Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/Nt3UcShLbU2lBHB8RjzBi95pONA.roa
File:                     Nt3UcShLbU2lBHB8RjzBi95pONA.roa (raw, json)
Hash identifier:          84BAksGcIWXzZdVW3b/3fLjKJyt1aV8G+8UzeeRRyRQ=
Subject key identifier:   36:DD:D4:71:28:4B:6D:4D:A5:04:70:7C:46:3C:C1:8B:DE:69:38:D0
Certificate issuer:       /CN=d81cf1aac21aa5823b019de91aeeec23e3e526db
Certificate serial:       018EBD3CF545F218F7DEA851F9587C2F43BC
Authority key identifier: D8:1C:F1:AA:C2:1A:A5:82:3B:01:9D:E9:1A:EE:EC:23:E3:E5:26:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2BzxqsIapYI7AZ3pGu7sI-PlJts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/Nt3UcShLbU2lBHB8RjzBi95pONA.roa
Signing time:             Mon 08 Apr 2024 10:24:32 +0000
ROA not before:           Mon 08 Apr 2024 10:24:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204027
IP address blocks:        2001:678:f0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 11 Apr 2024 05:50:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:bd:3c:f5:45:f2:18:f7:de:a8:51:f9:58:7c:2f:43:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d81cf1aac21aa5823b019de91aeeec23e3e526db
        Validity
            Not Before: Apr  8 10:24:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=36ddd471284b6d4da504707c463cc18bde6938d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:b3:9a:74:cc:71:31:b5:8b:5a:85:b5:96:93:
                    d1:03:eb:f2:4e:1f:4b:56:05:50:df:f3:d6:16:a8:
                    f2:44:c4:16:c0:1a:1a:9a:62:3d:89:4a:5f:69:ba:
                    d1:2a:d0:33:77:29:5e:d9:64:ee:9a:98:2a:b3:32:
                    cf:01:c3:0e:dc:24:1c:f5:30:aa:05:78:f3:ca:0c:
                    a3:24:24:be:df:c5:7f:88:a9:88:15:e8:b6:9c:b3:
                    95:2a:d4:03:27:38:6c:42:97:c2:bc:8a:ec:1a:7b:
                    4b:ca:7d:89:ec:c0:03:cd:21:16:46:42:3d:8e:00:
                    45:d1:43:bc:d6:f4:ce:2f:70:73:97:e9:77:1d:0a:
                    e8:39:1f:fa:ad:0e:eb:f1:d3:9c:7f:00:68:de:e2:
                    28:96:c2:da:1e:0b:9a:ac:04:28:8c:cb:1b:e9:fb:
                    3f:93:81:a4:a0:47:5d:9d:75:2f:d6:09:4b:5f:bc:
                    64:a7:e8:12:20:05:01:4d:1e:b4:64:3a:d6:49:b7:
                    44:98:2d:80:ee:0c:8f:37:e5:c5:f6:18:0e:1b:03:
                    84:3d:b3:85:12:f4:b1:6f:a4:ff:61:b4:8a:28:43:
                    84:4a:3d:9e:95:ff:6d:bc:ae:55:39:82:45:20:26:
                    53:2b:f2:3c:6e:35:74:ad:a1:9c:20:36:10:c8:ab:
                    81:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:DD:D4:71:28:4B:6D:4D:A5:04:70:7C:46:3C:C1:8B:DE:69:38:D0
            X509v3 Authority Key Identifier:
                keyid:D8:1C:F1:AA:C2:1A:A5:82:3B:01:9D:E9:1A:EE:EC:23:E3:E5:26:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BzxqsIapYI7AZ3pGu7sI-PlJts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/Nt3UcShLbU2lBHB8RjzBi95pONA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/2BzxqsIapYI7AZ3pGu7sI-PlJts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:f0::/48

