Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/e106c3-0b1f-4010-86f1-65a46c8e41e9/1/C2yRu6Mr12rlCymlZBnEcTI4PTQ.roa
File:                     C2yRu6Mr12rlCymlZBnEcTI4PTQ.roa (raw, json)
Hash identifier:          5OnXsxblzLy44DmRBXUTe5wQCqfC0BzJFe59wbmXdl0=
Subject key identifier:   0B:6C:91:BB:A3:2B:D7:6A:E5:0B:29:A5:64:19:C4:71:32:38:3D:34
Certificate issuer:       /CN=3d0483538737453e2f57ffb57499c3922e83636d
Certificate serial:       018C168BAC88F50AD1B8B9043DDA5EF3AD7C
Authority key identifier: 3D:04:83:53:87:37:45:3E:2F:57:FF:B5:74:99:C3:92:2E:83:63:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PQSDU4c3RT4vV_-1dJnDki6DY20.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/e106c3-0b1f-4010-86f1-65a46c8e41e9/1/C2yRu6Mr12rlCymlZBnEcTI4PTQ.roa
Signing time:             Tue 28 Nov 2023 15:28:21 +0000
ROA not before:           Tue 28 Nov 2023 15:28:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200482
IP address blocks:        2a07:6d40:2::/48 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:16:8b:ac:88:f5:0a:d1:b8:b9:04:3d:da:5e:f3:ad:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d0483538737453e2f57ffb57499c3922e83636d
        Validity
            Not Before: Nov 28 15:28:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0b6c91bba32bd76ae50b29a56419c47132383d34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:3a:14:ff:69:88:b1:ca:e8:fb:ad:3c:7e:c6:
                    79:97:25:ed:d6:da:ef:ce:63:8c:1f:79:17:2f:e1:
                    f5:47:ed:a6:21:fd:42:e6:7f:44:90:51:b4:24:cf:
                    16:d7:38:90:06:3e:6b:86:37:18:ee:20:a5:e7:6e:
                    7b:75:e2:5e:83:1c:3f:b9:a3:ed:a0:97:8c:4e:9d:
                    4c:0c:50:22:bf:4c:bf:88:dd:99:50:cf:ef:12:d1:
                    25:11:65:af:48:71:7e:98:25:81:6c:d3:68:f0:7b:
                    48:05:d4:ed:2a:ad:b5:6c:7e:8c:c5:b6:d2:b2:bf:
                    f9:91:bf:16:21:df:6e:b3:b2:42:bf:d8:fa:6c:d7:
                    1b:35:fd:e9:35:72:1c:0d:b3:eb:aa:ef:6a:4e:29:
                    8c:07:20:78:d4:7c:6f:fc:c0:be:4d:36:4a:e9:ec:
                    80:33:ae:76:3f:a8:60:80:dd:59:af:01:fb:6e:ae:
                    ee:0f:9a:c2:ef:34:7d:8e:07:ff:d3:ba:ae:94:db:
                    b9:b1:46:c3:42:a3:72:14:0d:18:49:08:2a:d1:af:
                    67:8e:dd:25:cd:ae:79:05:27:09:28:2c:62:7f:39:
                    e9:ee:6d:e3:6a:d4:df:78:27:5d:4c:0f:41:26:86:
                    54:b8:41:2d:51:68:f5:8b:8f:99:d6:79:0c:a6:17:
                    38:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:6C:91:BB:A3:2B:D7:6A:E5:0B:29:A5:64:19:C4:71:32:38:3D:34
            X509v3 Authority Key Identifier:
                keyid:3D:04:83:53:87:37:45:3E:2F:57:FF:B5:74:99:C3:92:2E:83:63:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PQSDU4c3RT4vV_-1dJnDki6DY20.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/e106c3-0b1f-4010-86f1-65a46c8e41e9/1/C2yRu6Mr12rlCymlZBnEcTI4PTQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/e106c3-0b1f-4010-86f1-65a46c8e41e9/1/PQSDU4c3RT4vV_-1dJnDki6DY20.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:6d40:2::/48

