Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/9tOEoH9gqBbWjSXPq6Bl4rJH4yI.roa
File:                     9tOEoH9gqBbWjSXPq6Bl4rJH4yI.roa (raw, json)
Hash identifier:          cFoMYmCdDD1hV0SzX13cvWHSaUKpkYs3tMWMbf/AN2Y=
Subject key identifier:   F6:D3:84:A0:7F:60:A8:16:D6:8D:25:CF:AB:A0:65:E2:B2:47:E3:22
Certificate issuer:       /CN=bfe9f12c96ba20683aff5c958bfad8e4c577f7fe
Certificate serial:       01856F4B8178E2C235685A95DA613B6A03D8
Authority key identifier: BF:E9:F1:2C:96:BA:20:68:3A:FF:5C:95:8B:FA:D8:E4:C5:77:F7:FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v-nxLJa6IGg6_1yVi_rY5MV39_4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/9tOEoH9gqBbWjSXPq6Bl4rJH4yI.roa
Signing time:             Sun 01 Jan 2023 21:44:57 +0000
ROA not before:           Sun 01 Jan 2023 21:44:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     395747
IP address blocks:        2a09:bac0:108::/48 maxlen: 48
                          2a09:bac0:133::/48 maxlen: 48
                          2a09:bac0:131::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:4b:81:78:e2:c2:35:68:5a:95:da:61:3b:6a:03:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfe9f12c96ba20683aff5c958bfad8e4c577f7fe
        Validity
            Not Before: Jan  1 21:44:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f6d384a07f60a816d68d25cfaba065e2b247e322
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:74:f3:d3:9c:ab:0b:61:86:64:5d:f7:9d:f1:
                    2c:65:33:9b:ed:8c:d6:10:d6:fe:2f:f5:93:45:6c:
                    ae:af:82:db:b1:52:2c:0e:ef:36:eb:c8:d4:4a:0f:
                    a3:7e:51:7d:ac:ed:94:f7:a4:0d:8b:d3:e6:be:93:
                    1b:3b:ac:2b:df:34:25:cc:22:02:53:0c:11:f4:43:
                    e6:a8:0e:f4:cf:6c:71:76:6c:ee:80:80:4c:06:4c:
                    15:21:f5:5d:1c:9e:f7:10:48:94:e4:9d:65:3c:4d:
                    9d:34:2c:bd:01:97:ef:b5:63:1d:73:86:97:70:cf:
                    fc:1d:91:ca:40:dd:3e:a7:06:a5:a2:9f:8b:cc:0c:
                    69:7d:00:a3:36:29:50:c6:3b:84:2e:bb:76:2f:60:
                    9c:5d:4a:99:6f:b0:f4:e1:cd:59:8d:29:ec:b2:5e:
                    dd:5c:28:1b:2a:c3:8e:08:7c:49:cf:21:c5:f4:35:
                    34:85:08:c5:b8:a6:49:2d:14:a5:49:e2:57:7a:ff:
                    c4:35:3f:76:36:43:da:74:b8:ef:01:b7:d8:83:16:
                    eb:0e:4b:32:6d:76:96:98:8d:24:67:6d:11:07:5c:
                    c9:b2:55:a8:89:e3:6f:17:3e:45:01:41:48:f3:b4:
                    c1:16:95:a0:ba:83:7d:ce:89:78:fd:e2:78:66:c8:
                    a1:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:D3:84:A0:7F:60:A8:16:D6:8D:25:CF:AB:A0:65:E2:B2:47:E3:22
            X509v3 Authority Key Identifier:
                keyid:BF:E9:F1:2C:96:BA:20:68:3A:FF:5C:95:8B:FA:D8:E4:C5:77:F7:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-nxLJa6IGg6_1yVi_rY5MV39_4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/9tOEoH9gqBbWjSXPq6Bl4rJH4yI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/v-nxLJa6IGg6_1yVi_rY5MV39_4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:bac0:108::/48
