Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/IesCAUW3fp-iQ6jTysMSx7I4rso.roa
File:                     IesCAUW3fp-iQ6jTysMSx7I4rso.roa (raw, json)
Hash identifier:          jIo7TCwAfJM4Cve92eNudUCs6VOiqw4xGZ/+EGJnoio=
Subject key identifier:   21:EB:02:01:45:B7:7E:9F:A2:43:A8:D3:CA:C3:12:C7:B2:38:AE:CA
Certificate issuer:       /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial:       018F14D096CEE107B303C6DCFE97EF644B00
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/IesCAUW3fp-iQ6jTysMSx7I4rso.roa
Signing time:             Thu 25 Apr 2024 10:32:45 +0000
ROA not before:           Thu 25 Apr 2024 10:32:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215561
IP address blocks:        2a0a:79c0:200::/40 maxlen: 128
                          2a0a:79c7:f000::/38 maxlen: 128
                          2a0a:79c7:f400::/38 maxlen: 128
                          2a0a:79c7:f800::/38 maxlen: 128
                          2a0a:79c7:fe00::/40 maxlen: 48

Validation:               Failed, certificate revoked on Thu 23 May 2024 14:53:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:14:d0:96:ce:e1:07:b3:03:c6:dc:fe:97:ef:64:4b:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
        Validity
            Not Before: Apr 25 10:32:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=21eb020145b77e9fa243a8d3cac312c7b238aeca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:fe:0e:c2:0a:c6:1d:dd:19:73:bf:e6:31:bb:
                    9d:14:6d:23:61:ef:51:5e:7f:fe:93:ab:19:74:af:
                    8c:d5:e4:23:d2:0f:14:4b:fd:36:29:b2:e3:47:2a:
                    e3:16:85:79:f5:ce:10:12:fe:bf:25:23:be:07:cd:
                    86:81:a4:73:68:32:91:ea:f0:0f:15:ac:b0:e9:e4:
                    23:e3:06:1c:d6:61:9b:1a:76:9a:44:3f:5b:3c:0c:
                    82:8a:73:1b:04:d0:0a:eb:8f:ed:72:41:73:40:28:
                    95:06:78:60:f7:d0:98:85:14:a3:64:1a:39:64:aa:
                    c7:5a:ee:90:ac:dd:bc:8d:28:bb:dd:92:24:08:42:
                    d5:fc:19:03:31:10:c7:39:cb:ac:53:0e:00:ec:3b:
                    f3:99:e6:9b:4f:00:74:e0:b3:00:76:f4:9b:4a:ed:
                    f4:19:b2:20:82:39:2f:21:fc:db:63:ed:a3:3c:bd:
                    36:4e:d8:05:76:81:cd:db:8b:a1:6d:e5:2c:b9:78:
                    04:ae:3e:84:d2:71:97:dd:ae:f2:99:39:bc:4e:75:
                    46:d3:d1:0b:03:93:84:9a:5b:00:da:6d:fc:aa:b9:
                    d0:fd:47:76:a5:0e:25:2f:2c:99:0f:a2:a7:17:80:
                    8b:e8:dc:e3:96:e8:7c:21:c7:48:62:cf:ba:cd:b4:
                    a9:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:EB:02:01:45:B7:7E:9F:A2:43:A8:D3:CA:C3:12:C7:B2:38:AE:CA
            X509v3 Authority Key Identifier:
                keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/IesCAUW3fp-iQ6jTysMSx7I4rso.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:79c0:200::/40
                  2a0a:79c7:f000::-2a0a:79c7:fbff:ffff:ffff:ffff:ffff:ffff
                  2a0a:79c7:fe00::/40

    Signature Algorithm: sha256WithRSAEncryption
         55:cb:ec:06:c5:5f:b3:4b:64:20:b1:f8:26:9a:84:95:1e:ea:
         87:8c:4f:1f:50:22:09:2a:c2:92:b4:65:16:c0:a9:cf:24:01:
         e1:47:c5:b1:94:d1:50:5c:1f:dc:90:2d:bb:13:bb:06:d4:54:
         30:e5:b8:90:cb:02:47:c2:ce:44:b3:1d:2e:b5:c2:58:17:77:
         4d:8e:ff:39:7f:60:db:1a:7d:b1:55:c6:0e:95:30:bf:a1:e4:
         74:ff:dd:9f:a4:8c:bf:a3:15:e1:d5:f9:0d:35:a6:ab:1b:ce:
         c3:95:a6:32:d2:cc:f3:67:e9:2a:d9:19:29:54:0b:58:58:b4:
         0b:7b:34:c3:a0:ff:eb:ba:64:45:59:26:61:73:33:29:27:62:
         36:9f:ad:e2:4c:5b:41:ae:10:96:c2:9e:c7:3a:a8:66:0a:3b:
         56:a7:8f:31:75:31:db:84:35:f7:dd:51:3d:e0:46:96:9b:3b:
         67:c4:5d:75:0e:fa:3a:14:1a:36:45:d5:d0:1c:e9:83:48:d2:
         d9:b3:b9:f2:af:59:cb:0e:00:2b:49:61:05:7d:9d:3e:c6:03:
         ed:11:3b:8b:1c:2c:87:d5:0b:d2:c9:c6:12:71:8e:85:a5:57:
         5b:c8:71:ac:62:3e:8f:55:d7:f7:51:33:74:25:97:ff:c7:26:
         02:5b:99:15
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY8U0JbO4QezA8bc/pfvZEsAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjQwNDI1MTAzMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWViMDIwMTQ1Yjc3ZTlmYTI0M2E4ZDNjYWMzMTJjN2IyMzhhZWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhP4OwgrGHd0Zc7/mMbudFG0jYe9R
Xn/+k6sZdK+M1eQj0g8US/02KbLjRyrjFoV59c4QEv6/JSO+B82GgaRzaDKR6vAP
Fayw6eQj4wYc1mGbGnaaRD9bPAyCinMbBNAK64/tckFzQCiVBnhg99CYhRSjZBo5
ZKrHWu6QrN28jSi73ZIkCELV/BkDMRDHOcusUw4A7DvzmeabTwB04LMAdvSbSu30
GbIggjkvIfzbY+2jPL02TtgFdoHN24uhbeUsuXgErj6E0nGX3a7ymTm8TnVG09EL
A5OEmlsA2m38qrnQ/Ud2pQ4lLyyZD6KnF4CL6Nzjluh8IcdIYs+6zbSp5QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCHrAgFFt36fokOo08rDEseyOK7KMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvSWVzQ0FVVzNmcC1pUTZqVHlzTVN4N0k0cnNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAAjAiAwYAKgp5wAIw
EAMGBCoKecfwAwYCKgp5x/gDBgAqCnnH/jANBgkqhkiG9w0BAQsFAAOCAQEAVcvs
BsVfs0tkILH4JpqElR7qh4xPH1AiCSrCkrRlFsCpzyQB4UfFsZTRUFwf3JAtuxO7
BtRUMOW4kMsCR8LORLMdLrXCWBd3TY7/OX9g2xp9sVXGDpUwv6HkdP/dn6SMv6MV
4dX5DTWmqxvOw5WmMtLM82fpKtkZKVQLWFi0C3s0w6D/67pkRVkmYXMzKSdiNp+t
4kxbQa4QlsKexzqoZgo7VqePMXUx24Q1991RPeBGlps7Z8RddQ76OhQaNkXV0Bzp
g0jS2bO58q9Zyw4AK0lhBX2dPsYD7RE7ixwsh9UL0snGEnGOhaVXW8hxrGI+j1XX
91EzdCWX/8cmAluZFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:40 2024 by rpki-client on console-ams.rpki-client.org