Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/awe1YPxJD44n_cUpJQpuAvu8py8.roa
File:                     awe1YPxJD44n_cUpJQpuAvu8py8.roa (raw, json)
Hash identifier:          wnnQJN81f9hrUROMiXxFEqnLTy6LfKqfTbSUcwLplUk=
Subject key identifier:   6B:07:B5:60:FC:49:0F:8E:27:FD:C5:29:25:0A:6E:02:FB:BC:A7:2F
Certificate issuer:       /CN=93503061e1ae503ec63d970b30875dd93ffabbdf
Certificate serial:       0187E0AE2A5C52178E047B8B99470F062E3E
Authority key identifier: 93:50:30:61:E1:AE:50:3E:C6:3D:97:0B:30:87:5D:D9:3F:FA:BB:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k1AwYeGuUD7GPZcLMIdd2T_6u98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/awe1YPxJD44n_cUpJQpuAvu8py8.roa
Signing time:             Wed 03 May 2023 08:15:23 +0000
ROA not before:           Wed 03 May 2023 08:15:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        2a01:bb22::/33 maxlen: 33
                          2a01:bb22:8000::/33 maxlen: 33
                          2a01:bb20::/29 maxlen: 29
                          2a01:bb24::/32 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:e0:ae:2a:5c:52:17:8e:04:7b:8b:99:47:0f:06:2e:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93503061e1ae503ec63d970b30875dd93ffabbdf
        Validity
            Not Before: May  3 08:15:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6b07b560fc490f8e27fdc529250a6e02fbbca72f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:01:05:da:bc:48:38:50:16:0c:50:f1:97:a8:
                    b2:15:4e:b0:8f:db:d4:1b:96:02:af:f4:15:9b:0b:
                    f9:95:98:e8:e9:8b:d4:c2:1d:04:38:1f:62:5f:6f:
                    86:ae:78:c5:c2:8a:a4:45:64:a4:1b:d2:dc:6c:ad:
                    76:0b:2d:d0:bb:12:ca:5b:bc:b0:45:89:5d:ea:27:
                    a9:cd:b9:a2:df:5d:1f:4a:43:97:48:00:11:c1:fc:
                    51:50:d4:1a:ed:f7:fc:8e:f2:fe:58:86:b5:d1:c8:
                    0a:74:64:47:b0:61:c5:82:2a:e1:dd:64:62:55:91:
                    11:2e:5e:d5:b3:83:fe:13:ca:9f:21:dc:4e:58:6f:
                    a0:73:46:43:c8:1e:85:21:bf:98:f4:81:ee:1d:f0:
                    11:3e:ce:63:bb:3d:20:c7:c9:6d:dd:a1:8a:b1:ea:
                    ce:a4:1b:56:84:52:62:34:63:1d:93:36:23:5a:28:
                    2d:25:6b:ba:3c:80:3b:d1:60:41:59:0f:62:67:2c:
                    3a:0a:1b:46:28:dd:f9:f5:7b:6e:27:31:02:f2:98:
                    e4:82:5a:8a:23:ba:2b:16:34:ce:e8:fc:ff:86:94:
                    45:22:15:ca:de:db:54:1d:4c:0d:2c:f7:f4:be:9e:
                    27:a3:e6:fe:9c:d9:08:87:ea:3d:ce:fa:77:01:db:
                    38:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:07:B5:60:FC:49:0F:8E:27:FD:C5:29:25:0A:6E:02:FB:BC:A7:2F
            X509v3 Authority Key Identifier:
