Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c0db4c-acfb-48ef-8f31-0b2ec6eef01f/1/7n7Wjdn0tPPbdsUWQYXq2U1iC8s.roa
File:                     7n7Wjdn0tPPbdsUWQYXq2U1iC8s.roa (raw, json)
Hash identifier:          CE9UwgIYyPqbSSP4inFwu536dWajUtEGvx0CXJ7JW1o=
Subject key identifier:   EE:7E:D6:8D:D9:F4:B4:F3:DB:76:C5:16:41:85:EA:D9:4D:62:0B:CB
Certificate issuer:       /CN=eba9b39492eb16e7b76e9809651ce5335f30f64f
Certificate serial:       018570D533D10A4C2847806778EED9FDC863
Authority key identifier: EB:A9:B3:94:92:EB:16:E7:B7:6E:98:09:65:1C:E5:33:5F:30:F6:4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/66mzlJLrFue3bpgJZRzlM18w9k8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/c0db4c-acfb-48ef-8f31-0b2ec6eef01f/1/7n7Wjdn0tPPbdsUWQYXq2U1iC8s.roa
Signing time:             Mon 02 Jan 2023 04:54:58 +0000
ROA not before:           Mon 02 Jan 2023 04:54:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209432
IP address blocks:        2001:678:954::/48 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:d5:33:d1:0a:4c:28:47:80:67:78:ee:d9:fd:c8:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eba9b39492eb16e7b76e9809651ce5335f30f64f
        Validity
            Not Before: Jan  2 04:54:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ee7ed68dd9f4b4f3db76c5164185ead94d620bcb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:5b:bd:58:9d:ca:fd:d7:40:87:12:ab:01:41:
                    0a:5b:be:25:fa:6d:b8:5b:1d:17:2a:61:fa:b8:f9:
                    68:9c:34:fc:64:98:2c:a9:24:62:c2:bb:1d:a5:47:
                    37:50:ff:d6:69:b4:f3:0f:15:0a:28:3a:83:fc:bc:
                    c3:00:0c:3d:ed:d3:c4:15:08:3c:e4:b5:8d:f0:c2:
                    f8:de:cc:a7:1e:6a:8c:b6:6f:38:0a:99:89:68:de:
                    d5:41:cf:e7:61:76:5e:98:26:97:2d:2f:18:91:36:
                    f2:15:00:3b:df:b9:f2:92:93:f2:13:01:fd:32:a1:
                    4c:8b:bb:25:3f:8e:30:f9:ad:3f:54:b9:05:0b:27:
                    7e:ae:91:db:dc:08:25:77:1e:d9:1a:6a:69:2a:01:
                    cf:07:58:ef:9c:66:91:3e:d7:c1:f5:91:90:3d:25:
                    95:cb:c7:53:31:78:79:d6:f5:23:ee:4d:10:ae:b6:
                    2c:de:2c:bf:b7:e9:7a:ea:44:29:5a:ec:c4:58:4a:
                    32:dd:3b:b6:2a:3e:51:b9:a4:74:1e:f6:98:03:29:
                    15:00:c3:78:39:cd:f5:7f:75:54:5f:3d:07:ff:eb:
                    dc:73:a4:4b:e6:a2:b7:62:f6:dc:38:70:87:5c:38:
                    0e:93:ad:6c:50:6f:1e:eb:4f:26:1d:ef:86:b1:fe:
                    30:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:7E:D6:8D:D9:F4:B4:F3:DB:76:C5:16:41:85:EA:D9:4D:62:0B:CB
            X509v3 Authority Key Identifier:
                keyid:EB:A9:B3:94:92:EB:16:E7:B7:6E:98:09:65:1C:E5:33:5F:30:F6:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/66mzlJLrFue3bpgJZRzlM18w9k8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c0db4c-acfb-48ef-8f31-0b2ec6eef01f/1/7n7Wjdn0tPPbdsUWQYXq2U1iC8s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c0db4c-acfb-48ef-8f31-0b2ec6eef01f/1/66mzlJLrFue3bpgJZRzlM18w9k8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:954::/48