    Signature Algorithm: sha256WithRSAEncryption
         92:97:2f:06:dc:89:84:b4:8e:33:5c:66:f8:85:78:97:94:57:
         ed:73:24:6a:27:08:7c:17:5c:70:9c:38:f6:0e:29:8d:69:a5:
         26:ef:26:a5:96:33:62:b4:03:b2:9f:e6:8a:c0:54:2e:3d:d0:
         73:68:d7:c5:3d:8e:61:80:89:5a:e5:b8:39:25:8e:47:c7:42:
         a9:32:61:cd:d5:45:44:8d:1c:f0:3f:30:33:7b:6f:62:e7:9c:
         45:11:73:61:db:b3:0a:7c:d0:c8:ee:fd:53:21:0e:d1:d1:4a:
         7d:ad:1c:cd:9a:b3:c4:0b:47:be:e8:2b:59:c1:8f:4e:b7:a2:
         89:61:cb:85:d1:27:ad:45:ab:0b:50:c1:e0:e2:4a:eb:f9:b2:
         0b:a4:53:91:55:43:34:59:51:e2:9d:09:88:50:d5:77:61:bc:
         8b:d6:2c:92:e8:4c:e4:cf:ec:7d:d0:15:98:ee:f7:39:b4:e3:
         1a:40:02:12:25:f1:6b:11:12:e6:01:dd:fb:21:35:c4:1b:e7:
         2c:b0:b8:cc:b7:99:02:fa:fd:e9:16:4d:bd:ef:61:4c:b4:52:
         71:70:93:e9:40:51:6e:c5:29:ba:19:d7:5e:79:a4:72:7c:59:
         1b:9b:04:00:93:69:ee:29:21:6e:66:d3:43:14:7b:ff:f8:80:
         6d:ea:13:97
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY69PPVF8hj33qhR+Vh8L0O8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MWNmMWFhYzIxYWE1ODIzYjAxOWRlOTFhZWVlYzIzZTNl
NTI2ZGIwHhcNMjQwNDA4MTAyNDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmRkZDQ3MTI4NGI2ZDRkYTUwNDcwN2M0NjNjYzE4YmRlNjkzOGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrOadMxxMbWLWoW1lpPRA+vyTh9L
VgVQ3/PWFqjyRMQWwBoammI9iUpfabrRKtAzdyle2WTumpgqszLPAcMO3CQc9TCq
BXjzygyjJCS+38V/iKmIFei2nLOVKtQDJzhsQpfCvIrsGntLyn2J7MADzSEWRkI9
jgBF0UO81vTOL3Bzl+l3HQroOR/6rQ7r8dOcfwBo3uIolsLaHguarAQojMsb6fs/
k4GkoEddnXUv1glLX7xkp+gSIAUBTR60ZDrWSbdEmC2A7gyPN+XF9hgOGwOEPbOF
EvSxb6T/YbSKKEOESj2elf9tvK5VOYJFICZTK/I8bjV0raGcIDYQyKuBKQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDbd1HEoS21NpQRwfEY8wYveaTjQMB8GA1UdIwQY
MBaAFNgc8arCGqWCOwGd6Rru7CPj5SbbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJ6eHFzSWFwWUk3QVozcEd1N3NJLVBsSnRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9iOGE2YTQtZjdlYS00YWZlLWI2MGYt
OWMwZGUzNjUyNzM4LzEvTnQzVWNTaExiVTJsQkhCOFJqekJpOTVwT05BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9iOGE2YTQtZjdlYS00YWZlLWI2MGYtOWMwZGUzNjUyNzM4
LzEvMkJ6eHFzSWFwWUk3QVozcEd1N3NJLVBsSnRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeADw
MA0GCSqGSIb3DQEBCwUAA4IBAQCSly8G3ImEtI4zXGb4hXiXlFftcyRqJwh8F1xw
nDj2DimNaaUm7yalljNitAOyn+aKwFQuPdBzaNfFPY5hgIla5bg5JY5Hx0KpMmHN
1UVEjRzwPzAze29i55xFEXNh27MKfNDI7v1TIQ7R0Up9rRzNmrPEC0e+6CtZwY9O
t6KJYcuF0SetRasLUMHg4krr+bILpFORVUM0WVHinQmIUNV3YbyL1iyS6Ezkz+x9
0BWY7vc5tOMaQAISJfFrERLmAd37ITXEG+cssLjMt5kC+v3pFk2972FMtFJxcJPp
QFFuxSm6GddeeaRyfFkbmwQAk2nuKSFuZtNDFHv/+IBt6hOX
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:24 2024 by rpki-client on console-ams.rpki-client.org