Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/0cb06b-1518-4de0-a699-ffbd4c6c1112/1/9NDMBIzO4eEoeGuX4q5iyJzN4cc.roa
File:                     9NDMBIzO4eEoeGuX4q5iyJzN4cc.roa (raw, json)
Hash identifier:          0DPtbANNnyUs7ktFuU+OkGcjGuMYBbR2KSyHEG5bKPk=
Subject key identifier:   F4:D0:CC:04:8C:CE:E1:E1:28:78:6B:97:E2:AE:62:C8:9C:CD:E1:C7
Certificate issuer:       /CN=93ef2e433d00a253c99a45048507944385457cf0
Certificate serial:       018CC64B65AE1E4226010AF7ECECB7C8086D
Authority key identifier: 93:EF:2E:43:3D:00:A2:53:C9:9A:45:04:85:07:94:43:85:45:7C:F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k-8uQz0AolPJmkUEhQeUQ4VFfPA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/0cb06b-1518-4de0-a699-ffbd4c6c1112/1/9NDMBIzO4eEoeGuX4q5iyJzN4cc.roa
Signing time:             Mon 01 Jan 2024 18:31:19 +0000
ROA not before:           Mon 01 Jan 2024 18:31:19 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     202550
IP address blocks:        2a0f:9780::/29 maxlen: 29

Validation:               Failed, certificate revoked on Wed 10 Jan 2024 16:59:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4b:65:ae:1e:42:26:01:0a:f7:ec:ec:b7:c8:08:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93ef2e433d00a253c99a45048507944385457cf0
        Validity
            Not Before: Jan  1 18:31:19 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f4d0cc048ccee1e128786b97e2ae62c89ccde1c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:c0:c2:a0:b8:1d:12:bb:9a:8a:f1:59:bc:12:
                    a6:cb:be:c1:9e:91:63:c1:82:49:f9:3f:b5:fb:b2:
                    08:e4:97:93:63:6e:3e:19:e4:0b:19:9c:c9:e7:f3:
                    51:31:22:3e:ff:cb:ad:58:2b:47:97:e7:fc:ce:5c:
                    5c:2f:66:e9:cd:bd:b4:dd:a9:80:97:99:d5:77:bc:
                    63:f4:54:e8:e2:68:54:3d:08:9a:f7:92:22:b8:35:
                    32:73:e9:76:d2:b7:42:46:3f:29:b3:62:f1:24:ae:
                    8c:31:5d:9a:e0:dc:66:94:5f:b0:f8:02:d9:4b:f8:
                    0d:e8:4d:00:8f:ca:5f:48:9e:98:ec:36:a0:33:32:
                    9d:9a:a5:30:bc:8e:97:0a:a0:ad:22:25:bc:c5:49:
                    7c:97:d8:09:83:96:83:bf:c3:09:e4:de:b0:9f:27:
                    84:86:9f:a0:fe:82:05:1b:e9:da:75:ea:4c:f5:c2:
                    49:65:54:25:d6:2f:d2:70:75:b9:91:a9:8a:63:33:
                    d9:9f:31:79:aa:e1:a6:f0:07:78:e7:ed:63:c8:77:
                    ad:e8:bc:a3:d7:3a:cc:75:f2:9c:aa:df:fa:93:fc:
                    fc:f9:09:f8:80:db:4f:b8:b6:15:41:d4:b2:14:9e:
                    77:44:93:f6:cc:e5:4e:02:ce:3b:38:9e:3e:c4:6f:
                    5b:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:D0:CC:04:8C:CE:E1:E1:28:78:6B:97:E2:AE:62:C8:9C:CD:E1:C7
            X509v3 Authority Key Identifier:
                keyid:93:EF:2E:43:3D:00:A2:53:C9:9A:45:04:85:07:94:43:85:45:7C:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-8uQz0AolPJmkUEhQeUQ4VFfPA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/0cb06b-1518-4de0-a699-ffbd4c6c1112/1/9NDMBIzO4eEoeGuX4q5iyJzN4cc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/0cb06b-1518-4de0-a699-ffbd4c6c1112/1/k-8uQz0AolPJmkUEhQeUQ4VFfPA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:9780::/29

    Signature Algorithm: sha256WithRSAEncryption
         3f:80:d6:13:61:51:39:15:2d:cc:01:3c:b0:68:88:9a:ed:c4:
         29:9b:e1:8f:3b:9c:aa:70:cc:cf:58:22:5d:12:9a:11:c8:d6:
         32:9b:ff:8d:15:94:3b:f1:fc:bf:65:79:5a:f7:df:3b:0b:d7:
         ef:a2:38:05:0f:be:da:29:a2:18:21:b5:46:58:e5:21:07:b0:
         5f:64:e3:83:14:40:e7:3d:7f:ad:c1:d4:a7:b6:d5:de:87:43:
         bd:e8:6a:af:77:9b:bf:ee:fd:3a:1b:5a:3e:4c:54:3e:76:af:
         88:a5:42:22:e4:fd:65:8e:6e:b8:7f:3f:b3:30:94:60:ba:cb:
         e1:ae:ce:4e:c6:f0:01:11:0f:97:4a:16:33:51:db:d9:f1:b3:
         1b:f7:93:22:f0:26:da:ac:cd:16:b6:9b:9f:a5:24:70:26:0c:
         29:01:ed:ab:6e:84:9d:82:c8:36:14:0b:6d:b9:88:15:58:2e:
         2a:00:0d:5f:65:3f:2f:59:72:85:ea:16:09:0f:9b:9f:ae:8a:
         b5:48:5e:70:2f:0c:6f:d0:7d:be:d4:87:b8:2a:48:29:b4:1d:
         bf:86:1e:86:e1:a9:7b:4b:0e:d8:fc:6d:20:00:e4:55:17:9a:
         50:24:3e:d5:e9:b0:34:64:86:8f:3a:75:db:6a:1d:7f:b2:6e:
         c8:5b:d0:50
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzGS2WuHkImAQr37Oy3yAhtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZWYyZTQzM2QwMGEyNTNjOTlhNDUwNDg1MDc5NDQzODU0
NTdjZjAwHhcNMjQwMTAxMTgzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGQwY2MwNDhjY2VlMWUxMjg3ODZiOTdlMmFlNjJjODljY2RlMWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcDCoLgdEruaivFZvBKmy77BnpFj
wYJJ+T+1+7II5JeTY24+GeQLGZzJ5/NRMSI+/8utWCtHl+f8zlxcL2bpzb203amA
l5nVd7xj9FTo4mhUPQia95IiuDUyc+l20rdCRj8ps2LxJK6MMV2a4NxmlF+w+ALZ
S/gN6E0Aj8pfSJ6Y7DagMzKdmqUwvI6XCqCtIiW8xUl8l9gJg5aDv8MJ5N6wnyeE
hp+g/oIFG+nadepM9cJJZVQl1i/ScHW5kamKYzPZnzF5quGm8Ad45+1jyHet6Lyj
1zrMdfKcqt/6k/z8+Qn4gNtPuLYVQdSyFJ53RJP2zOVOAs47OJ4+xG9bCwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPTQzASMzuHhKHhrl+KuYsiczeHHMB8GA1UdIwQY
MBaAFJPvLkM9AKJTyZpFBIUHlEOFRXzwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay04dVF6MEFvbFBKbWtVRWhRZVVRNFZGZlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wY2IwNmItMTUxOC00ZGUwLWE2OTkt
ZmZiZDRjNmMxMTEyLzEvOU5ETUJJek80ZUVvZUd1WDRxNWl5SnpONGNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wY2IwNmItMTUxOC00ZGUwLWE2OTktZmZiZDRjNmMxMTEy
LzEvay04dVF6MEFvbFBKbWtVRWhRZVVRNFZGZlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg+XgDAN
BgkqhkiG9w0BAQsFAAOCAQEAP4DWE2FRORUtzAE8sGiImu3EKZvhjzucqnDMz1gi
XRKaEcjWMpv/jRWUO/H8v2V5WvffOwvX76I4BQ++2imiGCG1RljlIQewX2TjgxRA
5z1/rcHUp7bV3odDvehqr3ebv+79OhtaPkxUPnaviKVCIuT9ZY5uuH8/szCUYLrL
4a7OTsbwAREPl0oWM1Hb2fGzG/eTIvAm2qzNFrabn6UkcCYMKQHtq26EnYLINhQL
bbmIFVguKgANX2U/L1lyheoWCQ+bn66KtUhecC8Mb9B9vtSHuCpIKbQdv4YehuGp
e0sO2PxtIADkVReaUCQ+1emwNGSGjzp122odf7JuyFvQUA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:02 2024 by rpki-client on console-ams.rpki-client.org