Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/ew0y9WWcjQjFz3WBCQ1urSpvtE4.roa
File:                     ew0y9WWcjQjFz3WBCQ1urSpvtE4.roa (raw, json)
Hash identifier:          0ynWtS13yM1+BPUB9L+RCBMgegIPA4jJe9KaEOegFjk=
Subject key identifier:   7B:0D:32:F5:65:9C:8D:08:C5:CF:75:81:09:0D:6E:AD:2A:6F:B4:4E
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       01856FF971CDDAC443A64B4AAEB4931755F8
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/ew0y9WWcjQjFz3WBCQ1urSpvtE4.roa
Signing time:             Mon 02 Jan 2023 00:54:56 +0000
ROA not before:           Mon 02 Jan 2023 00:54:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203629
IP address blocks:        2a0f:cf84::/30 maxlen: 30
                          2a09:3800::/30 maxlen: 30
                          2a0b:ab04::/30 maxlen: 30
                          2a09:3b04::/30 maxlen: 30
                          2a0c:e8c4::/30 maxlen: 30
                          2a0a:2880::/30 maxlen: 30
                          2a09:3804::/30 maxlen: 30
                          2a0a:2884::/30 maxlen: 30
                          2a10:d8c4::/30 maxlen: 30
                          2a0d:2e44::/30 maxlen: 30

Validation:               Failed, certificate revoked on Mon 08 May 2023 17:54:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f9:71:cd:da:c4:43:a6:4b:4a:ae:b4:93:17:55:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Jan  2 00:54:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7b0d32f5659c8d08c5cf7581090d6ead2a6fb44e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:f9:96:d4:05:07:c7:e4:1a:a8:24:35:2d:bd:
                    0b:c9:f2:0e:9f:b2:45:78:a2:f4:6b:96:14:68:5c:
                    c0:6b:86:80:17:9a:cc:f1:cf:97:01:23:00:82:d9:
                    1d:69:f9:08:84:9f:13:9a:1d:31:0d:da:50:6e:33:
                    23:8f:de:2b:da:c8:48:a2:e4:33:0b:ba:07:b2:11:
                    04:89:c4:b5:17:59:8b:b5:fc:6d:8a:cd:30:81:20:
                    a8:81:ef:b0:08:15:c6:75:e5:e8:a4:b4:e8:df:2b:
                    aa:b4:71:6d:76:63:10:e4:74:93:3c:56:32:d2:c9:
                    fe:a1:4d:d8:3a:3e:93:29:68:bd:21:8b:01:20:58:
                    f3:a5:3e:16:93:40:a6:f5:00:1f:50:b8:70:6a:7a:
                    05:8b:e6:71:0c:ad:49:74:84:74:b0:f3:da:87:46:
                    14:ae:4f:cb:66:ff:8d:86:8d:53:79:b7:8e:08:eb:
                    05:24:9d:9e:73:54:1a:bd:bb:ba:72:24:cf:d1:52:
                    a7:c6:35:56:19:13:ae:1c:13:2d:3f:8e:68:c7:dc:
                    23:88:ea:cd:0b:9e:b4:8b:c0:93:b8:16:cd:83:b4:
                    5c:ea:05:25:6a:79:36:94:a8:ca:af:77:d4:60:33:
                    91:31:e7:14:a3:24:b6:65:58:71:c8:27:f9:d0:4f:
                    c9:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:0D:32:F5:65:9C:8D:08:C5:CF:75:81:09:0D:6E:AD:2A:6F:B4:4E
