Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/QTyLeEwnodOGHSdhZJ6zfdKd9ac.roa
File:                     QTyLeEwnodOGHSdhZJ6zfdKd9ac.roa (raw, json)
Hash identifier:          94LGAPGX8WM6k5/J0A63zsgnzfrEqZ6Gh5G6lwIdtSw=
Subject key identifier:   41:3C:8B:78:4C:27:A1:D3:86:1D:27:61:64:9E:B3:7D:D2:9D:F5:A7
Certificate issuer:       /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Certificate serial:       0190163A400C7B6FCA8505D1B9009F0CCA3A
Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/QTyLeEwnodOGHSdhZJ6zfdKd9ac.roa
Signing time:             Fri 14 Jun 2024 10:10:34 +0000
ROA not before:           Fri 14 Jun 2024 10:10:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216183
IP address blocks:        2a14:67c6::/32 maxlen: 32
                          2a14:67c7::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 18 Jul 2024 18:11:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:16:3a:40:0c:7b:6f:ca:85:05:d1:b9:00:9f:0c:ca:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
        Validity
            Not Before: Jun 14 10:10:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=413c8b784c27a1d3861d2761649eb37dd29df5a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:fa:b9:f5:5f:d7:51:45:59:bf:47:d8:89:dd:
                    3c:c1:ef:56:2a:c5:6d:12:73:a8:9b:6c:89:6f:71:
                    19:74:27:cf:6a:65:db:36:19:ca:d9:f8:35:b5:e7:
                    7e:b9:04:70:81:10:6f:43:5e:dc:8d:4d:30:46:3a:
                    52:dd:8b:1c:6f:b1:ff:42:62:dd:7a:7e:cc:a5:fe:
                    48:0b:98:0e:02:0f:5c:90:98:03:82:e8:11:fe:98:
                    dc:80:cc:1d:f9:df:57:9c:df:7b:92:3f:79:a3:13:
                    11:88:b9:c5:0f:cc:94:56:9c:9b:6f:19:8d:d3:fa:
                    bc:91:a9:eb:b7:f3:fb:bd:fd:ea:82:ec:0b:51:22:
                    e4:8b:f9:32:e1:f8:18:b4:d1:8e:cb:fe:12:26:d5:
                    8d:3f:28:70:57:35:be:be:a5:77:8d:b9:39:2f:d9:
                    08:81:d5:e4:f1:62:b2:10:97:bc:6c:95:14:1c:7e:
                    af:1b:8b:fb:90:d7:66:55:27:06:e8:f0:51:04:31:
                    a6:4a:d0:c4:0d:10:37:8b:1c:4a:00:ad:21:52:ce:
                    ac:cd:63:b6:f5:2d:2b:0a:d7:c6:fe:c5:6c:c8:25:
                    35:9c:0b:18:0d:00:2e:5e:a7:09:5d:5d:2a:78:11:
                    fd:14:8f:7a:1d:1f:99:ab:9b:e9:62:71:29:5f:90:
                    20:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:3C:8B:78:4C:27:A1:D3:86:1D:27:61:64:9E:B3:7D:D2:9D:F5:A7
            X509v3 Authority Key Identifier:
                keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/QTyLeEwnodOGHSdhZJ6zfdKd9ac.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:67c6::/31

    Signature Algorithm: sha256WithRSAEncryption
         c5:ab:12:1c:78:31:10:dc:40:cf:17:12:a7:4b:dc:b4:00:21:
         46:d3:d0:db:b5:5a:43:3b:da:0a:32:95:b9:09:96:10:56:46:
         77:5c:16:24:d3:d0:47:32:05:09:1e:25:ef:3c:2d:0a:fb:36:
         c0:d1:09:38:f3:61:63:e7:0e:2a:d3:5c:28:5d:98:a0:a6:ea:
         4f:74:f2:83:b6:cb:53:d0:eb:c5:bf:b2:8e:42:33:23:40:30:
         2e:1b:9a:6f:7f:88:be:25:c1:f5:e7:91:79:d3:5c:c7:72:5e:
         20:3d:26:0a:ef:3d:34:4d:52:99:5d:a7:ca:87:45:cc:99:7c:
         4a:c7:79:33:e1:b5:9a:d8:53:71:92:4e:67:12:0e:61:61:6b:
         4a:6b:77:fc:24:08:1b:c9:51:a8:49:f1:ea:5f:56:61:c2:5f:
         fc:35:fb:8a:9f:fd:66:b4:1f:a5:57:c1:3e:41:07:00:fd:69:
         98:f4:ef:ec:7c:b0:f2:e0:3c:5e:42:28:57:cb:3e:44:5f:ac:
         72:1f:e3:59:e7:f6:37:04:6b:30:6b:d6:61:29:2b:ca:5a:de:
         5f:61:2c:aa:1a:30:80:8f:b2:cd:a7:0a:b1:2c:65:0b:00:68:
         ab:9d:80:ac:4c:71:f9:a1:c2:26:bc:be:57:e2:58:c7:26:17:
         62:87:99:87
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZAWOkAMe2/KhQXRuQCfDMo6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll
NGUwZTAwHhcNMjQwNjE0MTAxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTNjOGI3ODRjMjdhMWQzODYxZDI3NjE2NDllYjM3ZGQyOWRmNWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/q59V/XUUVZv0fYid08we9WKsVt
EnOom2yJb3EZdCfPamXbNhnK2fg1ted+uQRwgRBvQ17cjU0wRjpS3Yscb7H/QmLd
en7Mpf5IC5gOAg9ckJgDgugR/pjcgMwd+d9XnN97kj95oxMRiLnFD8yUVpybbxmN
0/q8kanrt/P7vf3qguwLUSLki/ky4fgYtNGOy/4SJtWNPyhwVzW+vqV3jbk5L9kI
gdXk8WKyEJe8bJUUHH6vG4v7kNdmVScG6PBRBDGmStDEDRA3ixxKAK0hUs6szWO2
9S0rCtfG/sVsyCU1nAsYDQAuXqcJXV0qeBH9FI96HR+Zq5vpYnEpX5AgTQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEE8i3hMJ6HThh0nYWSes33SnfWnMB8GA1UdIwQY
MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt
ZjZjYzRlZjBmN2RmLzEvUVR5TGVFd25vZE9HSFNkaFpKNnpmZEtkOWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm
LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBKhRnxjAN
BgkqhkiG9w0BAQsFAAOCAQEAxasSHHgxENxAzxcSp0vctAAhRtPQ27VaQzvaCjKV
uQmWEFZGd1wWJNPQRzIFCR4l7zwtCvs2wNEJOPNhY+cOKtNcKF2YoKbqT3Tyg7bL
U9Drxb+yjkIzI0AwLhuab3+IviXB9eeRedNcx3JeID0mCu89NE1SmV2nyodFzJl8
Ssd5M+G1mthTcZJOZxIOYWFrSmt3/CQIG8lRqEnx6l9WYcJf/DX7ip/9ZrQfpVfB
PkEHAP1pmPTv7Hyw8uA8XkIoV8s+RF+sch/jWef2NwRrMGvWYSkrylreX2Esqhow
gI+yzacKsSxlCwBoq52ArExx+aHCJry+V+JYxyYXYoeZhw==
-----END CERTIFICATE-----
Generated at Thu Jul 18 21:13:13 2024 by rpki-client on console-ams.rpki-client.org