Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/MIICuiqwvI5HyQZ5xzhLWtGA7Eg.roa
File:                     MIICuiqwvI5HyQZ5xzhLWtGA7Eg.roa (raw, json)
Hash identifier:          L+CntEYEba0yrSuRRNG048Og3V+LAMhKDpvX9QrkueA=
Subject key identifier:   30:82:02:BA:2A:B0:BC:8E:47:C9:06:79:C7:38:4B:5A:D1:80:EC:48
Certificate issuer:       /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial:       018EFC7C9CA72D4D6C288502B79FC6EA905B
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/MIICuiqwvI5HyQZ5xzhLWtGA7Eg.roa
Signing time:             Sat 20 Apr 2024 17:10:08 +0000
ROA not before:           Sat 20 Apr 2024 17:10:08 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215561
IP address blocks:        2a0a:79c0:200::/40 maxlen: 128
                          2a0a:79c7:f000::/38 maxlen: 128
                          2a0a:79c7:f200::/44 maxlen: 128
                          2a0a:79c7:f210::/44 maxlen: 128
                          2a0a:79c7:f220::/44 maxlen: 128
                          2a0a:79c7:f230::/44 maxlen: 128
                          2a0a:79c7:f240::/44 maxlen: 128
                          2a0a:79c7:f250::/44 maxlen: 128
                          2a0a:79c7:f260::/44 maxlen: 128
                          2a0a:79c7:f270::/44 maxlen: 128
                          2a0a:79c7:f280::/44 maxlen: 128
                          2a0a:79c7:f290::/44 maxlen: 128
                          2a0a:79c7:f2a0::/44 maxlen: 128
                          2a0a:79c7:f2b0::/44 maxlen: 128
                          2a0a:79c7:f2c0::/44 maxlen: 128
                          2a0a:79c7:f2d0::/44 maxlen: 128
                          2a0a:79c7:f2e0::/44 maxlen: 128
                          2a0a:79c7:f2f0::/44 maxlen: 128
                          2a0a:79c7:f400::/38 maxlen: 128
                          2a0a:79c7:f800::/38 maxlen: 128
                          2a0a:79c7:fe00::/40 maxlen: 48

Validation:               Failed, certificate revoked on Thu 25 Apr 2024 10:25:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:fc:7c:9c:a7:2d:4d:6c:28:85:02:b7:9f:c6:ea:90:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
        Validity
            Not Before: Apr 20 17:10:08 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=308202ba2ab0bc8e47c90679c7384b5ad180ec48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:cc:89:f4:5c:5a:8c:b1:4f:41:0e:a1:5e:6c:
                    7c:19:14:f0:bd:42:74:de:9c:39:7c:67:f3:01:cc:
                    78:57:9c:3d:e1:34:1b:58:dc:c6:5d:40:dc:78:5d:
                    43:8b:b6:d1:18:bd:f0:42:5a:2b:02:d1:bd:83:0e:
                    d2:a3:90:4c:20:fb:a3:47:1e:34:64:36:48:25:01:
                    c4:15:4a:ef:11:7d:ba:f2:29:ac:7b:f5:05:a0:3d:
                    ce:68:d7:73:86:2e:c8:90:e0:4b:39:ef:5d:85:aa:
                    19:fe:eb:5e:8b:66:be:58:4e:94:7e:d9:52:d0:2f:
                    40:2f:7b:35:18:14:dc:22:82:89:f3:a3:82:9c:ac:
                    e5:c5:3b:78:26:b7:aa:07:0e:ee:95:2a:53:06:4a:
                    73:72:09:14:b4:af:37:63:5c:00:be:0a:16:9c:00:
                    b4:8e:c7:39:4c:c8:a1:d0:8f:27:6d:48:ba:3f:cc:
