Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/26b4e2-caa0-48a3-8117-7d593033d005/1/H_ZtITRcI1NlV6SPRIjC-X2HJEw.roa
File:                     H_ZtITRcI1NlV6SPRIjC-X2HJEw.roa (raw, json)
Hash identifier:          UrWMQPVNzQ3aL8Iv2rsxPAUIb97v10ySyL0TYSBBVGo=
Subject key identifier:   1F:F6:6D:21:34:5C:23:53:65:57:A4:8F:44:88:C2:F9:7D:87:24:4C
Certificate issuer:       /CN=71602627679a4980b70d8ade578f14192fafeb95
Certificate serial:       01856DA65FFA1827239F1E82240A19C72EC4
Authority key identifier: 71:60:26:27:67:9A:49:80:B7:0D:8A:DE:57:8F:14:19:2F:AF:EB:95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cWAmJ2eaSYC3DYreV48UGS-v65U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/26b4e2-caa0-48a3-8117-7d593033d005/1/H_ZtITRcI1NlV6SPRIjC-X2HJEw.roa
Signing time:             Sun 01 Jan 2023 14:04:58 +0000
ROA not before:           Sun 01 Jan 2023 14:04:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42352
IP address blocks:        2a07:76c0:1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:a6:5f:fa:18:27:23:9f:1e:82:24:0a:19:c7:2e:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71602627679a4980b70d8ade578f14192fafeb95
        Validity
            Not Before: Jan  1 14:04:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1ff66d21345c23536557a48f4488c2f97d87244c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:d4:f0:39:5b:14:57:2b:39:b9:bc:1a:ea:d4:
                    11:23:e7:e8:81:57:68:57:17:77:7f:48:2a:af:15:
                    47:a5:45:cd:83:d2:da:8e:81:c9:08:87:46:c8:9d:
                    5b:9b:c6:2a:05:53:de:83:db:d6:20:e2:26:a8:ab:
                    41:8f:80:be:87:b9:a8:f0:1c:3a:41:a1:fb:c8:f5:
                    9a:24:fd:94:d9:ce:ea:26:0f:bb:24:8b:0e:2d:cd:
                    f0:8b:86:06:7d:c3:e8:7f:90:d2:d2:9c:9b:55:23:
                    10:4f:f2:77:8c:04:32:21:82:6d:13:b4:2f:42:b1:
                    e5:45:d8:3d:1d:1e:a8:7a:fb:e5:d9:ec:74:78:c5:
                    0e:9d:4e:dc:c7:ec:94:79:f3:86:a0:49:67:12:39:
                    c4:a4:de:31:36:84:bd:c8:d5:f3:00:66:f5:d6:d1:
                    3b:f4:2b:23:09:bb:2e:51:0c:74:16:89:79:70:a2:
                    29:a4:0f:06:9d:05:a0:a1:3d:00:35:db:f8:01:72:
                    c1:53:a9:8c:f3:dc:f5:13:f2:22:45:69:76:1c:39:
                    98:b9:7a:3f:bf:a3:bc:ef:32:22:83:5b:d7:71:6b:
                    96:67:ae:c5:31:0c:d0:b3:15:98:a9:a9:7d:c0:be:
                    32:c7:1c:cb:6d:b0:2b:89:99:be:42:5a:73:30:9b:
                    3c:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:F6:6D:21:34:5C:23:53:65:57:A4:8F:44:88:C2:F9:7D:87:24:4C
            X509v3 Authority Key Identifier:
