Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/70b504-c2d4-4387-9b75-f45b8dbe2f97/1/9fiwdPH2KY7vusufmuIVnPCamII.roa
File:                     9fiwdPH2KY7vusufmuIVnPCamII.roa (raw, json)
Hash identifier:          Y70rxNc2H4b1+q4FG5vOXh6jGG5Qx7wTcDpQWUtLr44=
Subject key identifier:   F5:F8:B0:74:F1:F6:29:8E:EF:BA:CB:9F:9A:E2:15:9C:F0:9A:98:82
Certificate issuer:       /CN=d895fa70e3f7df361151d55379d4d9b85dadfd3d
Certificate serial:       0186A1C7F2E80A82319018170620D62B0E76
Authority key identifier: D8:95:FA:70:E3:F7:DF:36:11:51:D5:53:79:D4:D9:B8:5D:AD:FD:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2JX6cOP33zYRUdVTedTZuF2t_T0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/70b504-c2d4-4387-9b75-f45b8dbe2f97/1/9fiwdPH2KY7vusufmuIVnPCamII.roa
Signing time:             Thu 02 Mar 2023 10:04:40 +0000
ROA not before:           Thu 02 Mar 2023 10:04:40 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208436
IP address blocks:        2a0e:9f40::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:a1:c7:f2:e8:0a:82:31:90:18:17:06:20:d6:2b:0e:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d895fa70e3f7df361151d55379d4d9b85dadfd3d
        Validity
            Not Before: Mar  2 10:04:40 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f5f8b074f1f6298eefbacb9f9ae2159cf09a9882
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:e4:ff:17:b6:7c:19:7d:b7:50:16:9b:c9:d4:
                    da:b6:9c:d5:b7:1d:9e:ba:3d:c7:15:a5:1d:d0:ba:
                    d4:a6:a4:33:e2:75:87:08:69:c0:d5:98:29:61:c9:
                    41:72:61:db:b2:14:1c:66:e1:ab:17:2b:43:87:95:
                    01:57:ac:43:44:d3:4c:49:25:23:5e:0e:6a:8c:41:
                    32:99:1c:ba:99:d5:f4:ce:79:5e:df:68:a4:70:1b:
                    7b:45:8a:d4:4f:53:d5:6a:1d:73:52:86:62:26:44:
                    48:4a:13:0a:e6:5b:14:1d:8c:f1:5a:06:87:e3:1c:
                    3d:07:9a:26:e7:96:cf:93:49:57:a4:b4:cf:ed:2a:
                    14:00:b2:37:52:8b:c8:52:cd:d9:bb:52:b5:b1:4a:
                    46:93:ff:42:ea:2f:f9:e3:7d:3a:c6:aa:4d:a5:98:
                    9d:e8:42:44:c6:ce:28:ea:7b:46:f5:a1:ec:30:eb:
                    ac:03:e1:0b:74:37:b2:ca:fe:7e:0d:b0:31:91:c2:
                    bf:f3:7a:c1:2e:44:68:e0:bf:d0:30:af:2f:15:d0:
                    15:66:16:d4:f7:e2:c2:e7:93:6f:88:b6:55:a2:72:
                    a8:55:10:be:8a:79:96:ca:b2:a5:23:ba:39:fb:8f:
                    99:1f:73:f8:ee:b1:cd:a3:02:54:77:e3:e0:07:5a:
                    a2:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:F8:B0:74:F1:F6:29:8E:EF:BA:CB:9F:9A:E2:15:9C:F0:9A:98:82
            X509v3 Authority Key Identifier:
                keyid:D8:95:FA:70:E3:F7:DF:36:11:51:D5:53:79:D4:D9:B8:5D:AD:FD:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JX6cOP33zYRUdVTedTZuF2t_T0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/70b504-c2d4-4387-9b75-f45b8dbe2f97/1/9fiwdPH2KY7vusufmuIVnPCamII.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/70b504-c2d4-4387-9b75-f45b8dbe2f97/1/2JX6cOP33zYRUdVTedTZuF2t_T0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:9f40::/29