                    7b:88:44:ce:79:a0:2d:b0:cb:54:b7:52:d1:3c:dd:
                    61:5a:10:56:94:9b:12:8a:b2:d5:4d:68:bb:3d:21:
                    b9:63:e9:f1:35:e9:be:8e:41:f1:9a:84:21:f7:77:
                    36:33:e6:37:54:b7:1a:ee:22:60:1e:d2:06:4a:0d:
                    a6:60:42:ad:b2:b5:05:b2:c2:94:6e:49:f0:66:e9:
                    44:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:82:02:BA:2A:B0:BC:8E:47:C9:06:79:C7:38:4B:5A:D1:80:EC:48
            X509v3 Authority Key Identifier:
                keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/MIICuiqwvI5HyQZ5xzhLWtGA7Eg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:79c0:200::/40
                  2a0a:79c7:f000::-2a0a:79c7:fbff:ffff:ffff:ffff:ffff:ffff
                  2a0a:79c7:fe00::/40

    Signature Algorithm: sha256WithRSAEncryption
         02:c5:5b:f7:22:d3:e3:a5:5f:b6:a2:8e:5d:16:12:a5:44:e7:
         bc:26:2a:51:02:8f:90:55:8d:7c:93:be:da:31:73:e2:b1:ae:
         8b:2a:71:43:73:e0:f1:2c:91:0e:28:a4:60:af:a2:55:44:08:
         65:fc:bf:9c:e4:30:ef:b1:7a:e0:c8:c1:37:2f:69:fe:07:41:
         65:a6:82:cd:b8:69:6c:04:45:49:37:9e:a7:19:83:05:1a:bb:
         ac:be:ce:06:21:82:37:7d:79:c5:fc:89:12:bc:90:b7:4f:72:
         c5:c1:17:fe:98:b5:f0:79:0d:6a:2d:d1:07:e1:9e:ea:24:22:
         df:7d:1e:20:11:66:c4:f3:09:94:2a:7a:65:a1:a6:05:ff:f4:
         66:04:54:84:d4:67:fb:ad:37:aa:85:3a:8c:7e:4c:d0:40:60:
         3e:22:9e:89:bc:d4:a0:50:8e:dd:e0:a4:4d:6b:5d:c0:33:dc:
         52:bb:ba:e2:67:61:2f:93:eb:5c:45:8f:ee:36:4b:f4:55:2c:
         1f:20:ca:f5:92:08:b7:5e:3d:44:b5:5b:88:af:7c:5e:f4:50:
         2a:f0:32:2c:3d:c0:9b:42:5c:76:96:c9:86:35:1a:36:66:96:
         34:db:15:19:66:7c:5b:55:e8:59:b4:57:a2:b1:02:67:04:4f:
         13:c3:73:e6
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY78fJynLU1sKIUCt5/G6pBbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjQwNDIwMTcxMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDgyMDJiYTJhYjBiYzhlNDdjOTA2NzljNzM4NGI1YWQxODBlYzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisyJ9FxajLFPQQ6hXmx8GRTwvUJ0
3pw5fGfzAcx4V5w94TQbWNzGXUDceF1Di7bRGL3wQlorAtG9gw7So5BMIPujRx40
ZDZIJQHEFUrvEX268imse/UFoD3OaNdzhi7IkOBLOe9dhaoZ/utei2a+WE6UftlS
0C9AL3s1GBTcIoKJ86OCnKzlxTt4JreqBw7ulSpTBkpzcgkUtK83Y1wAvgoWnAC0
jsc5TMih0I8nbUi6P8x7iETOeaAtsMtUt1LRPN1hWhBWlJsSirLVTWi7PSG5Y+nx
Nem+jkHxmoQh93c2M+Y3VLca7iJgHtIGSg2mYEKtsrUFssKUbknwZulE6QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFDCCAroqsLyOR8kGecc4S1rRgOxIMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvTUlJQ3VpcXd2STVIeVFaNXh6aExXdEdBN0VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAAjAiAwYAKgp5wAIw
EAMGBCoKecfwAwYCKgp5x/gDBgAqCnnH/jANBgkqhkiG9w0BAQsFAAOCAQEAAsVb
9yLT46VftqKOXRYSpUTnvCYqUQKPkFWNfJO+2jFz4rGuiypxQ3Pg8SyRDiikYK+i
VUQIZfy/nOQw77F64MjBNy9p/gdBZaaCzbhpbARFSTeepxmDBRq7rL7OBiGCN315
xfyJEryQt09yxcEX/pi18HkNai3RB+Ge6iQi330eIBFmxPMJlCp6ZaGmBf/0ZgRU
hNRn+603qoU6jH5M0EBgPiKeibzUoFCO3eCkTWtdwDPcUru64mdhL5PrXEWP7jZL
9FUsHyDK9ZIIt149RLVbiK98XvRQKvAyLD3Am0JcdpbJhjUaNmaWNNsVGWZ8W1Xo
WbRXorECZwRPE8Nz5g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:40 2024 by rpki-client on console-ams.rpki-client.org