Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/RoPCaIwIw2Awh4WohrJGkLLSjPM.roa
File:                     RoPCaIwIw2Awh4WohrJGkLLSjPM.roa (raw, json)
Hash identifier:          jQYmUyUULTZ0wPfhE3IyWbZu+a7Pg+wFex7ySrAc2qs=
Subject key identifier:   46:83:C2:68:8C:08:C3:60:30:87:85:A8:86:B2:46:90:B2:D2:8C:F3
Certificate issuer:       /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial:       01856CAF1645835DFE86C982444BBC9B0978
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/RoPCaIwIw2Awh4WohrJGkLLSjPM.roa
Signing time:             Sun 01 Jan 2023 09:34:51 +0000
ROA not before:           Sun 01 Jan 2023 09:34:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200019
IP address blocks:        2a09:7c46::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 13 Apr 2023 10:28:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:af:16:45:83:5d:fe:86:c9:82:44:4b:bc:9b:09:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
        Validity
            Not Before: Jan  1 09:34:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4683c2688c08c360308785a886b24690b2d28cf3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:7b:58:1c:2b:72:c8:99:7e:fa:06:54:b3:31:
                    59:37:cd:78:1e:d4:8e:23:36:63:c3:d9:73:4a:64:
                    44:59:d9:39:1f:c7:96:96:5b:11:68:99:1a:40:24:
                    bb:76:4c:9f:17:c5:6e:73:a2:ff:53:fc:92:00:24:
                    1e:28:84:25:fd:66:8c:b8:ae:58:0d:0b:10:90:c7:
                    c3:35:82:8c:38:4a:a4:0d:81:9c:3d:37:cc:21:3b:
                    95:3a:0b:65:9d:3f:08:4c:3d:6d:31:03:74:b9:7c:
                    64:5b:ff:6b:26:e0:bd:8c:dd:2d:98:08:3a:d2:56:
                    d2:d4:78:f8:13:87:86:a2:83:f9:4e:80:91:bf:b6:
                    05:7c:70:9e:a3:3f:d3:c6:97:4b:99:9d:50:ef:08:
                    99:ee:eb:eb:a3:b8:ad:d3:fb:77:97:6b:19:c3:78:
                    18:09:a3:04:f7:fc:a5:ff:da:e9:e4:e7:b2:66:40:
                    55:29:a8:d5:17:17:21:d7:6f:f1:50:78:cc:89:0a:
                    65:59:bf:b5:f3:53:fc:19:3c:90:6f:74:b1:27:06:
                    ff:3a:b2:9c:f0:5a:95:f8:72:48:e0:0f:21:23:d0:
                    37:42:f5:23:3c:32:79:63:2b:05:4e:f6:e0:d1:16:
                    b9:08:be:5d:1d:12:85:1b:2e:b1:66:30:24:bd:2e:
                    a6:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:83:C2:68:8C:08:C3:60:30:87:85:A8:86:B2:46:90:B2:D2:8C:F3
            X509v3 Authority Key Identifier:
                keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/RoPCaIwIw2Awh4WohrJGkLLSjPM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:7c46::/32

    Signature Algorithm: sha256WithRSAEncryption
         3a:95:f2:f7:ed:97:96:a1:24:20:0a:b7:6f:54:07:a0:06:bf:
         06:1d:3c:da:51:48:00:52:67:a7:d0:dc:5c:f7:ac:0f:32:46:
         34:0d:07:0e:bc:77:5b:55:bc:3e:aa:4b:96:5f:79:fa:c6:9a:
         3f:2e:49:5b:77:0b:39:7e:4c:0c:39:54:7c:d3:0b:07:63:ab:
         62:1c:2a:47:13:60:8d:99:15:88:fb:4d:d5:4c:4b:fb:8e:c0:
         d4:0a:f1:c1:90:a4:9a:90:0a:af:3d:48:31:26:cf:aa:47:ee:
         a4:60:32:d0:96:cd:a7:06:a7:82:a2:83:ff:bd:b0:83:6d:58:
         84:c3:c0:76:ac:94:40:6f:6f:af:30:26:f7:92:a9:d5:e2:33:
         8c:1b:52:6e:e0:72:2b:20:5c:8f:da:5b:5a:8d:5a:f3:eb:23:
         ad:d3:6a:cc:fc:83:b5:43:a1:d3:a4:af:23:14:59:6a:35:71:
         b7:95:2e:13:48:1f:bf:8c:67:67:14:cb:ef:9b:a0:3d:61:0b:
         c6:2a:b9:db:85:a1:3a:e5:58:5e:9b:47:78:d0:35:41:85:f3:
         37:a3:ad:dd:8d:9d:34:08:06:6d:97:59:6a:0d:1d:68:a4:22:
         ea:30:e5:80:08:ab:53:cd:d1:4d:f0:e1:e2:a0:5f:0c:50:d8:
         ab:55:8f:77
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVsrxZFg13+hsmCREu8mwl4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjMwMTAxMDkzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjgzYzI2ODhjMDhjMzYwMzA4Nzg1YTg4NmIyNDY5MGIyZDI4Y2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvntYHCtyyJl++gZUszFZN814HtSO
IzZjw9lzSmREWdk5H8eWllsRaJkaQCS7dkyfF8Vuc6L/U/ySACQeKIQl/WaMuK5Y
DQsQkMfDNYKMOEqkDYGcPTfMITuVOgtlnT8ITD1tMQN0uXxkW/9rJuC9jN0tmAg6
0lbS1Hj4E4eGooP5ToCRv7YFfHCeoz/TxpdLmZ1Q7wiZ7uvro7it0/t3l2sZw3gY
CaME9/yl/9rp5OeyZkBVKajVFxch12/xUHjMiQplWb+181P8GTyQb3SxJwb/OrKc
8FqV+HJI4A8hI9A3QvUjPDJ5YysFTvbg0Ra5CL5dHRKFGy6xZjAkvS6mqQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEaDwmiMCMNgMIeFqIayRpCy0ozzMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvUm9QQ2FJd0l3MkF3aDRXb2hySkdrTExTalBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgl8RjAN
BgkqhkiG9w0BAQsFAAOCAQEAOpXy9+2XlqEkIAq3b1QHoAa/Bh082lFIAFJnp9Dc
XPesDzJGNA0HDrx3W1W8PqpLll95+saaPy5JW3cLOX5MDDlUfNMLB2OrYhwqRxNg
jZkViPtN1UxL+47A1ArxwZCkmpAKrz1IMSbPqkfupGAy0JbNpwangqKD/72wg21Y
hMPAdqyUQG9vrzAm95Kp1eIzjBtSbuByKyBcj9pbWo1a8+sjrdNqzPyDtUOh06Sv
IxRZajVxt5UuE0gfv4xnZxTL75ugPWELxiq524WhOuVYXptHeNA1QYXzN6Ot3Y2d
NAgGbZdZag0daKQi6jDlgAirU83RTfDh4qBfDFDYq1WPdw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:28 2024 by rpki-client on console-ams.rpki-client.org