Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/y2q71pI6NhtRjC59UfSiHtxZHbY.roa
File:                     y2q71pI6NhtRjC59UfSiHtxZHbY.roa (raw, json)
Hash identifier:          z+epX1EAUeZJUglI6y1D/8G++dITuc+azkIWIb/f5b8=
Subject key identifier:   CB:6A:BB:D6:92:3A:36:1B:51:8C:2E:7D:51:F4:A2:1E:DC:59:1D:B6
Certificate issuer:       /CN=168600dfac9d3d1a75e6630d697102f2f2132c48
Certificate serial:       0188D2473C0BC32F1E9E1A8D39B3DDE5807A
Authority key identifier: 16:86:00:DF:AC:9D:3D:1A:75:E6:63:0D:69:71:02:F2:F2:13:2C:48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/y2q71pI6NhtRjC59UfSiHtxZHbY.roa
Signing time:             Mon 19 Jun 2023 06:11:03 +0000
ROA not before:           Mon 19 Jun 2023 06:11:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51559
IP address blocks:        2a06:c400::/48 maxlen: 48
                          2a06:c400:b::/48 maxlen: 48
                          2a06:c400:6::/48 maxlen: 48
                          2a06:c400:1::/48 maxlen: 48
                          2a06:c400:4::/48 maxlen: 48
                          2a06:c400:f::/48 maxlen: 48
                          2a06:c400:a::/48 maxlen: 48
                          2a06:c400:5::/48 maxlen: 48
                          2a06:c400:8::/48 maxlen: 48
                          2a06:c400:3::/48 maxlen: 48
                          2a06:c400:e::/48 maxlen: 48
                          2a06:c400:9::/48 maxlen: 48
                          2a06:c400:c::/48 maxlen: 48
                          2a06:c400:7::/48 maxlen: 48
                          2a06:c400:2::/48 maxlen: 48
                          2a06:c400:d::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:31:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:d2:47:3c:0b:c3:2f:1e:9e:1a:8d:39:b3:dd:e5:80:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=168600dfac9d3d1a75e6630d697102f2f2132c48
        Validity
            Not Before: Jun 19 06:11:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cb6abbd6923a361b518c2e7d51f4a21edc591db6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:a3:18:5d:d3:df:92:6c:27:f3:85:c4:2f:0c:
                    02:c0:56:13:00:ab:49:1e:9f:33:fe:3c:1e:2a:f5:
                    6f:98:b4:54:4b:32:62:8e:d0:13:5b:3f:e2:17:65:
                    0a:c0:9f:b1:92:8d:d9:78:31:d3:01:ad:3f:cd:58:
                    a7:21:8b:93:cb:ce:98:5a:8d:6a:2b:1f:47:23:4d:
                    91:d0:bc:90:aa:f2:ad:e3:81:7d:9a:57:1b:72:83:
                    43:1d:7e:e6:70:4f:79:38:bd:73:f0:35:a4:f6:09:
                    07:b1:06:4d:f6:0d:0e:bd:37:82:c0:3f:49:d0:1e:
                    1d:74:0c:36:48:f9:fa:c5:11:fb:59:d4:a6:ac:3f:
                    40:ae:dd:ea:6d:87:2b:a3:92:ca:dc:2b:dc:6c:bc:
                    58:b3:d7:95:57:6f:cb:9a:9d:8c:65:4c:67:f9:b0:
                    01:af:8f:a2:b8:dd:79:d5:4f:27:22:5b:bb:9a:fa:
                    1b:15:61:4b:a6:68:07:e5:fc:95:e8:17:64:ad:81:
                    ed:e5:e7:8f:52:a8:38:8f:e8:aa:61:6e:fb:89:1b:
                    52:dc:ff:31:48:d9:7d:8f:4b:8f:11:6c:7d:b5:a2:
                    c1:b1:c1:49:87:01:81:b3:1c:9f:f3:46:60:91:e0:
                    ac:06:05:b2:84:8a:3f:4f:ba:96:96:c4:d0:05:88:
