Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/444437-6843-4ad4-b764-79cc52c06d4f/1/7gr9vbX4udeK2A2AR7PqlL6v4AA.roa
File:                     7gr9vbX4udeK2A2AR7PqlL6v4AA.roa (raw, json)
Hash identifier:          ktY0mhI8kBTjvWovOLJl+jiAHMZSPuhWYSXfc/DJohM=
Subject key identifier:   EE:0A:FD:BD:B5:F8:B9:D7:8A:D8:0D:80:47:B3:EA:94:BE:AF:E0:00
Certificate issuer:       /CN=b3398b5b1d9a96e4115b7bcf6fca63fbaf639ca7
Certificate serial:       01857283694B44E4BBA26A5CEF7D2171ECD0
Authority key identifier: B3:39:8B:5B:1D:9A:96:E4:11:5B:7B:CF:6F:CA:63:FB:AF:63:9C:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/szmLWx2aluQRW3vPb8pj-69jnKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/444437-6843-4ad4-b764-79cc52c06d4f/1/7gr9vbX4udeK2A2AR7PqlL6v4AA.roa
Signing time:             Mon 02 Jan 2023 12:44:52 +0000
ROA not before:           Mon 02 Jan 2023 12:44:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52192
IP address blocks:        2001:678:f40::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:83:69:4b:44:e4:bb:a2:6a:5c:ef:7d:21:71:ec:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3398b5b1d9a96e4115b7bcf6fca63fbaf639ca7
        Validity
            Not Before: Jan  2 12:44:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ee0afdbdb5f8b9d78ad80d8047b3ea94beafe000
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:64:0a:95:c7:35:fc:14:a9:34:56:53:32:6b:
                    20:bf:6b:ba:7b:12:b6:a2:e0:cc:87:c8:a4:40:a6:
                    7d:41:c1:30:e0:28:69:7c:9d:2d:c2:26:55:f5:23:
                    16:66:a9:ac:15:ad:c1:49:0c:92:39:6b:a2:60:67:
                    a2:1b:c6:bf:7f:2f:47:a3:12:1d:3a:fd:d0:a0:f1:
                    92:b4:d6:66:d3:60:4d:f1:c0:5e:f4:9b:50:8e:61:
                    a7:83:86:47:74:3b:b0:64:53:5b:f6:0f:38:01:46:
                    80:6e:de:39:11:49:ec:39:a7:d8:64:19:e7:42:9c:
                    0d:5f:f4:85:79:19:5f:9f:5f:77:86:8a:72:48:42:
                    60:c9:9c:b3:92:49:1f:05:70:7e:87:72:cd:b9:69:
                    4b:54:df:9e:67:2e:9f:43:a4:fb:88:17:b1:d0:5e:
                    1e:15:cc:4f:a8:a3:b1:66:40:48:be:83:73:3c:0e:
                    26:b2:e4:aa:fb:c8:1d:d0:ec:6d:2a:48:51:ae:81:
                    9f:3d:4e:89:2c:45:bc:2d:aa:ee:3c:6f:67:e5:e7:
                    04:d3:32:5d:09:4b:d5:6b:c7:d2:0a:1d:c0:a3:9f:
                    00:bd:d7:f8:f5:6f:b4:73:00:4f:a4:8a:78:8c:5e:
                    f0:de:8f:7e:f2:72:9d:c4:92:72:b1:c3:98:bc:13:
                    b7:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:0A:FD:BD:B5:F8:B9:D7:8A:D8:0D:80:47:B3:EA:94:BE:AF:E0:00
            X509v3 Authority Key Identifier:
                keyid:B3:39:8B:5B:1D:9A:96:E4:11:5B:7B:CF:6F:CA:63:FB:AF:63:9C:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/szmLWx2aluQRW3vPb8pj-69jnKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/444437-6843-4ad4-b764-79cc52c06d4f/1/7gr9vbX4udeK2A2AR7PqlL6v4AA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/444437-6843-4ad4-b764-79cc52c06d4f/1/szmLWx2aluQRW3vPb8pj-69jnKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:f40::/48

