Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/M8QBX5wB9FGVTZhGjwgXOXMZrcs.roa
File:                     M8QBX5wB9FGVTZhGjwgXOXMZrcs.roa (raw, json)
Hash identifier:          jb1nr8+ZMt9hlYWe09+so6yT729bu2YnyZBFOSzefKY=
Subject key identifier:   33:C4:01:5F:9C:01:F4:51:95:4D:98:46:8F:08:17:39:73:19:AD:CB
Certificate issuer:       /CN=df8f961c6efbb7f9ce74217b1d5dbb54e981c6f2
Certificate serial:       0189BAE94A27F61796C672C6AA258A716B3E
Authority key identifier: DF:8F:96:1C:6E:FB:B7:F9:CE:74:21:7B:1D:5D:BB:54:E9:81:C6:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/34-WHG77t_nOdCF7HV27VOmBxvI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/M8QBX5wB9FGVTZhGjwgXOXMZrcs.roa
Signing time:             Thu 03 Aug 2023 10:19:58 +0000
ROA not before:           Thu 03 Aug 2023 10:19:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     398781
IP address blocks:        2a09:77c4::/30 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:ba:e9:4a:27:f6:17:96:c6:72:c6:aa:25:8a:71:6b:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df8f961c6efbb7f9ce74217b1d5dbb54e981c6f2
        Validity
            Not Before: Aug  3 10:19:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=33c4015f9c01f451954d98468f0817397319adcb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:76:c5:98:6c:ce:0d:c3:ee:7e:8d:2e:ab:06:
                    73:17:c5:d1:37:42:f0:56:c0:02:c3:e9:06:01:4d:
                    a6:dc:3e:cd:11:ff:30:25:6e:70:11:1e:7c:ed:d4:
                    c2:37:8f:4e:40:0e:38:f2:d0:bf:f9:ed:7b:36:10:
                    c3:2c:05:27:b5:da:f1:b1:a7:40:ca:23:65:68:55:
                    d3:16:7d:fc:17:09:59:18:46:95:bc:95:e0:70:54:
                    90:26:f0:5f:22:d4:bb:a8:d2:8a:84:f8:8d:36:59:
                    eb:69:d6:5c:cf:05:d7:57:d6:9b:ab:b0:cd:1a:ab:
                    06:9c:e5:33:1a:25:e0:89:a5:c3:c8:85:c3:8d:f0:
                    53:13:db:2e:b7:2b:bd:e3:d9:27:82:07:5b:6f:f8:
                    af:b0:ef:05:c4:20:69:36:f9:f2:c5:86:f4:09:a7:
                    be:60:01:78:c6:b2:8d:0b:6e:23:56:26:68:f9:cd:
                    8e:ce:9f:e2:65:45:3f:b4:cf:e8:91:52:f1:be:ea:
                    43:14:ee:e1:34:57:ee:d0:a3:33:c8:52:56:df:87:
                    a4:98:7e:db:dd:9a:50:cb:ab:ae:0f:6b:47:d7:96:
                    57:45:5f:0b:58:c4:9a:19:67:a9:f4:4c:2e:16:76:
                    8c:a5:9d:c5:49:b4:34:1f:c0:4e:d7:7e:9e:04:d2:
                    e6:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:C4:01:5F:9C:01:F4:51:95:4D:98:46:8F:08:17:39:73:19:AD:CB
            X509v3 Authority Key Identifier:
                keyid:DF:8F:96:1C:6E:FB:B7:F9:CE:74:21:7B:1D:5D:BB:54:E9:81:C6:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/34-WHG77t_nOdCF7HV27VOmBxvI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/M8QBX5wB9FGVTZhGjwgXOXMZrcs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/34-WHG77t_nOdCF7HV27VOmBxvI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:77c4::/30

