Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/nEOeVRWaa_KMUgG97qojIVLdoPE.roa
File:                     nEOeVRWaa_KMUgG97qojIVLdoPE.roa (raw, json)
Hash identifier:          SbA00SPkyohbVUsXUdVn6zZDuIWLZj1PofXoVWkWExw=
Subject key identifier:   9C:43:9E:55:15:9A:6B:F2:8C:52:01:BD:EE:AA:23:21:52:DD:A0:F1
Certificate issuer:       /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial:       018571C310A3B04E266399AB7A777A62B825
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/nEOeVRWaa_KMUgG97qojIVLdoPE.roa
Signing time:             Mon 02 Jan 2023 09:14:47 +0000
ROA not before:           Mon 02 Jan 2023 09:14:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208249
IP address blocks:        2a0b:6b83::/32 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:c3:10:a3:b0:4e:26:63:99:ab:7a:77:7a:62:b8:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
        Validity
            Not Before: Jan  2 09:14:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9c439e55159a6bf28c5201bdeeaa232152dda0f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:e5:f2:b8:e1:61:ac:bb:eb:7f:35:0b:e4:ab:
                    4b:28:99:04:22:1a:73:58:ad:07:d1:a0:a3:9c:4d:
                    57:73:c7:e9:fb:75:90:c3:d8:9a:0e:ea:dd:a2:f5:
                    e2:74:62:ff:4e:41:cd:91:0b:ce:59:0f:71:69:c6:
                    53:0d:35:20:77:e7:e6:a7:a1:6c:82:96:25:d6:a3:
                    91:45:34:98:cd:c1:da:f5:76:19:cd:0d:ac:30:c0:
                    3e:d1:45:15:55:c8:af:2d:5f:29:b3:76:ab:50:22:
                    00:f2:94:9c:cc:66:07:6a:39:dc:11:9c:7a:68:9d:
                    de:0e:75:d8:69:29:4d:85:74:c2:86:94:32:8e:6f:
                    41:ef:70:4f:db:28:82:a6:96:c9:8b:8c:19:08:b6:
                    7d:fe:82:a0:c8:4e:78:9b:64:8d:d1:44:2b:24:fe:
                    be:f1:1f:da:95:69:37:74:34:6d:a4:4e:2a:eb:4e:
                    1a:16:5b:69:af:81:83:3f:7e:b2:b9:2a:35:3b:c9:
                    06:97:aa:b9:82:0b:22:5b:ee:39:06:70:01:50:89:
                    2c:27:83:dc:c8:e5:2a:33:ad:a8:58:0a:1e:0c:98:
                    40:a5:ee:6a:30:04:73:36:92:6c:79:ab:ff:82:2b:
                    5f:cb:37:fa:6f:b1:94:42:0c:84:93:50:43:13:9e:
                    b5:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:43:9E:55:15:9A:6B:F2:8C:52:01:BD:EE:AA:23:21:52:DD:A0:F1
            X509v3 Authority Key Identifier:
                keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/nEOeVRWaa_KMUgG97qojIVLdoPE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:6b83::/32

    Signature Algorithm: sha256WithRSAEncryption
         89:ec:4f:40:79:6a:54:d6:54:0e:d3:59:9f:fc:e0:aa:f1:ce:
         30:81:ed:1e:91:f6:fb:68:d8:de:58:ea:1b:ca:67:8b:22:1c:
         5e:3e:f5:d1:8b:af:0f:03:4a:d5:cc:0a:57:e4:d1:21:fc:c3:
         83:f0:a0:4b:a1:cb:69:60:f8:85:e5:2e:42:46:c7:4f:5b:7a:
         f5:bc:1d:50:dd:61:4b:7e:04:11:f0:4f:67:62:27:b3:97:6c:
         07:1d:9f:36:85:49:0a:20:14:05:b8:6c:45:1b:fe:fc:96:06:
         0b:c7:2d:35:1d:7d:2a:71:60:ef:71:02:4e:e5:02:f3:2a:f9:
         10:e3:de:b8:ed:d5:ba:2f:98:c5:7e:cf:20:c9:27:2c:fd:4f:
         16:89:e1:b2:32:d2:9a:37:0e:36:a2:4d:e3:f5:bf:05:7d:cd:
         89:12:cb:3b:73:69:fe:88:8a:62:0e:1c:04:6c:91:7f:01:d3:
         dc:8a:30:e4:d9:37:8a:ea:12:cb:26:98:5e:5c:14:26:7e:76:
         3a:4c:54:af:76:11:c9:e9:68:76:b8:c9:fe:ee:d3:67:1b:a9:
         2d:19:db:92:ae:7a:98:d8:ba:f0:f6:0d:38:5c:67:0d:89:be:
         0b:f5:3f:10:4e:a3:a5:e3:e5:a8:6c:4e:28:a7:ac:58:37:ec:
         89:f0:08:bb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxwxCjsE4mY5mrend6YrglMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjMwMTAyMDkxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzQzOWU1NTE1OWE2YmYyOGM1MjAxYmRlZWFhMjMyMTUyZGRhMGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuXyuOFhrLvrfzUL5KtLKJkEIhpz
WK0H0aCjnE1Xc8fp+3WQw9iaDurdovXidGL/TkHNkQvOWQ9xacZTDTUgd+fmp6Fs
gpYl1qORRTSYzcHa9XYZzQ2sMMA+0UUVVcivLV8ps3arUCIA8pSczGYHajncEZx6
aJ3eDnXYaSlNhXTChpQyjm9B73BP2yiCppbJi4wZCLZ9/oKgyE54m2SN0UQrJP6+
8R/alWk3dDRtpE4q604aFltpr4GDP36yuSo1O8kGl6q5ggsiW+45BnABUIksJ4Pc
yOUqM62oWAoeDJhApe5qMARzNpJseav/gitfyzf6b7GUQgyEk1BDE561owIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJxDnlUVmmvyjFIBve6qIyFS3aDxMB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvbkVPZVZSV2FhX0tNVWdHOTdxb2pJVkxkb1BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgtrgzAN
BgkqhkiG9w0BAQsFAAOCAQEAiexPQHlqVNZUDtNZn/zgqvHOMIHtHpH2+2jY3ljq
G8pniyIcXj710YuvDwNK1cwKV+TRIfzDg/CgS6HLaWD4heUuQkbHT1t69bwdUN1h
S34EEfBPZ2Ins5dsBx2fNoVJCiAUBbhsRRv+/JYGC8ctNR19KnFg73ECTuUC8yr5
EOPeuO3Vui+YxX7PIMknLP1PFonhsjLSmjcONqJN4/W/BX3NiRLLO3Np/oiKYg4c
BGyRfwHT3Iow5Nk3iuoSyyaYXlwUJn52OkxUr3YRyelodrjJ/u7TZxupLRnbkq56
mNi68PYNOFxnDYm+C/U/EE6jpePlqGxOKKesWDfsifAIuw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:08 2024 by rpki-client on console-fra.rpki-client.org