Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/ju3gVJWDFzJ1LZKn1CpevENl69c.roa
File:                     ju3gVJWDFzJ1LZKn1CpevENl69c.roa (raw, json)
Hash identifier:          czCqzZHV7Z7EyUTqfa+tze1cMaW8XETcFYTzZ5QInyY=
Subject key identifier:   8E:ED:E0:54:95:83:17:32:75:2D:92:A7:D4:2A:5E:BC:43:65:EB:D7
Certificate issuer:       /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial:       018570B0808EB2189F105FDE346D39C75E32
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/ju3gVJWDFzJ1LZKn1CpevENl69c.roa
Signing time:             Mon 02 Jan 2023 04:14:53 +0000
ROA not before:           Mon 02 Jan 2023 04:14:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210542
IP address blocks:        2a0e:da40:10::/44 maxlen: 128
                          2a0e:da40:1::/48 maxlen: 128

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:b0:80:8e:b2:18:9f:10:5f:de:34:6d:39:c7:5e:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
        Validity
            Not Before: Jan  2 04:14:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8eede05495831732752d92a7d42a5ebc4365ebd7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:96:66:59:fc:08:37:85:67:16:8f:8e:b2:ee:
                    09:d5:dd:0d:3a:1e:d7:95:19:f9:97:77:1d:91:b1:
                    24:ca:b9:32:1c:db:0e:91:fa:bc:06:61:1c:31:af:
                    70:ac:e1:00:a2:9c:02:1c:13:aa:90:2c:64:62:13:
                    e5:a7:92:c5:b4:0f:41:1f:45:46:e9:6a:ee:fe:7d:
                    6c:ce:d4:c3:77:df:9a:0e:de:38:be:d1:eb:d7:33:
                    ee:69:81:1b:b9:50:67:f7:dd:e6:27:6b:71:06:3d:
                    b4:f8:f7:e6:c5:72:48:d1:00:f4:80:da:57:1d:9f:
                    43:6d:42:8b:4b:f6:e5:f7:8c:52:01:4d:5f:96:31:
                    44:db:76:9b:f9:95:6e:50:c7:85:81:ad:e0:d9:79:
                    88:65:7d:fb:3e:45:d2:75:d3:d9:3f:93:08:ee:d9:
                    17:ce:8a:a7:96:16:72:2b:80:b1:f6:db:75:e8:32:
                    35:ed:79:63:68:bf:59:fb:78:5e:96:38:c6:55:12:
                    4c:e2:59:29:c8:d4:51:8f:95:fb:67:14:3d:db:a1:
                    fe:4e:15:8e:8c:81:1f:ba:99:6e:c1:54:8e:1d:2b:
                    b3:5b:13:b7:69:8d:9e:f7:4d:06:e3:9e:33:98:7c:
                    e0:c6:62:6b:79:45:06:72:f8:80:a2:aa:5b:83:7f:
                    74:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:ED:E0:54:95:83:17:32:75:2D:92:A7:D4:2A:5E:BC:43:65:EB:D7
            X509v3 Authority Key Identifier:
                keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/ju3gVJWDFzJ1LZKn1CpevENl69c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:da40:1::/48
                  2a0e:da40:10::/44

    Signature Algorithm: sha256WithRSAEncryption
         d7:c4:86:49:6b:fb:ff:13:15:94:bc:b1:67:cd:c3:69:c4:cd:
         0e:e5:b6:9e:a5:fe:b5:35:46:1d:5f:83:73:e0:41:06:1f:6c:
         1f:12:48:d2:55:5d:0c:46:ee:6c:05:3d:72:e5:bb:f8:a6:3a:
         9f:c1:7e:23:cc:0f:f0:ae:2a:ba:84:00:a3:a5:61:5c:cb:c2:
         7f:ae:d2:8f:fc:bc:18:d8:df:5b:95:f8:a0:96:aa:cd:4a:87:
         95:53:28:ca:2e:03:8f:12:11:23:ee:39:db:36:76:e2:fb:a0:
         a4:71:e9:37:12:ef:22:43:3a:ef:73:f1:3c:25:2f:af:4c:14:
         7e:e9:e9:45:8c:0c:cd:91:21:40:7b:8f:94:4a:6d:a3:fe:77:
         dd:b8:9d:86:e2:65:df:84:df:4c:c5:9e:c7:76:8c:c1:87:66:
         bb:de:b3:39:28:a9:9a:df:65:cb:5a:a0:ec:85:a9:24:99:ae:
         16:bb:b0:55:6e:e1:86:ff:b3:f4:89:32:ff:64:9d:f5:b1:33:
         9c:47:dd:c6:70:1d:06:f5:fb:79:ef:59:7c:76:89:0c:06:ed:
         7d:3a:3d:71:0c:08:e9:50:a1:14:23:78:0b:4e:96:5c:df:56:
         6a:fd:56:bc:89:6b:f7:54:eb:25:bc:a0:21:80:cc:c9:5c:76:
         1b:c4:34:f9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwsICOshifEF/eNG05x14yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjMwMTAyMDQxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWVkZTA1NDk1ODMxNzMyNzUyZDkyYTdkNDJhNWViYzQzNjVlYmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppZmWfwIN4VnFo+Osu4J1d0NOh7X
lRn5l3cdkbEkyrkyHNsOkfq8BmEcMa9wrOEAopwCHBOqkCxkYhPlp5LFtA9BH0VG
6Wru/n1sztTDd9+aDt44vtHr1zPuaYEbuVBn993mJ2txBj20+PfmxXJI0QD0gNpX
HZ9DbUKLS/bl94xSAU1fljFE23ab+ZVuUMeFga3g2XmIZX37PkXSddPZP5MI7tkX
zoqnlhZyK4Cx9tt16DI17XljaL9Z+3heljjGVRJM4lkpyNRRj5X7ZxQ926H+ThWO
jIEfupluwVSOHSuzWxO3aY2e900G454zmHzgxmJreUUGcviAoqpbg390mQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI7t4FSVgxcydS2Sp9QqXrxDZevXMB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvanUzZ1ZKV0RGekoxTFpLbjFDcGV2RU5sNjljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg7aQAAB
AwcEKg7aQAAQMA0GCSqGSIb3DQEBCwUAA4IBAQDXxIZJa/v/ExWUvLFnzcNpxM0O
5baepf61NUYdX4Nz4EEGH2wfEkjSVV0MRu5sBT1y5bv4pjqfwX4jzA/wriq6hACj
pWFcy8J/rtKP/LwY2N9blfiglqrNSoeVUyjKLgOPEhEj7jnbNnbi+6Ckcek3Eu8i
Qzrvc/E8JS+vTBR+6elFjAzNkSFAe4+USm2j/nfduJ2G4mXfhN9MxZ7HdozBh2a7
3rM5KKma32XLWqDshakkma4Wu7BVbuGG/7P0iTL/ZJ31sTOcR93GcB0G9ft571l8
dokMBu19Oj1xDAjpUKEUI3gLTpZc31Zq/Va8iWv3VOslvKAhgMzJXHYbxDT5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:57 2024 by rpki-client on console-fra.rpki-client.org