    Signature Algorithm: sha256WithRSAEncryption
         ae:87:91:b7:69:17:a5:8d:39:65:8d:f7:e7:e4:72:a3:a7:da:
         ce:c7:84:93:a3:68:fe:c6:a1:b6:58:de:9a:91:d8:99:e7:f7:
         5a:f3:36:36:f9:13:7e:85:e0:e5:b1:7e:a5:d8:30:ea:81:5c:
         d1:8a:ea:e0:31:2e:fa:b8:bb:13:d7:51:af:db:55:bd:32:ff:
         19:04:7d:b9:fd:7c:fd:a0:ca:7b:80:47:7c:6c:69:ec:99:ef:
         1e:f6:74:e4:d4:fb:32:80:f1:49:1c:56:e8:3b:c1:92:11:bd:
         46:dd:b5:9f:41:26:59:ad:7b:77:4c:7c:1e:0a:bd:d4:f9:ce:
         cf:7c:a2:ab:9e:bc:41:3e:ec:72:2c:be:d8:9c:66:d5:62:9d:
         0e:c3:77:1a:8d:45:15:d0:14:8a:c1:91:e7:cd:a7:2e:3c:45:
         95:76:89:ff:a6:b7:dd:9b:cd:1d:4e:69:2d:5f:bb:be:e3:31:
         92:77:85:74:5c:50:4d:ec:15:f2:42:6d:32:a9:60:35:ec:95:
         1a:6f:51:59:5f:36:19:73:c1:8f:01:0b:f4:86:45:2b:a5:87:
         05:06:05:4b:a0:a0:6d:2e:48:4a:03:ce:fd:16:53:76:41:e8:
         ea:15:29:c3:4f:0c:f0:a0:3d:85:41:cc:d4:74:5d:28:31:bb:
         e4:79:72:d5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYm66Uon9heWxnLGqiWKcWs+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOGY5NjFjNmVmYmI3ZjljZTc0MjE3YjFkNWRiYjU0ZTk4
MWM2ZjIwHhcNMjMwODAzMTAxOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2M0MDE1ZjljMDFmNDUxOTU0ZDk4NDY4ZjA4MTczOTczMTlhZGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXbFmGzODcPufo0uqwZzF8XRN0Lw
VsACw+kGAU2m3D7NEf8wJW5wER587dTCN49OQA448tC/+e17NhDDLAUntdrxsadA
yiNlaFXTFn38FwlZGEaVvJXgcFSQJvBfItS7qNKKhPiNNlnradZczwXXV9abq7DN
GqsGnOUzGiXgiaXDyIXDjfBTE9sutyu949knggdbb/ivsO8FxCBpNvnyxYb0Cae+
YAF4xrKNC24jViZo+c2Ozp/iZUU/tM/okVLxvupDFO7hNFfu0KMzyFJW34ekmH7b
3ZpQy6uuD2tH15ZXRV8LWMSaGWep9EwuFnaMpZ3FSbQ0H8BO136eBNLm2wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDPEAV+cAfRRlU2YRo8IFzlzGa3LMB8GA1UdIwQY
MBaAFN+Plhxu+7f5znQhex1du1TpgcbyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzQtV0hHNzd0X25PZENGN0hWMjdWT21CeHZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi85MGU3MGYtODVkYy00NGE5LWJiMjMt
MjdmMmJjMTYyYTA3LzEvTThRQlg1d0I5RkdWVFpoR2p3Z1hPWE1acmNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi85MGU3MGYtODVkYy00NGE5LWJiMjMtMjdmMmJjMTYyYTA3
LzEvMzQtV0hHNzd0X25PZENGN0hWMjdWT21CeHZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKgl3xDAN
BgkqhkiG9w0BAQsFAAOCAQEAroeRt2kXpY05ZY335+Ryo6fazseEk6No/sahtlje
mpHYmef3WvM2NvkTfoXg5bF+pdgw6oFc0Yrq4DEu+ri7E9dRr9tVvTL/GQR9uf18
/aDKe4BHfGxp7JnvHvZ05NT7MoDxSRxW6DvBkhG9Rt21n0EmWa17d0x8Hgq91PnO
z3yiq568QT7sciy+2Jxm1WKdDsN3Go1FFdAUisGR582nLjxFlXaJ/6a33ZvNHU5p
LV+7vuMxkneFdFxQTewV8kJtMqlgNeyVGm9RWV82GXPBjwEL9IZFK6WHBQYFS6Cg
bS5ISgPO/RZTdkHo6hUpw08M8KA9hUHM1HRdKDG75Hly1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:58 2024 by rpki-client on console-fra.rpki-client.org