    Signature Algorithm: sha256WithRSAEncryption
         7e:66:93:9f:a6:f2:67:5a:eb:49:db:0b:4b:4e:bb:33:a4:74:
         5e:c5:e3:5d:58:b3:dd:65:16:ce:21:cd:d3:ab:a1:e4:72:8a:
         ca:b7:ac:46:cc:27:78:dd:51:97:98:b1:2e:8e:89:dc:3e:ba:
         18:b0:3a:e5:8f:d3:eb:6f:c1:05:7e:6e:1a:34:9b:9a:a2:5c:
         1d:c4:ba:97:ef:2b:ae:c2:37:f1:72:e5:22:03:ad:78:32:d1:
         08:da:dd:82:61:9d:60:30:94:01:5d:91:da:e4:9e:e8:bd:ef:
         4f:91:16:92:68:7e:b9:bc:d8:a2:25:f2:95:7b:aa:d8:70:53:
         86:15:83:55:57:a1:52:7a:4b:67:62:ba:f8:bc:d2:57:46:8e:
         df:49:39:d8:6a:10:70:8f:c9:18:ef:2f:29:48:e8:9b:22:04:
         50:a0:c4:02:c6:8c:43:bc:22:be:aa:95:0b:ea:ed:ed:63:47:
         b9:e6:b6:be:aa:67:0c:06:cc:1e:51:b7:65:d7:52:1b:cc:96:
         8a:94:57:c4:34:65:90:13:2b:f6:22:9d:d6:26:cb:a3:36:eb:
         7e:70:a4:7e:07:fb:9c:c1:64:c6:65:13:bb:e2:02:3b:41:1a:
         71:bd:04:28:00:37:2f:61:b4:32:0b:86:74:e2:de:09:c7:b2:
         37:dd:d7:3e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYahx/LoCoIxkBgXBiDWKw52MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4OTVmYTcwZTNmN2RmMzYxMTUxZDU1Mzc5ZDRkOWI4NWRh
ZGZkM2QwHhcNMjMwMzAyMTAwNDQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWY4YjA3NGYxZjYyOThlZWZiYWNiOWY5YWUyMTU5Y2YwOWE5ODgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOT/F7Z8GX23UBabydTatpzVtx2e
uj3HFaUd0LrUpqQz4nWHCGnA1ZgpYclBcmHbshQcZuGrFytDh5UBV6xDRNNMSSUj
Xg5qjEEymRy6mdX0znle32ikcBt7RYrUT1PVah1zUoZiJkRIShMK5lsUHYzxWgaH
4xw9B5om55bPk0lXpLTP7SoUALI3UovIUs3Zu1K1sUpGk/9C6i/54306xqpNpZid
6EJExs4o6ntG9aHsMOusA+ELdDeyyv5+DbAxkcK/83rBLkRo4L/QMK8vFdAVZhbU
9+LC55NviLZVonKoVRC+inmWyrKlI7o5+4+ZH3P47rHNowJUd+PgB1qipwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPX4sHTx9imO77rLn5riFZzwmpiCMB8GA1UdIwQY
MBaAFNiV+nDj9982EVHVU3nU2bhdrf09MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkpYNmNPUDMzellSVWRWVGVkVFp1RjJ0X1QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi83MGI1MDQtYzJkNC00Mzg3LTliNzUt
ZjQ1YjhkYmUyZjk3LzEvOWZpd2RQSDJLWTd2dXN1Zm11SVZuUENhbUlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi83MGI1MDQtYzJkNC00Mzg3LTliNzUtZjQ1YjhkYmUyZjk3
LzEvMkpYNmNPUDMzellSVWRWVGVkVFp1RjJ0X1QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg6fQDAN
BgkqhkiG9w0BAQsFAAOCAQEAfmaTn6byZ1rrSdsLS067M6R0XsXjXViz3WUWziHN
06uh5HKKyresRswneN1Rl5ixLo6J3D66GLA65Y/T62/BBX5uGjSbmqJcHcS6l+8r
rsI38XLlIgOteDLRCNrdgmGdYDCUAV2R2uSe6L3vT5EWkmh+ubzYoiXylXuq2HBT
hhWDVVehUnpLZ2K6+LzSV0aO30k52GoQcI/JGO8vKUjomyIEUKDEAsaMQ7wivqqV
C+rt7WNHuea2vqpnDAbMHlG3ZddSG8yWipRXxDRlkBMr9iKd1ibLozbrfnCkfgf7
nMFkxmUTu+ICO0Eacb0EKAA3L2G0MguGdOLeCceyN93XPg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:59 2024 by rpki-client on console-ams.rpki-client.org