Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/Yg8uX37GIGYuronzdcRzAeaFT3k.roa
File:                     Yg8uX37GIGYuronzdcRzAeaFT3k.roa (raw, json)
Hash identifier:          +/CUci3O9sWudM3kFpy6WL4VMbodh7t6SqnzUWlwcJ4=
Subject key identifier:   62:0F:2E:5F:7E:C6:20:66:2E:AE:89:F3:75:C4:73:01:E6:85:4F:79
Certificate issuer:       /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial:       0187FBEA9C4A85C68D47479399007B00121C
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/Yg8uX37GIGYuronzdcRzAeaFT3k.roa
Signing time:             Mon 08 May 2023 15:11:09 +0000
ROA not before:           Mon 08 May 2023 15:11:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203729
IP address blocks:        2a0b:6b81:210::/48 maxlen: 48
                          2a0b:6b81:208::/48 maxlen: 48
                          2a0b:6b81:1::/48 maxlen: 48
                          2a0b:6b81:205::/48 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:fb:ea:9c:4a:85:c6:8d:47:47:93:99:00:7b:00:12:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
        Validity
            Not Before: May  8 15:11:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=620f2e5f7ec620662eae89f375c47301e6854f79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:ba:f1:c7:d0:4a:e2:ea:35:79:7f:9e:e7:01:
                    03:09:15:e4:f9:27:14:c6:54:f9:98:9c:03:74:91:
                    24:b5:7e:8f:45:8d:3c:d6:00:8e:e7:f0:97:6c:80:
                    72:2e:0a:06:c9:4d:ab:ff:a3:39:e5:50:e3:71:58:
                    ae:ab:08:83:aa:0c:a5:52:93:a4:0a:92:1c:ed:4e:
                    86:04:cf:6d:47:de:ae:61:1b:5d:f1:11:ae:55:7f:
                    9d:b1:0e:e4:46:a3:75:06:4f:98:04:0e:3a:e7:c9:
                    b7:a1:51:19:3f:ae:2d:ea:01:6d:0c:92:29:eb:07:
                    dc:76:4b:48:29:02:d6:0f:c9:db:9f:ab:ed:74:8e:
                    4e:46:38:c4:d2:53:ab:e2:f1:b0:61:04:b6:fa:63:
                    b2:1b:f2:68:ba:3c:db:fd:fd:e5:df:14:d3:c8:de:
                    4e:c2:93:0a:c5:ab:8a:b8:d5:54:b1:3f:1c:6e:2a:
                    33:8e:71:5e:e9:fc:0c:19:5d:1c:1a:43:6a:f5:91:
                    db:33:45:64:e8:35:fb:a4:95:cc:14:2f:48:36:67:
                    2f:b9:7b:d9:3c:85:6b:c3:b5:c4:9a:0d:47:98:fa:
                    e6:7e:ba:95:53:45:00:a7:ec:3c:a1:65:04:80:70:
                    fd:02:55:2d:31:e8:c0:f5:b1:ea:68:b6:3a:07:2a:
                    17:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:0F:2E:5F:7E:C6:20:66:2E:AE:89:F3:75:C4:73:01:E6:85:4F:79
            X509v3 Authority Key Identifier:
                keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/Yg8uX37GIGYuronzdcRzAeaFT3k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:6b81:1::/48
                  2a0b:6b81:205::/48
                  2a0b:6b81:208::/48
                  2a0b:6b81:210::/48

    Signature Algorithm: sha256WithRSAEncryption
         a0:75:7b:47:df:06:72:c3:ec:f3:46:ff:51:70:80:2c:bd:c8:
         9d:47:e2:83:55:e6:07:e2:c2:5a:5c:6b:29:d4:5c:ce:70:5e:
         a2:82:1f:73:4c:03:58:e2:73:e9:06:b7:05:d6:d0:33:15:e3:
         e3:b9:c3:e6:3b:ca:c0:6a:88:79:c1:60:47:97:ad:ce:83:bc:
         71:bf:a5:0c:93:7a:d0:cf:c3:01:c1:64:c6:ad:4a:a2:76:85:
         ef:33:52:97:b8:cc:22:ba:99:ed:ad:c6:a2:58:76:3c:ac:49:
         4e:19:48:21:69:b0:87:f4:d2:fe:2d:33:9c:43:6b:b2:d2:10:
         4c:ef:8b:2f:86:24:9f:9b:70:f4:00:78:07:bd:0d:ba:ac:6f:
         0c:b0:70:27:41:23:bb:ba:71:a2:05:a9:f4:1c:74:e5:2d:f7:
         8b:ad:5e:1a:90:17:98:5e:7c:43:fc:ce:5a:e8:63:63:21:49:
         5e:44:6a:a3:ed:85:f0:fe:0a:a6:aa:d1:2a:c1:87:4a:f5:2e:
         09:2c:b3:be:f3:43:54:73:73:1e:23:1d:26:9f:74:78:0c:67:
         46:70:35:0c:88:1a:4a:4f:ff:6f:fe:67:9d:1b:34:42:0c:19:
         c7:b7:26:7d:cd:c9:09:1d:43:7e:a4:e8:96:85:18:b6:3e:c7:
         cf:34:0d:c9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYf76pxKhcaNR0eTmQB7ABIcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjMwNTA4MTUxMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjBmMmU1ZjdlYzYyMDY2MmVhZTg5ZjM3NWM0NzMwMWU2ODU0Zjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLrxx9BK4uo1eX+e5wEDCRXk+ScU
xlT5mJwDdJEktX6PRY081gCO5/CXbIByLgoGyU2r/6M55VDjcViuqwiDqgylUpOk
CpIc7U6GBM9tR96uYRtd8RGuVX+dsQ7kRqN1Bk+YBA4658m3oVEZP64t6gFtDJIp
6wfcdktIKQLWD8nbn6vtdI5ORjjE0lOr4vGwYQS2+mOyG/Joujzb/f3l3xTTyN5O
wpMKxauKuNVUsT8cbiozjnFe6fwMGV0cGkNq9ZHbM0Vk6DX7pJXMFC9INmcvuXvZ
PIVrw7XEmg1HmPrmfrqVU0UAp+w8oWUEgHD9AlUtMejA9bHqaLY6ByoX9QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGIPLl9+xiBmLq6J83XEcwHmhU95MB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvWWc4dVgzN0dJR1l1cm9uemRjUnpBZWFGVDNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKgtrgQAB
AwcAKgtrgQIFAwcAKgtrgQIIAwcAKgtrgQIQMA0GCSqGSIb3DQEBCwUAA4IBAQCg
dXtH3wZyw+zzRv9RcIAsvcidR+KDVeYH4sJaXGsp1FzOcF6igh9zTANY4nPpBrcF
1tAzFePjucPmO8rAaoh5wWBHl63Og7xxv6UMk3rQz8MBwWTGrUqidoXvM1KXuMwi
upntrcaiWHY8rElOGUghabCH9NL+LTOcQ2uy0hBM74svhiSfm3D0AHgHvQ26rG8M
sHAnQSO7unGiBan0HHTlLfeLrV4akBeYXnxD/M5a6GNjIUleRGqj7YXw/gqmqtEq
wYdK9S4JLLO+80NUc3MeIx0mn3R4DGdGcDUMiBpKT/9v/medGzRCDBnHtyZ9zckJ
HUN+pOiWhRi2PsfPNA3J
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:50 2023 by rpki-client on console-fra.rpki-client.org