Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/9sNRqKz_tY6ozallhKKl0xv67nw.roa
File:                     9sNRqKz_tY6ozallhKKl0xv67nw.roa (raw, json)
Hash identifier:          +suhinyAWycKK9Uhp9zZyw/RyzviBLTiPDb4qzx47I0=
Subject key identifier:   F6:C3:51:A8:AC:FF:B5:8E:A8:CD:A9:65:84:A2:A5:D3:1B:FA:EE:7C
Certificate issuer:       /CN=9c28a6ed0f5cfce772d5ce5b03bb42932c8a64d0
Certificate serial:       0188D7CCD22A4312058004E3EA0FE2FDA747
Authority key identifier: 9C:28:A6:ED:0F:5C:FC:E7:72:D5:CE:5B:03:BB:42:93:2C:8A:64:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nCim7Q9c_Ody1c5bA7tCkyyKZNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/9sNRqKz_tY6ozallhKKl0xv67nw.roa
Signing time:             Tue 20 Jun 2023 07:55:04 +0000
ROA not before:           Tue 20 Jun 2023 07:55:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42708
IP address blocks:        2a07:e041::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 21 Jun 2023 15:38:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:d7:cc:d2:2a:43:12:05:80:04:e3:ea:0f:e2:fd:a7:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9c28a6ed0f5cfce772d5ce5b03bb42932c8a64d0
        Validity
            Not Before: Jun 20 07:55:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f6c351a8acffb58ea8cda96584a2a5d31bfaee7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:5b:64:cc:8a:89:cf:71:27:64:af:7b:76:ce:
                    d6:24:26:bb:56:72:c2:be:1a:63:71:b0:c5:2a:54:
                    19:2f:7c:51:5a:a3:f0:01:7e:81:e6:99:dc:58:67:
                    ba:6f:f7:f7:9d:78:a6:98:74:9b:80:86:76:18:58:
                    d0:c4:5f:2e:1e:d3:57:66:06:ed:75:f2:c4:3d:a8:
                    a6:ea:6c:b2:8c:44:e8:83:72:a6:a4:d3:9a:18:dc:
                    7e:aa:50:05:11:b9:e8:6e:8c:f2:16:b0:5a:6e:ff:
                    e7:52:35:5a:3e:70:01:c0:23:5b:20:4e:48:a1:55:
                    6f:03:fc:ae:2c:35:7a:fa:6e:d3:ed:f4:95:12:20:
                    f2:75:b0:82:70:ed:87:78:6f:a9:64:84:c8:39:a0:
                    7f:1e:6a:43:e7:d4:00:19:80:dd:2e:7c:58:bc:2d:
                    a6:22:ec:e6:a7:72:53:84:26:9d:09:a6:7a:34:c2:
                    47:a7:f9:a9:b5:19:0c:f3:b8:c8:ff:3e:7c:72:ac:
                    34:58:8b:be:b7:14:8a:f3:9b:cc:6c:4e:44:f0:7b:
                    1c:1b:3b:4e:6a:79:72:de:62:e0:25:b2:64:b1:f4:
                    bb:80:7a:42:07:fc:2d:ce:9d:f9:35:4d:a2:ac:3d:
                    09:4d:98:5f:63:b2:1a:93:fd:b7:ba:d1:24:7f:2b:
                    5a:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:C3:51:A8:AC:FF:B5:8E:A8:CD:A9:65:84:A2:A5:D3:1B:FA:EE:7C
            X509v3 Authority Key Identifier:
                keyid:9C:28:A6:ED:0F:5C:FC:E7:72:D5:CE:5B:03:BB:42:93:2C:8A:64:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nCim7Q9c_Ody1c5bA7tCkyyKZNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/9sNRqKz_tY6ozallhKKl0xv67nw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/nCim7Q9c_Ody1c5bA7tCkyyKZNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:e041::/32