                keyid:93:50:30:61:E1:AE:50:3E:C6:3D:97:0B:30:87:5D:D9:3F:FA:BB:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k1AwYeGuUD7GPZcLMIdd2T_6u98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/awe1YPxJD44n_cUpJQpuAvu8py8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/k1AwYeGuUD7GPZcLMIdd2T_6u98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a01:bb20::/29

    Signature Algorithm: sha256WithRSAEncryption
         63:36:86:e4:67:16:d3:24:36:89:da:fc:d0:72:71:d2:7c:2f:
         10:c8:63:a4:d9:37:57:1f:6d:7f:86:f4:bb:01:f7:78:8b:20:
         6b:7d:d0:1f:87:49:76:ee:c9:81:ea:ff:a9:e8:9e:46:f8:f4:
         32:cc:8b:6d:6a:de:27:e8:a4:a8:fa:bd:80:13:71:db:0e:dc:
         5a:f5:0c:f2:49:e0:1d:f7:2a:77:d9:74:b4:72:f2:a3:6a:b7:
         97:3f:10:70:59:04:a0:f1:56:8b:ee:61:82:bd:38:aa:8e:46:
         c9:74:c6:e7:92:f8:40:8e:fa:4f:b1:39:88:5f:14:09:f2:d1:
         22:7d:e0:c8:53:d2:09:5d:46:d1:4a:f7:f5:97:d1:20:bb:36:
         3b:f3:24:24:6f:e0:13:2c:48:87:8a:da:57:ce:a5:c6:e9:7d:
         36:7a:f2:12:5b:cd:d6:4a:a5:8a:5f:69:cc:83:f2:c4:08:fb:
         9b:86:05:58:27:3e:52:56:89:69:54:20:11:d3:18:71:d3:38:
         dd:5e:5f:83:be:aa:15:f0:ad:8e:c2:4d:93:bf:68:8a:ac:cb:
         a6:00:d8:9a:a0:b0:26:59:ad:91:ed:fd:fc:b0:6e:0a:da:e0:
         83:53:6a:57:58:b6:6d:76:43:f4:a1:21:71:4e:af:89:34:c4:
         31:5d:fc:eb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYfgripcUheOBHuLmUcPBi4+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNTAzMDYxZTFhZTUwM2VjNjNkOTcwYjMwODc1ZGQ5M2Zm
YWJiZGYwHhcNMjMwNTAzMDgxNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjA3YjU2MGZjNDkwZjhlMjdmZGM1MjkyNTBhNmUwMmZiYmNhNzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwEF2rxIOFAWDFDxl6iyFU6wj9vU
G5YCr/QVmwv5lZjo6YvUwh0EOB9iX2+GrnjFwoqkRWSkG9LcbK12Cy3QuxLKW7yw
RYld6iepzbmi310fSkOXSAARwfxRUNQa7ff8jvL+WIa10cgKdGRHsGHFgirh3WRi
VZERLl7Vs4P+E8qfIdxOWG+gc0ZDyB6FIb+Y9IHuHfARPs5juz0gx8lt3aGKserO
pBtWhFJiNGMdkzYjWigtJWu6PIA70WBBWQ9iZyw6ChtGKN359XtuJzEC8pjkglqK
I7orFjTO6Pz/hpRFIhXK3ttUHUwNLPf0vp4no+b+nNkIh+o9zvp3Ads41wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGsHtWD8SQ+OJ/3FKSUKbgL7vKcvMB8GA1UdIwQY
MBaAFJNQMGHhrlA+xj2XCzCHXdk/+rvfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazFBd1llR3VVRDdHUFpjTE1JZGQyVF82dTk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hNzZhYzEtNWYyMi00N2QxLWI4YzEt
YzYyM2VkOGYyZjI4LzEvYXdlMVlQeEpENDRuX2NVcEpRcHVBdnU4cHk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hNzZhYzEtNWYyMi00N2QxLWI4YzEtYzYyM2VkOGYyZjI4
LzEvazFBd1llR3VVRDdHUFpjTE1JZGQyVF82dTk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgG7IDAN
BgkqhkiG9w0BAQsFAAOCAQEAYzaG5GcW0yQ2idr80HJx0nwvEMhjpNk3Vx9tf4b0
uwH3eIsga33QH4dJdu7Jger/qeieRvj0MsyLbWreJ+ikqPq9gBNx2w7cWvUM8kng
Hfcqd9l0tHLyo2q3lz8QcFkEoPFWi+5hgr04qo5GyXTG55L4QI76T7E5iF8UCfLR
In3gyFPSCV1G0Ur39ZfRILs2O/MkJG/gEyxIh4raV86lxul9NnryElvN1kqlil9p
zIPyxAj7m4YFWCc+UlaJaVQgEdMYcdM43V5fg76qFfCtjsJNk79oiqzLpgDYmqCw
Jlmtke39/LBuCtrgg1NqV1i2bXZD9KEhcU6viTTEMV386w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:32 2024 by rpki-client on console-ams.rpki-client.org