Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/m5_9-vqOjFGV1d0-mgTKiCnJJng.roa
File:                     m5_9-vqOjFGV1d0-mgTKiCnJJng.roa (raw, json)
Hash identifier:          VJmc4kGl3eWEQHbdGB/+l6m86vva3xSHniK0nNzBsnQ=
Subject key identifier:   9B:9F:FD:FA:FA:8E:8C:51:95:D5:DD:3E:9A:04:CA:88:29:C9:26:78
Certificate issuer:       /CN=e56076f27e13d1800e77d16e4b60b23b6f58c820
Certificate serial:       01856D018292E1689826FBCC7B5BA8F8E4F9
Authority key identifier: E5:60:76:F2:7E:13:D1:80:0E:77:D1:6E:4B:60:B2:3B:6F:58:C8:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/m5_9-vqOjFGV1d0-mgTKiCnJJng.roa
Signing time:             Sun 01 Jan 2023 11:04:53 +0000
ROA not before:           Sun 01 Jan 2023 11:04:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204790
IP address blocks:        2a11:8900::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:35:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:01:82:92:e1:68:98:26:fb:cc:7b:5b:a8:f8:e4:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e56076f27e13d1800e77d16e4b60b23b6f58c820
        Validity
            Not Before: Jan  1 11:04:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9b9ffdfafa8e8c5195d5dd3e9a04ca8829c92678
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:5f:e8:5c:a4:09:50:0f:07:d5:b6:7b:f9:83:
                    7b:b4:5b:94:97:9e:b9:e6:92:8e:cb:e4:9a:05:42:
                    4d:89:b3:02:00:e7:9a:ce:9e:3f:04:3f:52:8c:53:
                    21:d7:ff:4e:d9:c2:52:10:28:5e:a2:79:57:a6:52:
                    8a:17:c6:0f:7b:27:3f:a5:9e:c0:d3:00:ff:59:3d:
                    5b:2b:12:93:dd:8a:3a:68:9a:2c:80:c4:94:c7:d4:
                    b4:79:a0:06:45:e2:1b:49:19:7f:a8:b0:f5:79:83:
                    40:86:b7:a7:8e:1f:7e:ec:41:30:82:42:c6:d8:41:
                    04:24:39:e8:2c:3f:44:67:e1:e6:8a:f8:06:d0:af:
                    d8:89:ad:ff:07:c9:b3:2c:26:cc:4c:06:1a:3b:86:
                    0f:7b:cb:8f:8e:d6:6b:b1:09:ef:1f:24:2d:76:8a:
                    82:14:10:fe:1b:2e:83:97:55:b9:77:19:ff:47:77:
                    74:48:a3:67:0b:41:5c:8b:fe:28:c3:8e:07:73:a0:
                    02:c8:9a:c0:4f:de:42:d2:bb:5f:1f:0b:fc:d9:f3:
                    60:d3:dd:89:81:b9:11:fa:a6:2b:41:47:c6:09:3f:
                    83:11:02:41:72:50:eb:aa:35:17:6f:93:35:99:f0:
                    39:77:7e:36:61:ad:21:36:65:e9:b9:b1:83:3c:80:
                    68:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:9F:FD:FA:FA:8E:8C:51:95:D5:DD:3E:9A:04:CA:88:29:C9:26:78
            X509v3 Authority Key Identifier:
                keyid:E5:60:76:F2:7E:13:D1:80:0E:77:D1:6E:4B:60:B2:3B:6F:58:C8:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/m5_9-vqOjFGV1d0-mgTKiCnJJng.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/5WB28n4T0YAOd9FuS2CyO29YyCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:8900::/29

