Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/s6AkaLH8iLVoIu9qReNiVCUtSZg.roa
File:                     s6AkaLH8iLVoIu9qReNiVCUtSZg.roa (raw, json)
Hash identifier:          2JwtxltV+RxpAknDF6WRoghISZ62ESLBx1/WDjxhp/c=
Subject key identifier:   B3:A0:24:68:B1:FC:88:B5:68:22:EF:6A:45:E3:62:54:25:2D:49:98
Certificate issuer:       /CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19
Certificate serial:       01856FF0182EB62CA9BE783E09D75676DDA5
Authority key identifier: 91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/s6AkaLH8iLVoIu9qReNiVCUtSZg.roa
Signing time:             Mon 02 Jan 2023 00:44:43 +0000
ROA not before:           Mon 02 Jan 2023 00:44:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8767
IP address blocks:        45.84.72.0/23 maxlen: 23
                          2a0e:a680::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:34:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f0:18:2e:b6:2c:a9:be:78:3e:09:d7:56:76:dd:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19
        Validity
            Not Before: Jan  2 00:44:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b3a02468b1fc88b56822ef6a45e36254252d4998
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:33:f2:4d:3c:f2:ea:b7:b1:bc:8e:a2:df:68:
                    9f:e2:a4:f1:a3:38:f7:bc:1d:0d:2d:e0:28:c1:09:
                    7e:50:0e:32:1e:c3:96:67:fd:d7:13:a8:c1:db:bc:
                    52:d2:06:90:fa:72:a2:25:a5:be:44:39:56:55:8b:
                    ef:3f:7d:fa:9f:f6:d0:c1:51:fc:62:2f:69:8a:8b:
                    79:51:82:64:fc:8b:3d:14:5a:63:6e:a1:21:e0:20:
                    f4:42:e6:3f:eb:40:60:3b:82:c1:4d:94:1f:67:fb:
                    4f:50:2f:2c:6a:0d:af:99:6d:98:b3:bc:34:4c:2d:
                    c4:77:67:16:2a:cd:f9:39:f9:3c:6c:12:40:30:49:
                    00:22:28:b5:50:a6:92:9a:07:5c:6d:df:a4:e6:a9:
                    40:ca:55:1c:88:64:d7:48:46:1d:5c:ea:56:c8:4c:
                    cc:04:d2:13:1f:25:2c:55:e0:25:0c:67:33:e2:c2:
                    f8:19:2c:2d:92:fc:22:ef:c1:b7:d5:8e:61:94:1f:
                    06:52:73:51:c2:89:f4:30:6f:7b:a0:24:e6:86:63:
                    a9:b3:7c:f1:8f:95:89:ab:57:e9:f7:5f:05:c5:9d:
                    c3:6c:31:05:10:39:17:ea:c5:0f:b3:b1:11:f7:b3:
                    1e:c9:ea:c3:22:ec:88:36:f5:7a:5b:37:93:6b:83:
                    4b:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:A0:24:68:B1:FC:88:B5:68:22:EF:6A:45:E3:62:54:25:2D:49:98
            X509v3 Authority Key Identifier:
                keyid:91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/s6AkaLH8iLVoIu9qReNiVCUtSZg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.84.72.0/23
                IPv6:
                  2a0e:a680::/48

    Signature Algorithm: sha256WithRSAEncryption
         03:e1:df:5c:9e:1a:18:38:12:0e:bd:f8:b5:00:af:8d:5f:64:
         e0:18:ba:a9:ac:dd:6b:a5:45:50:46:a2:13:56:84:8d:0c:88:
         d9:b2:4f:89:80:52:23:2d:fc:25:28:20:9d:ae:22:fe:60:41:
         6c:a3:28:06:ca:3f:47:e3:48:f1:f6:e0:c2:10:0b:ff:74:70:
         68:c4:62:a9:c2:fc:e3:c2:a8:44:38:53:7a:d2:09:58:b0:ae:
         46:34:26:ac:ca:d6:7e:79:75:22:16:d9:48:3f:3c:f6:f2:93:
         94:0a:f2:ed:10:38:65:42:2c:c7:c9:b1:79:c6:38:90:48:18:
         92:06:ee:c7:08:93:d5:98:31:1e:77:32:4d:15:49:90:80:7e:
         a1:97:97:4f:69:60:f3:b6:76:c7:f1:d0:15:a0:2a:a2:c2:8d:
         9e:f1:2d:c8:d3:03:a2:6c:47:bb:97:6f:53:a3:0b:cb:9a:5a:
         23:a9:4f:a7:13:f3:6d:0d:90:3b:80:5f:fd:a7:e0:8f:46:57:
         d4:4d:b5:ef:ca:5a:61:ad:51:1f:b7:e9:02:40:c8:d0:0b:71:
         ea:0b:79:86:1f:2d:19:68:09:97:c4:14:0c:18:48:40:a1:6e:
         38:d8:3b:36:6c:87:25:a8:90:6f:bd:23:55:07:87:c6:e7:5a:
         9b:71:f8:9d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVv8Bgutiypvng+CddWdt2lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDdlY2YxNzE0MmIzYjA5MzVmOGUzN2I4ZjdkOWMyNTNm
MGVlMTkwHhcNMjMwMTAyMDA0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2EwMjQ2OGIxZmM4OGI1NjgyMmVmNmE0NWUzNjI1NDI1MmQ0OTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzPyTTzy6rexvI6i32if4qTxozj3
vB0NLeAowQl+UA4yHsOWZ/3XE6jB27xS0gaQ+nKiJaW+RDlWVYvvP336n/bQwVH8
Yi9piot5UYJk/Is9FFpjbqEh4CD0QuY/60BgO4LBTZQfZ/tPUC8sag2vmW2Ys7w0
TC3Ed2cWKs35Ofk8bBJAMEkAIii1UKaSmgdcbd+k5qlAylUciGTXSEYdXOpWyEzM
BNITHyUsVeAlDGcz4sL4GSwtkvwi78G31Y5hlB8GUnNRwon0MG97oCTmhmOps3zx
j5WJq1fp918FxZ3DbDEFEDkX6sUPs7ER97MeyerDIuyINvV6WzeTa4NLkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLOgJGix/Ii1aCLvakXjYlQlLUmYMB8GA1UdIwQY
MBaAFJHX7PFxQrOwk1+ON7j32cJT8O4ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGIt
YTZiMWFkMzRlMDhjLzEvczZBa2FMSDhpTFZvSXU5cVJlTmlWQ1V0U1pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGItYTZiMWFkMzRlMDhj
LzEva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBLVRIMA8E
AgACMAkDBwAqDqaAAAAwDQYJKoZIhvcNAQELBQADggEBAAPh31yeGhg4Eg69+LUA
r41fZOAYuqms3WulRVBGohNWhI0MiNmyT4mAUiMt/CUoIJ2uIv5gQWyjKAbKP0fj
SPH24MIQC/90cGjEYqnC/OPCqEQ4U3rSCViwrkY0JqzK1n55dSIW2Ug/PPbyk5QK
8u0QOGVCLMfJsXnGOJBIGJIG7scIk9WYMR53Mk0VSZCAfqGXl09pYPO2dsfx0BWg
KqLCjZ7xLcjTA6JsR7uXb1OjC8uaWiOpT6cT820NkDuAX/2n4I9GV9RNte/KWmGt
UR+36QJAyNALceoLeYYfLRloCZfEFAwYSEChbjjYOzZshyWokG+9I1UHh8bnWptx
+J0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:59 2024 by rpki-client on console-fra.rpki-client.org