Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/9vUZvD2seppDAb27ygYn4Ziipwk.roa
File:                     9vUZvD2seppDAb27ygYn4Ziipwk.roa (raw, json)
Hash identifier:          0WtJRAzLzNrs6PjgkLa0OzDl9oacbIVzRiSzkR0uDGE=
Subject key identifier:   F6:F5:19:BC:3D:AC:7A:9A:43:01:BD:BB:CA:06:27:E1:98:A2:A7:09
Certificate issuer:       /CN=0f21b78ce97b0f5fb3d88bf95cfbb08b2fbea8e5
Certificate serial:       01874E7AF9072C92ACF0CD3073C9B8F0B2C4
Authority key identifier: 0F:21:B7:8C:E9:7B:0F:5F:B3:D8:8B:F9:5C:FB:B0:8B:2F:BE:A8:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DyG3jOl7D1-z2Iv5XPuwiy--qOU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/9vUZvD2seppDAb27ygYn4Ziipwk.roa
Signing time:             Tue 04 Apr 2023 22:54:54 +0000
ROA not before:           Tue 04 Apr 2023 22:54:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198949
IP address blocks:        132.68.0.0/24 maxlen: 24
                          132.68.0.0/15 maxlen: 15

Validation:               Failed, certificate revoked on Tue 04 Apr 2023 23:44:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:4e:7a:f9:07:2c:92:ac:f0:cd:30:73:c9:b8:f0:b2:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f21b78ce97b0f5fb3d88bf95cfbb08b2fbea8e5
        Validity
            Not Before: Apr  4 22:54:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f6f519bc3dac7a9a4301bdbbca0627e198a2a709
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:fe:0b:72:b3:7d:e5:cd:46:1e:f4:af:d9:d7:
                    f9:c9:19:1f:77:5a:02:eb:71:4d:12:e3:b5:d3:85:
                    b3:74:87:f1:83:93:ba:22:19:06:16:39:b5:a8:14:
                    e1:01:81:c0:54:e3:00:84:ec:1a:10:4a:ad:f7:80:
                    1a:79:47:ca:19:74:2c:2e:3f:60:e4:aa:7c:cf:fb:
                    3e:54:ae:4e:bd:af:63:ca:00:4f:26:1d:70:53:69:
                    dd:78:c8:80:94:61:62:54:f0:d6:f2:e0:57:0e:0d:
                    b6:1a:cb:55:6f:e0:73:88:55:6a:76:06:1a:1a:5e:
                    49:e5:83:7c:f5:3b:e8:c0:71:2a:89:d4:e8:bb:18:
                    c7:30:a0:f4:37:bf:3e:ab:15:fb:61:9e:8a:f2:ac:
                    9b:60:99:c4:16:67:30:90:42:f0:8a:ad:db:83:68:
                    6f:3f:3e:20:e9:d2:37:18:f9:81:bb:a0:09:74:11:
                    3f:4c:fc:7f:7a:f8:4c:cb:59:2c:45:3e:55:a2:1c:
                    78:ef:f9:e4:50:5d:69:04:80:02:cf:a2:7a:c7:05:
                    ca:52:3c:0d:22:7d:49:c4:1a:5b:96:97:f3:a3:5b:
                    e4:22:b0:2f:89:6a:bf:81:20:93:e8:c2:36:1f:ca:
                    ef:be:bf:4d:a7:8c:a1:41:6a:8a:2e:16:0d:43:95:
                    25:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:F5:19:BC:3D:AC:7A:9A:43:01:BD:BB:CA:06:27:E1:98:A2:A7:09
            X509v3 Authority Key Identifier:
