Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/9SlTVUx21R93UQgMoINxdKvnyh0.roa
File:                     9SlTVUx21R93UQgMoINxdKvnyh0.roa (raw, json)
Hash identifier:          6MVnNmZfffSEa8p/lQRyvZjd7sV51WLdBiugzaxMSxU=
Subject key identifier:   F5:29:53:55:4C:76:D5:1F:77:51:08:0C:A0:83:71:74:AB:E7:CA:1D
Certificate issuer:       /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial:       018C355448950CED5412707C19DAB1194A3E
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/9SlTVUx21R93UQgMoINxdKvnyh0.roa
Signing time:             Mon 04 Dec 2023 14:56:05 +0000
ROA not before:           Mon 04 Dec 2023 14:56:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206005
IP address blocks:        2a09:1d80::/29 maxlen: 29
                          2a0e:6c00::/29 maxlen: 29

Validation:               Failed, certificate revoked on Thu 07 Dec 2023 07:44:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:35:54:48:95:0c:ed:54:12:70:7c:19:da:b1:19:4a:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
        Validity
            Not Before: Dec  4 14:56:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f52953554c76d51f7751080ca0837174abe7ca1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:47:63:87:a3:b1:53:cf:87:f5:61:e4:8f:0f:
                    1a:4d:6b:2f:88:85:85:e7:87:8e:ae:a2:96:11:bb:
                    86:82:52:99:f6:c9:91:f1:9f:f6:69:aa:4f:80:21:
                    f5:85:8b:f4:24:7a:37:6b:a3:20:e8:62:75:5b:27:
                    6f:9c:fa:5f:87:49:71:a1:94:7a:18:f6:21:cc:cf:
                    df:ff:1d:18:bd:e9:06:fc:e5:6a:90:03:af:dd:c0:
                    0c:ec:b1:02:8c:27:2e:7e:b2:7c:88:34:1c:cb:a7:
                    42:f3:e7:cc:45:42:00:3b:c1:6c:b9:18:9e:cb:50:
                    9b:09:1f:ed:51:c3:99:cd:ee:e6:16:90:0f:41:a2:
                    50:c9:66:b8:e1:d7:80:5e:40:9d:c1:a3:6f:70:88:
                    82:4b:c2:5f:18:98:df:f2:89:db:6a:5b:11:7d:be:
                    02:96:04:4a:bc:2b:fa:d9:02:9b:81:0d:8b:fd:01:
                    db:9b:c5:2f:3c:2e:af:a3:34:6e:23:4b:b8:ab:d2:
                    64:88:10:a0:1c:05:82:81:5d:d7:9d:a8:e2:f0:2f:
                    e2:10:b5:51:7b:0a:83:99:a9:3a:fe:31:e3:2e:d7:
                    8e:7b:41:3b:34:3e:31:15:d3:f0:08:cc:f1:aa:40:
                    d1:7d:61:44:a7:32:a2:b0:d3:de:3c:90:b2:09:81:
                    16:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:29:53:55:4C:76:D5:1F:77:51:08:0C:A0:83:71:74:AB:E7:CA:1D
            X509v3 Authority Key Identifier:
                keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/9SlTVUx21R93UQgMoINxdKvnyh0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:1d80::/29
                  2a0e:6c00::/29

    Signature Algorithm: sha256WithRSAEncryption
         39:ec:4c:e0:b3:cf:74:2f:ec:ab:f5:f5:8e:b7:6f:98:aa:38:
         cc:ad:b9:6e:dc:76:3b:cb:ca:ff:a6:5b:79:aa:ba:12:e5:36:
         8a:a0:f0:f8:0e:f5:38:a3:45:c3:a6:2c:43:dd:20:26:aa:2a:
         9f:28:2b:3f:88:6b:b3:7a:7d:8b:19:53:2f:0d:0c:76:b5:c2:
         f5:a2:fe:71:0f:e9:6c:ad:a9:fc:c0:47:f5:b6:95:0d:9a:74:
         49:c2:eb:7a:73:85:38:48:1c:2d:79:ee:5a:3b:dd:cc:25:8f:
         c1:e0:4a:64:a8:49:cd:df:e2:4c:bf:1a:5b:58:78:49:26:cf:
         10:33:47:84:14:7f:78:1a:e2:af:9d:04:96:74:a6:e4:17:39:
         d1:5c:2a:9d:14:4c:ec:46:5a:63:bc:03:b0:94:c3:f2:31:94:
         85:4e:85:40:d1:41:83:3a:dc:c6:de:37:d2:a6:9a:66:9c:43:
         e0:31:e1:3a:87:84:14:ef:c7:1f:b1:4e:23:90:15:10:4c:2c:
         a2:8d:bc:19:83:6d:1d:fc:12:c8:e3:9d:5f:31:3b:f2:19:d9:
         da:d9:85:c0:ef:b7:ba:c8:e6:79:f1:82:fb:5c:a1:45:a5:aa:
         36:25:c7:37:3d:9e:ef:46:99:59:64:9b:0c:3e:5e:ad:15:e8:
         25:a3:73:58
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYw1VEiVDO1UEnB8GdqxGUo+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjMxMjA0MTQ1NjA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTI5NTM1NTRjNzZkNTFmNzc1MTA4MGNhMDgzNzE3NGFiZTdjYTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0djh6OxU8+H9WHkjw8aTWsviIWF
54eOrqKWEbuGglKZ9smR8Z/2aapPgCH1hYv0JHo3a6Mg6GJ1WydvnPpfh0lxoZR6
GPYhzM/f/x0YvekG/OVqkAOv3cAM7LECjCcufrJ8iDQcy6dC8+fMRUIAO8FsuRie
y1CbCR/tUcOZze7mFpAPQaJQyWa44deAXkCdwaNvcIiCS8JfGJjf8onbalsRfb4C
lgRKvCv62QKbgQ2L/QHbm8UvPC6vozRuI0u4q9JkiBCgHAWCgV3Xnaji8C/iELVR
ewqDmak6/jHjLteOe0E7ND4xFdPwCMzxqkDRfWFEpzKisNPePJCyCYEWawIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPUpU1VMdtUfd1EIDKCDcXSr58odMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvOVNsVFZVeDIxUjkzVVFnTW9JTnhkS3ZueWgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgkdgAMF
AyoObAAwDQYJKoZIhvcNAQELBQADggEBADnsTOCzz3Qv7Kv19Y63b5iqOMytuW7c
djvLyv+mW3mquhLlNoqg8PgO9TijRcOmLEPdICaqKp8oKz+Ia7N6fYsZUy8NDHa1
wvWi/nEP6WytqfzAR/W2lQ2adEnC63pzhThIHC157lo73cwlj8HgSmSoSc3f4ky/
GltYeEkmzxAzR4QUf3ga4q+dBJZ0puQXOdFcKp0UTOxGWmO8A7CUw/IxlIVOhUDR
QYM63MbeN9KmmmacQ+Ax4TqHhBTvxx+xTiOQFRBMLKKNvBmDbR38EsjjnV8xO/IZ
2drZhcDvt7rI5nnxgvtcoUWlqjYlxzc9nu9GmVlkmww+Xq0V6CWjc1g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:35 2024 by rpki-client on console-fra.rpki-client.org