Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/AO-9CY1AENup7UX_oCgc1IOaLa0.roa
File:                     AO-9CY1AENup7UX_oCgc1IOaLa0.roa (raw, json)
Hash identifier:          wPeXyqdJptpdsfkWVC/8bgkyong9k44bXU9kCBhYwpg=
Subject key identifier:   00:EF:BD:09:8D:40:10:DB:A9:ED:45:FF:A0:28:1C:D4:83:9A:2D:AD
Certificate issuer:       /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial:       018571C327A3D14565A3E3A80354526C303F
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/AO-9CY1AENup7UX_oCgc1IOaLa0.roa
Signing time:             Mon 02 Jan 2023 09:14:53 +0000
ROA not before:           Mon 02 Jan 2023 09:14:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210286
IP address blocks:        2a06:e881:9000::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:c3:27:a3:d1:45:65:a3:e3:a8:03:54:52:6c:30:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
        Validity
            Not Before: Jan  2 09:14:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=00efbd098d4010dba9ed45ffa0281cd4839a2dad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:40:72:f2:f4:e3:82:fe:68:c1:c4:6f:fd:ea:
                    90:a2:56:80:17:b4:09:50:a3:f8:ae:8d:c2:94:13:
                    5e:aa:2f:5f:d9:a8:94:f9:22:91:1c:74:12:6c:90:
                    89:01:b6:6d:e6:0a:81:a5:65:00:b8:c2:50:3b:57:
                    a9:73:6d:8b:7a:ff:82:6b:e5:82:78:1e:ae:bd:3c:
                    d4:4c:94:d1:64:f3:53:63:9f:26:37:85:47:73:1c:
                    27:d4:81:52:96:dd:aa:55:58:33:a5:cd:ae:64:92:
                    32:84:ef:7a:89:01:6e:85:d9:b2:50:c4:ab:fd:e3:
                    70:09:0d:33:0f:52:ec:98:63:3c:f5:b5:b8:c1:5b:
                    3b:fa:00:52:8e:46:af:15:65:82:82:19:69:d1:26:
                    ab:1c:4e:02:8e:bb:73:65:3b:5f:ca:f4:a1:77:55:
                    0e:44:bc:8d:99:29:b9:51:02:32:d9:82:af:0f:ee:
                    dc:0a:b2:fd:57:75:d4:27:9d:84:0b:23:41:29:61:
                    bf:a2:73:6f:8b:7c:9e:4f:7a:82:cb:19:d5:a0:14:
                    08:c0:cd:53:0c:3f:40:05:3b:03:4b:32:2f:20:5f:
                    66:0b:5d:e0:73:d2:34:10:37:aa:57:88:63:6e:d5:
                    7e:bf:b0:2c:78:59:f3:37:9d:dc:c8:85:19:84:a1:
                    61:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:EF:BD:09:8D:40:10:DB:A9:ED:45:FF:A0:28:1C:D4:83:9A:2D:AD
            X509v3 Authority Key Identifier:
                keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/AO-9CY1AENup7UX_oCgc1IOaLa0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:e881:9000::/44

    Signature Algorithm: sha256WithRSAEncryption
         45:79:40:98:3d:90:f7:47:0c:43:bd:4d:39:26:e8:91:fd:72:
         83:ad:05:ef:1e:4a:5c:09:57:b4:68:a9:c0:bb:21:95:21:58:
         a8:34:ba:62:7d:f3:07:70:91:bb:14:7b:f3:a2:de:19:85:5e:
         06:bd:e9:07:13:6c:76:fb:cd:53:43:09:49:11:f5:b6:57:9b:
         dd:1c:15:7a:50:85:f7:33:ac:3e:19:f4:28:a9:ef:6c:55:72:
         82:71:3d:8b:56:ed:ca:23:35:5a:d8:a9:36:e5:3b:5f:d9:26:
         f3:45:a9:0f:10:c9:bd:3e:ec:25:89:df:b7:bc:6c:7f:35:33:
         5e:6b:99:47:7d:d0:7b:82:bf:e5:81:22:27:eb:05:a2:aa:c4:
         c3:63:a7:29:df:4f:09:1b:ce:33:17:b0:ee:60:44:0d:e9:1c:
         47:ee:8a:e9:66:6a:c4:72:2c:3e:3c:b3:0f:07:8a:43:97:a0:
         bd:05:80:ca:2c:c6:2e:2b:fa:4d:37:5c:2a:b4:b8:dd:8f:93:
         3e:9a:6e:57:d0:ca:5c:51:76:ab:c1:7e:12:88:9e:15:24:c2:
         7f:82:50:19:41:b8:7b:aa:7c:89:07:9a:32:b3:e0:14:f6:a4:
         f1:c9:c3:ec:e5:bd:6d:a4:56:3a:3c:3d:ef:26:0c:d0:c8:d1:
         ed:64:73:ef
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxwyej0UVlo+OoA1RSbDA/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjMwMTAyMDkxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGVmYmQwOThkNDAxMGRiYTllZDQ1ZmZhMDI4MWNkNDgzOWEyZGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUBy8vTjgv5owcRv/eqQolaAF7QJ
UKP4ro3ClBNeqi9f2aiU+SKRHHQSbJCJAbZt5gqBpWUAuMJQO1epc22Lev+Ca+WC
eB6uvTzUTJTRZPNTY58mN4VHcxwn1IFSlt2qVVgzpc2uZJIyhO96iQFuhdmyUMSr
/eNwCQ0zD1LsmGM89bW4wVs7+gBSjkavFWWCghlp0SarHE4CjrtzZTtfyvShd1UO
RLyNmSm5UQIy2YKvD+7cCrL9V3XUJ52ECyNBKWG/onNvi3yeT3qCyxnVoBQIwM1T
DD9ABTsDSzIvIF9mC13gc9I0EDeqV4hjbtV+v7AseFnzN53cyIUZhKFh1QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFADvvQmNQBDbqe1F/6AoHNSDmi2tMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvQU8tOUNZMUFFTnVwN1VYX29DZ2MxSU9hTGEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgbogZAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBFeUCYPZD3RwxDvU05JuiR/XKDrQXvHkpcCVe0
aKnAuyGVIVioNLpiffMHcJG7FHvzot4ZhV4GvekHE2x2+81TQwlJEfW2V5vdHBV6
UIX3M6w+GfQoqe9sVXKCcT2LVu3KIzVa2Kk25Ttf2SbzRakPEMm9Puwlid+3vGx/
NTNea5lHfdB7gr/lgSIn6wWiqsTDY6cp308JG84zF7DuYEQN6RxH7orpZmrEciw+
PLMPB4pDl6C9BYDKLMYuK/pNN1wqtLjdj5M+mm5X0MpcUXarwX4SiJ4VJMJ/glAZ
Qbh7qnyJB5oys+AU9qTxycPs5b1tpFY6PD3vJgzQyNHtZHPv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:38 2024 by rpki-client on console-fra.rpki-client.org