Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/0c9128-a043-478c-9920-ad215285c864/1/1ueFRPxfM8LOHJowY3fImq2j-GE.roa
File:                     1ueFRPxfM8LOHJowY3fImq2j-GE.roa (raw, json)
Hash identifier:          pdyS+PFsplxb52p1YWtMI6y0P81VjubpzXrePuC8OSE=
Subject key identifier:   D6:E7:85:44:FC:5F:33:C2:CE:1C:9A:30:63:77:C8:9A:AD:A3:F8:61
Certificate issuer:       /CN=5d6373f5df99d821dcb57c7fb9202fb4686e5d61
Certificate serial:       01856C1C84E8D2AC20B0484BED78E2B525FE
Authority key identifier: 5D:63:73:F5:DF:99:D8:21:DC:B5:7C:7F:B9:20:2F:B4:68:6E:5D:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XWNz9d-Z2CHctXx_uSAvtGhuXWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/0c9128-a043-478c-9920-ad215285c864/1/1ueFRPxfM8LOHJowY3fImq2j-GE.roa
Signing time:             Sun 01 Jan 2023 06:54:46 +0000
ROA not before:           Sun 01 Jan 2023 06:54:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209589
IP address blocks:        2a07:9cc5::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:1c:84:e8:d2:ac:20:b0:48:4b:ed:78:e2:b5:25:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d6373f5df99d821dcb57c7fb9202fb4686e5d61
        Validity
            Not Before: Jan  1 06:54:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d6e78544fc5f33c2ce1c9a306377c89aada3f861
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:a5:e0:f2:19:12:73:65:15:8f:95:1a:8b:1f:
                    5a:2b:a5:36:77:48:40:c8:e6:53:c3:49:92:87:1d:
                    b1:cd:c0:b3:63:0a:2f:21:26:ff:de:18:f9:9c:c7:
                    07:28:06:ad:dc:98:ae:ae:6c:0b:d2:e2:91:a4:16:
                    dd:b6:51:4b:ba:bb:5e:07:dc:a7:f7:5d:7d:a0:d6:
                    92:2c:ce:e8:d6:68:6f:5e:58:b7:29:d2:f3:e7:e8:
                    fa:83:34:fc:e4:cb:a8:7b:50:63:58:2f:9e:9a:d0:
                    48:20:bc:f6:11:3a:c0:ec:1c:81:c5:fc:96:a7:e3:
                    e0:76:41:9d:cb:03:e0:7b:a3:a4:3e:05:ae:37:bf:
                    3b:77:14:da:fe:78:b6:67:09:18:b7:c4:2f:08:8f:
                    b1:40:e0:9e:42:06:90:4a:d1:4e:95:8e:59:2a:83:
                    7b:bc:ef:fe:4a:88:b0:da:12:45:5b:88:19:99:10:
                    53:28:0f:d1:ae:a1:a1:a0:62:7e:6f:9a:72:2b:cf:
                    f2:9a:1a:9e:99:ea:97:0b:13:52:2f:0d:e4:67:61:
                    21:c8:46:85:7e:fb:90:0f:a1:d7:ca:23:80:6f:09:
                    a2:21:71:d0:ae:f5:c6:8d:f7:01:34:e4:19:f5:1e:
                    c1:e3:59:b7:3d:69:2e:09:8f:98:01:65:f8:e2:5c:
                    3b:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:E7:85:44:FC:5F:33:C2:CE:1C:9A:30:63:77:C8:9A:AD:A3:F8:61
            X509v3 Authority Key Identifier:
                keyid:5D:63:73:F5:DF:99:D8:21:DC:B5:7C:7F:B9:20:2F:B4:68:6E:5D:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XWNz9d-Z2CHctXx_uSAvtGhuXWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0c9128-a043-478c-9920-ad215285c864/1/1ueFRPxfM8LOHJowY3fImq2j-GE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0c9128-a043-478c-9920-ad215285c864/1/XWNz9d-Z2CHctXx_uSAvtGhuXWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:9cc5::/32

