Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/lSqaMC-pqz4kKiiWu2lcFxW05iE.roa
File:                     lSqaMC-pqz4kKiiWu2lcFxW05iE.roa (raw, json)
Hash identifier:          n79exfb1I5mCAxLlZ1yTiwN0T+nusvIxPmKzfdEbKY4=
Subject key identifier:   95:2A:9A:30:2F:A9:AB:3E:24:2A:28:96:BB:69:5C:17:15:B4:E6:21
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       018D42A8BF079130F01B5DFE3C6FD9534353
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/lSqaMC-pqz4kKiiWu2lcFxW05iE.roa
Signing time:             Thu 25 Jan 2024 22:06:11 +0000
ROA not before:           Thu 25 Jan 2024 22:06:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8772
IP address blocks:        2a00:48a0::/29 maxlen: 29
                          2a0a:dd80::/29 maxlen: 29
                          2a0d:5e40::/29 maxlen: 29

Validation:               Failed, certificate revoked on Fri 26 Jan 2024 15:04:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:42:a8:bf:07:91:30:f0:1b:5d:fe:3c:6f:d9:53:43:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Jan 25 22:06:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=952a9a302fa9ab3e242a2896bb695c1715b4e621
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:0e:69:71:00:80:0f:fa:e3:5a:a8:d7:16:4e:
                    84:3b:80:64:f3:69:21:d1:ad:5c:c6:a0:8b:bd:68:
                    b9:19:e3:bf:20:55:6e:12:ee:17:a6:9a:84:00:07:
                    47:14:ed:62:a9:99:b9:2b:d9:27:a3:ef:c4:f7:4e:
                    33:bd:e3:db:64:f0:22:cc:a2:f6:41:f9:a6:a5:e8:
                    33:1f:47:80:95:ea:89:47:68:06:b6:3a:e8:2f:78:
                    3d:ec:99:50:ac:9f:dc:20:4b:c3:59:cd:02:d8:00:
                    31:65:ca:6e:c7:cc:c2:ec:08:de:1f:8f:55:7d:8c:
                    87:c6:6e:28:b8:c1:0f:5c:de:27:5a:31:be:9c:4e:
                    c2:89:cc:b5:01:1c:cb:d2:20:a8:15:1a:8d:8a:d2:
                    bf:ae:ce:e9:8d:81:7e:cd:8f:6e:e9:91:7d:b1:2c:
                    d9:c7:f7:19:bf:d2:e5:9b:a1:5d:35:0f:fb:d8:91:
                    98:13:d1:5e:b2:c1:01:dd:1f:4d:d7:55:94:dc:21:
                    a7:57:de:8b:ad:d8:1c:c9:94:34:8b:05:f7:1d:aa:
                    29:ce:98:40:c2:a2:77:a9:e8:c8:1c:fd:6b:83:0a:
                    fd:94:12:46:e6:71:d3:3d:a0:4d:2a:6f:81:9a:2a:
                    58:ac:07:97:c8:f2:ea:1e:35:2f:fc:7f:a5:4f:c7:
                    28:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:2A:9A:30:2F:A9:AB:3E:24:2A:28:96:BB:69:5C:17:15:B4:E6:21
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/lSqaMC-pqz4kKiiWu2lcFxW05iE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:48a0::/29
                  2a0a:dd80::/29
                  2a0d:5e40::/29

    Signature Algorithm: sha256WithRSAEncryption
         17:cc:32:98:37:1d:40:59:c3:6a:b7:50:ad:32:c6:99:29:0d:
         b5:8a:c2:68:47:11:a3:b4:77:b1:4e:9f:c3:cd:92:dd:e9:04:
         df:ff:b9:03:5c:c5:16:58:69:30:3b:1d:7b:80:5c:42:fb:c8:
         4e:f5:37:ea:5f:7b:7c:ce:61:d0:c6:ed:aa:d3:12:60:6a:56:
         6c:72:7e:73:dc:f7:9c:f8:0f:f6:5b:89:44:94:a0:ba:f4:ca:
         e3:ac:56:47:5d:99:d6:95:2d:c6:17:a6:c9:37:8e:0c:3f:b7:
         58:c5:a2:30:95:9e:45:eb:8c:8c:f8:04:a2:04:10:33:8a:b3:
         3b:fb:13:6a:4a:8a:5a:7b:8e:08:6f:22:bf:26:fb:da:66:76:
         93:eb:8e:b3:1a:02:ae:ab:2e:79:eb:3f:6a:97:e7:f4:d3:4d:
         b6:79:96:af:2b:41:b0:88:b2:6d:e2:15:e9:d2:21:98:4b:1a:
         f5:e3:47:d2:22:43:bb:1e:f2:c6:4d:1e:95:ab:4f:38:ed:da:
         e0:8a:b6:0e:19:af:db:d3:84:3e:a7:08:bb:22:e4:44:67:ce:
         c0:7c:c1:c7:8e:22:77:ad:54:78:b5:e2:cc:6a:10:df:2a:3b:
         3b:8f:37:6c:cd:60:d1:b4:b1:7b:75:5b:13:a6:b5:17:c0:ce:
         d0:29:cd:61
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY1CqL8HkTDwG13+PG/ZU0NTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMTI1MjIwNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTJhOWEzMDJmYTlhYjNlMjQyYTI4OTZiYjY5NWMxNzE1YjRlNjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApA5pcQCAD/rjWqjXFk6EO4Bk82kh
0a1cxqCLvWi5GeO/IFVuEu4XppqEAAdHFO1iqZm5K9kno+/E904zvePbZPAizKL2
QfmmpegzH0eAleqJR2gGtjroL3g97JlQrJ/cIEvDWc0C2AAxZcpux8zC7AjeH49V
fYyHxm4ouMEPXN4nWjG+nE7Cicy1ARzL0iCoFRqNitK/rs7pjYF+zY9u6ZF9sSzZ
x/cZv9Llm6FdNQ/72JGYE9FessEB3R9N11WU3CGnV96LrdgcyZQ0iwX3HaopzphA
wqJ3qejIHP1rgwr9lBJG5nHTPaBNKm+BmipYrAeXyPLqHjUv/H+lT8coZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJUqmjAvqas+JCoolrtpXBcVtOYhMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvbFNxYU1DLXBxejRrS2lpV3UybGNGeFcwNWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgBIoAMF
AyoK3YADBQMqDV5AMA0GCSqGSIb3DQEBCwUAA4IBAQAXzDKYNx1AWcNqt1CtMsaZ
KQ21isJoRxGjtHexTp/DzZLd6QTf/7kDXMUWWGkwOx17gFxC+8hO9TfqX3t8zmHQ
xu2q0xJgalZscn5z3Pec+A/2W4lElKC69MrjrFZHXZnWlS3GF6bJN44MP7dYxaIw
lZ5F64yM+ASiBBAzirM7+xNqSopae44IbyK/JvvaZnaT646zGgKuqy556z9ql+f0
0022eZavK0GwiLJt4hXp0iGYSxr140fSIkO7HvLGTR6Vq0847drgirYOGa/b04Q+
pwi7IuREZ87AfMHHjiJ3rVR4teLMahDfKjs7jzdszWDRtLF7dVsTprUXwM7QKc1h
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:20 2024 by rpki-client on console-ams.rpki-client.org