Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/sowHnpfajQiFRyzxJT7guqI_xhM.roa
File:                     sowHnpfajQiFRyzxJT7guqI_xhM.roa (raw, json)
Hash identifier:          TkZ5x/FBzwYA8Fng0owed7DijPlKhB5yMaycJFr7BOI=
Subject key identifier:   B2:8C:07:9E:97:DA:8D:08:85:47:2C:F1:25:3E:E0:BA:A2:3F:C6:13
Certificate issuer:       /CN=b27261d715348bfd73ce9dbb72488656993ba2f1
Certificate serial:       01856F2FE1FC0A1A05E5C1403CBF913B3AE3
Authority key identifier: B2:72:61:D7:15:34:8B:FD:73:CE:9D:BB:72:48:86:56:99:3B:A2:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/snJh1xU0i_1zzp27ckiGVpk7ovE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/sowHnpfajQiFRyzxJT7guqI_xhM.roa
Signing time:             Sun 01 Jan 2023 21:14:47 +0000
ROA not before:           Sun 01 Jan 2023 21:14:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29588
IP address blocks:        2a0e:e6c0:6000::/36 maxlen: 36

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:2f:e1:fc:0a:1a:05:e5:c1:40:3c:bf:91:3b:3a:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b27261d715348bfd73ce9dbb72488656993ba2f1
        Validity
            Not Before: Jan  1 21:14:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b28c079e97da8d0885472cf1253ee0baa23fc613
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:7a:cb:fe:57:df:d5:56:25:21:23:d1:db:50:
                    e0:55:d2:5e:56:2e:5a:fd:8e:65:40:f2:1a:5b:bc:
                    45:cc:ad:65:e8:cc:69:1a:07:87:52:9f:77:ce:2c:
                    78:91:f3:cb:35:8e:35:41:c1:69:23:27:65:9f:10:
                    ef:5f:a4:84:b5:0d:6f:f1:fd:e1:de:97:8c:d9:74:
                    91:cc:27:cd:9e:ae:34:c0:96:5c:c4:03:90:43:83:
                    f3:58:a8:63:59:05:c1:28:c2:ef:54:01:64:87:9d:
                    c6:43:c5:d7:e9:bc:50:3f:7f:01:d6:51:67:ab:ca:
                    6b:58:69:08:01:0a:1a:65:80:be:a6:a9:77:06:f6:
                    aa:3a:d1:87:ea:14:6f:cb:b9:b6:35:ca:69:33:17:
                    f6:17:88:83:43:82:0b:e1:ed:09:06:7c:42:bd:41:
                    5b:1e:72:45:93:c3:ae:ee:56:36:7b:05:65:70:70:
                    70:7e:8a:b6:e0:f3:86:b2:92:fc:5d:46:5c:79:df:
                    61:ad:79:17:f9:20:1e:b2:7a:9d:9a:e2:0f:07:6b:
                    6d:00:97:72:b4:c7:98:40:41:30:0c:aa:d3:ae:59:
                    f3:fe:f3:bf:8d:02:a8:e7:65:60:85:37:90:74:24:
                    4c:83:83:80:98:36:39:54:cc:e6:ea:e7:46:8f:b5:
                    07:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:8C:07:9E:97:DA:8D:08:85:47:2C:F1:25:3E:E0:BA:A2:3F:C6:13
            X509v3 Authority Key Identifier:
                keyid:B2:72:61:D7:15:34:8B:FD:73:CE:9D:BB:72:48:86:56:99:3B:A2:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/snJh1xU0i_1zzp27ckiGVpk7ovE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/sowHnpfajQiFRyzxJT7guqI_xhM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/snJh1xU0i_1zzp27ckiGVpk7ovE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:e6c0:6000::/36

