Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/KN7VL3uMpjbXhVV4v96V6gPc4eE.roa
File:                     KN7VL3uMpjbXhVV4v96V6gPc4eE.roa (raw, json)
Hash identifier:          cuLGbnJuS+W8Mo7UCGgzHbjflmeI4xtLhFaSOf6PqC0=
Subject key identifier:   28:DE:D5:2F:7B:8C:A6:36:D7:85:55:78:BF:DE:95:EA:03:DC:E1:E1
Certificate issuer:       /CN=370e5450d1486780aba54f045ec4802f19f0b4f7
Certificate serial:       01856C6F0F0696FB632D1A0247C64C269165
Authority key identifier: 37:0E:54:50:D1:48:67:80:AB:A5:4F:04:5E:C4:80:2F:19:F0:B4:F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/KN7VL3uMpjbXhVV4v96V6gPc4eE.roa
Signing time:             Sun 01 Jan 2023 08:24:55 +0000
ROA not before:           Sun 01 Jan 2023 08:24:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212008
IP address blocks:        2a0e:46c4:2300::/40 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:6f:0f:06:96:fb:63:2d:1a:02:47:c6:4c:26:91:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=370e5450d1486780aba54f045ec4802f19f0b4f7
        Validity
            Not Before: Jan  1 08:24:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=28ded52f7b8ca636d7855578bfde95ea03dce1e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:71:94:0d:72:26:0d:3c:5f:0a:6c:70:44:1f:
                    0a:6f:16:7e:42:c1:a5:30:01:53:49:b5:7a:25:a3:
                    bf:ea:2a:bb:de:5c:c7:23:d8:6c:38:a5:e3:b7:19:
                    a9:19:76:56:49:00:66:88:2b:5d:4f:0b:ee:f0:03:
                    50:d0:5f:c9:da:e7:cb:74:57:05:67:ee:3d:85:66:
                    05:e3:7c:bb:c4:58:c7:77:97:01:0e:4f:de:28:99:
                    8d:d0:a6:a6:46:3f:ea:cf:a3:42:4b:b9:82:7d:02:
                    39:b4:a7:a7:86:be:09:54:7a:ad:b0:f3:2c:08:4a:
                    ff:41:7a:d7:55:3d:4e:52:7c:bf:a2:b4:86:0b:ac:
                    f9:6d:dd:9b:fb:cb:7f:ea:7c:db:be:65:66:fd:3a:
                    f3:09:2b:71:06:ee:a2:73:1c:c0:8a:66:60:5b:ee:
                    df:83:56:84:c9:25:de:86:ef:e2:f1:87:05:3b:34:
                    6e:3b:7c:f4:85:42:e0:cd:de:b1:41:6b:b0:b7:98:
                    3c:74:b9:11:5b:9e:d8:65:76:fa:77:d3:56:18:ac:
                    4a:af:8e:a6:3a:2a:5f:04:99:af:72:d8:9b:45:db:
                    bb:3f:e4:05:0b:1c:fe:18:18:e3:e5:2b:00:5b:b4:
                    f7:6e:44:8d:2a:45:11:da:ff:8d:49:77:17:61:fe:
                    a9:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:DE:D5:2F:7B:8C:A6:36:D7:85:55:78:BF:DE:95:EA:03:DC:E1:E1
            X509v3 Authority Key Identifier:
                keyid:37:0E:54:50:D1:48:67:80:AB:A5:4F:04:5E:C4:80:2F:19:F0:B4:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/KN7VL3uMpjbXhVV4v96V6gPc4eE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:46c4:2300::/40

