74:6d:f4:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
        Validity
            Not Before: Jan  2 09:14:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=26f430bce085bce16e25b692a1af5eef7d95fc36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:99:9a:ae:e5:ab:fc:b1:16:d7:19:82:8e:95:
                    ef:0c:34:04:3d:9f:93:11:f6:49:37:78:c3:f5:bd:
                    6f:5e:6f:06:3c:80:ef:21:25:4a:91:d9:b3:76:7d:
                    03:99:c5:8e:56:71:89:23:d3:f8:76:8d:b4:8b:cd:
                    ce:f1:0a:0a:ae:29:dc:7c:7b:9b:d6:11:23:c6:61:
                    62:90:54:42:55:1d:9d:0e:8b:5c:d4:e9:89:3b:ec:
                    c5:53:d3:f6:6f:a2:f5:31:e5:c0:56:68:3a:c7:fe:
                    46:fa:ee:47:92:00:46:f0:db:45:45:cc:8c:81:7c:
                    1d:82:2b:1d:18:a3:3b:7c:22:61:60:d5:da:49:0e:
                    75:e7:3a:e4:d1:92:08:d0:58:69:14:6c:e0:59:fb:
                    f9:45:7c:19:f6:71:8f:4a:fe:b1:11:c0:6c:44:c3:
                    63:d0:62:6e:5d:be:39:7b:f4:80:06:ae:fc:63:7c:
                    6b:2c:42:0f:15:1a:29:13:11:ba:06:1d:f2:7b:56:
                    00:42:3b:a5:c5:d1:de:98:5c:58:72:32:02:c8:76:
                    5b:08:f8:2c:d6:26:98:20:17:6a:f7:12:a4:f0:81:
                    a4:dd:e7:92:4e:c9:c6:c8:c3:20:ea:51:5f:4a:ca:
                    05:9f:48:c5:9e:dc:66:01:9d:7f:d7:be:ff:88:3d:
                    06:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:F4:30:BC:E0:85:BC:E1:6E:25:B6:92:A1:AF:5E:EF:7D:95:FC:36
            X509v3 Authority Key Identifier:
                keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/JvQwvOCFvOFuJbaSoa9e732V_DY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:6b86:f00::/40

    Signature Algorithm: sha256WithRSAEncryption
         32:dd:73:36:b4:be:2a:d7:2a:91:8d:a9:9c:2e:33:10:f6:3d:
         7f:e1:a3:1c:5d:86:f4:11:81:c7:e7:55:4e:1d:3e:aa:53:76:
         e0:64:51:c2:ff:a5:a8:76:5b:3a:82:be:d6:a1:34:8b:ea:2c:
         b1:b1:bf:74:7d:66:4a:50:19:a5:26:8b:8b:b3:12:4c:e9:a8:
         2a:52:09:1e:ee:26:19:f0:6e:f3:87:4a:93:56:54:29:b0:4b:
         04:db:51:38:79:fd:6e:ca:d4:a1:d8:6a:58:9b:f1:c2:bd:a2:
         5f:fe:52:8d:51:5f:53:e5:a5:93:12:6a:14:18:72:5c:d3:fe:
         73:ab:da:37:27:de:4e:4a:4f:7a:e5:6f:2e:51:7a:3c:28:25:
         a5:32:26:3f:b5:c1:a6:47:59:65:c5:15:87:b0:82:ac:9f:a3:
         22:67:ea:7e:5c:34:42:a6:0f:1f:53:46:b5:0e:76:b0:5a:a4:
         ef:dc:0e:2a:fa:80:59:09:de:06:46:01:d7:e8:f6:c6:26:49:
         94:ad:9f:50:33:5b:4a:8b:dd:00:97:6a:a5:72:fb:08:d4:f9:
         59:03:b1:c6:f5:70:f1:8d:57:67:22:64:9a:1a:e6:d8:67:75:
         a1:7f:09:89:fc:30:ff:4f:c1:f0:5d:a2:6b:45:b8:2b:7c:2c:
         e7:cd:f7:06
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVxwwe6EQGge3pg0Rl0bfRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjMwMTAyMDkxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmY0MzBiY2UwODViY2UxNmUyNWI2OTJhMWFmNWVlZjdkOTVmYzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZmaruWr/LEW1xmCjpXvDDQEPZ+T
EfZJN3jD9b1vXm8GPIDvISVKkdmzdn0DmcWOVnGJI9P4do20i83O8QoKrincfHub
1hEjxmFikFRCVR2dDotc1OmJO+zFU9P2b6L1MeXAVmg6x/5G+u5HkgBG8NtFRcyM
gXwdgisdGKM7fCJhYNXaSQ515zrk0ZII0FhpFGzgWfv5RXwZ9nGPSv6xEcBsRMNj
0GJuXb45e/SABq78Y3xrLEIPFRopExG6Bh3ye1YAQjulxdHemFxYcjICyHZbCPgs
1iaYIBdq9xKk8IGk3eeSTsnGyMMg6lFfSsoFn0jFntxmAZ1/177/iD0GpQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCb0MLzghbzhbiW2kqGvXu99lfw2MB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvSnZRd3ZPQ0Z2T0Z1SmJhU29hOWU3MzJWX0RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgtrhg8w
DQYJKoZIhvcNAQELBQADggEBADLdcza0virXKpGNqZwuMxD2PX/hoxxdhvQRgcfn
VU4dPqpTduBkUcL/pah2WzqCvtahNIvqLLGxv3R9ZkpQGaUmi4uzEkzpqCpSCR7u
JhnwbvOHSpNWVCmwSwTbUTh5/W7K1KHYalib8cK9ol/+Uo1RX1PlpZMSahQYclzT
/nOr2jcn3k5KT3rlby5RejwoJaUyJj+1waZHWWXFFYewgqyfoyJn6n5cNEKmDx9T
RrUOdrBapO/cDir6gFkJ3gZGAdfo9sYmSZStn1AzW0qL3QCXaqVy+wjU+VkDscb1
cPGNV2ciZJoa5thndaF/CYn8MP9PwfBdomtFuCt8LOfN9wY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:24 2024 by rpki-client on console-fra.rpki-client.org