Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/a5shIi5JL7OaWszR711RAwvYjuE.roa
File:                     a5shIi5JL7OaWszR711RAwvYjuE.roa (raw, json)
Hash identifier:          B/qJSiXDjd9M4suwFJp3zhu5CMDbM2BahKEKHnZpnC0=
Subject key identifier:   6B:9B:21:22:2E:49:2F:B3:9A:5A:CC:D1:EF:5D:51:03:0B:D8:8E:E1
Certificate issuer:       /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial:       018571C30A11FCE3A45E9DEB0D1F5331106B
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/a5shIi5JL7OaWszR711RAwvYjuE.roa
Signing time:             Mon 02 Jan 2023 09:14:45 +0000
ROA not before:           Mon 02 Jan 2023 09:14:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60271
IP address blocks:        2a0b:6b86:200::/40 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:c3:0a:11:fc:e3:a4:5e:9d:eb:0d:1f:53:31:10:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
        Validity
            Not Before: Jan  2 09:14:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6b9b21222e492fb39a5accd1ef5d51030bd88ee1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:c2:d2:18:16:7e:d5:d4:48:77:a7:2a:e5:7d:
                    3d:65:e4:20:95:43:1e:f3:6d:e9:34:86:36:78:55:
                    ff:01:2b:41:5a:66:ad:cf:85:ed:b7:79:33:53:24:
                    ce:03:0a:a1:b4:bd:ed:5d:f8:d9:f0:1b:ce:98:83:
                    bc:7c:08:09:d0:e5:2e:2c:f4:19:42:86:37:92:d5:
                    48:12:1d:cd:a2:8f:1a:7f:01:26:ef:91:f6:7c:3b:
                    26:c3:85:2c:1a:a7:46:b8:63:25:0d:9f:63:58:b2:
                    09:95:bb:3b:f0:04:d4:77:6e:c9:34:2c:cf:e3:8d:
                    62:de:90:05:42:9b:1f:e8:e0:3f:0f:a6:fa:16:d2:
                    96:43:3a:4a:56:99:1e:ac:ca:a9:fd:53:57:26:d5:
                    d6:22:ff:d6:b1:38:52:f8:4d:ed:d0:d9:a2:98:d8:
                    ce:7b:bd:a4:a3:c4:ec:9e:57:ba:f8:a8:ec:06:01:
                    b9:6a:b4:4f:73:b6:90:61:b9:f2:3e:51:f9:50:12:
                    d4:6e:93:9e:7d:bc:af:51:11:45:7b:f1:ac:14:27:
                    24:da:8e:76:c1:fb:d5:22:ac:be:20:7c:da:94:29:
                    5a:e3:62:d7:cd:95:de:e6:03:c7:86:6c:ca:05:fb:
                    ac:0e:92:1d:ae:77:d3:8c:cf:02:10:9a:78:bf:2c:
                    d7:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:9B:21:22:2E:49:2F:B3:9A:5A:CC:D1:EF:5D:51:03:0B:D8:8E:E1
            X509v3 Authority Key Identifier:
                keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/a5shIi5JL7OaWszR711RAwvYjuE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:6b86:200::/40

    Signature Algorithm: sha256WithRSAEncryption
         40:a3:4a:ad:6c:9e:aa:8c:5e:18:fa:58:b1:6e:2f:29:da:1a:
         1b:15:3f:28:03:c1:e9:25:23:ec:0e:aa:bb:2f:6c:c8:15:20:
         f2:ef:5f:26:11:a4:a5:4a:a1:a3:fa:c8:57:cd:1e:56:16:45:
         15:43:f3:33:5c:6c:93:fa:4e:5e:36:76:c6:04:49:94:13:49:
         45:38:4f:bf:c0:5e:46:37:b7:39:1f:73:fb:e6:60:b8:30:5a:
         2a:25:1f:a1:5b:04:ef:81:09:ab:cb:f7:9d:b2:f6:09:09:7b:
         c8:00:58:af:3d:85:1f:13:ac:50:e3:d1:10:7f:bc:09:b7:68:
         43:db:66:58:b9:65:8c:de:f4:54:33:bc:4d:6b:aa:77:9b:e2:
         ff:7b:e0:04:90:d1:e6:4c:4f:5c:c0:65:37:b4:9c:0d:8b:1e:
         75:b1:9d:5b:b8:57:b1:24:d1:5a:02:35:68:d5:3f:81:49:f0:
         c0:d1:c2:29:5e:33:9d:71:9b:cb:df:8c:98:dc:6e:ee:ec:2d:
         09:a3:17:84:78:4d:b0:8d:67:a8:ee:39:69:86:5d:d3:92:82:
         2b:68:8e:c3:90:73:8c:40:ac:97:47:be:00:d5:81:28:31:07:
         46:2f:6a:3e:0e:3c:67:a7:44:d3:4c:62:b8:cb:0d:b8:75:0d:
         bd:c9:b0:49
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVxwwoR/OOkXp3rDR9TMRBrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjMwMTAyMDkxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjliMjEyMjJlNDkyZmIzOWE1YWNjZDFlZjVkNTEwMzBiZDg4ZWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMLSGBZ+1dRId6cq5X09ZeQglUMe
823pNIY2eFX/AStBWmatz4Xtt3kzUyTOAwqhtL3tXfjZ8BvOmIO8fAgJ0OUuLPQZ
QoY3ktVIEh3Noo8afwEm75H2fDsmw4UsGqdGuGMlDZ9jWLIJlbs78ATUd27JNCzP
441i3pAFQpsf6OA/D6b6FtKWQzpKVpkerMqp/VNXJtXWIv/WsThS+E3t0NmimNjO
e72ko8Tsnle6+KjsBgG5arRPc7aQYbnyPlH5UBLUbpOefbyvURFFe/GsFCck2o52
wfvVIqy+IHzalCla42LXzZXe5gPHhmzKBfusDpIdrnfTjM8CEJp4vyzXiwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGubISIuSS+zmlrM0e9dUQML2I7hMB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvYTVzaElpNUpMN09hV3N6UjcxMVJBd3ZZanVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgtrhgIw
DQYJKoZIhvcNAQELBQADggEBAECjSq1snqqMXhj6WLFuLynaGhsVPygDweklI+wO
qrsvbMgVIPLvXyYRpKVKoaP6yFfNHlYWRRVD8zNcbJP6Tl42dsYESZQTSUU4T7/A
XkY3tzkfc/vmYLgwWiolH6FbBO+BCavL952y9gkJe8gAWK89hR8TrFDj0RB/vAm3
aEPbZli5ZYze9FQzvE1rqneb4v974ASQ0eZMT1zAZTe0nA2LHnWxnVu4V7Ek0VoC
NWjVP4FJ8MDRwileM51xm8vfjJjcbu7sLQmjF4R4TbCNZ6juOWmGXdOSgitojsOQ
c4xArJdHvgDVgSgxB0Yvaj4OPGenRNNMYrjLDbh1Db3JsEk=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:08 2024 by rpki-client on console-fra.rpki-client.org