Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/c983aa-b61e-4ed8-8e81-bc1e55c69755/1/ChtNVdFzVH79HnpQsfJUXulz9Ho.roa
File:                     ChtNVdFzVH79HnpQsfJUXulz9Ho.roa (raw, json)
Hash identifier:          zmkehcWdwj4oVK4LNg45sMfCfyYf34kIE7WpZmsQ3Cc=
Subject key identifier:   0A:1B:4D:55:D1:73:54:7E:FD:1E:7A:50:B1:F2:54:5E:E9:73:F4:7A
Certificate issuer:       /CN=0a23e2f0b064087fd84f048b1fa9997023d599e1
Certificate serial:       01857321C91D568E370DAE9DA67FA7A991D2
Authority key identifier: 0A:23:E2:F0:B0:64:08:7F:D8:4F:04:8B:1F:A9:99:70:23:D5:99:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CiPi8LBkCH_YTwSLH6mZcCPVmeE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/c983aa-b61e-4ed8-8e81-bc1e55c69755/1/ChtNVdFzVH79HnpQsfJUXulz9Ho.roa
Signing time:             Mon 02 Jan 2023 15:37:51 +0000
ROA not before:           Mon 02 Jan 2023 15:37:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208272
IP address blocks:        2a0b:7980::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:21:c9:1d:56:8e:37:0d:ae:9d:a6:7f:a7:a9:91:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0a23e2f0b064087fd84f048b1fa9997023d599e1
        Validity
            Not Before: Jan  2 15:37:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0a1b4d55d173547efd1e7a50b1f2545ee973f47a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:e0:9d:3c:87:45:c2:0d:ad:ee:03:35:1b:12:
                    c0:a9:88:f7:24:0c:9a:a2:4f:db:b2:38:5d:63:ea:
                    f5:a2:28:c0:a1:98:7d:83:60:af:a3:bd:34:49:70:
                    5d:40:c7:30:77:a0:9b:a3:bb:aa:d0:fd:97:3b:d3:
                    51:63:12:08:4c:df:d4:85:81:9f:b8:a3:02:5a:6f:
                    6b:b6:0a:21:38:4d:57:75:46:4f:60:d1:bc:9f:c5:
                    91:cf:b9:2b:ff:13:86:3e:79:78:dc:d8:b2:4f:01:
                    b0:3d:81:58:d0:14:c3:17:fb:5b:ba:ee:6c:dc:76:
                    c1:0b:6b:ef:e6:86:ee:0d:3c:b0:1b:58:68:7a:ab:
                    b4:e7:b7:41:f5:57:aa:32:8f:13:2c:c1:47:f0:5a:
                    12:17:50:93:3f:2a:c3:ae:52:d1:64:03:7e:4e:46:
                    88:6a:ff:33:55:6a:59:ec:a1:85:3e:4b:90:c9:dc:
                    16:e9:be:1b:f5:ae:ec:76:29:ad:ee:d8:0d:3d:58:
                    0a:4d:1c:ab:54:2d:49:2c:db:d9:ff:0e:cc:63:6c:
                    f8:e8:0f:2a:2b:b7:e9:19:37:da:e0:5f:32:38:50:
                    a7:0c:7b:aa:9f:5b:fd:7d:e5:b9:9b:c8:c4:88:4e:
                    e3:6c:33:bb:5f:27:8f:1d:dc:a6:7b:e3:56:ff:bd:
                    45:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:1B:4D:55:D1:73:54:7E:FD:1E:7A:50:B1:F2:54:5E:E9:73:F4:7A
            X509v3 Authority Key Identifier:
                keyid:0A:23:E2:F0:B0:64:08:7F:D8:4F:04:8B:1F:A9:99:70:23:D5:99:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CiPi8LBkCH_YTwSLH6mZcCPVmeE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/c983aa-b61e-4ed8-8e81-bc1e55c69755/1/ChtNVdFzVH79HnpQsfJUXulz9Ho.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/c983aa-b61e-4ed8-8e81-bc1e55c69755/1/CiPi8LBkCH_YTwSLH6mZcCPVmeE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:7980::/29