    Signature Algorithm: sha256WithRSAEncryption
         97:72:33:5b:06:5d:90:f7:1a:15:99:4a:a1:6a:db:10:ca:90:
         80:be:40:95:d6:54:81:a9:e8:44:cf:8d:3b:16:39:55:8d:ad:
         6d:43:dc:4f:99:f1:9e:44:59:3a:a0:6b:f5:79:90:08:30:99:
         a3:fe:55:f5:91:ad:36:5c:1e:a9:3f:81:07:f4:16:4f:cb:41:
         0f:3c:6f:92:69:90:ca:98:3c:da:d7:c1:67:85:7c:c0:c0:55:
         00:45:1d:6e:a7:32:7b:57:5d:29:e6:ad:6a:f4:41:8e:34:97:
         43:8e:01:4e:ff:5f:b1:02:b3:7e:77:3a:91:50:4e:1a:1f:ee:
         6c:74:35:9b:74:c2:8c:3d:46:b0:33:7f:e2:ca:b9:a8:37:2f:
         ee:68:23:88:46:57:05:03:f6:4d:97:5b:9e:ea:3f:c0:bc:b9:
         8c:49:b9:26:3b:58:b5:05:b4:74:f4:83:4c:5a:35:1e:36:34:
         27:b0:fa:94:07:79:54:a3:d0:31:a3:85:cf:3b:9c:28:f1:40:
         9e:8b:d5:db:52:52:61:07:00:ef:5e:3e:d9:1e:88:68:e9:79:
         49:1a:bc:88:dd:d8:c3:94:f3:a0:ca:ca:f0:27:20:a0:b1:b4:
         53:29:56:64:ca:08:ee:6d:a0:06:e6:65:d5:96:28:6f:2f:31:
         27:bc:90:15
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtAYKS4WiYJvvMe1uo+OT5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NjA3NmYyN2UxM2QxODAwZTc3ZDE2ZTRiNjBiMjNiNmY1
OGM4MjAwHhcNMjMwMTAxMTEwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjlmZmRmYWZhOGU4YzUxOTVkNWRkM2U5YTA0Y2E4ODI5YzkyNjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuF/oXKQJUA8H1bZ7+YN7tFuUl565
5pKOy+SaBUJNibMCAOeazp4/BD9SjFMh1/9O2cJSECheonlXplKKF8YPeyc/pZ7A
0wD/WT1bKxKT3Yo6aJosgMSUx9S0eaAGReIbSRl/qLD1eYNAhrenjh9+7EEwgkLG
2EEEJDnoLD9EZ+HmivgG0K/Yia3/B8mzLCbMTAYaO4YPe8uPjtZrsQnvHyQtdoqC
FBD+Gy6Dl1W5dxn/R3d0SKNnC0Fci/4ow44Hc6ACyJrAT95C0rtfHwv82fNg092J
gbkR+qYrQUfGCT+DEQJBclDrqjUXb5M1mfA5d342Ya0hNmXpubGDPIBofQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJuf/fr6joxRldXdPpoEyogpySZ4MB8GA1UdIwQY
MBaAFOVgdvJ+E9GADnfRbktgsjtvWMggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVdCMjhuNFQwWUFPZDlGdVMyQ3lPMjlZeUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8wYWM0NGQtYjNiZS00Mjc3LTgwZjgt
NThjZjg5ODg4ZTJhLzEvbTVfOS12cU9qRkdWMWQwLW1nVEtpQ25KSm5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8wYWM0NGQtYjNiZS00Mjc3LTgwZjgtNThjZjg5ODg4ZTJh
LzEvNVdCMjhuNFQwWUFPZDlGdVMyQ3lPMjlZeUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhGJADAN
BgkqhkiG9w0BAQsFAAOCAQEAl3IzWwZdkPcaFZlKoWrbEMqQgL5AldZUganoRM+N
OxY5VY2tbUPcT5nxnkRZOqBr9XmQCDCZo/5V9ZGtNlweqT+BB/QWT8tBDzxvkmmQ
ypg82tfBZ4V8wMBVAEUdbqcye1ddKeatavRBjjSXQ44BTv9fsQKzfnc6kVBOGh/u
bHQ1m3TCjD1GsDN/4sq5qDcv7mgjiEZXBQP2TZdbnuo/wLy5jEm5JjtYtQW0dPSD
TFo1HjY0J7D6lAd5VKPQMaOFzzucKPFAnovV21JSYQcA714+2R6IaOl5SRq8iN3Y
w5TzoMrK8CcgoLG0UylWZMoI7m2gBuZl1ZYoby8xJ7yQFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:35 2024 by rpki-client on console-ams.rpki-client.org