Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/J9WhTnVQXPYRYnsgSv7YuyXIj9s.roa
File:                     J9WhTnVQXPYRYnsgSv7YuyXIj9s.roa (raw, json)
Hash identifier:          d8gt6xXtRc8PfoGb65Inuje1p7deoI7S20J0m1v8MmU=
Subject key identifier:   27:D5:A1:4E:75:50:5C:F6:11:62:7B:20:4A:FE:D8:BB:25:C8:8F:DB
Certificate issuer:       /CN=2ef957aba2ef00352850e202464c71d33ca81448
Certificate serial:       01857082BCB41222818A8802C39D5B9651DA
Authority key identifier: 2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/J9WhTnVQXPYRYnsgSv7YuyXIj9s.roa
Signing time:             Mon 02 Jan 2023 03:24:54 +0000
ROA not before:           Mon 02 Jan 2023 03:24:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2094
IP address blocks:        2001:660:3203::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:82:bc:b4:12:22:81:8a:88:02:c3:9d:5b:96:51:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ef957aba2ef00352850e202464c71d33ca81448
        Validity
            Not Before: Jan  2 03:24:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=27d5a14e75505cf611627b204afed8bb25c88fdb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:58:06:e2:77:e2:21:af:b0:b5:07:e0:17:48:
                    80:ee:86:1f:a1:a9:e6:bd:de:99:3c:8a:3b:ec:51:
                    ff:dd:17:63:d7:c4:aa:9b:17:d2:6e:cc:fd:03:45:
                    65:31:cb:23:f5:3d:de:e9:c2:7e:dd:73:ed:c1:ea:
                    a2:cd:0c:90:e7:a3:54:80:16:e6:47:c9:dd:3d:9c:
                    15:f2:2e:e9:ab:91:f4:a6:73:c8:71:53:56:6a:e6:
                    61:ec:8c:14:8f:ce:76:74:4a:01:07:f9:21:c0:c0:
                    86:2d:b7:18:4c:8a:09:6c:13:cc:e8:41:a0:cf:d6:
                    5a:c4:c5:8a:9e:78:e2:1f:d8:46:e3:3f:a6:79:ad:
                    65:64:2a:b7:6d:30:da:b5:67:cf:97:b8:9a:83:0f:
                    89:7e:ab:32:75:7b:20:b9:b2:aa:34:21:e0:c2:99:
                    66:a4:e4:7e:bc:70:ea:30:43:10:92:0d:1f:75:04:
                    cf:23:b1:1a:8f:18:89:6b:d1:1a:77:81:bd:dc:42:
                    f0:a4:64:f3:14:b4:3a:2c:9a:29:b1:b8:0e:00:eb:
                    17:9b:8d:85:69:86:5f:ab:ed:ed:c4:bb:f2:b5:e9:
                    54:8d:ce:58:84:47:8b:f9:24:c2:17:91:aa:14:8e:
                    b0:fb:26:23:a0:22:e6:cc:bb:b9:34:60:10:af:f4:
                    71:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:D5:A1:4E:75:50:5C:F6:11:62:7B:20:4A:FE:D8:BB:25:C8:8F:DB
            X509v3 Authority Key Identifier:
                keyid:2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/J9WhTnVQXPYRYnsgSv7YuyXIj9s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:660:3203::/48

    Signature Algorithm: sha256WithRSAEncryption