                keyid:71:60:26:27:67:9A:49:80:B7:0D:8A:DE:57:8F:14:19:2F:AF:EB:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cWAmJ2eaSYC3DYreV48UGS-v65U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/26b4e2-caa0-48a3-8117-7d593033d005/1/H_ZtITRcI1NlV6SPRIjC-X2HJEw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/26b4e2-caa0-48a3-8117-7d593033d005/1/cWAmJ2eaSYC3DYreV48UGS-v65U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:76c0:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         00:b6:05:77:b9:70:ed:86:95:7b:7e:c4:d3:d8:05:8c:3a:8b:
         8d:99:b1:4d:fa:21:ae:95:75:f1:23:a8:00:08:af:fe:33:7d:
         d1:77:8d:ac:64:4f:f1:8b:4a:c8:6f:85:ad:8d:db:5c:51:3c:
         95:cb:fb:6e:2f:51:7c:39:0f:01:5a:c3:4e:0c:e0:29:26:29:
         9a:cd:34:e7:d3:82:24:f1:79:6d:79:15:f5:93:4f:b8:69:d0:
         9b:95:bd:da:35:38:c4:36:05:57:bc:f1:9f:fb:32:4b:ad:2b:
         70:6f:d7:5c:38:ef:c4:b2:9b:a4:8f:06:9b:c7:5e:f1:77:65:
         5e:1d:b2:78:03:0f:da:7c:c7:77:41:1b:39:76:fe:a9:ff:d0:
         4f:59:d0:dd:8f:28:f7:66:5c:a2:45:91:d4:94:f1:85:41:d0:
         b2:a2:9b:a8:6d:19:6f:85:1c:1b:dd:95:6b:77:1a:3d:53:ff:
         f2:28:e7:89:f0:a4:26:2b:c6:5b:3d:c3:c1:81:6e:d4:2d:4e:
         41:aa:83:a8:1c:50:cf:ec:5d:90:72:ef:35:90:c5:ad:1c:46:
         c3:0e:f2:46:1c:ef:8e:b5:b5:79:f7:4f:6a:1b:b0:a8:4a:74:
         5e:74:a5:9c:c9:ea:c7:9a:14:43:ca:13:7b:ca:76:bc:b3:91:
         77:9b:fc:2a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtpl/6GCcjnx6CJAoZxy7EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNjAyNjI3Njc5YTQ5ODBiNzBkOGFkZTU3OGYxNDE5MmZh
ZmViOTUwHhcNMjMwMTAxMTQwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmY2NmQyMTM0NWMyMzUzNjU1N2E0OGY0NDg4YzJmOTdkODcyNDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtTwOVsUVys5ubwa6tQRI+fogVdo
Vxd3f0gqrxVHpUXNg9LajoHJCIdGyJ1bm8YqBVPeg9vWIOImqKtBj4C+h7mo8Bw6
QaH7yPWaJP2U2c7qJg+7JIsOLc3wi4YGfcPof5DS0pybVSMQT/J3jAQyIYJtE7Qv
QrHlRdg9HR6oevvl2ex0eMUOnU7cx+yUefOGoElnEjnEpN4xNoS9yNXzAGb11tE7
9CsjCbsuUQx0Fol5cKIppA8GnQWgoT0ANdv4AXLBU6mM89z1E/IiRWl2HDmYuXo/
v6O87zIig1vXcWuWZ67FMQzQsxWYqal9wL4yxxzLbbAriZm+QlpzMJs8wQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB/2bSE0XCNTZVekj0SIwvl9hyRMMB8GA1UdIwQY
MBaAFHFgJidnmkmAtw2K3lePFBkvr+uVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1dBbUoyZWFTWUMzRFlyZVY0OFVHUy12NjVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8yNmI0ZTItY2FhMC00OGEzLTgxMTct
N2Q1OTMwMzNkMDA1LzEvSF9adElUUmNJMU5sVjZTUFJJakMtWDJISkV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8yNmI0ZTItY2FhMC00OGEzLTgxMTctN2Q1OTMwMzNkMDA1
LzEvY1dBbUoyZWFTWUMzRFlyZVY0OFVHUy12NjVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgd2wAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQAAtgV3uXDthpV7fsTT2AWMOouNmbFN+iGulXXx
I6gACK/+M33Rd42sZE/xi0rIb4WtjdtcUTyVy/tuL1F8OQ8BWsNODOApJimazTTn
04Ik8XlteRX1k0+4adCblb3aNTjENgVXvPGf+zJLrStwb9dcOO/Espukjwabx17x
d2VeHbJ4Aw/afMd3QRs5dv6p/9BPWdDdjyj3ZlyiRZHUlPGFQdCyopuobRlvhRwb
3ZVrdxo9U//yKOeJ8KQmK8ZbPcPBgW7ULU5BqoOoHFDP7F2Qcu81kMWtHEbDDvJG
HO+OtbV5909qG7CoSnRedKWcyerHmhRDyhN7yna8s5F3m/wq
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:36 2024 by rpki-client on console-ams.rpki-client.org