Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/T2NVdY54Qhz2cabeehBRjIlzCAE.roa
File:                     T2NVdY54Qhz2cabeehBRjIlzCAE.roa (raw, json)
Hash identifier:          yARNFlLn+m0k0WBTGtSgXlSUeM4Y+otv//y8rKHhKP0=
Subject key identifier:   4F:63:55:75:8E:78:42:1C:F6:71:A6:DE:7A:10:51:8C:89:73:08:01
Certificate issuer:       /CN=f6137c597d1e30cb75618e51f42b7f79ed5ffc88
Certificate serial:       018B70BDEA105EDAE57384F8D359C016BF8B
Authority key identifier: F6:13:7C:59:7D:1E:30:CB:75:61:8E:51:F4:2B:7F:79:ED:5F:FC:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9hN8WX0eMMt1YY5R9Ct_ee1f_Ig.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/T2NVdY54Qhz2cabeehBRjIlzCAE.roa
Signing time:             Fri 27 Oct 2023 10:46:16 +0000
ROA not before:           Fri 27 Oct 2023 10:46:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208626
IP address blocks:        2a0c:7b85::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:31:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:70:bd:ea:10:5e:da:e5:73:84:f8:d3:59:c0:16:bf:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f6137c597d1e30cb75618e51f42b7f79ed5ffc88
        Validity
            Not Before: Oct 27 10:46:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4f6355758e78421cf671a6de7a10518c89730801
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:cc:b9:d2:f5:81:b3:ca:8d:f2:98:77:26:b3:
                    3f:37:d9:da:b4:a2:b0:4d:e4:0b:0e:3d:f8:42:28:
                    67:a3:86:32:88:4e:89:57:80:55:c5:8b:9d:49:8e:
                    a2:66:00:d6:65:ca:77:82:0e:95:66:7b:80:17:31:
                    7f:d8:97:48:bb:13:0a:02:34:9d:c9:7c:e1:b1:25:
                    0b:4a:22:ce:c1:88:94:17:83:16:f6:e7:05:03:ac:
                    bd:a0:66:e4:db:65:7b:25:f7:1e:9c:cd:07:64:47:
                    e3:91:72:d1:95:d3:75:49:b2:bb:92:f4:13:53:da:
                    62:9d:47:c7:b7:94:72:80:71:46:10:81:46:f8:25:
                    09:2d:c7:dd:34:4c:05:44:39:47:86:f1:74:cd:4d:
                    42:eb:e7:7e:01:87:91:e4:7c:77:15:c9:e3:92:b2:
                    2b:0d:b0:4a:97:b7:9e:a8:04:1c:b3:48:9f:72:d5:
                    68:ee:55:f2:39:b4:ee:e2:3e:2b:c7:19:ad:94:8d:
                    84:8f:09:0f:1f:12:58:5c:7c:08:4c:0f:25:4b:72:
                    e3:35:ae:07:db:28:97:f4:9a:f7:8b:d8:36:fd:aa:
                    2c:21:77:39:19:9a:87:fd:05:1d:f3:c7:bc:76:52:
                    46:aa:0d:a6:0a:2e:95:ad:51:5a:20:42:5d:86:d1:
                    5e:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:63:55:75:8E:78:42:1C:F6:71:A6:DE:7A:10:51:8C:89:73:08:01
            X509v3 Authority Key Identifier:
                keyid:F6:13:7C:59:7D:1E:30:CB:75:61:8E:51:F4:2B:7F:79:ED:5F:FC:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9hN8WX0eMMt1YY5R9Ct_ee1f_Ig.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/T2NVdY54Qhz2cabeehBRjIlzCAE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/9hN8WX0eMMt1YY5R9Ct_ee1f_Ig.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:7b85::/32

