Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/q1o9S_T7sDBZIZnXPql0Knm0oQo.roa
File:                     q1o9S_T7sDBZIZnXPql0Knm0oQo.roa (raw, json)
Hash identifier:          KY19SeIwrxfAC30ZdHW4I4cb665CegWhZHvK7+3mNmc=
Subject key identifier:   AB:5A:3D:4B:F4:FB:B0:30:59:21:99:D7:3E:A9:74:2A:79:B4:A1:0A
Certificate issuer:       /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial:       018CC4938DF6AC561F8CAD79F024FD681947
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/q1o9S_T7sDBZIZnXPql0Knm0oQo.roa
Signing time:             Mon 01 Jan 2024 10:30:53 +0000
ROA not before:           Mon 01 Jan 2024 10:30:53 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49373
IP address blocks:        2a00:1e6a::/32 maxlen: 128

Validation:               Failed, certificate revoked on Wed 10 Apr 2024 15:19:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:93:8d:f6:ac:56:1f:8c:ad:79:f0:24:fd:68:19:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
        Validity
            Not Before: Jan  1 10:30:53 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ab5a3d4bf4fbb030592199d73ea9742a79b4a10a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:4c:67:af:75:a0:d3:4a:d3:f0:9c:85:a2:69:
                    cd:fc:f2:01:12:ff:1c:15:d5:e5:38:45:37:bd:45:
                    38:be:02:04:92:be:63:ff:89:cf:05:a6:66:06:0a:
                    f0:c0:cb:3c:45:ac:c9:32:56:a3:6b:de:fb:d3:d0:
                    1a:46:84:15:ec:3b:ee:e4:10:1a:30:3d:c2:82:70:
                    8c:1d:88:ab:78:10:63:cb:c2:fe:1b:40:4d:d0:a9:
                    f0:a9:6a:5c:93:f4:b7:e6:ec:90:d6:6a:d1:21:92:
                    2a:0e:96:fa:17:42:23:83:2d:b2:af:39:7b:bb:d5:
                    d8:ea:02:e8:7d:1d:a5:1e:7a:c1:73:93:6d:38:39:
                    9b:b5:52:2a:fa:25:15:94:df:25:fd:57:ae:53:fa:
                    eb:2f:0a:8d:44:06:fe:d8:6b:06:e9:c1:e8:5d:8d:
                    db:3d:29:c8:f0:28:fa:88:95:02:b8:5d:95:32:88:
                    3d:9f:3f:b4:7a:23:f4:f4:83:6d:3c:fb:71:30:cf:
                    a4:47:f7:84:43:c3:a2:71:71:a4:a8:62:35:b4:9c:
                    b1:77:05:08:43:31:b6:b3:df:c2:67:46:82:1d:ad:
                    ec:61:c8:7d:53:f4:13:56:3d:0c:85:f9:de:53:7a:
                    8a:1a:78:02:e8:45:7b:e1:84:32:c9:ae:4b:2f:97:
                    44:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:5A:3D:4B:F4:FB:B0:30:59:21:99:D7:3E:A9:74:2A:79:B4:A1:0A
            X509v3 Authority Key Identifier:
                keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/q1o9S_T7sDBZIZnXPql0Knm0oQo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:1e6a::/32

    Signature Algorithm: sha256WithRSAEncryption
         72:02:c9:a6:b2:10:bc:d1:76:80:b7:c0:07:e8:3b:d5:e0:d4:
         c6:d4:4a:df:94:12:ab:b7:e3:60:63:e8:b4:e4:9e:22:9e:fb:
         79:84:a9:4c:0a:6c:b8:9e:00:ed:1f:69:ed:e7:e2:ca:c9:8e:
         43:e9:73:b5:04:fb:76:a1:aa:1c:f7:05:16:e3:4d:44:e9:c0:
         04:79:21:49:6c:fa:57:13:d0:45:51:f1:e6:ca:f1:4c:b8:a8:
         00:4c:a7:d9:4c:9d:e7:57:34:f5:f8:e6:b8:df:9e:83:5f:e2:
         64:49:33:4b:72:bf:6b:f8:6e:6b:0b:cc:87:0f:c5:b0:fc:1c:
         04:e0:75:b3:0e:38:23:c1:93:73:c5:2f:c7:e7:5b:49:81:83:
         17:1a:fa:1d:20:21:af:84:49:7d:68:e6:84:c4:e9:8c:a1:b9:
         a5:37:b3:13:2c:18:3b:e7:98:0c:26:7b:63:85:c4:8d:9a:3f:
         cb:6e:c6:21:6b:a1:5b:4f:6e:a1:9d:08:11:ed:ac:6a:8c:d7:
         6d:31:15:b3:0d:d5:d6:bf:22:59:e9:07:cd:07:10:ed:6b:3c:
         d0:7e:ef:bf:d7:d9:61:a0:fb:6f:a9:df:56:20:76:82:f8:d6:
         64:57:98:a0:a5:ff:6c:45:70:b2:7a:24:5f:5b:28:ad:68:87:
         98:b7:05:8c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzEk432rFYfjK158CT9aBlHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjQwMTAxMTAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjVhM2Q0YmY0ZmJiMDMwNTkyMTk5ZDczZWE5NzQyYTc5YjRhMTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUxnr3Wg00rT8JyFomnN/PIBEv8c
FdXlOEU3vUU4vgIEkr5j/4nPBaZmBgrwwMs8RazJMlaja97709AaRoQV7Dvu5BAa
MD3CgnCMHYireBBjy8L+G0BN0KnwqWpck/S35uyQ1mrRIZIqDpb6F0Ijgy2yrzl7
u9XY6gLofR2lHnrBc5NtODmbtVIq+iUVlN8l/VeuU/rrLwqNRAb+2GsG6cHoXY3b
PSnI8Cj6iJUCuF2VMog9nz+0eiP09INtPPtxMM+kR/eEQ8OicXGkqGI1tJyxdwUI
QzG2s9/CZ0aCHa3sYch9U/QTVj0MhfneU3qKGngC6EV74YQyya5LL5dE1wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKtaPUv0+7AwWSGZ1z6pdCp5tKEKMB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xL3ExbzlTX1Q3c0RCWklablhQcWwwS25tMG9Rby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAqAB5q
MA0GCSqGSIb3DQEBCwUAA4IBAQByAsmmshC80XaAt8AH6DvV4NTG1ErflBKrt+Ng
Y+i05J4invt5hKlMCmy4ngDtH2nt5+LKyY5D6XO1BPt2oaoc9wUW401E6cAEeSFJ
bPpXE9BFUfHmyvFMuKgATKfZTJ3nVzT1+Oa4356DX+JkSTNLcr9r+G5rC8yHD8Ww
/BwE4HWzDjgjwZNzxS/H51tJgYMXGvodICGvhEl9aOaExOmMobmlN7MTLBg755gM
JntjhcSNmj/LbsYha6FbT26hnQgR7axqjNdtMRWzDdXWvyJZ6QfNBxDtazzQfu+/
19lhoPtvqd9WIHaC+NZkV5igpf9sRXCyeiRfWyitaIeYtwWM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:57 2024 by rpki-client on console-ams.rpki-client.org