                    9b:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:6A:BB:D6:92:3A:36:1B:51:8C:2E:7D:51:F4:A2:1E:DC:59:1D:B6
            X509v3 Authority Key Identifier:
                keyid:16:86:00:DF:AC:9D:3D:1A:75:E6:63:0D:69:71:02:F2:F2:13:2C:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/y2q71pI6NhtRjC59UfSiHtxZHbY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/FoYA36ydPRp15mMNaXEC8vITLEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:c400::/44

    Signature Algorithm: sha256WithRSAEncryption
         0a:7c:77:bb:a9:87:44:46:25:7c:fa:7b:3f:ef:00:8e:9c:5b:
         7a:08:0d:2b:3c:8e:32:2d:15:f2:3b:af:df:2b:30:63:c5:94:
         f0:90:37:ec:3c:7a:87:ba:e0:37:74:f7:74:2c:df:c6:e6:15:
         99:64:07:a4:da:53:50:27:c5:cb:49:d8:f0:0d:c8:ef:b1:89:
         7e:d6:4c:3a:50:c0:f3:26:bb:f2:0d:33:62:ac:2b:21:33:58:
         99:4f:92:9a:26:31:25:70:3d:7c:e1:b6:6c:d3:6c:3d:3e:68:
         1f:92:a3:57:22:b8:51:09:83:7d:48:a2:2f:70:b4:2f:d1:b5:
         7e:1d:ec:04:b3:da:93:d9:23:f1:74:02:2d:db:4a:5d:7b:f4:
         0a:22:cd:27:00:6b:2b:6f:26:7f:1d:8e:8c:48:3b:70:8f:54:
         8f:06:95:79:f6:cb:0c:41:9a:dd:00:e2:bf:bf:8e:3f:77:99:
         db:97:ff:98:11:9d:6a:10:51:6d:59:a1:85:e7:8f:5e:67:6e:
         c7:21:2b:af:37:60:dd:cb:76:5a:eb:7c:5a:f9:59:51:81:7e:
         41:74:61:aa:a7:58:70:26:25:98:2d:0b:23:b6:ce:b1:9a:b1:
         9f:52:8a:bd:87:d6:25:b0:c6:1b:a2:2a:c6:53:43:9d:d2:7a:
         cb:03:fa:69
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYjSRzwLwy8enhqNObPd5YB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ODYwMGRmYWM5ZDNkMWE3NWU2NjMwZDY5NzEwMmYyZjIx
MzJjNDgwHhcNMjMwNjE5MDYxMTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjZhYmJkNjkyM2EzNjFiNTE4YzJlN2Q1MWY0YTIxZWRjNTkxZGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6MYXdPfkmwn84XELwwCwFYTAKtJ
Hp8z/jweKvVvmLRUSzJijtATWz/iF2UKwJ+xko3ZeDHTAa0/zVinIYuTy86YWo1q
Kx9HI02R0LyQqvKt44F9mlcbcoNDHX7mcE95OL1z8DWk9gkHsQZN9g0OvTeCwD9J
0B4ddAw2SPn6xRH7WdSmrD9Art3qbYcro5LK3CvcbLxYs9eVV2/Lmp2MZUxn+bAB
r4+iuN151U8nIlu7mvobFWFLpmgH5fyV6BdkrYHt5eePUqg4j+iqYW77iRtS3P8x
SNl9j0uPEWx9taLBscFJhwGBsxyf80ZgkeCsBgWyhIo/T7qWlsTQBYibGwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMtqu9aSOjYbUYwufVH0oh7cWR22MB8GA1UdIwQY
MBaAFBaGAN+snT0adeZjDWlxAvLyEyxIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm9ZQTM2eWRQUnAxNW1NTmFYRUM4dklUTEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9hZjM1YzMtN2Y4MS00ODI5LThkYmEt
MThkYmU2NTA0YmI0LzEveTJxNzFwSTZOaHRSakM1OVVmU2lIdHhaSGJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9hZjM1YzMtN2Y4MS00ODI5LThkYmEtMThkYmU2NTA0YmI0
LzEvRm9ZQTM2eWRQUnAxNW1NTmFYRUM4dklUTEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgbEAAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAKfHe7qYdERiV8+ns/7wCOnFt6CA0rPI4yLRXy
O6/fKzBjxZTwkDfsPHqHuuA3dPd0LN/G5hWZZAek2lNQJ8XLSdjwDcjvsYl+1kw6
UMDzJrvyDTNirCshM1iZT5KaJjElcD184bZs02w9PmgfkqNXIrhRCYN9SKIvcLQv
0bV+HewEs9qT2SPxdAIt20pde/QKIs0nAGsrbyZ/HY6MSDtwj1SPBpV59ssMQZrd
AOK/v44/d5nbl/+YEZ1qEFFtWaGF549eZ27HISuvN2Ddy3Za63xa+VlRgX5BdGGq
p1hwJiWYLQsjts6xmrGfUoq9h9YlsMYboirGU0Od0nrLA/pp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:37 2024 by rpki-client on console-ams.rpki-client.org