Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/doHRB883gi6ksV2zOoKzXCnCUnc.roa
File:                     doHRB883gi6ksV2zOoKzXCnCUnc.roa (raw, json)
Hash identifier:          BYQQMb33FCWirJa+Oqb6KwVKR0z0Y2TWZbREp8colM8=
Subject key identifier:   76:81:D1:07:CF:37:82:2E:A4:B1:5D:B3:3A:82:B3:5C:29:C2:52:77
Certificate issuer:       /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial:       018F7F6DFD9E2331256E135D9AC4159E2DE7
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/doHRB883gi6ksV2zOoKzXCnCUnc.roa
Signing time:             Thu 16 May 2024 03:24:25 +0000
ROA not before:           Thu 16 May 2024 03:24:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61400
IP address blocks:        2a09:6281::/32 maxlen: 32
                          2a09:e2c4::/30 maxlen: 30
                          2a10:4102::/32 maxlen: 32
                          2a12:c300::/30 maxlen: 30
                          2a12:c304::/30 maxlen: 30

Validation:               Failed, certificate revoked on Sun 26 May 2024 17:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:7f:6d:fd:9e:23:31:25:6e:13:5d:9a:c4:15:9e:2d:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
        Validity
            Not Before: May 16 03:24:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7681d107cf37822ea4b15db33a82b35c29c25277
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:76:fd:34:19:3c:0a:b0:93:00:54:ce:ad:44:
                    a7:27:9b:31:a7:10:ee:b7:24:09:31:92:85:57:a6:
                    ff:fa:43:ba:d0:31:ac:81:e2:89:c4:93:e5:a9:11:
                    c6:1c:3c:73:3b:b1:ec:47:6e:35:7c:e6:fd:98:8b:
                    22:c4:f0:40:03:c8:37:5c:8e:93:7c:9b:a3:1c:d1:
                    46:d4:c6:77:37:de:a3:0e:7a:2b:95:23:86:b2:57:
                    ac:4c:c6:a3:05:50:f2:78:0f:e0:de:0a:05:72:be:
                    b9:d9:09:6b:8c:ad:47:53:99:74:9f:10:fd:2b:e2:
                    46:5c:a8:19:1c:fd:47:fe:e9:7a:ca:56:39:06:e3:
                    be:ba:92:92:b3:ad:45:9d:da:0c:21:6d:a4:c7:b5:
                    17:ab:1d:4c:3a:83:87:dc:de:b9:d7:97:c3:5b:79:
                    6c:0e:5b:d1:cf:21:b2:25:31:0b:5c:8c:fe:47:bc:
                    59:fb:3d:5a:58:d0:aa:e2:de:ad:c5:05:6f:ea:ee:
                    00:e0:72:5c:aa:a9:45:dc:a1:b8:fb:b8:5b:74:43:
                    bb:0f:d0:e0:09:a7:ab:6e:fb:0b:4b:82:d6:77:18:
                    48:1a:90:42:fd:c4:da:fa:dc:05:c0:5f:19:30:82:
                    f3:d0:a2:cc:55:fc:0b:ee:55:54:70:b9:5c:0b:bd:
                    8f:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:81:D1:07:CF:37:82:2E:A4:B1:5D:B3:3A:82:B3:5C:29:C2:52:77
            X509v3 Authority Key Identifier:
                keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/doHRB883gi6ksV2zOoKzXCnCUnc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:6281::/32
                  2a09:e2c4::/30
                  2a10:4102::/32
                  2a12:c300::/29

    Signature Algorithm: sha256WithRSAEncryption
         2b:ef:9c:35:83:56:5e:f3:05:80:a0:ac:48:70:63:92:47:2c:
         73:de:cd:5b:4a:94:76:ec:6e:06:e4:23:72:21:9e:1d:66:94:
         2c:53:51:54:c2:16:93:d3:2f:66:f2:b1:5d:3f:1f:4a:5e:25:
         95:f3:fb:da:1e:3d:72:b3:03:90:99:0e:0e:cb:ac:0a:73:69:
         df:70:3a:a1:5e:0d:88:a3:d2:9e:91:6e:19:35:21:5b:f2:fe:
         8b:9a:56:58:06:1e:f8:86:50:01:00:6f:fe:d9:75:ca:bc:bc:
         dd:cf:e1:f4:36:9d:d6:90:43:a8:39:e6:29:22:8f:4d:69:eb:
         e5:ad:6b:5b:aa:5e:2b:4f:f3:1d:b1:5f:37:c5:da:4a:37:77:
         81:40:89:31:8d:29:3e:28:2f:70:29:e9:31:0c:02:0b:cb:07:
         93:d2:36:03:f5:f6:04:68:77:d9:7b:53:0a:5d:14:14:90:e2:
         96:ff:42:cb:27:06:cb:a3:a7:c4:5e:7d:d1:c8:86:0f:0a:9b:
         f3:49:d9:c2:7d:a3:f8:02:26:bc:95:81:c1:aa:a2:81:28:0c:
         22:8f:69:37:b2:1f:18:c1:8b:c6:39:50:2f:63:37:12:09:b2:
         6c:d0:00:98:d2:47:08:ad:9b:7a:16:81:a6:34:c3:9b:ea:1e:
         ed:bb:44:e0
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY9/bf2eIzElbhNdmsQVni3nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwNTE2MDMyNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjgxZDEwN2NmMzc4MjJlYTRiMTVkYjMzYTgyYjM1YzI5YzI1Mjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnb9NBk8CrCTAFTOrUSnJ5sxpxDu
tyQJMZKFV6b/+kO60DGsgeKJxJPlqRHGHDxzO7HsR241fOb9mIsixPBAA8g3XI6T
fJujHNFG1MZ3N96jDnorlSOGslesTMajBVDyeA/g3goFcr652QlrjK1HU5l0nxD9
K+JGXKgZHP1H/ul6ylY5BuO+upKSs61FndoMIW2kx7UXqx1MOoOH3N6515fDW3ls
DlvRzyGyJTELXIz+R7xZ+z1aWNCq4t6txQVv6u4A4HJcqqlF3KG4+7hbdEO7D9Dg
CaerbvsLS4LWdxhIGpBC/cTa+twFwF8ZMILz0KLMVfwL7lVUcLlcC72PXQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHaB0QfPN4IupLFdszqCs1wpwlJ3MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvZG9IUkI4ODNnaTZrc1Yyek9vS3pYQ25DVW5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKgligQMF
AioJ4sQDBQAqEEECAwUDKhLDADANBgkqhkiG9w0BAQsFAAOCAQEAK++cNYNWXvMF
gKCsSHBjkkcsc97NW0qUduxuBuQjciGeHWaULFNRVMIWk9MvZvKxXT8fSl4llfP7
2h49crMDkJkODsusCnNp33A6oV4NiKPSnpFuGTUhW/L+i5pWWAYe+IZQAQBv/tl1
yry83c/h9Dad1pBDqDnmKSKPTWnr5a1rW6peK0/zHbFfN8XaSjd3gUCJMY0pPigv
cCnpMQwCC8sHk9I2A/X2BGh32XtTCl0UFJDilv9CyycGy6OnxF590ciGDwqb80nZ
wn2j+AImvJWBwaqigSgMIo9pN7IfGMGLxjlQL2M3EgmybNAAmNJHCK2behaBpjTD
m+oe7btE4A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:33 2024 by rpki-client on console-ams.rpki-client.org