Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/bzWjlH5PqnGidBf_FPTv8D-rhDk.roa
File:                     bzWjlH5PqnGidBf_FPTv8D-rhDk.roa (raw, json)
Hash identifier:          LsEw4q3XGhc+NSPg/AOBYeH2nWFnMAzOJa3pBLbpses=
Subject key identifier:   6F:35:A3:94:7E:4F:AA:71:A2:74:17:FF:14:F4:EF:F0:3F:AB:84:39
Certificate issuer:       /CN=e1b9a3ce0f593910819c3271e1e8d0bd1371a6be
Certificate serial:       018BA615EB8FB52243EF2FC849B6C65A5B63
Authority key identifier: E1:B9:A3:CE:0F:59:39:10:81:9C:32:71:E1:E8:D0:BD:13:71:A6:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4bmjzg9ZORCBnDJx4ejQvRNxpr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/bzWjlH5PqnGidBf_FPTv8D-rhDk.roa
Signing time:             Mon 06 Nov 2023 19:22:16 +0000
ROA not before:           Mon 06 Nov 2023 19:22:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197706
IP address blocks:        2a0d:4941::/32 maxlen: 48
                          2a0d:4943::/32 maxlen: 48
                          2a0d:4947::/32 maxlen: 48
                          2a0d:4940::/29 maxlen: 48
                          2a0d:4944::/32 maxlen: 48
                          2a0e:abc0::/29 maxlen: 48
                          2a0d:1dc0::/29 maxlen: 48
                          2a0f:4780::/29 maxlen: 48
                          2a0d:4946::/32 maxlen: 48
                          2a0d:4945::/32 maxlen: 48
                          2a0d:4942::/32 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:a6:15:eb:8f:b5:22:43:ef:2f:c8:49:b6:c6:5a:5b:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1b9a3ce0f593910819c3271e1e8d0bd1371a6be
        Validity
            Not Before: Nov  6 19:22:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6f35a3947e4faa71a27417ff14f4eff03fab8439
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:b8:89:bb:55:fe:ad:66:11:cf:72:f2:43:20:
                    02:bb:66:ae:9a:c8:36:65:68:78:ff:98:a9:0b:f1:
                    53:3e:cc:1d:43:5f:6e:7c:58:75:5b:bd:24:b5:3d:
                    12:84:6d:31:4d:00:9a:ab:2a:cc:00:ca:4a:63:17:
                    38:bb:b8:41:5b:bc:9f:fb:6c:0f:72:d0:9b:90:3b:
                    c3:34:09:fd:c7:5a:be:a9:67:9d:67:d7:60:a2:eb:
                    46:0a:c5:62:70:c2:a4:51:ba:ba:a7:eb:11:c0:74:
                    ea:1b:b6:c0:c7:0c:ec:2a:0e:f1:c8:72:ff:6d:4a:
                    5f:6f:dc:51:2e:cf:93:fb:7c:c3:83:71:8c:bb:cd:
                    19:66:d4:7f:44:5e:b5:64:5d:8b:0a:e3:34:ec:0e:
                    38:48:15:4a:8c:12:f8:da:05:60:0e:58:42:ad:2b:
                    b1:d9:04:f1:1a:d9:cc:10:f5:09:5c:7c:19:2f:e6:
                    78:e4:2f:bb:a0:6c:23:1e:bb:36:d7:2d:e0:f6:5e:
                    47:69:e2:0e:11:0f:13:76:6b:08:ad:75:72:f9:6c:
                    aa:a4:20:83:83:5a:bd:e9:1b:ea:e9:8c:63:a8:f2:
                    3e:fc:a0:49:f2:37:34:07:66:ff:cc:ea:a2:94:2b:
                    98:e5:2e:eb:7c:d3:07:fa:22:10:76:f7:1c:35:82:
                    9d:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:35:A3:94:7E:4F:AA:71:A2:74:17:FF:14:F4:EF:F0:3F:AB:84:39
            X509v3 Authority Key Identifier:
