Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/KQ3iF3hb93Zu7h_AU6YVYb5DuYo.roa
File:                     KQ3iF3hb93Zu7h_AU6YVYb5DuYo.roa (raw, json)
Hash identifier:          iSg6uZ/6XDClTsQ/q6TfeoGomHw7YEMc0l18z0/Pleg=
Subject key identifier:   29:0D:E2:17:78:5B:F7:76:6E:EE:1F:C0:53:A6:15:61:BE:43:B9:8A
Certificate issuer:       /CN=66e92c341e769443fde1d27566044b4b65159060
Certificate serial:       018CC26D7DD374A14E109846F3FAD7624CCB
Authority key identifier: 66:E9:2C:34:1E:76:94:43:FD:E1:D2:75:66:04:4B:4B:65:15:90:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZuksNB52lEP94dJ1ZgRLS2UVkGA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/KQ3iF3hb93Zu7h_AU6YVYb5DuYo.roa
Signing time:             Mon 01 Jan 2024 00:30:04 +0000
ROA not before:           Mon 01 Jan 2024 00:30:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211675
IP address blocks:        2a0d:da06::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 04 Jan 2024 15:24:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:7d:d3:74:a1:4e:10:98:46:f3:fa:d7:62:4c:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66e92c341e769443fde1d27566044b4b65159060
        Validity
            Not Before: Jan  1 00:30:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=290de217785bf7766eee1fc053a61561be43b98a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:c5:9f:cb:a1:69:36:f3:58:64:e8:ec:75:ed:
                    c9:8c:90:cf:fa:4c:b8:4c:6f:7a:0d:dc:46:f3:e0:
                    93:6e:23:f5:22:a9:33:cf:eb:c1:48:1f:6d:cc:a2:
                    77:99:6d:23:83:55:da:31:1c:90:38:5a:5b:50:90:
                    c2:d9:65:42:f6:40:98:06:fd:45:16:4f:70:2d:4e:
                    34:eb:57:8d:28:f4:ef:f0:9d:52:90:4a:de:61:e4:
                    f5:03:03:b2:0e:29:e9:b8:93:08:c6:50:3b:77:26:
                    76:46:73:ba:ee:73:d0:53:b5:e6:31:3f:8b:ab:bc:
                    9b:f9:29:af:18:26:69:94:bb:30:97:50:85:22:fc:
                    7f:a0:b6:7a:b0:9e:79:80:fc:06:38:e9:5a:4c:81:
                    6c:96:54:ca:c5:86:14:84:7b:37:fc:17:56:b1:39:
                    e2:39:65:72:fb:6a:7a:75:63:2e:84:59:fe:7c:b8:
                    0e:a7:43:c4:04:50:a8:62:11:f8:f2:4c:4a:11:a8:
                    ba:e6:90:c4:68:1a:a9:37:36:08:f3:a5:62:32:4a:
                    61:a2:a4:e8:af:08:0a:94:33:d5:67:3b:78:99:ff:
                    38:5d:76:63:b1:4f:57:02:09:97:12:d9:ae:a1:0e:
                    b9:2e:dd:e2:05:c3:40:54:1f:7a:f2:d0:c7:53:4d:
                    28:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:0D:E2:17:78:5B:F7:76:6E:EE:1F:C0:53:A6:15:61:BE:43:B9:8A
            X509v3 Authority Key Identifier:
                keyid:66:E9:2C:34:1E:76:94:43:FD:E1:D2:75:66:04:4B:4B:65:15:90:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZuksNB52lEP94dJ1ZgRLS2UVkGA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/KQ3iF3hb93Zu7h_AU6YVYb5DuYo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/ZuksNB52lEP94dJ1ZgRLS2UVkGA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:da06::/32

