Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/0f355a-3a0a-46ec-b07f-866607af2fa5/1/VRgwu8trwYme6y-Kf1i67qcSlOE.roa
File:                     VRgwu8trwYme6y-Kf1i67qcSlOE.roa (raw, json)
Hash identifier:          njy43a+IymtGsnWHUZ1oUPZzbFim/99eTwtFgrEkHvA=
Subject key identifier:   55:18:30:BB:CB:6B:C1:89:9E:EB:2F:8A:7F:58:BA:EE:A7:12:94:E1
Certificate issuer:       /CN=a378118db05e4c93e76fa1f1c95679c705beb208
Certificate serial:       018C81AECEC27A4EE127FF4554B80ED1ABED
Authority key identifier: A3:78:11:8D:B0:5E:4C:93:E7:6F:A1:F1:C9:56:79:C7:05:BE:B2:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o3gRjbBeTJPnb6HxyVZ5xwW-sgg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/0f355a-3a0a-46ec-b07f-866607af2fa5/1/VRgwu8trwYme6y-Kf1i67qcSlOE.roa
Signing time:             Tue 19 Dec 2023 10:46:06 +0000
ROA not before:           Tue 19 Dec 2023 10:46:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15435
IP address blocks:        2001:67c:2ef0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:81:ae:ce:c2:7a:4e:e1:27:ff:45:54:b8:0e:d1:ab:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a378118db05e4c93e76fa1f1c95679c705beb208
        Validity
            Not Before: Dec 19 10:46:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=551830bbcb6bc1899eeb2f8a7f58baeea71294e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:50:ed:c2:f5:45:58:df:fd:03:4a:31:39:d4:
                    0c:30:fd:c7:9c:a8:94:42:7d:42:81:7e:b9:9d:ef:
                    9f:a7:f2:37:82:69:93:ec:f0:d1:28:4a:49:b7:bb:
                    fd:08:89:30:fb:96:c3:81:57:31:79:38:7d:1d:4c:
                    a0:e9:b5:1c:4b:4b:0f:88:ee:07:fd:4e:09:a5:d5:
                    c4:ea:11:99:83:4f:23:55:10:68:13:e9:a0:74:7c:
                    b5:01:92:22:5d:b9:1c:3f:90:79:0c:13:05:f6:b6:
                    4e:48:88:6b:b7:17:b1:4b:89:88:a9:7e:b7:c2:dd:
                    db:f3:8c:67:e0:1c:55:2a:5d:54:1e:06:9d:0c:ff:
                    77:ba:d5:0d:04:b8:8a:6d:8f:73:c4:3b:07:30:7a:
                    9c:93:bd:be:3d:38:2d:29:b9:3c:37:a7:dd:fa:d7:
                    31:80:9c:1d:2d:e5:20:5e:84:59:20:6e:1c:ce:37:
                    a5:c6:a2:e8:50:ff:7f:65:9c:97:1c:dd:d7:a8:af:
                    f7:b0:64:65:b1:12:fb:68:f1:67:89:05:51:ca:b7:
                    6d:60:47:92:44:9a:d2:e7:42:a3:db:41:5e:b6:3a:
                    d9:5e:37:25:22:83:73:05:8b:3f:27:81:7a:34:c0:
                    6c:9b:43:39:62:8f:78:d0:b4:2b:05:ee:0c:09:f3:
                    27:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:18:30:BB:CB:6B:C1:89:9E:EB:2F:8A:7F:58:BA:EE:A7:12:94:E1
            X509v3 Authority Key Identifier:
                keyid:A3:78:11:8D:B0:5E:4C:93:E7:6F:A1:F1:C9:56:79:C7:05:BE:B2:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3gRjbBeTJPnb6HxyVZ5xwW-sgg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/0f355a-3a0a-46ec-b07f-866607af2fa5/1/VRgwu8trwYme6y-Kf1i67qcSlOE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/0f355a-3a0a-46ec-b07f-866607af2fa5/1/o3gRjbBeTJPnb6HxyVZ5xwW-sgg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:2ef0::/48

