Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/Hi9ykre_jlNYCDk740xVgkh5apk.roa
File:                     Hi9ykre_jlNYCDk740xVgkh5apk.roa (raw, json)
Hash identifier:          5r6GMAFYiHtzpl1mBYICYdH852KFaLC12OxN0ea00P0=
Subject key identifier:   1E:2F:72:92:B7:BF:8E:53:58:08:39:3B:E3:4C:55:82:48:79:6A:99
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       018B85B2E728871AB8F02A7DA1A82863E37B
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/Hi9ykre_jlNYCDk740xVgkh5apk.roa
Signing time:             Tue 31 Oct 2023 12:26:16 +0000
ROA not before:           Tue 31 Oct 2023 12:26:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211027
IP address blocks:        2a09:3d00::/29 maxlen: 36
                          2a0f:c582::/32 maxlen: 32
                          2a11:b80::/29 maxlen: 36
                          2a09:b680::/29 maxlen: 36
                          2a0d:5ec0::/29 maxlen: 36
                          2a11:780::/29 maxlen: 36
                          2a11:200:2000::/36 maxlen: 36
                          2a10:c340:7000::/36 maxlen: 36

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:85:b2:e7:28:87:1a:b8:f0:2a:7d:a1:a8:28:63:e3:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Oct 31 12:26:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1e2f7292b7bf8e535808393be34c558248796a99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:82:0c:5b:7b:ab:13:46:5c:ea:ed:bc:40:3d:
                    8e:a4:36:0e:08:58:77:4a:2f:03:98:53:cc:1f:63:
                    9c:d2:4f:54:ed:6b:3e:96:b6:a7:50:a6:fe:39:40:
                    35:b2:06:44:96:32:de:ef:51:a5:eb:73:73:00:1d:
                    d3:f3:db:fb:65:30:11:47:0f:6b:e1:bf:a6:cf:86:
                    79:e2:b9:62:6f:64:ac:3d:16:c1:67:8b:13:f8:e0:
                    c7:4c:96:03:47:32:83:1a:a3:cf:41:d1:3d:1f:75:
                    cc:f3:20:80:4b:9b:51:44:77:b5:0b:aa:5d:f3:c2:
                    71:c0:f7:61:7b:91:ac:5d:dc:b8:ab:92:c5:f8:10:
                    05:a1:0a:0c:8f:34:85:3c:54:5d:81:9d:a8:ba:16:
                    89:b3:a9:af:31:d5:6e:51:82:ec:b5:88:8c:2b:f7:
                    e6:44:e1:1a:e7:b8:5e:ce:a2:fe:3b:01:53:69:43:
                    62:a6:09:7e:53:67:a3:14:80:07:a3:80:87:ff:3d:
                    84:fe:ba:2b:f8:2c:85:94:85:f8:97:88:76:c2:47:
                    5b:de:4d:23:14:8c:bd:87:cd:10:19:16:1d:df:03:
                    31:13:32:89:29:a0:3e:e6:fc:f8:81:ff:d0:f4:c0:
                    07:f3:8e:1c:d0:d8:20:e0:b1:0a:45:5b:9b:a0:be:
                    d5:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:2F:72:92:B7:BF:8E:53:58:08:39:3B:E3:4C:55:82:48:79:6A:99
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/Hi9ykre_jlNYCDk740xVgkh5apk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:3d00::/29