    Signature Algorithm: sha256WithRSAEncryption
         74:c4:82:e0:83:0d:94:22:98:4e:cf:e1:b7:8c:7a:5b:97:e6:
         b7:e6:15:7b:3a:d8:b8:bc:47:4c:9a:62:c7:33:b0:f3:5c:fc:
         e0:f3:7a:8a:a9:8c:40:cf:be:57:e2:3d:18:2a:45:5d:88:3c:
         98:b9:17:d7:06:d5:02:bd:41:c6:42:71:40:da:2c:04:d0:99:
         f6:ca:22:96:71:81:e3:a2:a7:6a:97:12:20:1c:0a:6b:b0:cf:
         e9:58:10:a3:05:b4:40:67:15:ca:c7:a4:58:3c:e6:38:2a:36:
         96:0d:1b:33:f2:17:61:3e:c7:32:35:da:29:7c:2a:14:45:75:
         67:be:5b:61:3c:81:24:b1:c5:86:52:29:d5:e6:20:7a:32:8f:
         bb:5d:09:b7:f2:81:36:9c:6c:0e:59:78:06:d3:c2:69:c8:49:
         77:6c:61:4b:16:03:49:48:28:e1:ce:34:a6:44:2b:64:2a:29:
         d9:6f:e3:fe:7a:7d:ce:7d:18:80:5a:cb:b2:b5:63:a0:cb:4d:
         b6:5c:45:55:c5:96:e2:73:4e:5c:b1:5d:8c:c7:bd:ae:84:ac:
         4e:ba:08:78:ce:ff:bb:fb:2e:f5:32:1a:c6:c4:23:f2:c5:73:
         da:5f:ce:22:74:0f:ee:6a:65:28:aa:6e:42:76:19:c1:91:ba:
         56:b2:30:b8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzCbX3TdKFOEJhG8/rXYkzLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZTkyYzM0MWU3Njk0NDNmZGUxZDI3NTY2MDQ0YjRiNjUx
NTkwNjAwHhcNMjQwMTAxMDAzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTBkZTIxNzc4NWJmNzc2NmVlZTFmYzA1M2E2MTU2MWJlNDNiOThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcWfy6FpNvNYZOjsde3JjJDP+ky4
TG96DdxG8+CTbiP1Iqkzz+vBSB9tzKJ3mW0jg1XaMRyQOFpbUJDC2WVC9kCYBv1F
Fk9wLU4061eNKPTv8J1SkEreYeT1AwOyDinpuJMIxlA7dyZ2RnO67nPQU7XmMT+L
q7yb+SmvGCZplLswl1CFIvx/oLZ6sJ55gPwGOOlaTIFsllTKxYYUhHs3/BdWsTni
OWVy+2p6dWMuhFn+fLgOp0PEBFCoYhH48kxKEai65pDEaBqpNzYI86ViMkphoqTo
rwgKlDPVZzt4mf84XXZjsU9XAgmXEtmuoQ65Lt3iBcNAVB968tDHU00ofQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCkN4hd4W/d2bu4fwFOmFWG+Q7mKMB8GA1UdIwQY
MBaAFGbpLDQedpRD/eHSdWYES0tlFZBgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnVrc05CNTJsRVA5NGRKMVpnUkxTMlVWa0dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS84ZjE5NjgtYTc5YS00YTA3LWFjZTYt
YzFkMjk2ZjhmZDA3LzEvS1EzaUYzaGI5M1p1N2hfQVU2WVZZYjVEdVlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS84ZjE5NjgtYTc5YS00YTA3LWFjZTYtYzFkMjk2ZjhmZDA3
LzEvWnVrc05CNTJsRVA5NGRKMVpnUkxTMlVWa0dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg3aBjAN
BgkqhkiG9w0BAQsFAAOCAQEAdMSC4IMNlCKYTs/ht4x6W5fmt+YVezrYuLxHTJpi
xzOw81z84PN6iqmMQM++V+I9GCpFXYg8mLkX1wbVAr1BxkJxQNosBNCZ9soilnGB
46KnapcSIBwKa7DP6VgQowW0QGcVysekWDzmOCo2lg0bM/IXYT7HMjXaKXwqFEV1
Z75bYTyBJLHFhlIp1eYgejKPu10Jt/KBNpxsDll4BtPCachJd2xhSxYDSUgo4c40
pkQrZCop2W/j/np9zn0YgFrLsrVjoMtNtlxFVcWW4nNOXLFdjMe9roSsTroIeM7/
u/su9TIaxsQj8sVz2l/OInQP7mplKKpuQnYZwZG6VrIwuA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:17 2024 by rpki-client on console-ams.rpki-client.org