    Signature Algorithm: sha256WithRSAEncryption
         10:0f:0b:f7:d3:5a:84:72:6f:2a:c0:d6:75:df:91:61:ed:c9:
         2b:ff:c8:f1:62:6b:a0:60:01:94:e1:88:48:92:6e:af:bb:ec:
         03:c7:14:8d:e1:b0:c6:f4:9a:97:e0:bb:68:29:38:52:78:ac:
         66:39:90:f7:ac:6d:b6:bf:a6:23:16:3b:99:3a:d2:c6:e3:06:
         6a:01:76:f7:71:38:d8:ef:cc:57:91:e1:e5:7e:99:be:e9:0f:
         93:e5:c9:21:c3:35:06:d2:69:eb:e8:89:72:95:af:24:24:b3:
         fe:e4:da:35:41:9d:94:fc:ca:30:de:a7:fe:d8:63:eb:b2:6b:
         b6:cc:dd:56:dc:55:cc:93:16:62:cc:a7:d1:69:e0:da:94:6c:
         b8:1a:08:da:e5:33:b8:09:74:ce:ea:fe:11:24:e3:ee:80:0f:
         ac:94:b0:85:5a:4b:c2:91:dc:29:f2:b0:d8:1a:98:27:1f:20:
         08:22:d3:fa:67:d0:b5:b4:f9:bb:f5:aa:3f:e3:46:b2:91:41:
         05:89:e3:a2:4b:ac:45:49:84:ce:9c:1d:c9:cd:30:cd:cc:1e:
         76:9a:6b:7a:e6:cc:39:5b:71:82:a8:75:4e:d0:e5:21:09:67:
         c5:06:31:e5:24:ce:24:cd:53:51:73:ba:61:98:2e:99:a4:14:
         1c:26:7c:ab
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYjXzNIqQxIFgATj6g/i/adHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMjhhNmVkMGY1Y2ZjZTc3MmQ1Y2U1YjAzYmI0MjkzMmM4
YTY0ZDAwHhcNMjMwNjIwMDc1NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmMzNTFhOGFjZmZiNThlYThjZGE5NjU4NGEyYTVkMzFiZmFlZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFtkzIqJz3EnZK97ds7WJCa7VnLC
vhpjcbDFKlQZL3xRWqPwAX6B5pncWGe6b/f3nXimmHSbgIZ2GFjQxF8uHtNXZgbt
dfLEPaim6myyjETog3KmpNOaGNx+qlAFEbnobozyFrBabv/nUjVaPnABwCNbIE5I
oVVvA/yuLDV6+m7T7fSVEiDydbCCcO2HeG+pZITIOaB/HmpD59QAGYDdLnxYvC2m
Iuzmp3JThCadCaZ6NMJHp/mptRkM87jI/z58cqw0WIu+txSK85vMbE5E8HscGztO
anly3mLgJbJksfS7gHpCB/wtzp35NU2irD0JTZhfY7Iak/23utEkfytaXQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPbDUais/7WOqM2pZYSipdMb+u58MB8GA1UdIwQY
MBaAFJwopu0PXPznctXOWwO7QpMsimTQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkNpbTdROWNfT2R5MWM1YkE3dENreXlLWk5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy83M2U1MmYtNDJlMy00YTMxLTk3MzYt
YTZiNzYwMDg3MWE2LzEvOXNOUnFLel90WTZvemFsbGhLS2wweHY2N253LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy83M2U1MmYtNDJlMy00YTMxLTk3MzYtYTZiNzYwMDg3MWE2
LzEvbkNpbTdROWNfT2R5MWM1YkE3dENreXlLWk5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgfgQTAN
BgkqhkiG9w0BAQsFAAOCAQEAEA8L99NahHJvKsDWdd+RYe3JK//I8WJroGABlOGI
SJJur7vsA8cUjeGwxvSal+C7aCk4UnisZjmQ96xttr+mIxY7mTrSxuMGagF293E4
2O/MV5Hh5X6ZvukPk+XJIcM1BtJp6+iJcpWvJCSz/uTaNUGdlPzKMN6n/thj67Jr
tszdVtxVzJMWYsyn0Wng2pRsuBoI2uUzuAl0zur+ESTj7oAPrJSwhVpLwpHcKfKw
2BqYJx8gCCLT+mfQtbT5u/WqP+NGspFBBYnjokusRUmEzpwdyc0wzcwedppreubM
OVtxgqh1TtDlIQlnxQYx5STOJM1TUXO6YZgumaQUHCZ8qw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:33 2024 by rpki-client on console-fra.rpki-client.org