    Signature Algorithm: sha256WithRSAEncryption
         79:87:dc:31:d2:f4:9d:93:f4:ff:19:e0:82:6a:63:61:cb:8f:
         e4:0d:23:53:a8:41:73:96:50:85:c4:f5:55:43:dd:39:fd:5b:
         47:a2:15:d7:9a:5f:99:4f:f1:08:1d:0b:84:0f:80:b9:c5:2d:
         1b:11:71:40:e3:99:1a:0f:e6:29:6d:ea:7a:4c:24:37:72:29:
         26:93:ce:06:5e:09:e2:19:a6:3f:08:e1:f2:43:15:d3:01:59:
         c3:35:37:16:ac:49:ca:c2:0c:bf:ad:5a:7b:4b:46:fa:c0:af:
         cc:78:85:d6:6c:e5:dd:21:b4:d1:45:d3:be:6f:42:d6:1d:cd:
         37:00:a6:62:ce:19:ce:80:42:1a:68:37:a5:09:a9:57:10:a4:
         5a:a6:35:44:8a:a0:ba:44:e5:a9:9d:2e:29:48:57:c8:bc:57:
         8b:c0:ea:69:be:34:a9:3a:5a:41:1f:ff:dc:65:af:a6:c0:22:
         d7:5d:3a:e3:3d:4f:d9:ec:ed:89:4c:02:52:af:10:98:ff:5c:
         48:05:95:f3:35:9c:11:27:38:17:15:67:91:bd:8d:15:ed:e3:
         9f:93:cf:3c:4b:41:0b:ab:93:0a:4a:a9:9e:fa:12:f0:1b:13:
         3a:92:ce:e2:07:82:ae:75:b0:57:a9:cc:fd:aa:15:bc:fa:e9:
         1a:a5:ba:e7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYwWi6yI9QrRuLkEPdpe8618MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMDQ4MzUzODczNzQ1M2UyZjU3ZmZiNTc0OTljMzkyMmU4
MzYzNmQwHhcNMjMxMTI4MTUyODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjZjOTFiYmEzMmJkNzZhZTUwYjI5YTU2NDE5YzQ3MTMyMzgzZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzoU/2mIscro+608fsZ5lyXt1trv
zmOMH3kXL+H1R+2mIf1C5n9EkFG0JM8W1ziQBj5rhjcY7iCl5257deJegxw/uaPt
oJeMTp1MDFAiv0y/iN2ZUM/vEtElEWWvSHF+mCWBbNNo8HtIBdTtKq21bH6MxbbS
sr/5kb8WId9us7JCv9j6bNcbNf3pNXIcDbPrqu9qTimMByB41Hxv/MC+TTZK6eyA
M652P6hggN1ZrwH7bq7uD5rC7zR9jgf/07qulNu5sUbDQqNyFA0YSQgq0a9njt0l
za55BScJKCxifznp7m3jatTfeCddTA9BJoZUuEEtUWj1i4+Z1nkMphc4CQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAtskbujK9dq5QsppWQZxHEyOD00MB8GA1UdIwQY
MBaAFD0Eg1OHN0U+L1f/tXSZw5Iug2NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFFTRFU0YzNSVDR2Vl8tMWRKbkRraTZEWTIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9lMTA2YzMtMGIxZi00MDEwLTg2ZjEt
NjVhNDZjOGU0MWU5LzEvQzJ5UnU2TXIxMnJsQ3ltbFpCbkVjVEk0UFRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9lMTA2YzMtMGIxZi00MDEwLTg2ZjEtNjVhNDZjOGU0MWU5
LzEvUFFTRFU0YzNSVDR2Vl8tMWRKbkRraTZEWTIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdtQAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQB5h9wx0vSdk/T/GeCCamNhy4/kDSNTqEFzllCF
xPVVQ905/VtHohXXml+ZT/EIHQuED4C5xS0bEXFA45kaD+Ypbep6TCQ3cikmk84G
XgniGaY/COHyQxXTAVnDNTcWrEnKwgy/rVp7S0b6wK/MeIXWbOXdIbTRRdO+b0LW
Hc03AKZizhnOgEIaaDelCalXEKRapjVEiqC6ROWpnS4pSFfIvFeLwOppvjSpOlpB
H//cZa+mwCLXXTrjPU/Z7O2JTAJSrxCY/1xIBZXzNZwRJzgXFWeRvY0V7eOfk888
S0ELq5MKSqme+hLwGxM6ks7iB4KudbBXqcz9qhW8+ukapbrn
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:18 2024 by rpki-client on console-ams.rpki-client.org