                  2a09:bac0:131::/48
                  2a09:bac0:133::/48

    Signature Algorithm: sha256WithRSAEncryption
         83:49:78:98:a5:9e:6f:d8:1d:e6:6f:c1:66:ff:67:46:ce:4b:
         fa:dd:07:b4:6c:2c:d9:be:d1:43:4e:45:7b:d1:44:be:9c:ef:
         cf:6e:63:5e:f7:e0:79:1d:b5:09:a4:30:92:12:a8:84:73:71:
         53:73:0c:63:e5:f6:c6:eb:b8:bd:7b:5f:02:26:f0:22:25:ba:
         71:64:ff:ad:3d:9e:20:1a:f7:38:64:1a:2a:47:38:ca:91:e2:
         23:bf:03:42:19:6e:56:6b:9b:75:7f:aa:62:69:ba:79:18:69:
         64:26:86:e2:eb:7b:66:7e:94:e2:9b:eb:5b:f8:ba:b3:43:95:
         61:0b:d8:3b:a5:50:8c:2b:4d:28:19:97:2e:35:0d:44:3d:55:
         86:90:0a:87:bf:4a:8f:09:52:8c:34:56:a7:9e:fc:86:8d:7a:
         eb:15:7f:1d:4d:5e:3f:d2:2b:9d:83:0a:39:32:c2:0f:43:e2:
         38:5f:c6:24:03:f4:36:97:07:0c:92:4c:2e:bb:2f:94:1d:2d:
         d0:44:27:30:bd:b3:d6:d5:c8:aa:0b:4a:49:19:f9:98:b3:74:
         e4:31:89:23:05:57:d5:75:df:59:a3:bb:e3:66:34:da:fd:53:
         48:b8:ca:40:15:90:53:56:28:1a:61:2a:fc:e0:ed:76:f0:1e:
         0c:35:b8:20
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvS4F44sI1aFqV2mE7agPYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZTlmMTJjOTZiYTIwNjgzYWZmNWM5NThiZmFkOGU0YzU3
N2Y3ZmUwHhcNMjMwMTAxMjE0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmQzODRhMDdmNjBhODE2ZDY4ZDI1Y2ZhYmEwNjVlMmIyNDdlMzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXTz05yrC2GGZF33nfEsZTOb7YzW
ENb+L/WTRWyur4LbsVIsDu8268jUSg+jflF9rO2U96QNi9PmvpMbO6wr3zQlzCIC
UwwR9EPmqA70z2xxdmzugIBMBkwVIfVdHJ73EEiU5J1lPE2dNCy9AZfvtWMdc4aX
cM/8HZHKQN0+pwalop+LzAxpfQCjNilQxjuELrt2L2CcXUqZb7D04c1ZjSnssl7d
XCgbKsOOCHxJzyHF9DU0hQjFuKZJLRSlSeJXev/ENT92NkPadLjvAbfYgxbrDksy
bXaWmI0kZ20RB1zJslWoieNvFz5FAUFI87TBFpWguoN9zol4/eJ4ZsihSQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPbThKB/YKgW1o0lz6ugZeKyR+MiMB8GA1UdIwQY
MBaAFL/p8SyWuiBoOv9clYv62OTFd/f+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1ueExKYTZJR2c2XzF5Vmlfclk1TVYzOV80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80Y2U1NTgtNjNkNi00NjlhLWJiNWQt
Zjc4MjBjNWU5NjZhLzEvOXRPRW9IOWdxQmJXalNYUHE2Qmw0ckpINHlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80Y2U1NTgtNjNkNi00NjlhLWJiNWQtZjc4MjBjNWU5NjZh
LzEvdi1ueExKYTZJR2c2XzF5Vmlfclk1TVYzOV80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgm6wAEI
AwcAKgm6wAExAwcAKgm6wAEzMA0GCSqGSIb3DQEBCwUAA4IBAQCDSXiYpZ5v2B3m
b8Fm/2dGzkv63Qe0bCzZvtFDTkV70US+nO/PbmNe9+B5HbUJpDCSEqiEc3FTcwxj
5fbG67i9e18CJvAiJbpxZP+tPZ4gGvc4ZBoqRzjKkeIjvwNCGW5Wa5t1f6piabp5
GGlkJobi63tmfpTim+tb+LqzQ5VhC9g7pVCMK00oGZcuNQ1EPVWGkAqHv0qPCVKM
NFannvyGjXrrFX8dTV4/0iudgwo5MsIPQ+I4X8YkA/Q2lwcMkkwuuy+UHS3QRCcw
vbPW1ciqC0pJGfmYs3TkMYkjBVfVdd9Zo7vjZjTa/VNIuMpAFZBTVigaYSr84O12
8B4MNbgg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:48 2024 by rpki-client on console-fra.rpki-client.org