    Signature Algorithm: sha256WithRSAEncryption
         42:9e:7f:1a:b9:15:1b:f0:79:87:46:24:1f:7e:09:c3:98:dd:
         51:9f:92:25:8c:b3:f5:4e:d9:a8:32:1e:7a:cd:38:0b:84:bb:
         19:c1:d1:f3:bc:72:60:e8:78:9e:ff:96:0a:6d:c9:45:59:0f:
         d9:1a:ef:a9:53:9d:bc:47:4a:51:ce:27:a0:92:06:b0:e7:1b:
         65:56:d3:36:bb:bf:59:7d:fd:a4:95:8f:a1:a1:ed:e1:d9:13:
         44:14:a8:4f:43:fd:31:89:b6:ac:76:4b:01:9f:6a:75:dc:97:
         ff:fb:3d:2c:e1:4b:37:30:de:47:9e:d9:f7:4f:e2:68:74:42:
         06:43:1a:a7:fa:31:ed:4b:b1:2d:21:6a:39:ec:9c:ef:21:8d:
         b6:81:d7:2c:17:a4:f5:a3:5c:55:15:58:6e:7a:eb:b0:0b:60:
         f0:83:5b:81:e4:1c:42:29:54:08:2f:e6:d0:08:e7:84:f8:91:
         99:5c:77:d3:92:7c:da:19:af:16:cf:97:43:e1:e1:c9:18:ac:
         9e:3e:95:a9:85:5e:34:b3:9b:a9:ed:eb:d7:17:0e:e6:b7:5d:
         39:e5:ce:77:e5:01:ce:e2:17:a3:3e:1f:31:2a:8c:98:40:62:
         83:d2:18:98:5a:9b:fe:06:c5:19:56:95:02:b0:0b:40:56:7b:
         74:db:87:bf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyg2lLROS7ompc730hcezQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMzk4YjViMWQ5YTk2ZTQxMTViN2JjZjZmY2E2M2ZiYWY2
MzljYTcwHhcNMjMwMTAyMTI0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTBhZmRiZGI1ZjhiOWQ3OGFkODBkODA0N2IzZWE5NGJlYWZlMDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2QKlcc1/BSpNFZTMmsgv2u6exK2
ouDMh8ikQKZ9QcEw4ChpfJ0twiZV9SMWZqmsFa3BSQySOWuiYGeiG8a/fy9HoxId
Ov3QoPGStNZm02BN8cBe9JtQjmGng4ZHdDuwZFNb9g84AUaAbt45EUnsOafYZBnn
QpwNX/SFeRlfn193hopySEJgyZyzkkkfBXB+h3LNuWlLVN+eZy6fQ6T7iBex0F4e
FcxPqKOxZkBIvoNzPA4msuSq+8gd0OxtKkhRroGfPU6JLEW8LaruPG9n5ecE0zJd
CUvVa8fSCh3Ao58Avdf49W+0cwBPpIp4jF7w3o9+8nKdxJJyscOYvBO3WwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFO4K/b21+LnXitgNgEez6pS+r+AAMB8GA1UdIwQY
MBaAFLM5i1sdmpbkEVt7z2/KY/uvY5ynMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3ptTFd4MmFsdVFSVzN2UGI4cGotNjlqbktjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi80NDQ0MzctNjg0My00YWQ0LWI3NjQt
NzljYzUyYzA2ZDRmLzEvN2dyOXZiWDR1ZGVLMkEyQVI3UHFsTDZ2NEFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi80NDQ0MzctNjg0My00YWQ0LWI3NjQtNzljYzUyYzA2ZDRm
LzEvc3ptTFd4MmFsdVFSVzN2UGI4cGotNjlqbktjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA9A
MA0GCSqGSIb3DQEBCwUAA4IBAQBCnn8auRUb8HmHRiQffgnDmN1Rn5IljLP1Ttmo
Mh56zTgLhLsZwdHzvHJg6Hie/5YKbclFWQ/ZGu+pU528R0pRziegkgaw5xtlVtM2
u79Zff2klY+hoe3h2RNEFKhPQ/0xibasdksBn2p13Jf/+z0s4Us3MN5Hntn3T+Jo
dEIGQxqn+jHtS7EtIWo57JzvIY22gdcsF6T1o1xVFVhueuuwC2Dwg1uB5BxCKVQI
L+bQCOeE+JGZXHfTknzaGa8Wz5dD4eHJGKyePpWphV40s5up7evXFw7mt1055c53
5QHO4hejPh8xKoyYQGKD0hiYWpv+BsUZVpUCsAtAVnt024e/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:27 2024 by rpki-client on console-ams.rpki-client.org