    Signature Algorithm: sha256WithRSAEncryption
         1b:d2:19:65:ea:c4:01:be:69:a7:d2:27:0e:35:53:9e:2a:30:
         1f:86:4d:ef:5b:23:23:c4:5a:c5:42:02:22:e1:69:1e:f5:d1:
         64:9c:a0:a2:fa:0d:48:72:cb:48:00:25:5d:2d:8e:9b:d1:ed:
         0b:84:47:a3:9d:00:b0:61:51:ef:bd:c2:bb:54:76:a2:99:7c:
         a4:b9:b0:62:b0:64:29:fb:2d:69:d2:42:d5:0e:30:e0:64:42:
         10:65:63:9a:4c:42:a6:4f:83:91:1a:eb:68:a4:26:61:3c:a8:
         4c:8d:ed:6f:95:c3:4e:0a:06:aa:6f:88:cc:6a:7e:78:bc:5c:
         35:2c:87:0c:5b:a8:d5:70:99:68:d4:3e:d4:91:4e:ca:8e:97:
         51:77:a0:27:3a:1d:59:0c:d8:17:9e:ac:2c:2e:56:9f:89:f9:
         96:14:64:3b:57:57:8d:bd:65:94:ec:a0:2a:ac:88:aa:e7:e8:
         e9:b7:2f:0b:1d:8b:7e:44:48:1e:58:bc:36:73:43:34:4c:a3:
         4f:c8:e2:92:a0:a7:0e:3a:27:20:00:1b:93:35:00:de:1b:f7:
         b4:6e:2f:73:bc:96:96:51:2e:26:93:de:3f:1e:9b:99:cd:e2:
         d3:09:0e:ba:22:0c:a7:1f:cb:e3:52:57:02:3b:c5:ed:09:86:
         03:95:65:60
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw1TPRCkwoR4BneO7Z/chjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYTliMzk0OTJlYjE2ZTdiNzZlOTgwOTY1MWNlNTMzNWYz
MGY2NGYwHhcNMjMwMTAyMDQ1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTdlZDY4ZGQ5ZjRiNGYzZGI3NmM1MTY0MTg1ZWFkOTRkNjIwYmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Fu9WJ3K/ddAhxKrAUEKW74l+m24
Wx0XKmH6uPlonDT8ZJgsqSRiwrsdpUc3UP/WabTzDxUKKDqD/LzDAAw97dPEFQg8
5LWN8ML43synHmqMtm84CpmJaN7VQc/nYXZemCaXLS8YkTbyFQA737nykpPyEwH9
MqFMi7slP44w+a0/VLkFCyd+rpHb3Agldx7ZGmppKgHPB1jvnGaRPtfB9ZGQPSWV
y8dTMXh51vUj7k0QrrYs3iy/t+l66kQpWuzEWEoy3Tu2Kj5RuaR0HvaYAykVAMN4
Oc31f3VUXz0H/+vcc6RL5qK3YvbcOHCHXDgOk61sUG8e608mHe+Gsf4wCQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFO5+1o3Z9LTz23bFFkGF6tlNYgvLMB8GA1UdIwQY
MBaAFOups5SS6xbnt26YCWUc5TNfMPZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjZtemxKTHJGdWUzYnBnSlpSemxNMTh3OWs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jMGRiNGMtYWNmYi00OGVmLThmMzEt
MGIyZWM2ZWVmMDFmLzEvN243V2pkbjB0UFBiZHNVV1FZWHEyVTFpQzhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jMGRiNGMtYWNmYi00OGVmLThmMzEtMGIyZWM2ZWVmMDFm
LzEvNjZtemxKTHJGdWUzYnBnSlpSemxNMTh3OWs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAlU
MA0GCSqGSIb3DQEBCwUAA4IBAQAb0hll6sQBvmmn0icONVOeKjAfhk3vWyMjxFrF
QgIi4Wke9dFknKCi+g1IcstIACVdLY6b0e0LhEejnQCwYVHvvcK7VHaimXykubBi
sGQp+y1p0kLVDjDgZEIQZWOaTEKmT4ORGutopCZhPKhMje1vlcNOCgaqb4jMan54
vFw1LIcMW6jVcJlo1D7UkU7KjpdRd6AnOh1ZDNgXnqwsLlafifmWFGQ7V1eNvWWU
7KAqrIiq5+jpty8LHYt+REgeWLw2c0M0TKNPyOKSoKcOOicgABuTNQDeG/e0bi9z
vJaWUS4mk94/HpuZzeLTCQ66IgynH8vjUlcCO8XtCYYDlWVg
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:30:47 2024 by rpki-client on console-fra.rpki-client.org