Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/tkSqcbcAH38EL5kWDSF-ZBFc2tM.roa
File:                     tkSqcbcAH38EL5kWDSF-ZBFc2tM.roa (raw, json)
Hash identifier:          jdzp1qoTLNUFQ+yvZBFDl4fcikUFADqNoiY+5F5ITCA=
Subject key identifier:   B6:44:AA:71:B7:00:1F:7F:04:2F:99:16:0D:21:7E:64:11:5C:DA:D3
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       018AB0C7ACF07A6C2FB02E2A7138242506E3
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/tkSqcbcAH38EL5kWDSF-ZBFc2tM.roa
Signing time:             Wed 20 Sep 2023 04:09:50 +0000
ROA not before:           Wed 20 Sep 2023 04:09:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     36351
IP address blocks:        2a0f:2740::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 31 Oct 2023 10:07:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:b0:c7:ac:f0:7a:6c:2f:b0:2e:2a:71:38:24:25:06:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Sep 20 04:09:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b644aa71b7001f7f042f99160d217e64115cdad3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:55:7d:89:56:51:56:54:fb:4f:fa:3b:b2:ab:
                    5e:54:69:fb:21:9e:ee:48:c0:44:14:d3:63:1e:aa:
                    7e:ed:a4:f8:15:ee:21:4a:72:f9:9a:9b:af:48:e7:
                    d1:60:e6:4f:8e:43:f4:79:e6:19:61:1e:c9:70:2f:
                    58:0d:fe:25:f1:5f:9e:da:d1:5d:04:23:24:89:7c:
                    fb:c3:2e:37:c2:34:27:4c:7b:3d:9e:fa:18:66:fd:
                    7b:c2:1c:41:70:00:b6:5a:4d:37:b2:ed:8e:47:db:
                    08:b3:16:c0:7b:3a:3b:e1:9d:48:06:36:3f:d6:93:
                    8e:a1:bb:ce:da:48:32:04:87:67:94:54:ac:ac:c2:
                    05:8e:1f:f2:92:03:f2:e3:9b:8a:38:bb:f4:4f:22:
                    2c:47:5d:db:58:5f:35:90:83:49:ea:d2:ed:4e:4b:
                    48:e4:05:45:93:2a:19:c3:4d:73:a7:67:f3:41:8d:
                    b5:7f:42:dd:e1:aa:9c:f0:84:47:cc:c9:f7:b1:59:
                    f6:10:09:04:d5:87:75:68:a5:24:59:e1:5a:87:7e:
                    6f:4a:5e:c8:54:b4:5b:72:39:e3:0c:ab:78:f0:d3:
                    e9:9a:2a:a7:4f:a8:40:4b:6d:a9:01:4a:be:25:6b:
                    ef:4f:39:76:70:22:0d:7b:86:ec:6f:4a:f2:dd:68:
                    28:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:44:AA:71:B7:00:1F:7F:04:2F:99:16:0D:21:7E:64:11:5C:DA:D3
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/tkSqcbcAH38EL5kWDSF-ZBFc2tM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:2740::/29

    Signature Algorithm: sha256WithRSAEncryption
         96:1e:a0:20:21:78:ae:3c:f3:a2:63:64:3c:9e:6e:2e:24:61:
         9a:37:19:19:2a:4f:63:5c:00:02:36:ff:c2:ad:e2:06:2d:63:
         83:5a:64:5a:e2:ee:4e:b2:2c:0e:7e:52:c7:4a:cc:1e:f0:bd:
         5a:e2:80:fd:5c:25:2f:9c:ac:dc:1e:10:ef:83:8c:41:39:59:
         d9:ad:b4:dc:d4:be:dd:d6:81:bc:5f:d3:08:7c:8a:0e:ba:a0:
         9d:17:9f:4e:c0:45:ee:40:d5:8c:f0:d2:e5:bf:17:92:74:0b:
         c6:2f:9a:20:ce:00:75:09:95:f7:9d:73:7f:ba:e3:2c:6b:11:
         45:7c:d8:2f:cf:9a:e4:f2:f6:56:79:0f:94:a5:98:9e:f8:42:
         03:32:4d:6e:5a:ab:2f:d4:c2:73:97:e3:14:83:47:26:bc:00:
         a9:70:44:15:cf:69:71:df:92:9a:6a:59:92:67:50:08:26:c1:
         36:d8:bb:d2:1e:f9:7e:86:f1:6a:17:f7:81:08:eb:06:94:f7:
         ca:61:e1:b0:86:c6:c3:f9:86:93:13:1a:da:81:cd:c9:c1:25:
         ff:de:fa:94:19:a3:21:69:fb:44:4c:0d:f7:7b:98:5b:26:72:
         f5:01:45:25:d1:54:4f:5d:ea:74:ef:28:1c:cb:aa:93:99:ea:
         14:8c:0f:d9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYqwx6zwemwvsC4qcTgkJQbjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwOTIwMDQwOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjQ0YWE3MWI3MDAxZjdmMDQyZjk5MTYwZDIxN2U2NDExNWNkYWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1V9iVZRVlT7T/o7sqteVGn7IZ7u
SMBEFNNjHqp+7aT4Fe4hSnL5mpuvSOfRYOZPjkP0eeYZYR7JcC9YDf4l8V+e2tFd
BCMkiXz7wy43wjQnTHs9nvoYZv17whxBcAC2Wk03su2OR9sIsxbAezo74Z1IBjY/
1pOOobvO2kgyBIdnlFSsrMIFjh/ykgPy45uKOLv0TyIsR13bWF81kINJ6tLtTktI
5AVFkyoZw01zp2fzQY21f0Ld4aqc8IRHzMn3sVn2EAkE1Yd1aKUkWeFah35vSl7I
VLRbcjnjDKt48NPpmiqnT6hAS22pAUq+JWvvTzl2cCINe4bsb0ry3WgoywIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLZEqnG3AB9/BC+ZFg0hfmQRXNrTMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvdGtTcWNiY0FIMzhFTDVrV0RTRi1aQkZjMnRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg8nQDAN
BgkqhkiG9w0BAQsFAAOCAQEAlh6gICF4rjzzomNkPJ5uLiRhmjcZGSpPY1wAAjb/
wq3iBi1jg1pkWuLuTrIsDn5Sx0rMHvC9WuKA/VwlL5ys3B4Q74OMQTlZ2a203NS+
3daBvF/TCHyKDrqgnRefTsBF7kDVjPDS5b8XknQLxi+aIM4AdQmV951zf7rjLGsR
RXzYL8+a5PL2VnkPlKWYnvhCAzJNblqrL9TCc5fjFINHJrwAqXBEFc9pcd+SmmpZ
kmdQCCbBNti70h75fobxahf3gQjrBpT3ymHhsIbGw/mGkxMa2oHNycEl/976lBmj
IWn7REwN93uYWyZy9QFFJdFUT13qdO8oHMuqk5nqFIwP2Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:52 2024 by rpki-client on console-ams.rpki-client.org