    Signature Algorithm: sha256WithRSAEncryption
         62:bb:6c:1e:44:5c:3b:6a:68:19:35:1d:d5:77:32:4a:74:75:
         fc:f3:22:5f:57:81:27:47:af:74:b9:99:58:f6:1c:e9:85:36:
         be:3a:a3:3e:ee:64:f8:f5:0f:86:53:15:dd:c6:52:b8:ce:58:
         88:65:0b:a4:01:28:f9:6c:23:30:86:75:70:43:92:59:02:6c:
         de:82:f3:57:1f:91:f5:0b:a3:3f:f3:ff:43:bc:3a:ce:94:5b:
         8f:fc:b6:5d:6e:d1:ea:d9:e4:f3:a7:07:b9:c4:fa:b5:c1:7a:
         f4:ba:66:d0:1f:5e:b3:a0:76:eb:3a:50:81:4f:81:8c:40:3c:
         94:16:95:25:d4:d9:ed:7b:68:1d:89:bd:e0:74:75:ff:e4:5c:
         c2:bd:3b:22:91:d7:5d:06:62:63:e7:51:c4:fd:51:3a:12:81:
         15:68:ca:09:67:ea:de:3e:ee:a8:12:8c:ed:62:eb:58:59:43:
         ae:47:0d:9e:d3:cd:85:93:37:a0:cd:43:a2:ff:ff:30:f2:f4:
         3e:00:1d:2e:c5:1e:d9:e2:5d:63:4e:8a:3d:c6:ec:a2:2d:34:
         09:cc:40:ec:23:cb:ff:86:33:1c:d1:af:79:37:6a:ba:00:90:
         82:79:17:68:fc:a5:fa:e4:d2:c7:97:7d:19:43:59:94:c9:cf:
         c8:d0:76:b1
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVsbw8GlvtjLRoCR8ZMJpFlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MGU1NDUwZDE0ODY3ODBhYmE1NGYwNDVlYzQ4MDJmMTlm
MGI0ZjcwHhcNMjMwMTAxMDgyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGRlZDUyZjdiOGNhNjM2ZDc4NTU1NzhiZmRlOTVlYTAzZGNlMWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXGUDXImDTxfCmxwRB8KbxZ+QsGl
MAFTSbV6JaO/6iq73lzHI9hsOKXjtxmpGXZWSQBmiCtdTwvu8ANQ0F/J2ufLdFcF
Z+49hWYF43y7xFjHd5cBDk/eKJmN0KamRj/qz6NCS7mCfQI5tKenhr4JVHqtsPMs
CEr/QXrXVT1OUny/orSGC6z5bd2b+8t/6nzbvmVm/TrzCStxBu6icxzAimZgW+7f
g1aEySXehu/i8YcFOzRuO3z0hULgzd6xQWuwt5g8dLkRW57YZXb6d9NWGKxKr46m
OipfBJmvctibRdu7P+QFCxz+GBjj5SsAW7T3bkSNKkUR2v+NSXcXYf6pUwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCje1S97jKY214VVeL/eleoD3OHhMB8GA1UdIwQY
MBaAFDcOVFDRSGeAq6VPBF7EgC8Z8LT3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnc1VVVORklaNENycFU4RVhzU0FMeG53dFBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9mMGY3MGMtMDZlNy00MWFjLWEyYjgt
ODU4ZGNlNTdmY2RiLzEvS043VkwzdU1wamJYaFZWNHY5NlY2Z1BjNGVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9mMGY3MGMtMDZlNy00MWFjLWEyYjgtODU4ZGNlNTdmY2Ri
LzEvTnc1VVVORklaNENycFU4RVhzU0FMeG53dFBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg5GxCMw
DQYJKoZIhvcNAQELBQADggEBAGK7bB5EXDtqaBk1HdV3Mkp0dfzzIl9XgSdHr3S5
mVj2HOmFNr46oz7uZPj1D4ZTFd3GUrjOWIhlC6QBKPlsIzCGdXBDklkCbN6C81cf
kfULoz/z/0O8Os6UW4/8tl1u0erZ5POnB7nE+rXBevS6ZtAfXrOgdus6UIFPgYxA
PJQWlSXU2e17aB2JveB0df/kXMK9OyKR110GYmPnUcT9UToSgRVoygln6t4+7qgS
jO1i61hZQ65HDZ7TzYWTN6DNQ6L//zDy9D4AHS7FHtniXWNOij3G7KItNAnMQOwj
y/+GMxzRr3k3aroAkIJ5F2j8pfrk0seXfRlDWZTJz8jQdrE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:40 2024 by rpki-client on console-ams.rpki-client.org