Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/KiYePn7qdYn-tKTxWaItL89TH2Y.roa
File:                     KiYePn7qdYn-tKTxWaItL89TH2Y.roa (raw, json)
Hash identifier:          FVDeRscbtS7dPYQDaFF/WUbquzyXYOrkHfwKN7qiC1I=
Subject key identifier:   2A:26:1E:3E:7E:EA:75:89:FE:B4:A4:F1:59:A2:2D:2F:CF:53:1F:66
Certificate issuer:       /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial:       018A4A2356CE49E7D9AC6494AB58549C8536
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/KiYePn7qdYn-tKTxWaItL89TH2Y.roa
Signing time:             Thu 31 Aug 2023 05:49:04 +0000
ROA not before:           Thu 31 Aug 2023 05:49:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     38915
IP address blocks:        2a07:3500:19a0::/48 maxlen: 48
                          2a07:3500:19b0::/48 maxlen: 48
                          2a07:3500:1998::/48 maxlen: 48
                          2a07:3500:19d8::/48 maxlen: 48
                          2a07:3500:1200::/48 maxlen: 48
                          2a07:3500:19a8::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 31 Aug 2023 08:09:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:4a:23:56:ce:49:e7:d9:ac:64:94:ab:58:54:9c:85:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
        Validity
            Not Before: Aug 31 05:49:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2a261e3e7eea7589feb4a4f159a22d2fcf531f66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:23:1d:4a:b5:b6:c8:92:1d:56:ba:e9:cd:e7:
                    45:9c:15:76:01:ad:3a:f1:67:7a:f6:4d:53:e2:ba:
                    90:11:9b:26:de:06:55:54:53:be:29:43:2f:85:b9:
                    e7:62:9f:5c:3c:eb:47:6f:15:c9:25:3f:38:6f:4a:
                    1d:cc:4f:6c:6e:67:e4:2b:0b:20:c0:7d:ab:9a:3f:
                    bb:07:4d:30:b2:52:29:bd:81:e8:eb:27:56:ee:7d:
                    ba:8f:8c:43:14:59:bf:81:1c:38:6e:08:07:5b:7b:
                    a7:1a:5c:78:3d:f6:0e:14:50:04:1f:d8:5d:47:82:
                    95:6a:de:97:c8:b5:67:fc:cb:02:70:a7:db:e6:e7:
                    fb:e9:c6:67:d4:e7:68:f1:62:b7:89:1e:e9:3e:ad:
                    27:78:10:50:87:cf:5e:c2:29:fb:08:ae:19:c8:a2:
                    4d:94:c2:e9:fb:11:35:bf:47:48:d4:4e:d9:f8:76:
                    37:b9:f0:6f:f0:f6:ca:4a:46:0a:c1:db:6c:d9:55:
                    e0:5e:2a:08:b1:1f:9d:2e:95:95:9f:8d:f3:ed:12:
                    0f:f4:ce:33:97:a1:03:7b:85:a0:05:4d:5e:72:a5:
                    10:c0:a7:03:b3:aa:8d:b4:89:82:33:1c:fd:7d:6f:
                    83:58:da:f0:d0:1e:f5:43:d8:f0:f6:e5:db:e9:04:
                    0b:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:26:1E:3E:7E:EA:75:89:FE:B4:A4:F1:59:A2:2D:2F:CF:53:1F:66
            X509v3 Authority Key Identifier:
                keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/KiYePn7qdYn-tKTxWaItL89TH2Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:3500:1200::/48
                  2a07:3500:1998::/48
                  2a07:3500:19a0::/48
                  2a07:3500:19a8::/48
                  2a07:3500:19b0::/48
                  2a07:3500:19d8::/48

    Signature Algorithm: sha256WithRSAEncryption
         53:d8:d1:4e:b1:18:78:34:ea:a9:92:41:f8:54:fa:d2:8f:2a:
         64:55:93:3d:3d:39:b8:b4:8b:73:05:e1:b2:3c:ac:cd:a5:a8:
         22:64:30:9c:3f:aa:6f:eb:0c:bd:2b:38:cc:94:33:50:52:16:
         a5:9d:ca:ab:a5:59:a6:3a:be:76:0e:13:9e:ce:30:17:f2:d9:
         b3:07:70:88:5f:1b:ec:ae:f6:4c:2a:11:d0:18:d6:1a:20:fb:
         5a:e3:d0:2e:1c:4a:30:2a:42:f8:b1:ec:c8:bd:88:3c:4f:cc:
         c0:ac:3f:4d:90:13:bb:88:f6:f8:7a:3b:85:de:ea:fc:4c:61:
         92:46:73:1d:e3:68:2b:18:29:0b:7a:14:07:8e:f6:53:48:ec:
         51:a3:13:63:55:94:d2:da:bd:bf:09:3b:a2:d0:7b:78:71:09:
         ba:42:31:3a:1c:8f:cd:0c:6c:c5:63:87:58:f1:25:3a:f1:3a:
         82:00:32:f8:d4:29:a0:85:e9:92:9d:e0:78:e1:2c:5e:8d:1e:
         e4:dd:a4:28:55:34:ba:ae:c3:82:08:b0:8d:53:2a:7e:b0:5e:
         42:bf:90:d6:f2:73:36:40:2a:c8:c3:e9:61:8f:f8:81:56:bf:
         d3:09:c0:a0:9f:41:da:9f:39:93:ea:36:2c:27:44:0b:95:12:
         e0:04:d3:cf
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYpKI1bOSefZrGSUq1hUnIU2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjMwODMxMDU0OTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTI2MWUzZTdlZWE3NTg5ZmViNGE0ZjE1OWEyMmQyZmNmNTMxZjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniMdSrW2yJIdVrrpzedFnBV2Aa06
8Wd69k1T4rqQEZsm3gZVVFO+KUMvhbnnYp9cPOtHbxXJJT84b0odzE9sbmfkKwsg
wH2rmj+7B00wslIpvYHo6ydW7n26j4xDFFm/gRw4bggHW3unGlx4PfYOFFAEH9hd
R4KVat6XyLVn/MsCcKfb5uf76cZn1Odo8WK3iR7pPq0neBBQh89ewin7CK4ZyKJN
lMLp+xE1v0dI1E7Z+HY3ufBv8PbKSkYKwdts2VXgXioIsR+dLpWVn43z7RIP9M4z
l6EDe4WgBU1ecqUQwKcDs6qNtImCMxz9fW+DWNrw0B71Q9jw9uXb6QQLQQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFComHj5+6nWJ/rSk8VmiLS/PUx9mMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvS2lZZVBuN3FkWW4tdEtUeFdhSXRMODlUSDJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgc1ABIA
AwcAKgc1ABmYAwcAKgc1ABmgAwcAKgc1ABmoAwcAKgc1ABmwAwcAKgc1ABnYMA0G
CSqGSIb3DQEBCwUAA4IBAQBT2NFOsRh4NOqpkkH4VPrSjypkVZM9PTm4tItzBeGy
PKzNpagiZDCcP6pv6wy9KzjMlDNQUhalncqrpVmmOr52DhOezjAX8tmzB3CIXxvs
rvZMKhHQGNYaIPta49AuHEowKkL4sezIvYg8T8zArD9NkBO7iPb4ejuF3ur8TGGS
RnMd42grGCkLehQHjvZTSOxRoxNjVZTS2r2/CTui0Ht4cQm6QjE6HI/NDGzFY4dY
8SU68TqCADL41CmghemSneB44SxejR7k3aQoVTS6rsOCCLCNUyp+sF5Cv5DW8nM2
QCrIw+lhj/iBVr/TCcCgn0HanzmT6jYsJ0QLlRLgBNPP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:54 2024 by rpki-client on console-fra.rpki-client.org