                  2a09:b680::/29
                  2a0d:5ec0::/29
                  2a0f:c582::/32
                  2a10:c340:7000::/36
                  2a11:200:2000::/36
                  2a11:780::/29
                  2a11:b80::/29

    Signature Algorithm: sha256WithRSAEncryption
         79:09:ff:77:c6:7d:de:99:62:49:fc:c8:5f:40:1c:75:6c:2e:
         79:1c:ba:ac:5f:cf:10:40:f0:5b:de:82:df:c8:85:42:18:c7:
         a7:1c:a9:fa:a8:37:db:7d:ca:e9:0c:3e:96:ba:88:20:d8:8e:
         b9:a5:c0:39:28:80:b5:c2:b0:9d:0c:e5:e3:3d:c4:5e:3f:0e:
         33:c6:91:97:b5:f4:1f:b0:09:d5:8d:b9:7c:14:9f:db:d8:b6:
         ec:3e:d3:37:14:a3:f3:67:6f:cd:01:50:d2:f3:10:76:eb:88:
         3a:c9:9a:b4:01:7e:88:b5:98:93:16:50:15:ee:ef:e9:15:f0:
         64:73:39:3f:19:68:24:f2:1b:eb:23:06:ca:94:7d:f4:b4:09:
         e5:7e:fc:a6:27:d1:d2:7e:02:01:33:da:c3:bd:3f:04:ec:34:
         de:90:9e:45:a6:c4:39:81:52:59:da:25:34:c1:05:5e:3d:24:
         7d:92:0b:e8:6c:bf:8c:9a:e4:1e:b8:69:78:62:0b:8f:57:d3:
         17:82:da:12:b6:30:c7:c2:10:4f:7d:3a:47:03:af:40:c0:99:
         d5:76:48:5a:c0:ea:19:a8:fb:d3:a8:ae:07:fd:0a:c6:e8:44:
         d5:d5:b3:81:3e:ff:11:70:69:9a:cd:79:fd:62:7e:db:48:71:
         bd:5b:5a:24
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYuFsucohxq48Cp9oagoY+N7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMxMDMxMTIyNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTJmNzI5MmI3YmY4ZTUzNTgwODM5M2JlMzRjNTU4MjQ4Nzk2YTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIIMW3urE0Zc6u28QD2OpDYOCFh3
Si8DmFPMH2Oc0k9U7Ws+lranUKb+OUA1sgZEljLe71Gl63NzAB3T89v7ZTARRw9r
4b+mz4Z54rlib2SsPRbBZ4sT+ODHTJYDRzKDGqPPQdE9H3XM8yCAS5tRRHe1C6pd
88JxwPdhe5GsXdy4q5LF+BAFoQoMjzSFPFRdgZ2ouhaJs6mvMdVuUYLstYiMK/fm
ROEa57hezqL+OwFTaUNipgl+U2ejFIAHo4CH/z2E/ror+CyFlIX4l4h2wkdb3k0j
FIy9h80QGRYd3wMxEzKJKaA+5vz4gf/Q9MAH844c0Ngg4LEKRVuboL7VAwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFB4vcpK3v45TWAg5O+NMVYJIeWqZMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvSGk5eWtyZV9qbE5ZQ0RrNzQweFZna2g1YXBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAAjA6AwUDKgk9AAMF
AyoJtoADBQMqDV7AAwUAKg/FggMGBCoQw0BwAwYEKhECACADBQMqEQeAAwUDKhEL
gDANBgkqhkiG9w0BAQsFAAOCAQEAeQn/d8Z93pliSfzIX0AcdWwueRy6rF/PEEDw
W96C38iFQhjHpxyp+qg3233K6Qw+lrqIINiOuaXAOSiAtcKwnQzl4z3EXj8OM8aR
l7X0H7AJ1Y25fBSf29i27D7TNxSj82dvzQFQ0vMQduuIOsmatAF+iLWYkxZQFe7v
6RXwZHM5PxloJPIb6yMGypR99LQJ5X78pifR0n4CATPaw70/BOw03pCeRabEOYFS
WdolNMEFXj0kfZIL6Gy/jJrkHrhpeGILj1fTF4LaErYwx8IQT306RwOvQMCZ1XZI
WsDqGaj706iuB/0KxuhE1dWzgT7/EXBpms15/WJ+20hxvVtaJA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:05 2024 by rpki-client on console-fra.rpki-client.org