Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tYfJj08DoPYiduIunslkL1xU4B0.roa
File:                     tYfJj08DoPYiduIunslkL1xU4B0.roa (raw, json)
Hash identifier:          3QLnNompmccwoUV2OtHCFlb0zqR4vY8eUCwkzEVnRn0=
Subject key identifier:   B5:87:C9:8F:4F:03:A0:F6:22:76:E2:2E:9E:C9:64:2F:5C:54:E0:1D
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       018CC8DFA8FBA385ADCB53FD5986B0AD0CC0
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tYfJj08DoPYiduIunslkL1xU4B0.roa
Signing time:             Tue 02 Jan 2024 06:32:30 +0000
ROA not before:           Tue 02 Jan 2024 06:32:30 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204339
IP address blocks:        2a0d:2dc2::/32 maxlen: 32
                          2a0b:da01::/32 maxlen: 32
                          2a0c:aa42::/32 maxlen: 32
                          2a0b:7782::/32 maxlen: 32
                          2a0d:2dc1::/32 maxlen: 32
                          2a0c:aa41::/32 maxlen: 32
                          2a0b:7781::/32 maxlen: 32
                          2a0b:da02::/32 maxlen: 32
                          2a0d:2dc0::/32 maxlen: 32
                          2a0b:da03::/32 maxlen: 32
                          2a0b:da00::/32 maxlen: 32
                          2a0c:aa46::/32 maxlen: 32
                          2a0b:7786::/32 maxlen: 32
                          2a0d:2dc3::/32 maxlen: 32
                          2a0c:aa43::/32 maxlen: 32
                          2a0b:da06::/32 maxlen: 32
                          2a0b:7783::/32 maxlen: 32
                          2a0c:aa40::/32 maxlen: 32
                          2a0b:7780::/32 maxlen: 32
                          2a0d:2dc6::/32 maxlen: 32
                          2a0b:da04::/32 maxlen: 32
                          2a0d:2dc5::/32 maxlen: 32
                          2a0c:aa45::/32 maxlen: 32
                          2a0b:7785::/32 maxlen: 32
                          2a0d:2dc7::/32 maxlen: 32
                          2a0b:7784::/32 maxlen: 32
                          2a0b:da05::/32 maxlen: 32
                          2a0c:aa44::/32 maxlen: 32
                          2a0b:7787::/32 maxlen: 32
                          2a0c:aa47::/32 maxlen: 32
                          2a0d:2dc4::/32 maxlen: 32
                          2a0b:da07::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 16 Jan 2024 09:18:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:df:a8:fb:a3:85:ad:cb:53:fd:59:86:b0:ad:0c:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jan  2 06:32:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b587c98f4f03a0f62276e22e9ec9642f5c54e01d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ff:9c:40:f2:7d:aa:35:99:07:bf:10:a7:0e:
                    d0:9a:85:99:1f:df:b2:a0:f5:f1:5b:4c:a3:ed:1a:
                    47:19:67:e9:6b:26:59:2a:bc:ec:ea:a1:80:ab:24:
                    c6:48:c6:7a:d1:7a:90:fe:64:8e:d4:b3:da:13:d7:
                    b7:db:3f:63:80:ca:25:81:c4:6a:3e:16:53:3d:bb:
                    60:d6:b9:60:b2:99:8b:d8:a0:a2:39:41:8e:2e:33:
                    7e:be:7f:2d:06:93:8f:29:60:bb:fa:54:d0:a7:a9:
                    1c:ff:93:65:b6:bb:5d:97:9b:e9:0b:14:1d:a0:28:
                    20:4e:33:5e:54:0f:14:74:63:dc:5e:f5:01:15:bd:
                    21:cd:31:a7:bf:53:30:9d:37:09:33:d1:f8:72:4d:
                    f5:40:6b:7a:45:3d:8c:47:c2:7b:1a:c7:98:b9:10:
                    29:63:34:2b:60:52:06:63:f7:e5:65:14:27:09:f6:
                    27:31:bd:3c:f7:04:80:0b:aa:9a:f0:de:88:20:0a:
                    b4:f7:b5:b1:c4:f4:8e:33:7e:7c:bb:0c:26:5d:55:
                    93:66:e1:38:64:20:68:37:01:8a:ed:28:05:1f:92:
                    87:38:b9:73:f9:ab:64:b7:97:19:d5:ed:cf:dc:c2:
                    ed:5b:d7:e9:b4:12:62:32:a9:fc:f2:2c:75:be:48:
                    d4:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:87:C9:8F:4F:03:A0:F6:22:76:E2:2E:9E:C9:64:2F:5C:54:E0:1D
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tYfJj08DoPYiduIunslkL1xU4B0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:7780::/29
                  2a0b:da00::/29
                  2a0c:aa40::/29
                  2a0d:2dc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         53:06:b1:4f:29:d1:0d:6d:f5:02:22:37:ab:ea:e4:40:e7:b1:
         7b:e2:3b:11:cd:44:ca:31:b5:86:5d:3e:32:ba:02:99:53:f8:
         cf:2c:b5:4d:ef:a6:8c:c5:9e:56:a3:71:30:6b:c2:84:85:ab:
         bb:15:ae:f0:88:59:66:3f:84:5e:d5:9b:c7:6e:d2:b2:80:85:
         c2:c1:24:a4:cb:ac:01:63:91:d7:48:dc:4c:1f:88:b8:8e:93:
         68:67:b0:5e:f5:06:59:d7:c3:4b:51:18:45:c0:dc:f3:fc:c5:
         75:94:3f:d4:41:34:08:5d:ff:82:f1:29:5b:d9:6e:32:62:d6:
         6b:8b:ee:aa:6e:c5:fa:82:15:a1:ca:59:cf:0c:56:26:f8:8a:
         c2:b6:ec:46:06:f5:f4:ca:29:cc:62:09:b4:c5:5f:a6:28:e0:
         36:b8:85:af:35:2f:e0:ca:67:23:1d:dc:19:44:79:65:34:11:
         fd:6f:8d:99:7b:d6:2b:11:49:ad:87:b0:48:1f:77:f8:6e:aa:
         6f:4c:36:ed:53:29:3e:82:ee:3f:6e:d8:70:0b:32:44:ca:60:
         e5:15:91:f9:ba:99:d7:19:ca:a7:c9:8a:71:95:a6:bb:a3:d4:
         e2:45:c7:9b:a0:e8:fc:0a:21:f6:e7:4b:cc:36:3d:7d:33:36:
         e4:d7:3b:05
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzI36j7o4Wty1P9WYawrQzAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTAyMDYzMjMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTg3Yzk4ZjRmMDNhMGY2MjI3NmUyMmU5ZWM5NjQyZjVjNTRlMDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/+cQPJ9qjWZB78Qpw7QmoWZH9+y
oPXxW0yj7RpHGWfpayZZKrzs6qGAqyTGSMZ60XqQ/mSO1LPaE9e32z9jgMolgcRq
PhZTPbtg1rlgspmL2KCiOUGOLjN+vn8tBpOPKWC7+lTQp6kc/5Nltrtdl5vpCxQd
oCggTjNeVA8UdGPcXvUBFb0hzTGnv1MwnTcJM9H4ck31QGt6RT2MR8J7GseYuRAp
YzQrYFIGY/flZRQnCfYnMb089wSAC6qa8N6IIAq097WxxPSOM358uwwmXVWTZuE4
ZCBoNwGK7SgFH5KHOLlz+atkt5cZ1e3P3MLtW9fptBJiMqn88ix1vkjUTwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLWHyY9PA6D2InbiLp7JZC9cVOAdMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvdFlmSmowOERvUFlpZHVJdW5zbGtMMXhVNEIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgt3gAMF
AyoL2gADBQMqDKpAAwUDKg0twDANBgkqhkiG9w0BAQsFAAOCAQEAUwaxTynRDW31
AiI3q+rkQOexe+I7Ec1EyjG1hl0+MroCmVP4zyy1Te+mjMWeVqNxMGvChIWruxWu
8IhZZj+EXtWbx27SsoCFwsEkpMusAWOR10jcTB+IuI6TaGewXvUGWdfDS1EYRcDc
8/zFdZQ/1EE0CF3/gvEpW9luMmLWa4vuqm7F+oIVocpZzwxWJviKwrbsRgb19Mop
zGIJtMVfpijgNriFrzUv4MpnIx3cGUR5ZTQR/W+NmXvWKxFJrYewSB93+G6qb0w2
7VMpPoLuP27YcAsyRMpg5RWR+bqZ1xnKp8mKcZWmu6PU4kXHm6Do/Aoh9udLzDY9
fTM25Nc7BQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:11 2024 by rpki-client on console-ams.rpki-client.org