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/ew0y9WWcjQjFz3WBCQ1urSpvtE4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:3800::/29
                  2a09:3b04::/30
                  2a0a:2880::/29
                  2a0b:ab04::/30
                  2a0c:e8c4::/30
                  2a0d:2e44::/30
                  2a0f:cf84::/30
                  2a10:d8c4::/30

    Signature Algorithm: sha256WithRSAEncryption
         06:0a:bb:cb:26:2d:93:9f:06:e0:ac:53:17:3c:65:a8:16:0b:
         ea:09:12:2c:02:cc:0a:6c:c7:7d:b7:e8:91:f2:b4:0f:71:83:
         07:7e:4c:fc:32:75:a1:eb:fc:e3:be:83:cf:76:13:9c:d8:4e:
         53:cc:1e:fd:41:3d:0c:f7:eb:12:cf:7c:9f:dd:0f:fe:ea:18:
         53:de:69:a7:2b:c6:ab:87:b4:4c:ea:c5:fe:3a:7a:52:c9:4f:
         9c:da:54:79:73:8f:45:33:43:08:07:ef:35:18:44:78:95:c3:
         91:54:a7:19:bb:d1:b3:89:ca:8e:96:b6:49:85:92:6d:42:93:
         c7:51:b4:da:d6:d8:96:9d:c3:0e:03:53:e0:58:2c:42:01:29:
         83:a2:7c:50:b7:47:b7:72:00:74:e8:be:6f:63:cf:90:47:72:
         cf:1c:8d:0d:0c:32:03:d3:80:79:ff:07:58:a0:0a:e9:32:20:
         1d:54:fa:6d:d2:44:dc:76:e0:27:d4:5c:5e:77:5c:9b:81:07:
         e0:9b:78:01:a6:c8:66:4b:82:7b:fb:22:4d:b8:c4:c8:db:f3:
         81:ad:53:f5:08:53:92:b0:34:ba:9c:18:2a:16:9f:5f:52:57:
         80:cb:a5:86:98:c0:76:42:29:45:d7:43:88:90:47:26:1b:30:
         bd:3d:b4:46
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYVv+XHN2sRDpktKrrSTF1X4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwMTAyMDA1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjBkMzJmNTY1OWM4ZDA4YzVjZjc1ODEwOTBkNmVhZDJhNmZiNDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/mW1AUHx+QaqCQ1Lb0LyfIOn7JF
eKL0a5YUaFzAa4aAF5rM8c+XASMAgtkdafkIhJ8Tmh0xDdpQbjMjj94r2shIouQz
C7oHshEEicS1F1mLtfxtis0wgSCoge+wCBXGdeXopLTo3yuqtHFtdmMQ5HSTPFYy
0sn+oU3YOj6TKWi9IYsBIFjzpT4Wk0Cm9QAfULhwanoFi+ZxDK1JdIR0sPPah0YU
rk/LZv+Nho1TebeOCOsFJJ2ec1Qavbu6ciTP0VKnxjVWGROuHBMtP45ox9wjiOrN
C560i8CTuBbNg7Rc6gUlank2lKjKr3fUYDORMecUoyS2ZVhxyCf50E/JOQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFHsNMvVlnI0Ixc91gQkNbq0qb7ROMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvZXcweTlXV2NqUWpGejNXQkNRMXVyU3B2dEU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKgk4AAMF
AioJOwQDBQMqCiiAAwUCKgurBAMFAioM6MQDBQIqDS5EAwUCKg/PhAMFAioQ2MQw
DQYJKoZIhvcNAQELBQADggEBAAYKu8smLZOfBuCsUxc8ZagWC+oJEiwCzApsx323
6JHytA9xgwd+TPwydaHr/OO+g892E5zYTlPMHv1BPQz36xLPfJ/dD/7qGFPeaacr
xquHtEzqxf46elLJT5zaVHlzj0UzQwgH7zUYRHiVw5FUpxm70bOJyo6WtkmFkm1C
k8dRtNrW2Jadww4DU+BYLEIBKYOifFC3R7dyAHTovm9jz5BHcs8cjQ0MMgPTgHn/
B1igCukyIB1U+m3SRNx24CfUXF53XJuBB+CbeAGmyGZLgnv7Ik24xMjb84GtU/UI
U5KwNLqcGCoWn19SV4DLpYaYwHZCKUXXQ4iQRyYbML09tEY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:58 2024 by rpki-client on console-ams.rpki-client.org