Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/JcE2cEpaeCH2Euv1E2kYyBeO5bA.roa
File:                     JcE2cEpaeCH2Euv1E2kYyBeO5bA.roa (raw, json)
Hash identifier:          HKSTeBAVynJhhm141JkXcwcsYAY6sUmnliAP4mMCaEg=
Subject key identifier:   25:C1:36:70:4A:5A:78:21:F6:12:EB:F5:13:69:18:C8:17:8E:E5:B0
Certificate issuer:       /CN=9a717ed1dc488044e5e2ab0075433558cfde8c85
Certificate serial:       018ECC9F2BEABD3D6017664C4B5D09EE3CA7
Authority key identifier: 9A:71:7E:D1:DC:48:80:44:E5:E2:AB:00:75:43:35:58:CF:DE:8C:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mnF-0dxIgETl4qsAdUM1WM_ejIU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/JcE2cEpaeCH2Euv1E2kYyBeO5bA.roa
Signing time:             Thu 11 Apr 2024 10:06:07 +0000
ROA not before:           Thu 11 Apr 2024 10:06:07 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     30764
IP address blocks:        2a02:c38::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 11 Apr 2024 20:24:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:cc:9f:2b:ea:bd:3d:60:17:66:4c:4b:5d:09:ee:3c:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a717ed1dc488044e5e2ab0075433558cfde8c85
        Validity
            Not Before: Apr 11 10:06:07 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=25c136704a5a7821f612ebf5136918c8178ee5b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:67:28:0f:27:05:49:2f:68:89:bd:2d:4f:21:
                    52:ee:74:93:3b:3b:dd:d3:07:43:a2:a4:51:02:66:
                    4a:d9:7a:40:31:31:e8:c2:0b:8c:a1:8d:ab:b9:df:
                    7a:82:d3:1e:8d:38:59:d5:1b:49:c4:16:69:40:73:
                    06:62:13:28:8f:37:bd:5c:1e:3b:dc:e7:60:cb:70:
                    45:71:b7:bd:9b:21:2a:99:6b:1e:d3:38:ce:52:8c:
                    56:24:ed:c9:dd:a2:da:aa:a6:86:cf:7a:37:53:ab:
                    ba:8a:49:d9:ed:4a:96:6f:fe:f1:ea:68:78:56:c7:
                    04:d7:eb:93:35:4e:41:94:dc:3d:c7:39:cd:ac:83:
                    30:bb:a7:fb:b0:29:a2:4a:e4:41:cf:74:8e:e0:e3:
                    c0:05:8c:5d:07:1c:89:fb:99:90:35:33:fc:14:99:
                    ab:c0:34:30:c2:02:e2:c0:ba:82:a8:cb:77:50:3c:
                    2d:b9:ab:e2:a9:df:4c:9d:8a:4b:81:55:75:8a:71:
                    cb:36:40:fc:aa:b4:af:7e:d2:7f:63:82:57:12:30:
                    46:b2:cf:61:cf:d6:9d:9b:57:e4:4a:8b:b0:a8:a0:
                    19:f4:82:5b:32:cc:01:26:a3:7f:1c:0e:ab:6f:d3:
                    4d:f2:d1:0f:92:aa:2a:64:ac:2d:fb:17:e1:30:db:
                    d2:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:C1:36:70:4A:5A:78:21:F6:12:EB:F5:13:69:18:C8:17:8E:E5:B0
            X509v3 Authority Key Identifier:
                keyid:9A:71:7E:D1:DC:48:80:44:E5:E2:AB:00:75:43:35:58:CF:DE:8C:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnF-0dxIgETl4qsAdUM1WM_ejIU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/JcE2cEpaeCH2Euv1E2kYyBeO5bA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/mnF-0dxIgETl4qsAdUM1WM_ejIU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a02:c38::/32

