Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/I2e9DKcpHRQinL2_dAE2JPT7868.roa
File:                     I2e9DKcpHRQinL2_dAE2JPT7868.roa (raw, json)
Hash identifier:          8YqZ8mR2HtjImYlUc+Ioyx4QgHk30oxOo+94vJWWsd4=
Subject key identifier:   23:67:BD:0C:A7:29:1D:14:22:9C:BD:BF:74:01:36:24:F4:FB:F3:AF
Certificate issuer:       /CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Certificate serial:       01856F9DB0EBC47F599406461D9AD0A5B9AE
Authority key identifier: DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/I2e9DKcpHRQinL2_dAE2JPT7868.roa
Signing time:             Sun 01 Jan 2023 23:14:43 +0000
ROA not before:           Sun 01 Jan 2023 23:14:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8881
IP address blocks:        2a02:45c0:6::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:9d:b0:eb:c4:7f:59:94:06:46:1d:9a:d0:a5:b9:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
        Validity
            Not Before: Jan  1 23:14:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2367bd0ca7291d14229cbdbf74013624f4fbf3af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:0e:de:cb:93:5a:6d:e8:8d:04:59:1f:32:bd:
                    d6:5a:16:98:05:15:6f:f0:4a:3f:42:69:42:06:99:
                    49:a1:70:d7:2d:a4:2e:82:46:23:f9:2e:e3:8a:f8:
                    8a:0e:b0:d6:99:7d:4e:89:74:6f:2b:03:03:f3:87:
                    90:eb:68:22:d1:63:5c:40:13:de:54:ce:55:b0:c2:
                    ff:83:57:a3:f1:99:b8:fd:5a:e9:89:65:5b:5f:e2:
                    f6:a5:8a:73:00:01:71:1a:4f:d0:02:03:c4:78:28:
                    aa:eb:7d:05:f5:ab:f4:82:8d:fc:a6:da:c8:a6:64:
                    e8:c9:26:e2:22:94:66:a8:fd:80:d5:89:3a:58:28:
                    09:e7:88:f1:86:05:4b:6e:da:cb:60:b2:0b:74:7d:
                    10:b2:8e:3d:6b:06:d4:d5:08:06:cb:88:a7:85:49:
                    2e:ae:98:85:ff:0b:0e:f0:32:58:da:e0:ef:90:ef:
                    73:d6:56:07:43:38:eb:12:96:2a:e9:5f:24:f0:67:
                    94:b0:99:fc:32:fc:66:3b:58:8f:63:ca:9f:a2:b3:
                    49:ec:dc:c6:be:8b:61:53:33:9b:1d:ed:36:9f:0f:
                    dc:d5:d5:18:da:a6:f5:eb:b4:96:60:44:73:15:70:
                    c0:26:f6:1e:69:b7:37:3e:a0:2f:11:8c:e9:6c:af:
                    76:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:67:BD:0C:A7:29:1D:14:22:9C:BD:BF:74:01:36:24:F4:FB:F3:AF
            X509v3 Authority Key Identifier:
                keyid:DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/I2e9DKcpHRQinL2_dAE2JPT7868.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/29T45HYjd_hrB6h1P26Y9vS2t5I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a02:45c0:6::/48

    Signature Algorithm: sha256WithRSAEncryption
         b4:35:60:5c:e8:68:02:6b:27:1f:1d:32:8d:f7:b9:de:e9:96:
         b2:28:47:2f:d4:2d:6a:be:9c:6d:98:c9:c4:dc:bc:93:bf:08:
         a4:05:f7:d7:17:4c:12:3c:c4:09:c4:dc:4e:23:5b:9a:a3:09:
         0d:6a:cd:3c:fc:ae:7a:d6:8f:a4:31:70:24:0f:99:af:bf:01:
         9a:d2:33:d7:75:b7:92:49:ef:f3:5f:97:4f:87:24:ed:e9:6f:
         bf:23:15:a5:c4:33:a6:df:cc:06:69:66:3a:51:14:75:6d:b7:
         13:5c:8f:c4:57:ff:ac:f6:f3:0f:db:30:30:52:7a:fd:52:f4:
         a7:81:38:03:99:0b:c4:16:bb:fc:0c:49:93:9f:d9:fd:bd:bb:
         2a:97:b7:91:57:ba:2c:35:5a:45:1a:41:5d:d6:01:85:2b:48:
         8e:d2:25:70:d1:e2:bd:81:cb:b4:65:21:e8:cc:8d:f7:b3:03:
         10:c1:6e:19:21:2f:25:ff:b9:53:16:c8:c6:ac:e8:87:c5:33:
         76:3d:14:e5:1b:87:99:fa:e9:49:65:4c:f3:4c:66:eb:93:24:
         09:35:e6:7a:c8:ed:05:a1:06:5b:89:67:30:ac:d4:f4:e9:23:
         66:ff:03:1c:6e:64:df:75:26:8c:35:bd:49:fc:c4:ef:35:af:
         2b:e1:a6:f0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvnbDrxH9ZlAZGHZrQpbmuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDRmOGU0NzYyMzc3Zjg2YjA3YTg3NTNmNmU5OGY2ZjRi
NmI3OTIwHhcNMjMwMTAxMjMxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzY3YmQwY2E3MjkxZDE0MjI5Y2JkYmY3NDAxMzYyNGY0ZmJmM2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQ7ey5NabeiNBFkfMr3WWhaYBRVv
8Eo/QmlCBplJoXDXLaQugkYj+S7jiviKDrDWmX1OiXRvKwMD84eQ62gi0WNcQBPe
VM5VsML/g1ej8Zm4/VrpiWVbX+L2pYpzAAFxGk/QAgPEeCiq630F9av0go38ptrI
pmToySbiIpRmqP2A1Yk6WCgJ54jxhgVLbtrLYLILdH0Qso49awbU1QgGy4inhUku
rpiF/wsO8DJY2uDvkO9z1lYHQzjrEpYq6V8k8GeUsJn8MvxmO1iPY8qforNJ7NzG
vothUzObHe02nw/c1dUY2qb167SWYERzFXDAJvYeabc3PqAvEYzpbK92LwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCNnvQynKR0UIpy9v3QBNiT0+/OvMB8GA1UdIwQY
MBaAFNvU+OR2I3f4aweodT9umPb0treSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUt
NjIwYTc5Y2Y3OTJiLzEvSTJlOURLY3BIUlFpbkwyX2RBRTJKUFQ3ODY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUtNjIwYTc5Y2Y3OTJi
LzEvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgJFwAAG
MA0GCSqGSIb3DQEBCwUAA4IBAQC0NWBc6GgCaycfHTKN97ne6ZayKEcv1C1qvpxt
mMnE3LyTvwikBffXF0wSPMQJxNxOI1uaowkNas08/K561o+kMXAkD5mvvwGa0jPX
dbeSSe/zX5dPhyTt6W+/IxWlxDOm38wGaWY6URR1bbcTXI/EV/+s9vMP2zAwUnr9
UvSngTgDmQvEFrv8DEmTn9n9vbsql7eRV7osNVpFGkFd1gGFK0iO0iVw0eK9gcu0
ZSHozI33swMQwW4ZIS8l/7lTFsjGrOiHxTN2PRTlG4eZ+ulJZUzzTGbrkyQJNeZ6
yO0FoQZbiWcwrNT06SNm/wMcbmTfdSaMNb1J/MTvNa8r4abw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:49 2024 by rpki-client on console-fra.rpki-client.org