    Signature Algorithm: sha256WithRSAEncryption
         00:f2:ee:e4:91:f4:c9:7c:64:bc:cb:55:9f:64:0a:13:19:4e:
         1c:83:b4:2a:c2:a7:e6:84:d4:c1:7c:1e:20:4b:83:be:7c:80:
         f9:78:a9:48:20:63:c9:26:c5:ff:ad:41:67:12:52:cf:a7:82:
         6d:0d:26:7e:10:56:13:33:e0:01:c6:f9:b8:a3:a5:d0:3c:c4:
         95:42:19:96:b6:13:f0:c7:74:88:7e:5c:e3:98:8b:a8:30:c9:
         30:70:25:d5:87:4a:aa:5b:08:01:92:e1:16:46:d2:7d:a5:22:
         70:10:59:da:19:5d:78:e7:49:2a:e0:12:a4:65:fb:b8:9a:24:
         a6:70:d3:45:5a:ae:d4:29:1f:a3:e1:aa:51:cb:e6:fb:d2:df:
         d2:e3:64:22:57:af:07:60:54:c6:5c:c5:d1:b8:ae:d9:83:76:
         fa:65:27:3e:a6:a0:43:f2:0b:6f:ed:23:c0:7e:c5:88:65:10:
         d9:44:66:d1:d7:df:46:07:da:6a:ac:36:c8:13:5a:db:d6:8f:
         80:36:98:c7:31:7a:7b:86:3e:ae:27:b7:82:74:30:38:eb:5c:
         d7:7e:b6:12:fb:6f:03:47:76:66:eb:86:86:d3:13:8e:83:51:
         43:00:77:cc:53:20:f2:35:e2:33:01:3e:77:0b:2a:a5:f3:29:
         58:85:31:83
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYyBrs7Cek7hJ/9FVLgO0avtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzgxMThkYjA1ZTRjOTNlNzZmYTFmMWM5NTY3OWM3MDVi
ZWIyMDgwHhcNMjMxMjE5MTA0NjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTE4MzBiYmNiNmJjMTg5OWVlYjJmOGE3ZjU4YmFlZWE3MTI5NGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVDtwvVFWN/9A0oxOdQMMP3HnKiU
Qn1CgX65ne+fp/I3gmmT7PDRKEpJt7v9CIkw+5bDgVcxeTh9HUyg6bUcS0sPiO4H
/U4JpdXE6hGZg08jVRBoE+mgdHy1AZIiXbkcP5B5DBMF9rZOSIhrtxexS4mIqX63
wt3b84xn4BxVKl1UHgadDP93utUNBLiKbY9zxDsHMHqck72+PTgtKbk8N6fd+tcx
gJwdLeUgXoRZIG4czjelxqLoUP9/ZZyXHN3XqK/3sGRlsRL7aPFniQVRyrdtYEeS
RJrS50Kj20FetjrZXjclIoNzBYs/J4F6NMBsm0M5Yo940LQrBe4MCfMnVQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFUYMLvLa8GJnusvin9Yuu6nEpThMB8GA1UdIwQY
MBaAFKN4EY2wXkyT52+h8clWeccFvrIIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNnUmpiQmVUSlBuYjZIeHlWWjV4d1ctc2dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8wZjM1NWEtM2EwYS00NmVjLWIwN2Yt
ODY2NjA3YWYyZmE1LzEvVlJnd3U4dHJ3WW1lNnktS2YxaTY3cWNTbE9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS8wZjM1NWEtM2EwYS00NmVjLWIwN2YtODY2NjA3YWYyZmE1
LzEvbzNnUmpiQmVUSlBuYjZIeHlWWjV4d1ctc2dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC7w
MA0GCSqGSIb3DQEBCwUAA4IBAQAA8u7kkfTJfGS8y1WfZAoTGU4cg7QqwqfmhNTB
fB4gS4O+fID5eKlIIGPJJsX/rUFnElLPp4JtDSZ+EFYTM+ABxvm4o6XQPMSVQhmW
thPwx3SIflzjmIuoMMkwcCXVh0qqWwgBkuEWRtJ9pSJwEFnaGV1450kq4BKkZfu4
miSmcNNFWq7UKR+j4apRy+b70t/S42QiV68HYFTGXMXRuK7Zg3b6ZSc+pqBD8gtv
7SPAfsWIZRDZRGbR199GB9pqrDbIE1rb1o+ANpjHMXp7hj6uJ7eCdDA461zXfrYS
+28DR3Zm64aG0xOOg1FDAHfMUyDyNeIzAT53Cyql8ylYhTGD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:03 2024 by rpki-client on console-fra.rpki-client.org