    Signature Algorithm: sha256WithRSAEncryption
         7c:a4:b7:97:18:c9:ef:c5:ec:1e:9b:f1:92:5b:43:4e:b7:0d:
         67:4a:d4:a1:80:fe:ed:e5:23:99:ee:5a:43:86:34:4f:fa:11:
         af:b5:3f:ea:6c:51:6e:34:0e:5e:83:96:48:72:f9:bb:d1:8c:
         7f:8f:4a:e0:27:2c:3d:9d:73:2b:96:4d:04:fd:de:c6:b7:b5:
         4d:f3:b8:5e:ba:3f:9e:af:26:24:c3:8f:26:91:0b:97:d9:f5:
         28:ea:eb:3b:d1:02:0a:f1:c6:d2:b3:9e:72:8b:b4:b3:cb:3f:
         9e:76:d2:a7:de:ee:30:d3:14:3d:a1:fd:bd:93:f3:3d:74:d0:
         cb:b8:00:a1:83:bf:c5:65:46:31:44:b4:8a:ae:b6:19:42:f2:
         30:32:e6:f4:70:ca:f3:79:25:8a:b7:72:2c:e2:a4:da:43:22:
         96:85:6d:e0:3d:ac:1f:c5:26:f8:5e:77:fc:ae:b7:c2:8a:d5:
         79:ce:80:f6:f3:4e:a5:08:eb:89:40:01:29:86:36:b9:02:c5:
         ea:4e:ef:cf:89:32:b6:1f:c8:b7:8f:7d:fc:9e:6c:53:50:fa:
         fc:cb:65:15:ec:81:99:0c:8d:ae:38:bc:be:c5:f4:48:e0:7f:
         88:c4:09:e9:0f:d6:8a:83:a4:ef:e4:05:43:34:fe:33:e6:d3:
         40:d6:b3:5d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY7MnyvqvT1gF2ZMS10J7jynMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNzE3ZWQxZGM0ODgwNDRlNWUyYWIwMDc1NDMzNTU4Y2Zk
ZThjODUwHhcNMjQwNDExMTAwNjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWMxMzY3MDRhNWE3ODIxZjYxMmViZjUxMzY5MThjODE3OGVlNWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2coDycFSS9oib0tTyFS7nSTOzvd
0wdDoqRRAmZK2XpAMTHowguMoY2rud96gtMejThZ1RtJxBZpQHMGYhMojze9XB47
3Odgy3BFcbe9myEqmWse0zjOUoxWJO3J3aLaqqaGz3o3U6u6iknZ7UqWb/7x6mh4
VscE1+uTNU5BlNw9xznNrIMwu6f7sCmiSuRBz3SO4OPABYxdBxyJ+5mQNTP8FJmr
wDQwwgLiwLqCqMt3UDwtuaviqd9MnYpLgVV1inHLNkD8qrSvftJ/Y4JXEjBGss9h
z9adm1fkSouwqKAZ9IJbMswBJqN/HA6rb9NN8tEPkqoqZKwt+xfhMNvS+QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCXBNnBKWngh9hLr9RNpGMgXjuWwMB8GA1UdIwQY
MBaAFJpxftHcSIBE5eKrAHVDNVjP3oyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW5GLTBkeElnRVRsNHFzQWRVTTFXTV9laklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kMjYxYzEtZDdmMy00ZmU4LWFiYzYt
MTA5NDM5MTY2OWVmLzEvSmNFMmNFcGFlQ0gyRXV2MUUya1l5QmVPNWJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kMjYxYzEtZDdmMy00ZmU4LWFiYzYtMTA5NDM5MTY2OWVm
LzEvbW5GLTBkeElnRVRsNHFzQWRVTTFXTV9laklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgIMODAN
BgkqhkiG9w0BAQsFAAOCAQEAfKS3lxjJ78XsHpvxkltDTrcNZ0rUoYD+7eUjme5a
Q4Y0T/oRr7U/6mxRbjQOXoOWSHL5u9GMf49K4CcsPZ1zK5ZNBP3exre1TfO4Xro/
nq8mJMOPJpELl9n1KOrrO9ECCvHG0rOecou0s8s/nnbSp97uMNMUPaH9vZPzPXTQ
y7gAoYO/xWVGMUS0iq62GULyMDLm9HDK83klirdyLOKk2kMiloVt4D2sH8Um+F53
/K63worVec6A9vNOpQjriUABKYY2uQLF6k7vz4kyth/It499/J5sU1D6/MtlFeyB
mQyNrji8vsX0SOB/iMQJ6Q/WioOk7+QFQzT+M+bTQNazXQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:58 2024 by rpki-client on console-fra.rpki-client.org