Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/1-3yZ13QVhtKdmokYqkRYdbnjNoI.roa
File:                     1-3yZ13QVhtKdmokYqkRYdbnjNoI.roa (raw, json)
Hash identifier:          5SV/RtJlvk3PGdNdjPPi/5t3uGaINnLr1OvDngdwDeU=
Subject key identifier:   FB:7C:99:D7:74:15:86:D2:9D:9A:89:18:AA:44:58:75:B9:E3:36:82
Certificate issuer:       /CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Certificate serial:       01856F42A9EA40FF39F83AA4209B3B9D3F58
Authority key identifier: BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/1-3yZ13QVhtKdmokYqkRYdbnjNoI.roa
Signing time:             Sun 01 Jan 2023 21:35:17 +0000
ROA not before:           Sun 01 Jan 2023 21:35:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208970
IP address blocks:        2a09:e440:100::/40 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:a9:ea:40:ff:39:f8:3a:a4:20:9b:3b:9d:3f:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba60a4d874d9601c8142c352f80c56a43276cd47
        Validity
            Not Before: Jan  1 21:35:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fb7c99d7741586d29d9a8918aa445875b9e33682
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:05:c8:44:a6:b4:ad:36:cb:e4:09:cc:a7:ee:
                    ef:61:7f:80:8f:2f:1f:6d:4e:79:f1:89:4d:08:1a:
                    3e:ea:c4:f9:c8:bb:af:a5:b8:91:1c:1d:3e:33:e0:
                    69:da:a6:22:9c:92:35:53:98:d7:c2:b3:19:9b:45:
                    fd:95:2f:ea:c0:0c:57:ee:11:46:c3:21:5e:00:05:
                    69:54:00:c5:68:18:b6:80:b4:1b:6d:03:6d:d4:ee:
                    e9:33:f6:c1:bc:19:15:50:26:91:59:08:6d:43:c8:
                    08:f7:bf:ad:e0:92:97:8c:92:0b:a5:be:e1:10:5c:
                    ba:58:c2:8c:e9:f9:9a:4e:9e:3f:aa:c8:35:e8:14:
                    30:56:f6:ca:f7:85:6c:38:cd:7b:8b:74:34:6d:ba:
                    7f:e9:d6:ae:24:6b:7a:ae:fb:28:bb:1b:76:7b:5c:
                    25:9f:bc:f3:27:7f:6e:c2:82:58:6a:c9:c9:97:03:
                    a5:0a:cc:04:d1:fb:90:bd:1d:38:c1:20:78:68:16:
                    61:8e:99:a0:7c:57:7b:4c:87:b6:cc:b4:6a:6f:b2:
                    fb:ee:6e:b1:35:c0:98:67:8a:3a:1e:66:0a:45:16:
                    82:f6:7c:82:a8:f1:5f:34:a6:8b:fb:26:0d:85:bb:
                    11:10:15:32:3c:9a:5f:0d:52:fc:a9:e0:c0:93:64:
                    42:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:7C:99:D7:74:15:86:D2:9D:9A:89:18:AA:44:58:75:B9:E3:36:82
            X509v3 Authority Key Identifier:
                keyid:BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/1-3yZ13QVhtKdmokYqkRYdbnjNoI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:e440:100::/40

    Signature Algorithm: sha256WithRSAEncryption
         30:b3:7a:cb:e5:fe:d3:b7:07:94:fc:9a:54:a4:3a:61:97:10:
         17:da:04:34:d2:2a:e3:a1:c1:eb:fa:5b:d7:72:69:25:4f:33:
         12:42:35:1f:7c:da:d7:aa:df:30:0e:ed:e8:09:f3:16:7b:33:
         85:47:12:67:18:68:4c:3c:de:ce:b4:a2:c6:df:f9:00:17:85:
         25:32:6f:50:da:8d:11:eb:3e:8f:80:8b:69:4d:56:48:2a:76:
         f5:33:93:a5:00:33:4f:5a:73:35:74:ad:6d:1e:d8:79:be:20:
         a5:ed:bd:c8:3d:e1:c4:13:48:28:12:ad:79:d8:79:a9:18:e9:
         12:79:84:c6:96:20:11:3a:81:b6:b4:57:0f:ac:d5:e0:5e:ca:
         02:55:1e:ed:21:a8:3b:9e:be:73:c8:99:2e:ee:32:fb:79:ea:
         0b:35:82:dc:a5:a3:17:da:11:8f:a9:af:40:d2:e0:02:09:c5:
         56:09:66:1e:79:61:95:84:f6:c1:49:0b:2a:e7:96:bd:36:78:
         44:1f:8e:62:d3:0f:53:0f:d0:11:47:00:5d:92:31:88:bc:34:
         8a:9f:6f:02:30:6e:2f:b1:b2:47:cd:6f:fc:bb:00:7a:d4:01:
         5e:24:ce:15:c2:27:0d:3f:6a:1b:e1:f0:f6:cc:00:46:e6:30:
         22:cd:9c:16
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQqnqQP85+DqkIJs7nT9YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNjBhNGQ4NzRkOTYwMWM4MTQyYzM1MmY4MGM1NmE0MzI3
NmNkNDcwHhcNMjMwMTAxMjEzNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjdjOTlkNzc0MTU4NmQyOWQ5YTg5MThhYTQ0NTg3NWI5ZTMzNjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAXIRKa0rTbL5AnMp+7vYX+Ajy8f
bU558YlNCBo+6sT5yLuvpbiRHB0+M+Bp2qYinJI1U5jXwrMZm0X9lS/qwAxX7hFG
wyFeAAVpVADFaBi2gLQbbQNt1O7pM/bBvBkVUCaRWQhtQ8gI97+t4JKXjJILpb7h
EFy6WMKM6fmaTp4/qsg16BQwVvbK94VsOM17i3Q0bbp/6dauJGt6rvsouxt2e1wl
n7zzJ39uwoJYasnJlwOlCswE0fuQvR04wSB4aBZhjpmgfFd7TIe2zLRqb7L77m6x
NcCYZ4o6HmYKRRaC9nyCqPFfNKaL+yYNhbsREBUyPJpfDVL8qeDAk2RCNwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPt8mdd0FYbSnZqJGKpEWHW54zaCMB8GA1UdIwQY
MBaAFLpgpNh02WAcgULDUvgMVqQyds1HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWIt
ZTVhMzc3OGJlM2FkLzEvMS0zeVoxM1FWaHRLZG1va1lxa1JZZGJuak5vSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvMjhjYjVjLTI5OGYtNGQ4Yi04MTViLWU1YTM3NzhiZTNh
ZC8xL3VtQ2sySFRaWUJ5QlFzTlMtQXhXcERKMnpVYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoJ5EAB
MA0GCSqGSIb3DQEBCwUAA4IBAQAws3rL5f7TtweU/JpUpDphlxAX2gQ00irjocHr
+lvXcmklTzMSQjUffNrXqt8wDu3oCfMWezOFRxJnGGhMPN7OtKLG3/kAF4UlMm9Q
2o0R6z6PgItpTVZIKnb1M5OlADNPWnM1dK1tHth5viCl7b3IPeHEE0goEq152Hmp
GOkSeYTGliAROoG2tFcPrNXgXsoCVR7tIag7nr5zyJku7jL7eeoLNYLcpaMX2hGP
qa9A0uACCcVWCWYeeWGVhPbBSQsq55a9NnhEH45i0w9TD9ARRwBdkjGIvDSKn28C
MG4vsbJHzW/8uwB61AFeJM4VwicNP2ob4fD2zABG5jAizZwW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:08 2024 by rpki-client on console-fra.rpki-client.org