                keyid:E1:B9:A3:CE:0F:59:39:10:81:9C:32:71:E1:E8:D0:BD:13:71:A6:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4bmjzg9ZORCBnDJx4ejQvRNxpr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/bzWjlH5PqnGidBf_FPTv8D-rhDk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/4bmjzg9ZORCBnDJx4ejQvRNxpr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:1dc0::/29
                  2a0d:4940::/29
                  2a0e:abc0::/29
                  2a0f:4780::/29

    Signature Algorithm: sha256WithRSAEncryption
         6c:46:c2:ad:1f:b6:01:34:62:43:73:2e:71:5a:4a:3f:0b:23:
         60:ea:f7:85:3c:61:d7:4b:1c:77:5b:a7:4e:e3:6f:e1:ef:66:
         92:24:83:cb:2f:69:d5:b4:4f:7d:b2:eb:d9:9f:e2:66:ff:88:
         15:ae:6f:85:bb:34:f8:5c:cc:c2:24:61:59:08:1a:7b:43:0b:
         3d:a9:b8:ec:b8:43:b3:fb:bc:4e:ef:69:5d:c2:4d:f8:e6:73:
         a9:87:c6:47:b1:1c:b7:87:6b:5e:7d:8b:a6:11:90:0e:86:f7:
         4b:a0:b4:a5:e6:26:d3:13:b4:b1:b0:ad:e3:fc:20:c9:ac:b9:
         eb:42:d5:d8:87:49:cf:a7:36:38:6f:75:8c:8a:5a:75:32:83:
         37:76:a3:5f:81:f8:1d:44:42:42:47:3e:3a:14:02:49:e2:3e:
         c0:a8:6a:85:9a:d2:a4:0f:68:24:f5:a8:20:2e:39:0e:20:6f:
         c4:f0:13:ed:e1:a0:60:ad:d2:ac:e2:ec:db:d6:f5:0f:57:2e:
         3a:cc:1b:cf:f4:44:eb:88:40:1e:58:46:3b:bf:84:6e:0a:25:
         14:30:4b:54:dc:2a:0d:34:b0:99:69:34:03:d7:66:19:61:bf:
         bf:0b:63:db:6c:69:78:60:32:ce:58:b8:2e:fb:da:fd:53:76:
         7c:75:28:a7
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYumFeuPtSJD7y/ISbbGWltjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxYjlhM2NlMGY1OTM5MTA4MTljMzI3MWUxZThkMGJkMTM3
MWE2YmUwHhcNMjMxMTA2MTkyMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjM1YTM5NDdlNGZhYTcxYTI3NDE3ZmYxNGY0ZWZmMDNmYWI4NDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbiJu1X+rWYRz3LyQyACu2aumsg2
ZWh4/5ipC/FTPswdQ19ufFh1W70ktT0ShG0xTQCaqyrMAMpKYxc4u7hBW7yf+2wP
ctCbkDvDNAn9x1q+qWedZ9dgoutGCsVicMKkUbq6p+sRwHTqG7bAxwzsKg7xyHL/
bUpfb9xRLs+T+3zDg3GMu80ZZtR/RF61ZF2LCuM07A44SBVKjBL42gVgDlhCrSux
2QTxGtnMEPUJXHwZL+Z45C+7oGwjHrs21y3g9l5HaeIOEQ8TdmsIrXVy+WyqpCCD
g1q96Rvq6YxjqPI+/KBJ8jc0B2b/zOqilCuY5S7rfNMH+iIQdvccNYKdNQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFG81o5R+T6pxonQX/xT07/A/q4Q5MB8GA1UdIwQY
MBaAFOG5o84PWTkQgZwyceHo0L0Tcaa+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGJtanpnOVpPUkNCbkRKeDRlalF2Uk54cHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8wZDhiZTgtYjRiNC00MzZlLTg2ZTIt
YmE0YzU2ZDhjMGNlLzEvYnpXamxINVBxbkdpZEJmX0ZQVHY4RC1yaERrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8wZDhiZTgtYjRiNC00MzZlLTg2ZTItYmE0YzU2ZDhjMGNl
LzEvNGJtanpnOVpPUkNCbkRKeDRlalF2Uk54cHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg0dwAMF
AyoNSUADBQMqDqvAAwUDKg9HgDANBgkqhkiG9w0BAQsFAAOCAQEAbEbCrR+2ATRi
Q3MucVpKPwsjYOr3hTxh10scd1unTuNv4e9mkiSDyy9p1bRPfbLr2Z/iZv+IFa5v
hbs0+FzMwiRhWQgae0MLPam47LhDs/u8Tu9pXcJN+OZzqYfGR7Ect4drXn2LphGQ
Dob3S6C0peYm0xO0sbCt4/wgyay560LV2IdJz6c2OG91jIpadTKDN3ajX4H4HURC
Qkc+OhQCSeI+wKhqhZrSpA9oJPWoIC45DiBvxPAT7eGgYK3SrOLs29b1D1cuOswb
z/RE64hAHlhGO7+EbgolFDBLVNwqDTSwmWk0A9dmGWG/vwtj22xpeGAyzli4Lvva
/VN2fHUopw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:15 2024 by rpki-client on console-ams.rpki-client.org