Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/J7-8a_DPcHW5z0t1G-rBk71QIZI.roa
File:                     J7-8a_DPcHW5z0t1G-rBk71QIZI.roa (raw, json)
Hash identifier:          fwV+/aORFBHb8jl+ANqvwis8e4MpEDrmlml19UEGrlM=
Subject key identifier:   27:BF:BC:6B:F0:CF:70:75:B9:CF:4B:75:1B:EA:C1:93:BD:50:21:92
Certificate issuer:       /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial:       018CC2DB013A8D847BCBE19FA566BF351566
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/J7-8a_DPcHW5z0t1G-rBk71QIZI.roa
Signing time:             Mon 01 Jan 2024 02:29:41 +0000
ROA not before:           Mon 01 Jan 2024 02:29:41 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     205593
IP address blocks:        2a0f:5701:3100::/40 maxlen: 48
                          2a0f:5701:3500::/40 maxlen: 48

Validation:               Failed, certificate revoked on Tue 04 Jun 2024 17:46:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:db:01:3a:8d:84:7b:cb:e1:9f:a5:66:bf:35:15:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
        Validity
            Not Before: Jan  1 02:29:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=27bfbc6bf0cf7075b9cf4b751beac193bd502192
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:fb:50:66:46:d2:b2:c3:53:f4:58:ca:f9:6b:
                    3f:dc:45:b7:72:fd:2e:16:c4:a3:d0:ee:d1:74:30:
                    4f:84:ac:4a:e2:99:21:0f:04:4b:77:2a:03:0e:e6:
                    b2:21:6a:5a:2c:35:ea:ea:63:4d:de:cb:4a:f4:a3:
                    72:7a:fd:d6:15:73:cd:08:47:28:1a:a1:24:d0:d3:
                    3f:c0:32:e0:da:5c:2c:1a:d0:50:75:4a:e6:65:c3:
                    1f:37:cd:45:4b:02:3f:65:2a:e2:94:c0:14:e4:bf:
                    17:b2:cd:7b:17:db:9d:b1:04:58:17:ba:15:aa:3f:
                    a8:6b:71:4b:0d:25:ea:70:ab:80:6d:1d:6c:be:08:
                    c7:a7:a8:fd:8e:b2:aa:5e:a5:0d:0f:e3:9b:05:43:
                    62:58:2f:3a:34:bb:28:44:9f:b4:7e:07:6e:96:a0:
                    f2:f3:d5:be:27:60:37:40:ba:62:bb:76:a5:ae:71:
                    d0:fe:ac:95:af:69:d2:f2:ee:13:8e:03:de:29:aa:
                    75:6c:3f:69:39:19:4d:c8:2e:d0:5e:0f:7c:72:04:
                    68:15:de:9f:0d:c1:e9:5d:c8:bb:c6:0f:ab:54:ca:
                    35:25:d4:00:84:96:7a:8a:5a:49:38:64:97:64:4f:
                    94:7a:81:d5:b8:c8:cc:7b:20:b0:90:c8:70:c4:cb:
                    27:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:BF:BC:6B:F0:CF:70:75:B9:CF:4B:75:1B:EA:C1:93:BD:50:21:92
            X509v3 Authority Key Identifier:
                keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/J7-8a_DPcHW5z0t1G-rBk71QIZI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:5701:3100::/40
                  2a0f:5701:3500::/40

    Signature Algorithm: sha256WithRSAEncryption
         b6:dd:80:d3:9d:db:6e:c8:0f:7e:c2:be:c1:73:1f:a4:f2:58:
         05:2f:c4:c2:56:1b:d9:fe:da:43:cb:8a:15:df:40:15:dc:d2:
         90:1a:d9:34:bf:de:22:9b:75:39:d5:55:ad:b9:98:99:da:66:
         7a:9c:5e:6c:50:88:0c:60:cc:66:25:f2:45:c5:ce:1e:72:0f:
         ea:24:72:85:26:ed:e9:9c:d4:d1:7e:bb:95:f0:7e:c0:ee:15:
         3b:9e:07:ea:b3:a9:dd:8f:e2:18:39:69:9d:01:c0:af:bf:bf:
         32:55:d1:60:fc:05:af:6e:6c:22:83:c2:d3:64:4f:1f:1a:50:
         13:cc:d1:05:06:69:0f:c5:13:fd:b0:2f:24:0b:9e:43:f7:cf:
         00:d4:b3:0d:21:62:e0:87:76:fa:e5:bc:21:2e:bf:b6:d0:c7:
         dd:c2:6a:43:ec:8f:32:3c:ae:b3:7c:4a:9d:3e:9b:ec:d5:9b:
         3b:ba:da:76:92:df:15:a5:80:c2:89:e9:de:84:41:e9:47:46:
         50:70:1e:7f:18:57:11:84:59:1c:9a:bd:0c:df:63:2a:bd:69:
         16:b9:d1:89:db:47:86:99:58:2f:6d:b8:d6:b8:5e:90:43:8c:
         1e:da:67:e1:48:7f:27:17:47:d5:5c:bb:da:7b:54:ea:8f:dd:
         4a:6f:7c:52
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYzC2wE6jYR7y+GfpWa/NRVmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjQwMTAxMDIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2JmYmM2YmYwY2Y3MDc1YjljZjRiNzUxYmVhYzE5M2JkNTAyMTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiftQZkbSssNT9FjK+Ws/3EW3cv0u
FsSj0O7RdDBPhKxK4pkhDwRLdyoDDuayIWpaLDXq6mNN3stK9KNyev3WFXPNCEco
GqEk0NM/wDLg2lwsGtBQdUrmZcMfN81FSwI/ZSrilMAU5L8Xss17F9udsQRYF7oV
qj+oa3FLDSXqcKuAbR1svgjHp6j9jrKqXqUND+ObBUNiWC86NLsoRJ+0fgdulqDy
89W+J2A3QLpiu3alrnHQ/qyVr2nS8u4TjgPeKap1bD9pORlNyC7QXg98cgRoFd6f
DcHpXci7xg+rVMo1JdQAhJZ6ilpJOGSXZE+UeoHVuMjMeyCwkMhwxMsnfwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFCe/vGvwz3B1uc9LdRvqwZO9UCGSMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvSjctOGFfRFBjSFc1ejB0MUctckJrNzFRSVpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKg9XATED
BgAqD1cBNTANBgkqhkiG9w0BAQsFAAOCAQEAtt2A053bbsgPfsK+wXMfpPJYBS/E
wlYb2f7aQ8uKFd9AFdzSkBrZNL/eIpt1OdVVrbmYmdpmepxebFCIDGDMZiXyRcXO
HnIP6iRyhSbt6ZzU0X67lfB+wO4VO54H6rOp3Y/iGDlpnQHAr7+/MlXRYPwFr25s
IoPC02RPHxpQE8zRBQZpD8UT/bAvJAueQ/fPANSzDSFi4Id2+uW8IS6/ttDH3cJq
Q+yPMjyus3xKnT6b7NWbO7radpLfFaWAwonp3oRB6UdGUHAefxhXEYRZHJq9DN9j
Kr1pFrnRidtHhplYL2241rhekEOMHtpn4Uh/JxdH1Vy72ntU6o/dSm98Ug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:59 2024 by rpki-client on console-fra.rpki-client.org