    Signature Algorithm: sha256WithRSAEncryption
         93:bc:9a:85:d9:af:76:bc:ab:6f:f3:44:fd:38:de:66:9e:5f:
         0a:af:f7:41:54:b6:72:b4:4c:35:97:a9:87:7b:fe:3e:bb:cb:
         d4:89:88:59:14:50:df:41:f6:ab:e7:91:15:a0:60:fe:06:b1:
         22:82:7c:8e:8a:fd:96:51:44:f2:e6:7f:66:47:c5:26:7c:c2:
         cf:03:d2:15:e6:b8:65:72:57:1f:8a:80:94:22:77:22:8e:b6:
         0d:a9:24:8f:15:15:45:02:63:e0:ee:d2:b6:4b:fd:00:80:15:
         50:e7:3c:64:2e:11:ac:ac:6e:f2:0e:6c:34:32:17:5c:30:72:
         8d:c5:37:e5:b9:40:9e:8e:b4:e2:87:60:bf:f9:1e:45:f8:98:
         2a:80:10:47:c2:ee:88:f1:4e:4d:70:84:89:38:e5:c8:c1:0c:
         be:dd:2e:4b:05:1f:07:f7:26:76:88:79:ca:8b:c8:44:b8:a9:
         02:fd:00:bb:2a:c1:23:dc:d2:e5:d3:f7:34:7f:5c:80:cc:38:
         29:9a:33:bb:92:69:58:6c:37:10:1b:9a:fd:9f:8a:21:7f:34:
         db:45:4a:79:d8:02:e0:26:82:17:e6:94:f8:c2:1b:37:fe:86:
         ae:d1:ff:0a:d4:84:ed:16:58:1c:3e:c8:ca:b1:c8:1b:f8:c4:
         b6:6b:56:7a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYtwveoQXtrlc4T401nAFr+LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MTM3YzU5N2QxZTMwY2I3NTYxOGU1MWY0MmI3Zjc5ZWQ1
ZmZjODgwHhcNMjMxMDI3MTA0NjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjYzNTU3NThlNzg0MjFjZjY3MWE2ZGU3YTEwNTE4Yzg5NzMwODAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMy50vWBs8qN8ph3JrM/N9natKKw
TeQLDj34Qihno4YyiE6JV4BVxYudSY6iZgDWZcp3gg6VZnuAFzF/2JdIuxMKAjSd
yXzhsSULSiLOwYiUF4MW9ucFA6y9oGbk22V7JfcenM0HZEfjkXLRldN1SbK7kvQT
U9pinUfHt5RygHFGEIFG+CUJLcfdNEwFRDlHhvF0zU1C6+d+AYeR5Hx3FcnjkrIr
DbBKl7eeqAQcs0ifctVo7lXyObTu4j4rxxmtlI2EjwkPHxJYXHwITA8lS3LjNa4H
2yiX9Jr3i9g2/aosIXc5GZqH/QUd88e8dlJGqg2mCi6VrVFaIEJdhtFeMQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFE9jVXWOeEIc9nGm3noQUYyJcwgBMB8GA1UdIwQY
MBaAFPYTfFl9HjDLdWGOUfQrf3ntX/yIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWhOOFdYMGVNTXQxWVk1UjlDdF9lZTFmX0lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8wZjFmOWYtNWE1MS00YmQ2LWJmMzAt
MzlhMjQzODhhNWU4LzEvVDJOVmRZNTRRaHoyY2FiZWVoQlJqSWx6Q0FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8wZjFmOWYtNWE1MS00YmQ2LWJmMzAtMzlhMjQzODhhNWU4
LzEvOWhOOFdYMGVNTXQxWVk1UjlDdF9lZTFmX0lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgx7hTAN
BgkqhkiG9w0BAQsFAAOCAQEAk7yahdmvdryrb/NE/TjeZp5fCq/3QVS2crRMNZep
h3v+PrvL1ImIWRRQ30H2q+eRFaBg/gaxIoJ8jor9llFE8uZ/ZkfFJnzCzwPSFea4
ZXJXH4qAlCJ3Io62DakkjxUVRQJj4O7Stkv9AIAVUOc8ZC4RrKxu8g5sNDIXXDBy
jcU35blAno604odgv/keRfiYKoAQR8LuiPFOTXCEiTjlyMEMvt0uSwUfB/cmdoh5
yovIRLipAv0AuyrBI9zS5dP3NH9cgMw4KZozu5JpWGw3EBua/Z+KIX8020VKedgC
4CaCF+aU+MIbN/6GrtH/CtSE7RZYHD7IyrHIG/jEtmtWeg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:45 2024 by rpki-client on console-ams.rpki-client.org