Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k_pq97k8-I9it1UI99FwyMGMz74.roa
File:                     k_pq97k8-I9it1UI99FwyMGMz74.roa (raw, json)
Hash identifier:          XNwJA5jicrBUMEv2iW0zIDGxp16QXXkpjJB2X4LCLC0=
Subject key identifier:   93:FA:6A:F7:B9:3C:F8:8F:62:B7:55:08:F7:D1:70:C8:C1:8C:CF:BE
Certificate issuer:       /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial:       018CC56E02C197F61D292C3296BF87DEF79E
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k_pq97k8-I9it1UI99FwyMGMz74.roa
Signing time:             Mon 01 Jan 2024 14:29:30 +0000
ROA not before:           Mon 01 Jan 2024 14:29:30 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     206005
IP address blocks:        2a09:1d80::/29 maxlen: 29
                          2a0e:6c00::/29 maxlen: 29
                          2a0e:8400::/29 maxlen: 29

Validation:               Failed, certificate revoked on Thu 04 Apr 2024 13:25:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:02:c1:97:f6:1d:29:2c:32:96:bf:87:de:f7:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
        Validity
            Not Before: Jan  1 14:29:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=93fa6af7b93cf88f62b75508f7d170c8c18ccfbe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:26:de:c2:3d:f4:e2:00:e0:64:be:27:09:6c:
                    1f:6b:f6:66:a9:93:c6:8f:54:0a:8b:a2:1d:f1:cd:
                    86:93:68:86:83:76:5b:fc:ee:c2:2e:5c:e0:0a:3e:
                    97:23:0a:5d:cb:7d:ee:2b:cc:11:71:47:e5:a5:db:
                    47:cf:30:80:3e:04:bb:a3:34:26:31:0b:44:a4:9a:
                    9e:83:bd:28:8d:0e:45:95:81:f5:d5:b0:e8:9e:8d:
                    62:41:77:37:46:d0:f6:61:36:af:8c:20:fc:22:68:
                    bc:b3:65:71:09:49:a1:a4:01:cc:d8:04:29:21:4d:
                    9d:6a:30:be:38:f9:4a:2a:64:6e:63:4b:05:61:19:
                    1b:99:9e:16:74:17:73:da:7f:4d:9e:d5:d0:79:62:
                    8e:83:72:b0:e5:af:57:9f:89:4b:9f:27:ab:fe:7d:
                    ec:8c:49:3a:9c:6a:3c:98:39:68:79:e8:8e:bd:96:
                    84:f4:3b:29:5d:4b:ee:00:5c:15:da:34:04:06:fa:
                    a7:32:2d:60:0f:b2:15:ca:a7:66:fc:c6:8c:43:d4:
                    4a:ef:f8:62:7d:5c:80:9a:d5:f4:98:3b:2a:6c:56:
                    c2:d5:10:ef:b9:87:64:0d:ef:4a:26:d6:68:78:15:
                    8c:e2:5e:43:26:5d:80:9e:87:d2:f3:4d:90:59:69:
                    59:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:FA:6A:F7:B9:3C:F8:8F:62:B7:55:08:F7:D1:70:C8:C1:8C:CF:BE
            X509v3 Authority Key Identifier:
                keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k_pq97k8-I9it1UI99FwyMGMz74.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:1d80::/29
                  2a0e:6c00::/29
                  2a0e:8400::/29

    Signature Algorithm: sha256WithRSAEncryption
         3d:b1:bf:dd:52:57:0e:15:76:ec:c8:55:86:ed:4e:23:83:d9:
         8c:ed:4e:04:d2:51:27:49:bb:b4:47:3d:16:13:ce:17:5a:95:
         04:98:8b:6b:b3:f9:b4:7c:5b:9d:6e:cc:f0:f0:59:b4:a8:8f:
         f6:3f:67:72:71:0c:4b:a8:5d:54:15:7c:87:9f:86:e7:1d:ff:
         9b:13:3c:08:7b:d5:1d:a4:d3:9b:2c:30:29:82:fa:67:6a:11:
         00:94:ec:ca:0f:d2:d0:79:4b:9f:eb:58:4c:6c:bf:48:b0:47:
         4b:10:c0:39:18:ae:6c:96:59:79:88:1a:01:c1:cc:0b:f6:c3:
         dc:a7:54:3d:ab:38:0f:9d:d8:56:c1:f7:47:06:3b:3e:b0:fb:
         3b:c2:0f:33:a8:fa:6e:d3:f0:60:c0:07:66:cf:91:46:19:ac:
         bb:2c:5e:b8:68:d0:9c:68:35:e6:f1:dc:3f:e9:3a:95:68:18:
         f1:4b:2f:0a:e5:b2:86:f2:63:5a:62:f8:e8:a8:54:41:e7:34:
         dc:89:a6:fa:9b:d9:a1:5c:d0:24:8a:80:5f:1f:5a:f4:69:99:
         85:f8:2d:fc:64:94:92:30:12:ca:2a:a6:10:00:0d:31:13:92:
         6b:98:02:e3:7f:5c:66:ed:02:81:fa:71:79:56:7f:28:9f:8e:
         77:e6:37:de
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbgLBl/YdKSwylr+H3veeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjQwMTAxMTQyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2ZhNmFmN2I5M2NmODhmNjJiNzU1MDhmN2QxNzBjOGMxOGNjZmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApibewj304gDgZL4nCWwfa/ZmqZPG
j1QKi6Id8c2Gk2iGg3Zb/O7CLlzgCj6XIwpdy33uK8wRcUflpdtHzzCAPgS7ozQm
MQtEpJqeg70ojQ5FlYH11bDono1iQXc3RtD2YTavjCD8Imi8s2VxCUmhpAHM2AQp
IU2dajC+OPlKKmRuY0sFYRkbmZ4WdBdz2n9NntXQeWKOg3Kw5a9Xn4lLnyer/n3s
jEk6nGo8mDloeeiOvZaE9DspXUvuAFwV2jQEBvqnMi1gD7IVyqdm/MaMQ9RK7/hi
fVyAmtX0mDsqbFbC1RDvuYdkDe9KJtZoeBWM4l5DJl2AnofS802QWWlZawIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJP6ave5PPiPYrdVCPfRcMjBjM++MB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEva19wcTk3azgtSTlpdDFVSTk5Rnd5TUdNejc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgkdgAMF
AyoObAADBQMqDoQAMA0GCSqGSIb3DQEBCwUAA4IBAQA9sb/dUlcOFXbsyFWG7U4j
g9mM7U4E0lEnSbu0Rz0WE84XWpUEmItrs/m0fFudbszw8Fm0qI/2P2dycQxLqF1U
FXyHn4bnHf+bEzwIe9UdpNObLDApgvpnahEAlOzKD9LQeUuf61hMbL9IsEdLEMA5
GK5slll5iBoBwcwL9sPcp1Q9qzgPndhWwfdHBjs+sPs7wg8zqPpu0/BgwAdmz5FG
Gay7LF64aNCcaDXm8dw/6TqVaBjxSy8K5bKG8mNaYvjoqFRB5zTciab6m9mhXNAk
ioBfH1r0aZmF+C38ZJSSMBLKKqYQAA0xE5JrmALjf1xm7QKB+nF5Vn8on4535jfe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:35 2024 by rpki-client on console-fra.rpki-client.org