Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/q1mbuuiHRzHrbnrqVDnoVA3xbHE.roa
File:                     q1mbuuiHRzHrbnrqVDnoVA3xbHE.roa (raw, json)
Hash identifier:          eoM78JG7Aw4FSYhSFtS66RZxu1wFpSBWcrq/0Fjhi68=
Subject key identifier:   AB:59:9B:BA:E8:87:47:31:EB:6E:7A:EA:54:39:E8:54:0D:F1:6C:71
Certificate issuer:       /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial:       018A4D1A503E76F04E7D795C1B316F45D430
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/q1mbuuiHRzHrbnrqVDnoVA3xbHE.roa
Signing time:             Thu 31 Aug 2023 19:38:04 +0000
ROA not before:           Thu 31 Aug 2023 19:38:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34665
IP address blocks:        2a0c:6900::/32 maxlen: 32
                          2a0c:6900::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:4d:1a:50:3e:76:f0:4e:7d:79:5c:1b:31:6f:45:d4:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
        Validity
            Not Before: Aug 31 19:38:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ab599bbae8874731eb6e7aea5439e8540df16c71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:6c:eb:16:7e:60:0f:4a:02:b8:bc:44:f2:8e:
                    8d:b1:f7:ef:81:da:62:fe:86:8f:16:9a:0d:33:04:
                    e5:9f:d4:ae:c1:11:61:af:f0:88:06:90:0b:52:3f:
                    f3:e4:bb:b6:22:f4:f4:5a:72:aa:0e:b6:dc:bd:86:
                    1c:ea:1b:9a:e6:9d:f4:fa:92:e8:cd:4f:0b:a1:74:
                    b5:e0:24:b0:93:ef:bd:24:11:53:69:06:64:20:10:
                    3f:d7:e1:9b:3e:74:e4:04:78:3a:21:a1:55:6c:58:
                    e1:cf:ca:fc:2d:5c:ed:8c:75:0f:53:75:3e:a5:6b:
                    57:b3:1b:2a:e5:72:dd:39:19:08:47:33:4e:cb:fe:
                    e6:18:2e:88:f2:a4:30:74:33:cf:16:8a:b4:4c:64:
                    b4:b2:07:67:77:69:54:d3:a4:6a:09:89:e7:1d:e0:
                    68:88:8e:eb:4d:cb:92:05:4b:61:2c:82:0d:e1:26:
                    e3:f7:db:d2:f7:ba:20:dd:34:6c:d5:96:6d:30:cc:
                    6a:7f:d0:52:73:5e:36:73:79:94:24:82:93:60:21:
                    f3:70:f2:27:b3:07:77:e4:7b:84:d5:4b:b6:d5:c9:
                    0e:f3:9c:b4:2d:b3:de:3c:b5:5a:09:4c:1e:e2:8f:
                    75:77:ee:ab:45:f4:66:f1:93:0f:dd:04:34:fc:34:
                    e6:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:59:9B:BA:E8:87:47:31:EB:6E:7A:EA:54:39:E8:54:0D:F1:6C:71
            X509v3 Authority Key Identifier:
                keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/q1mbuuiHRzHrbnrqVDnoVA3xbHE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:6900::/29

    Signature Algorithm: sha256WithRSAEncryption
         5a:fa:2c:a2:21:de:dd:6b:7d:9c:be:4e:ec:18:c7:1f:bd:e7:
         71:a4:26:73:2f:89:d7:95:27:7d:23:8a:35:e5:90:f3:4b:57:
         e5:cc:3b:9f:29:a4:cf:e0:85:b9:71:2e:3d:72:a6:ed:d7:9e:
         05:87:73:9c:8b:4f:1a:81:3b:0b:1d:04:7b:69:42:d8:06:72:
         3b:64:56:88:72:28:96:e2:00:62:15:ab:41:23:5b:9e:7b:56:
         e1:ba:0b:c2:10:85:51:41:05:31:06:8b:2e:d8:52:73:f1:4f:
         2c:3b:cd:26:a0:07:da:f1:3d:cb:bc:90:22:d4:ce:d1:c5:4c:
         ab:e9:f5:be:53:b8:33:0e:94:23:c4:1e:35:7d:07:3e:3d:5d:
         1e:28:0d:fd:fa:7d:b8:0a:ff:4c:47:47:a0:04:3c:42:13:3a:
         1e:44:56:5b:42:98:83:88:ef:e1:c7:51:73:32:41:75:30:77:
         99:eb:b4:51:59:03:9f:bf:ea:ff:34:ac:40:3b:93:2c:e5:b6:
         8b:61:0d:2a:04:a4:ee:96:08:0b:5a:7b:e1:cc:fe:e3:a2:ac:
         bf:ae:49:df:cd:37:59:83:5d:b4:f1:e4:b9:d7:c2:03:aa:b0:
         8c:50:1a:7b:45:07:3a:11:7e:f1:48:7c:ea:c2:d1:01:1a:3c:
         e1:6a:41:15
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYpNGlA+dvBOfXlcGzFvRdQwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjMwODMxMTkzODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjU5OWJiYWU4ODc0NzMxZWI2ZTdhZWE1NDM5ZTg1NDBkZjE2YzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2zrFn5gD0oCuLxE8o6Nsffvgdpi
/oaPFpoNMwTln9SuwRFhr/CIBpALUj/z5Lu2IvT0WnKqDrbcvYYc6hua5p30+pLo
zU8LoXS14CSwk++9JBFTaQZkIBA/1+GbPnTkBHg6IaFVbFjhz8r8LVztjHUPU3U+
pWtXsxsq5XLdORkIRzNOy/7mGC6I8qQwdDPPFoq0TGS0sgdnd2lU06RqCYnnHeBo
iI7rTcuSBUthLIIN4Sbj99vS97og3TRs1ZZtMMxqf9BSc142c3mUJIKTYCHzcPIn
swd35HuE1Uu21ckO85y0LbPePLVaCUwe4o91d+6rRfRm8ZMP3QQ0/DTmqwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKtZm7roh0cx62566lQ56FQN8WxxMB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvcTFtYnV1aUhSekhyYm5ycVZEbm9WQTN4YkhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgxpADAN
BgkqhkiG9w0BAQsFAAOCAQEAWvosoiHe3Wt9nL5O7BjHH73ncaQmcy+J15UnfSOK
NeWQ80tX5cw7nymkz+CFuXEuPXKm7deeBYdznItPGoE7Cx0Ee2lC2AZyO2RWiHIo
luIAYhWrQSNbnntW4boLwhCFUUEFMQaLLthSc/FPLDvNJqAH2vE9y7yQItTO0cVM
q+n1vlO4Mw6UI8QeNX0HPj1dHigN/fp9uAr/TEdHoAQ8QhM6HkRWW0KYg4jv4cdR
czJBdTB3meu0UVkDn7/q/zSsQDuTLOW2i2ENKgSk7pYIC1p74cz+46Ksv65J3803
WYNdtPHkudfCA6qwjFAae0UHOhF+8Uh86sLRARo84WpBFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:52 2024 by rpki-client on console-ams.rpki-client.org