    Signature Algorithm: sha256WithRSAEncryption
         8b:bd:db:c6:f6:1b:2b:94:83:53:e8:95:20:4c:eb:b8:85:0c:
         a8:52:15:d2:45:92:23:09:cb:74:3c:18:b9:1a:49:20:0b:67:
         c2:de:13:1b:83:ff:2d:99:49:50:0a:f4:2b:38:31:4c:02:c8:
         3a:d0:49:4c:2c:6d:99:b5:c3:ad:7e:e0:44:d3:a6:08:69:a2:
         85:15:72:6b:05:6f:a4:2a:f3:3f:17:08:13:56:6c:49:f2:f8:
         1f:57:08:f5:57:8f:57:e1:8b:74:96:56:15:dd:e4:55:ee:54:
         4d:fd:bc:aa:b4:64:e7:64:ca:da:6f:92:38:51:89:5f:91:3b:
         ef:ec:5b:e2:1b:9a:cd:42:46:43:53:b1:25:77:d7:44:8f:31:
         34:2d:60:9d:86:6c:3e:9c:04:11:0f:6b:c0:d4:63:07:5d:b4:
         32:fe:ec:14:a4:b3:53:91:b7:ea:b7:0d:a4:1c:e3:74:64:af:
         69:72:16:ef:24:7c:c4:81:47:e5:17:10:35:df:40:97:7f:47:
         a9:56:2a:5a:0b:08:21:44:58:60:67:fe:58:7c:c3:82:a6:33:
         75:e4:ef:f3:bb:0c:df:f3:dd:07:9d:59:62:a3:ae:40:17:c5:
         45:8e:cd:3e:1c:b0:6f:12:79:9d:dd:46:41:9f:56:20:ec:81:
         8a:e4:cc:5c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVvL+H8ChoF5cFAPL+ROzrjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNzI2MWQ3MTUzNDhiZmQ3M2NlOWRiYjcyNDg4NjU2OTkz
YmEyZjEwHhcNMjMwMTAxMjExNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjhjMDc5ZTk3ZGE4ZDA4ODU0NzJjZjEyNTNlZTBiYWEyM2ZjNjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnrL/lff1VYlISPR21DgVdJeVi5a
/Y5lQPIaW7xFzK1l6MxpGgeHUp93zix4kfPLNY41QcFpIydlnxDvX6SEtQ1v8f3h
3peM2XSRzCfNnq40wJZcxAOQQ4PzWKhjWQXBKMLvVAFkh53GQ8XX6bxQP38B1lFn
q8prWGkIAQoaZYC+pql3BvaqOtGH6hRvy7m2NcppMxf2F4iDQ4IL4e0JBnxCvUFb
HnJFk8Ou7lY2ewVlcHBwfoq24POGspL8XUZced9hrXkX+SAesnqdmuIPB2ttAJdy
tMeYQEEwDKrTrlnz/vO/jQKo52VghTeQdCRMg4OAmDY5VMzm6udGj7UHFQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLKMB56X2o0IhUcs8SU+4LqiP8YTMB8GA1UdIwQY
MBaAFLJyYdcVNIv9c86du3JIhlaZO6LxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc25KaDF4VTBpXzF6enAyN2NraUdWcGs3b3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hYmE1MDItZDE5MS00ZmQ3LWE3Y2Yt
NTA0ZjI3NjY3NjBmLzEvc293SG5wZmFqUWlGUnl6eEpUN2d1cUlfeGhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hYmE1MDItZDE5MS00ZmQ3LWE3Y2YtNTA0ZjI3NjY3NjBm
LzEvc25KaDF4VTBpXzF6enAyN2NraUdWcGs3b3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKg7mwGAw
DQYJKoZIhvcNAQELBQADggEBAIu928b2GyuUg1PolSBM67iFDKhSFdJFkiMJy3Q8
GLkaSSALZ8LeExuD/y2ZSVAK9Cs4MUwCyDrQSUwsbZm1w61+4ETTpghpooUVcmsF
b6Qq8z8XCBNWbEny+B9XCPVXj1fhi3SWVhXd5FXuVE39vKq0ZOdkytpvkjhRiV+R
O+/sW+Ibms1CRkNTsSV310SPMTQtYJ2GbD6cBBEPa8DUYwddtDL+7BSks1ORt+q3
DaQc43Rkr2lyFu8kfMSBR+UXEDXfQJd/R6lWKloLCCFEWGBn/lh8w4KmM3Xk7/O7
DN/z3QedWWKjrkAXxUWOzT4csG8SeZ3dRkGfViDsgYrkzFw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:04 2024 by rpki-client on console-fra.rpki-client.org