Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/120715-2689-4b1c-a6b8-417320cbae55/1/QxYEbFvY7AQ5XpH5Ux53soyuoNY.roa
File:                     QxYEbFvY7AQ5XpH5Ux53soyuoNY.roa (raw, json)
Hash identifier:          rUkpxJrkHCpJqjPVvD3DQMvgwacMqandwSAXQ2x8TMc=
Subject key identifier:   43:16:04:6C:5B:D8:EC:04:39:5E:91:F9:53:1E:77:B2:8C:AE:A0:D6
Certificate issuer:       /CN=bb70b89281cdb761a04adcbc0ac41705413150e9
Certificate serial:       0186E4B4054C992E15EB07EB4C9132758574
Authority key identifier: BB:70:B8:92:81:CD:B7:61:A0:4A:DC:BC:0A:C4:17:05:41:31:50:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u3C4koHNt2GgSty8CsQXBUExUOk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/120715-2689-4b1c-a6b8-417320cbae55/1/QxYEbFvY7AQ5XpH5Ux53soyuoNY.roa
Signing time:             Wed 15 Mar 2023 09:57:28 +0000
ROA not before:           Wed 15 Mar 2023 09:57:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199545
IP address blocks:        2001:67c:bec::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:e4:b4:05:4c:99:2e:15:eb:07:eb:4c:91:32:75:85:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb70b89281cdb761a04adcbc0ac41705413150e9
        Validity
            Not Before: Mar 15 09:57:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4316046c5bd8ec04395e91f9531e77b28caea0d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:56:bb:8e:53:65:fe:11:11:d3:17:b2:e6:99:
                    05:16:82:a2:d0:2e:ff:f9:89:84:93:dc:41:a7:59:
                    ec:4b:07:f2:89:29:d7:da:17:90:8b:8e:60:4a:a0:
                    ac:55:c9:b3:af:10:f6:42:c4:d6:78:a3:a9:6e:79:
                    d8:b8:97:b4:95:89:20:2d:e8:54:90:7b:45:28:01:
                    b6:a0:9d:0e:42:ed:55:d1:fd:07:ec:98:4d:07:e6:
                    0e:f9:ad:d1:1c:b8:91:ed:06:fa:3f:d6:83:e6:d7:
                    e8:71:e1:33:8f:c9:72:52:9f:f4:f0:77:35:30:03:
                    13:41:9f:21:8b:32:fd:bb:2c:5f:c8:23:24:0c:88:
                    6b:44:0a:bc:17:50:e4:cc:92:1a:cd:f0:af:bb:7b:
                    84:79:af:4e:e2:1a:c9:d6:43:04:4a:d4:03:60:f9:
                    ac:19:16:dc:c6:da:ec:37:1d:f5:98:bf:0f:43:b8:
                    13:8a:f4:13:16:08:10:36:ad:90:91:1e:95:92:65:
                    5c:ca:f3:8d:3b:5f:33:9a:44:4d:8b:b1:bc:1f:c1:
                    e7:e4:e9:ec:df:e8:c3:9f:33:fd:5e:8d:01:9c:30:
                    b0:52:50:f7:98:df:de:ce:d8:ad:5a:97:86:a6:cb:
                    7d:28:1c:88:e8:65:18:77:0c:ef:25:6f:a8:97:2c:
                    cf:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:16:04:6C:5B:D8:EC:04:39:5E:91:F9:53:1E:77:B2:8C:AE:A0:D6
            X509v3 Authority Key Identifier:
                keyid:BB:70:B8:92:81:CD:B7:61:A0:4A:DC:BC:0A:C4:17:05:41:31:50:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u3C4koHNt2GgSty8CsQXBUExUOk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/120715-2689-4b1c-a6b8-417320cbae55/1/QxYEbFvY7AQ5XpH5Ux53soyuoNY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/120715-2689-4b1c-a6b8-417320cbae55/1/u3C4koHNt2GgSty8CsQXBUExUOk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:bec::/48