    Signature Algorithm: sha256WithRSAEncryption
         1e:ec:59:83:6e:df:b7:a8:6b:98:0d:0e:54:92:da:96:9e:15:
         34:b2:9b:4e:b9:b6:a6:b8:34:43:1a:97:4c:f0:39:3d:32:fd:
         36:de:8b:a9:81:26:fd:da:42:60:40:ef:8e:ed:a3:55:26:6c:
         85:9d:f5:e9:85:af:f4:f6:5a:3b:3f:38:87:72:c7:14:5c:3f:
         6b:da:41:39:47:bf:7f:24:e4:10:1b:04:c0:77:37:0c:6d:d5:
         50:c5:54:55:f1:41:6a:5d:de:83:32:af:e4:1f:59:a7:af:e2:
         2d:7a:c1:96:fd:31:63:d8:e7:f8:33:ae:27:91:bf:41:85:c7:
         76:71:4e:8e:e3:17:87:b5:43:a5:d4:ed:57:99:b0:86:ce:3d:
         32:19:3a:d1:a3:d9:6e:99:d6:fd:71:4e:23:fa:7a:41:1d:62:
         35:83:a4:6a:1d:69:6c:5d:f0:12:a7:49:5a:9c:61:1a:37:33:
         6d:36:77:ba:dd:ba:00:d0:5a:63:1d:2b:c5:55:09:18:56:39:
         ca:57:d3:27:a8:13:4f:53:15:a0:7d:1b:93:13:04:63:ef:7d:
         1f:90:21:12:b8:2a:e9:b6:39:32:ac:ae:06:b5:49:31:8f:9c:
         67:c5:a9:58:ca:df:ab:a7:54:df:09:2d:da:7f:6f:23:bc:ff:
         b1:b8:b3:41
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVsHITo0qwgsEhL7XjitSX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNjM3M2Y1ZGY5OWQ4MjFkY2I1N2M3ZmI5MjAyZmI0Njg2
ZTVkNjEwHhcNMjMwMTAxMDY1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmU3ODU0NGZjNWYzM2MyY2UxYzlhMzA2Mzc3Yzg5YWFkYTNmODYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqXg8hkSc2UVj5Uaix9aK6U2d0hA
yOZTw0mShx2xzcCzYwovISb/3hj5nMcHKAat3JiurmwL0uKRpBbdtlFLurteB9yn
9119oNaSLM7o1mhvXli3KdLz5+j6gzT85Muoe1BjWC+emtBIILz2ETrA7ByBxfyW
p+PgdkGdywPge6OkPgWuN787dxTa/ni2ZwkYt8QvCI+xQOCeQgaQStFOlY5ZKoN7
vO/+Soiw2hJFW4gZmRBTKA/RrqGhoGJ+b5pyK8/ymhqemeqXCxNSLw3kZ2EhyEaF
fvuQD6HXyiOAbwmiIXHQrvXGjfcBNOQZ9R7B41m3PWkuCY+YAWX44lw7lQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNbnhUT8XzPCzhyaMGN3yJqto/hhMB8GA1UdIwQY
MBaAFF1jc/Xfmdgh3LV8f7kgL7Robl1hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFdOejlkLVoyQ0hjdFh4X3VTQXZ0R2h1WFdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8wYzkxMjgtYTA0My00NzhjLTk5MjAt
YWQyMTUyODVjODY0LzEvMXVlRlJQeGZNOExPSEpvd1kzZkltcTJqLUdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8wYzkxMjgtYTA0My00NzhjLTk5MjAtYWQyMTUyODVjODY0
LzEvWFdOejlkLVoyQ0hjdFh4X3VTQXZ0R2h1WFdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgecxTAN
BgkqhkiG9w0BAQsFAAOCAQEAHuxZg27ft6hrmA0OVJLalp4VNLKbTrm2prg0QxqX
TPA5PTL9Nt6LqYEm/dpCYEDvju2jVSZshZ316YWv9PZaOz84h3LHFFw/a9pBOUe/
fyTkEBsEwHc3DG3VUMVUVfFBal3egzKv5B9Zp6/iLXrBlv0xY9jn+DOuJ5G/QYXH
dnFOjuMXh7VDpdTtV5mwhs49Mhk60aPZbpnW/XFOI/p6QR1iNYOkah1pbF3wEqdJ
WpxhGjczbTZ3ut26ANBaYx0rxVUJGFY5ylfTJ6gTT1MVoH0bkxMEY+99H5AhErgq
6bY5MqyuBrVJMY+cZ8WpWMrfq6dU3wkt2n9vI7z/sbizQQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:42 2024 by rpki-client on console-ams.rpki-client.org