Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/emG7rQNixp_Q3NBb9b-8nir2q0A.roa
File:                     emG7rQNixp_Q3NBb9b-8nir2q0A.roa (raw, json)
Hash identifier:          XQdZEIOYfDHMhy0NEBAlTIZ8yEp5K/I7tzUg1CRGRms=
Subject key identifier:   7A:61:BB:AD:03:62:C6:9F:D0:DC:D0:5B:F5:BF:BC:9E:2A:F6:AB:40
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       01856E8B50A0A98C638BC511A43AA0CE6DD9
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/emG7rQNixp_Q3NBb9b-8nir2q0A.roa
Signing time:             Sun 01 Jan 2023 18:15:02 +0000
ROA not before:           Sun 01 Jan 2023 18:15:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209562
IP address blocks:        2a09:9ac0::/48 maxlen: 48
                          2a09:95c0::/48 maxlen: 48
                          2a09:4f40::/48 maxlen: 48
                          2a09:9b40::/48 maxlen: 48
                          2a09:4fc0::/48 maxlen: 48
                          2a09:13c0::/48 maxlen: 48
                          2a09:5040::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:8b:50:a0:a9:8c:63:8b:c5:11:a4:3a:a0:ce:6d:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Jan  1 18:15:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7a61bbad0362c69fd0dcd05bf5bfbc9e2af6ab40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:09:50:6d:0f:a5:fc:7a:fc:2c:a9:d1:fa:a1:
                    2e:13:60:2b:3a:9d:07:ce:52:94:06:11:88:d9:57:
                    ac:64:60:f5:0e:b1:45:51:a1:06:20:53:40:27:c0:
                    03:92:c2:b3:f1:5a:29:36:a1:18:a1:dc:56:c7:3d:
                    b7:fc:17:e0:75:19:15:de:a2:b2:ba:6b:13:df:e2:
                    37:58:1d:d1:7b:1b:e3:a8:30:53:3f:23:1b:08:5a:
                    51:71:79:a3:0e:b0:86:68:5b:2a:76:aa:83:1d:51:
                    de:03:7e:9f:9f:19:70:af:38:54:44:53:78:1f:da:
                    db:dd:8d:a1:cb:0f:00:e9:79:f6:5d:8d:37:52:12:
                    23:4d:31:11:bb:c8:85:94:56:91:58:4c:c6:7f:ba:
                    4c:36:5f:4e:0a:46:18:b5:ca:c2:14:c9:3a:23:4b:
                    56:60:c4:c1:fe:fe:13:52:3e:0b:42:dd:e4:04:39:
                    3a:04:8e:fd:32:7f:06:7d:65:f0:b7:37:06:42:4e:
                    a2:92:40:ad:6c:3d:61:5f:17:f7:14:1c:9a:cf:e0:
                    cb:81:22:c3:32:81:98:dc:79:ee:43:6c:dd:b7:46:
                    cc:e9:0a:f1:c5:d6:82:fa:76:91:cc:54:50:d4:87:
                    03:a1:e6:06:db:1c:c0:2d:59:1d:cf:54:b5:60:9d:
                    bb:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:61:BB:AD:03:62:C6:9F:D0:DC:D0:5B:F5:BF:BC:9E:2A:F6:AB:40
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/emG7rQNixp_Q3NBb9b-8nir2q0A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:13c0::/48
                  2a09:4f40::/48
                  2a09:4fc0::/48
                  2a09:5040::/48
                  2a09:95c0::/48
                  2a09:9ac0::/48
                  2a09:9b40::/48

    Signature Algorithm: sha256WithRSAEncryption
         07:3e:5d:3c:bd:1d:f4:34:37:59:9d:7b:b1:e9:c4:ba:a4:c1:
         a3:4b:30:54:e1:bf:64:06:ab:40:f7:72:34:68:47:e5:d3:d3:
         c5:10:9c:5c:a3:25:aa:b8:1e:5b:ba:39:f4:d1:23:81:2d:cf:
         7d:b4:5c:a0:fb:ae:11:35:22:9d:79:70:9c:3e:b0:99:79:b5:
         b2:9c:57:3d:49:1e:1c:68:87:9d:09:ed:3e:f5:79:10:dd:f0:
         2e:1c:c9:24:cc:83:8a:37:e4:03:81:e4:e8:14:83:e5:06:d3:
         1f:cd:de:0c:47:60:00:3a:bd:71:94:8e:63:87:f1:75:53:7b:
         f9:75:39:07:0c:81:55:f7:b5:3e:e0:99:fc:7a:fc:c5:51:90:
         cd:bc:f2:31:22:57:87:97:0f:56:fa:b4:be:79:75:6b:05:15:
         f5:63:91:41:82:56:1b:7c:e6:48:71:d8:f4:b4:1c:18:d8:8a:
         fb:ee:a3:5a:07:e2:5d:34:25:a2:0f:ae:f0:c7:77:3f:9a:a3:
         e3:0a:bf:24:26:07:da:68:87:b7:ed:19:8a:2a:4e:ea:3c:e8:
         3e:00:1b:31:14:81:56:84:9e:b1:83:46:c5:f3:94:81:19:56:
         b1:61:16:69:39:89:99:b2:df:f0:ae:5a:63:35:42:7f:f0:1c:
         ac:a9:25:d3
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVui1CgqYxji8URpDqgzm3ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwMTAxMTgxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTYxYmJhZDAzNjJjNjlmZDBkY2QwNWJmNWJmYmM5ZTJhZjZhYjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQlQbQ+l/Hr8LKnR+qEuE2ArOp0H
zlKUBhGI2VesZGD1DrFFUaEGIFNAJ8ADksKz8VopNqEYodxWxz23/BfgdRkV3qKy
umsT3+I3WB3RexvjqDBTPyMbCFpRcXmjDrCGaFsqdqqDHVHeA36fnxlwrzhURFN4
H9rb3Y2hyw8A6Xn2XY03UhIjTTERu8iFlFaRWEzGf7pMNl9OCkYYtcrCFMk6I0tW
YMTB/v4TUj4LQt3kBDk6BI79Mn8GfWXwtzcGQk6ikkCtbD1hXxf3FByaz+DLgSLD
MoGY3HnuQ2zdt0bM6QrxxdaC+naRzFRQ1IcDoeYG2xzALVkdz1S1YJ27dQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFHphu60DYsaf0NzQW/W/vJ4q9qtAMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvZW1HN3JRTml4cF9RM05CYjliLThuaXIycTBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwcAKgkTwAAA
AwcAKglPQAAAAwcAKglPwAAAAwcAKglQQAAAAwcAKgmVwAAAAwcAKgmawAAAAwcA
KgmbQAAAMA0GCSqGSIb3DQEBCwUAA4IBAQAHPl08vR30NDdZnXux6cS6pMGjSzBU
4b9kBqtA93I0aEfl09PFEJxcoyWquB5bujn00SOBLc99tFyg+64RNSKdeXCcPrCZ
ebWynFc9SR4caIedCe0+9XkQ3fAuHMkkzIOKN+QDgeToFIPlBtMfzd4MR2AAOr1x
lI5jh/F1U3v5dTkHDIFV97U+4Jn8evzFUZDNvPIxIleHlw9W+rS+eXVrBRX1Y5FB
glYbfOZIcdj0tBwY2Ir77qNaB+JdNCWiD67wx3c/mqPjCr8kJgfaaIe37RmKKk7q
POg+ABsxFIFWhJ6xg0bF85SBGVaxYRZpOYmZst/wrlpjNUJ/8BysqSXT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:25 2024 by rpki-client on console-fra.rpki-client.org