    Signature Algorithm: sha256WithRSAEncryption
         b9:36:12:c4:a2:62:6f:59:00:38:ea:0f:44:1b:a3:e6:7e:80:
         27:da:c2:5f:03:8b:10:16:0b:b6:ac:e3:2b:d5:c6:a2:83:ac:
         ab:db:44:9c:1f:da:55:b9:bb:20:6e:a6:d2:88:cd:11:fe:7e:
         a5:df:a6:f2:47:0e:e6:d4:0e:23:af:c0:e0:dc:f2:75:11:7d:
         90:c0:af:a8:32:03:15:b3:0c:2b:19:1a:6e:9f:f2:26:db:b6:
         d4:2d:2d:00:6d:46:95:cd:5a:d0:6c:78:57:fb:25:2e:9c:7d:
         33:a7:c2:89:67:2a:0e:81:7d:4a:10:2e:ee:c8:72:7b:da:91:
         4d:8c:8d:37:1e:4a:e1:19:96:b5:07:84:0e:67:cd:f6:2d:e4:
         79:e7:72:9b:3e:56:d7:2e:e7:60:a6:ff:3e:01:be:23:1c:77:
         64:0f:59:f3:9a:75:c7:7e:14:64:f1:ce:72:0b:8a:41:04:00:
         e0:79:c4:b1:ed:5b:6d:12:b3:4a:e2:d6:84:0e:94:6c:6c:2f:
         0a:7a:38:77:c9:b8:9a:2a:66:7d:45:ed:73:d8:cd:2b:5b:e7:
         1f:f4:03:2d:2f:bc:0e:e3:a3:89:64:52:0c:ba:5c:99:22:7f:
         de:88:23:3e:04:76:26:10:a2:6a:fe:72:5b:66:cb:65:0f:30:
         2e:10:53:c6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYbktAVMmS4V6wfrTJEydYV0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNzBiODkyODFjZGI3NjFhMDRhZGNiYzBhYzQxNzA1NDEz
MTUwZTkwHhcNMjMwMzE1MDk1NzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzE2MDQ2YzViZDhlYzA0Mzk1ZTkxZjk1MzFlNzdiMjhjYWVhMGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA91a7jlNl/hER0xey5pkFFoKi0C7/
+YmEk9xBp1nsSwfyiSnX2heQi45gSqCsVcmzrxD2QsTWeKOpbnnYuJe0lYkgLehU
kHtFKAG2oJ0OQu1V0f0H7JhNB+YO+a3RHLiR7Qb6P9aD5tfoceEzj8lyUp/08Hc1
MAMTQZ8hizL9uyxfyCMkDIhrRAq8F1DkzJIazfCvu3uEea9O4hrJ1kMEStQDYPms
GRbcxtrsNx31mL8PQ7gTivQTFggQNq2QkR6VkmVcyvONO18zmkRNi7G8H8Hn5Ons
3+jDnzP9Xo0BnDCwUlD3mN/eztitWpeGpst9KByI6GUYdwzvJW+olyzPVQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEMWBGxb2OwEOV6R+VMed7KMrqDWMB8GA1UdIwQY
MBaAFLtwuJKBzbdhoErcvArEFwVBMVDpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTNDNGtvSE50MkdnU3R5OENzUVhCVUV4VU9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xMjA3MTUtMjY4OS00YjFjLWE2Yjgt
NDE3MzIwY2JhZTU1LzEvUXhZRWJGdlk3QVE1WHBINVV4NTNzb3l1b05ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xMjA3MTUtMjY4OS00YjFjLWE2YjgtNDE3MzIwY2JhZTU1
LzEvdTNDNGtvSE50MkdnU3R5OENzUVhCVUV4VU9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAvs
MA0GCSqGSIb3DQEBCwUAA4IBAQC5NhLEomJvWQA46g9EG6PmfoAn2sJfA4sQFgu2
rOMr1caig6yr20ScH9pVubsgbqbSiM0R/n6l36byRw7m1A4jr8Dg3PJ1EX2QwK+o
MgMVswwrGRpun/Im27bULS0AbUaVzVrQbHhX+yUunH0zp8KJZyoOgX1KEC7uyHJ7
2pFNjI03HkrhGZa1B4QOZ832LeR553KbPlbXLudgpv8+Ab4jHHdkD1nzmnXHfhRk
8c5yC4pBBADgecSx7VttErNK4taEDpRsbC8Kejh3ybiaKmZ9Re1z2M0rW+cf9AMt
L7wO46OJZFIMulyZIn/eiCM+BHYmEKJq/nJbZstlDzAuEFPG
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:27 2024 by rpki-client on console-ams.rpki-client.org