         80:77:ab:d6:26:2f:74:67:e3:c2:41:d4:4d:e8:11:a0:1e:a7:
         7e:af:05:11:c2:22:81:98:19:ed:24:b6:b6:d2:46:f1:d7:6a:
         c3:6c:bc:11:61:80:73:92:ac:2c:a2:d0:6b:b6:b1:cc:c3:56:
         1e:a9:2a:6f:9c:cd:23:f9:b0:fd:2e:23:7e:c3:69:e7:cd:6e:
         2b:78:65:ba:1e:6a:97:a9:f7:c6:0b:57:c8:27:53:4f:a9:6c:
         1c:2d:39:51:60:03:f9:cd:ab:65:59:50:99:2c:fe:ed:9f:52:
         d2:43:19:3f:6f:9f:23:85:8f:26:98:cf:45:a2:78:35:d8:4c:
         a1:f4:22:f6:2f:48:a2:bd:ed:0a:1d:79:c8:b9:50:bb:cd:35:
         a9:1b:ea:6e:53:22:1b:14:78:40:a1:6d:95:3d:73:a1:f3:cb:
         48:fb:30:21:44:88:c3:c8:71:2c:df:ae:de:90:33:52:79:6c:
         40:8e:25:28:ce:a5:46:82:c6:9c:14:9f:91:21:f1:85:97:26:
         19:12:6d:66:cc:05:c7:5a:ec:c6:0d:12:d5:8d:76:85:64:27:
         2c:b5:93:4b:f3:92:98:8e:ca:c0:60:4b:be:a7:26:b9:b0:3f:
         07:f6:85:a3:a7:26:ec:7a:e3:45:9f:06:68:ab:74:2a:5e:d6:
         cb:78:0d:1d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwgry0EiKBiogCw51bllHaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZjk1N2FiYTJlZjAwMzUyODUwZTIwMjQ2NGM3MWQzM2Nh
ODE0NDgwHhcNMjMwMTAyMDMyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2Q1YTE0ZTc1NTA1Y2Y2MTE2MjdiMjA0YWZlZDhiYjI1Yzg4ZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1gG4nfiIa+wtQfgF0iA7oYfoanm
vd6ZPIo77FH/3Rdj18SqmxfSbsz9A0VlMcsj9T3e6cJ+3XPtweqizQyQ56NUgBbm
R8ndPZwV8i7pq5H0pnPIcVNWauZh7IwUj852dEoBB/khwMCGLbcYTIoJbBPM6EGg
z9ZaxMWKnnjiH9hG4z+mea1lZCq3bTDatWfPl7iagw+JfqsydXsgubKqNCHgwplm
pOR+vHDqMEMQkg0fdQTPI7EajxiJa9Ead4G93ELwpGTzFLQ6LJopsbgOAOsXm42F
aYZfq+3txLvytelUjc5YhEeL+STCF5GqFI6w+yYjoCLmzLu5NGAQr/RxYwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCfVoU51UFz2EWJ7IEr+2LslyI/bMB8GA1UdIwQY
MBaAFC75V6ui7wA1KFDiAkZMcdM8qBRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHZsWHE2THZBRFVvVU9JQ1JreHgwenlvRkVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hNTg0ZTQtY2NkNC00YzRmLTlkMTYt
MDRhMjdjNGQ1NDUzLzEvSjlXaFRuVlFYUFlSWW5zZ1N2N1l1eVhJajlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9hNTg0ZTQtY2NkNC00YzRmLTlkMTYtMDRhMjdjNGQ1NDUz
LzEvTHZsWHE2THZBRFVvVU9JQ1JreHgwenlvRkVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGYDID
MA0GCSqGSIb3DQEBCwUAA4IBAQCAd6vWJi90Z+PCQdRN6BGgHqd+rwURwiKBmBnt
JLa20kbx12rDbLwRYYBzkqwsotBrtrHMw1YeqSpvnM0j+bD9LiN+w2nnzW4reGW6
HmqXqffGC1fIJ1NPqWwcLTlRYAP5zatlWVCZLP7tn1LSQxk/b58jhY8mmM9Fong1
2Eyh9CL2L0iive0KHXnIuVC7zTWpG+puUyIbFHhAoW2VPXOh88tI+zAhRIjDyHEs
367ekDNSeWxAjiUozqVGgsacFJ+RIfGFlyYZEm1mzAXHWuzGDRLVjXaFZCcstZNL
85KYjsrAYEu+pya5sD8H9oWjpybseuNFnwZoq3QqXtbLeA0d
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:27 2024 by rpki-client on console-fra.rpki-client.org