    Signature Algorithm: sha256WithRSAEncryption
         54:2e:bf:dd:ee:76:6a:c3:53:60:24:da:4f:f0:55:5a:b4:b8:
         aa:1a:29:47:c3:e7:7e:83:af:5c:76:cb:60:c4:48:74:d6:26:
         30:87:76:4d:55:e2:8c:2a:48:90:f8:ee:36:ec:17:4c:6d:50:
         78:5e:26:fb:53:d9:76:23:66:89:e1:9a:2c:74:6b:cd:66:c0:
         8f:4b:b9:24:89:4e:29:58:8e:a9:bc:56:92:42:d0:54:6a:4e:
         4c:8d:e8:3a:f4:d0:14:cc:8d:b9:fd:da:2d:37:58:95:22:44:
         6a:1e:99:08:60:c8:f7:c0:c6:f2:8e:8f:73:2b:bf:d3:cd:ea:
         0b:a8:af:e1:4f:7f:62:24:7e:19:0f:26:80:88:de:68:16:33:
         5c:e7:7b:9f:5e:a9:2c:92:ec:f9:96:2f:fb:b6:75:3d:33:ab:
         b7:7c:3f:45:14:01:42:d0:26:20:ce:98:6e:f3:88:77:7e:8a:
         4d:ec:67:b4:a5:10:a8:c0:13:9b:59:69:21:4c:29:99:a7:09:
         b4:26:e4:54:3b:02:c6:e0:52:76:fc:47:5a:5f:af:4b:7d:95:
         89:41:c3:16:71:c9:0f:1c:94:d2:d1:3d:2f:0e:e9:d6:8a:7f:
         d0:a2:12:49:1c:8c:b2:4b:44:d1:07:cd:e5:6e:77:d8:df:4c:
         d7:d8:72:7b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVzIckdVo43Da6dpn+nqZHSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMjNlMmYwYjA2NDA4N2ZkODRmMDQ4YjFmYTk5OTcwMjNk
NTk5ZTEwHhcNMjMwMTAyMTUzNzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTFiNGQ1NWQxNzM1NDdlZmQxZTdhNTBiMWYyNTQ1ZWU5NzNmNDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguCdPIdFwg2t7gM1GxLAqYj3JAya
ok/bsjhdY+r1oijAoZh9g2Cvo700SXBdQMcwd6Cbo7uq0P2XO9NRYxIITN/UhYGf
uKMCWm9rtgohOE1XdUZPYNG8n8WRz7kr/xOGPnl43NiyTwGwPYFY0BTDF/tbuu5s
3HbBC2vv5obuDTywG1hoequ057dB9VeqMo8TLMFH8FoSF1CTPyrDrlLRZAN+TkaI
av8zVWpZ7KGFPkuQydwW6b4b9a7sdimt7tgNPVgKTRyrVC1JLNvZ/w7MY2z46A8q
K7fpGTfa4F8yOFCnDHuqn1v9feW5m8jEiE7jbDO7XyePHdyme+NW/71FWQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAobTVXRc1R+/R56ULHyVF7pc/R6MB8GA1UdIwQY
MBaAFAoj4vCwZAh/2E8Eix+pmXAj1ZnhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2lQaThMQmtDSF9ZVHdTTEg2bVpjQ1BWbWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9jOTgzYWEtYjYxZS00ZWQ4LThlODEt
YmMxZTU1YzY5NzU1LzEvQ2h0TlZkRnpWSDc5SG5wUXNmSlVYdWx6OUhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9jOTgzYWEtYjYxZS00ZWQ4LThlODEtYmMxZTU1YzY5NzU1
LzEvQ2lQaThMQmtDSF9ZVHdTTEg2bVpjQ1BWbWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgt5gDAN
BgkqhkiG9w0BAQsFAAOCAQEAVC6/3e52asNTYCTaT/BVWrS4qhopR8PnfoOvXHbL
YMRIdNYmMId2TVXijCpIkPjuNuwXTG1QeF4m+1PZdiNmieGaLHRrzWbAj0u5JIlO
KViOqbxWkkLQVGpOTI3oOvTQFMyNuf3aLTdYlSJEah6ZCGDI98DG8o6Pcyu/083q
C6iv4U9/YiR+GQ8mgIjeaBYzXOd7n16pLJLs+ZYv+7Z1PTOrt3w/RRQBQtAmIM6Y
bvOId36KTexntKUQqMATm1lpIUwpmacJtCbkVDsCxuBSdvxHWl+vS32ViUHDFnHJ
DxyU0tE9Lw7p1op/0KISSRyMsktE0QfN5W532N9M19hyew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:13 2024 by rpki-client on console-fra.rpki-client.org