                keyid:0F:21:B7:8C:E9:7B:0F:5F:B3:D8:8B:F9:5C:FB:B0:8B:2F:BE:A8:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DyG3jOl7D1-z2Iv5XPuwiy--qOU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/9vUZvD2seppDAb27ygYn4Ziipwk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/DyG3jOl7D1-z2Iv5XPuwiy--qOU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  132.68.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         05:f2:fd:3c:d7:34:5c:69:8f:95:db:1b:a8:ee:be:4f:0e:ca:
         20:1e:38:e3:44:08:5e:47:6c:65:48:b9:c6:76:3b:70:49:46:
         a0:2c:b0:6d:f0:57:40:20:e6:53:39:4e:fa:4e:2b:7e:70:31:
         ed:88:be:0c:43:f7:7c:6c:d3:09:7c:dd:ed:5c:e6:56:83:72:
         36:a5:fe:7b:32:ca:b0:89:f3:20:93:74:af:4d:68:fc:e1:3e:
         f1:b3:08:3f:20:14:cc:fc:3e:59:64:f3:a3:ca:2d:98:7a:ee:
         f4:66:61:31:c4:9b:8c:d8:6d:42:d8:28:39:5f:45:b6:a0:87:
         23:f9:7d:92:84:b3:3e:bd:12:62:42:e8:63:21:93:15:8e:5d:
         f8:af:b8:49:94:b8:2e:a2:a7:7f:96:0d:4f:94:be:a2:3b:7e:
         ee:13:48:40:72:76:eb:e6:c2:fb:ee:47:3c:75:73:03:2e:8a:
         b2:1d:25:2b:5d:46:99:57:a7:5b:48:4a:9d:f8:3c:bd:4f:e1:
         38:49:aa:d7:e1:ee:b6:02:9e:9e:e0:01:a4:bf:d0:40:68:c7:
         f1:43:1d:d7:5d:28:7e:3c:ef:85:d1:a7:76:62:18:c2:b7:40:
         80:d3:50:f0:20:f6:57:dc:29:55:71:74:4d:7a:a5:4f:fb:71:
         85:90:d7:5a
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYdOevkHLJKs8M0wc8m48LLEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMjFiNzhjZTk3YjBmNWZiM2Q4OGJmOTVjZmJiMDhiMmZi
ZWE4ZTUwHhcNMjMwNDA0MjI1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmY1MTliYzNkYWM3YTlhNDMwMWJkYmJjYTA2MjdlMTk4YTJhNzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsf4LcrN95c1GHvSv2df5yRkfd1oC
63FNEuO104WzdIfxg5O6IhkGFjm1qBThAYHAVOMAhOwaEEqt94AaeUfKGXQsLj9g
5Kp8z/s+VK5Ova9jygBPJh1wU2ndeMiAlGFiVPDW8uBXDg22GstVb+BziFVqdgYa
Gl5J5YN89TvowHEqidTouxjHMKD0N78+qxX7YZ6K8qybYJnEFmcwkELwiq3bg2hv
Pz4g6dI3GPmBu6AJdBE/TPx/evhMy1ksRT5Vohx47/nkUF1pBIACz6J6xwXKUjwN
In1JxBpblpfzo1vkIrAviWq/gSCT6MI2H8rvvr9Np4yhQWqKLhYNQ5UlrQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFPb1Gbw9rHqaQwG9u8oGJ+GYoqcJMB8GA1UdIwQY
MBaAFA8ht4zpew9fs9iL+Vz7sIsvvqjlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHlHM2pPbDdEMS16Mkl2NVhQdXdpeS0tcU9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8wZjc1OTQtZjA0OC00NzNkLWEzOWEt
ZGRiOWU0ZGI5OGM2LzEvOXZVWnZEMnNlcHBEQWIyN3lnWW40WmlpcHdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8wZjc1OTQtZjA0OC00NzNkLWEzOWEtZGRiOWU0ZGI5OGM2
LzEvRHlHM2pPbDdEMS16Mkl2NVhQdXdpeS0tcU9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEQwDQYJ
KoZIhvcNAQELBQADggEBAAXy/TzXNFxpj5XbG6juvk8OyiAeOONECF5HbGVIucZ2
O3BJRqAssG3wV0Ag5lM5TvpOK35wMe2IvgxD93xs0wl83e1c5laDcjal/nsyyrCJ
8yCTdK9NaPzhPvGzCD8gFMz8Pllk86PKLZh67vRmYTHEm4zYbULYKDlfRbaghyP5
fZKEsz69EmJC6GMhkxWOXfivuEmUuC6ip3+WDU+UvqI7fu4TSEByduvmwvvuRzx1
cwMuirIdJStdRplXp1tISp34PL1P4ThJqtfh7rYCnp7gAaS/0EBox/FDHdddKH48
74XRp3ZiGMK3QIDTUPAg9lfcKVVxdE16pU/7cYWQ11o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:10 2024 by rpki-client on console-ams.rpki-client.org