Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/1t5k6kMciRd9SfcFuiTcDSDxyzo.roa
File:                     1t5k6kMciRd9SfcFuiTcDSDxyzo.roa (raw, json)
Hash identifier:          Aa0fhfX8AtCErzgTLWIj8tFVKVzmOd4/RR9iwNwwKXA=
Subject key identifier:   D6:DE:64:EA:43:1C:89:17:7D:49:F7:05:BA:24:DC:0D:20:F1:CB:3A
Certificate issuer:       /CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Certificate serial:       018BB34E55AEEC97B5F69362A1B1FA8C22AE
Authority key identifier: 21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/1t5k6kMciRd9SfcFuiTcDSDxyzo.roa
Signing time:             Thu 09 Nov 2023 08:58:57 +0000
ROA not before:           Thu 09 Nov 2023 08:58:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     174
IP address blocks:        2a0a:2f80::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 09 Nov 2023 09:31:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:b3:4e:55:ae:ec:97:b5:f6:93:62:a1:b1:fa:8c:22:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
        Validity
            Not Before: Nov  9 08:58:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d6de64ea431c89177d49f705ba24dc0d20f1cb3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:a4:20:cc:9d:af:fa:b0:db:6d:7d:e3:36:66:
                    ec:e3:7a:39:6f:09:6b:bf:00:c5:bf:12:af:6e:75:
                    41:09:e2:10:fa:bf:a9:65:12:37:0d:25:90:98:79:
                    1d:5f:c6:42:b2:8c:99:4e:11:c2:9b:34:f1:8d:a4:
                    27:b8:6b:93:cd:61:8e:df:1c:d5:f9:28:fd:c5:62:
                    e6:5e:47:9f:b8:cc:e0:17:59:c5:ac:b5:98:cc:d5:
                    ac:22:3c:45:e0:78:15:32:c3:f6:d7:c0:6f:1a:40:
                    6e:36:5e:7b:93:53:5f:fa:ce:9b:e0:9b:7c:6e:1d:
                    c4:30:45:95:74:29:70:6e:26:e6:ec:c3:ee:88:47:
                    6b:a1:93:3d:45:93:4a:ec:93:38:fe:79:0b:36:05:
                    86:2f:ac:62:f3:6c:13:39:4e:f2:3d:cc:92:a6:fe:
                    59:6a:82:f5:e5:4c:7b:b1:53:52:4f:e4:2e:bc:bd:
                    a1:b7:f4:7c:ed:14:30:84:ab:d6:9f:d1:ba:d8:82:
                    6f:d8:90:4f:b3:68:80:e4:8e:13:99:91:48:1b:90:
                    dc:c1:39:c3:06:bd:33:44:9a:0b:39:6b:61:a6:21:
                    67:62:7f:2f:c4:ec:38:47:c9:c9:7f:82:ca:af:02:
                    a3:a5:9b:0f:9a:68:11:a8:d8:3d:aa:65:5e:f4:e6:
                    a4:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:DE:64:EA:43:1C:89:17:7D:49:F7:05:BA:24:DC:0D:20:F1:CB:3A
            X509v3 Authority Key Identifier:
                keyid:21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/1t5k6kMciRd9SfcFuiTcDSDxyzo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:2f80::/32

    Signature Algorithm: sha256WithRSAEncryption
         4f:34:72:8e:bc:c3:e5:ca:39:a4:7a:78:ec:ff:5a:f2:33:b2:
         67:63:32:10:fc:de:3b:32:42:da:fa:cf:83:bd:73:a5:4c:91:
         58:08:d0:cb:6e:dd:95:c9:c7:99:2c:b4:24:2f:ab:2d:66:9d:
         d3:7b:4c:0e:14:d2:86:7d:43:92:e0:82:a8:0b:70:e1:33:a0:
         5f:dd:59:cd:50:8c:ad:64:92:25:f0:a7:99:f8:1b:02:47:64:
         0e:95:a4:25:53:30:37:89:b4:16:55:64:5a:ca:a9:d5:e4:c3:
         41:9c:10:13:26:ec:dd:5e:2b:e0:df:14:04:be:05:5e:c3:77:
         6e:9a:c6:db:61:16:be:4d:da:17:ee:e6:f1:5c:62:7c:f7:b7:
         e0:1c:46:4c:22:17:3c:5f:e2:38:25:25:c6:80:86:2e:a9:31:
         24:92:c7:11:be:5d:b2:ca:8a:06:b0:cc:29:58:43:6b:09:93:
         ab:10:4e:fb:3c:fb:3c:22:eb:ef:2f:e6:46:78:c4:aa:cc:57:
         5b:c4:61:48:a0:d8:86:b9:cf:a6:85:7b:4a:b0:37:c8:6e:c0:
         94:f0:d3:ca:78:60:bb:96:3f:73:9c:ef:83:be:eb:f3:62:35:
         8d:98:e9:45:6f:eb:8e:05:dd:77:4e:06:74:d4:b9:bc:02:8b:
         6a:6a:9a:bb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYuzTlWu7Je19pNiobH6jCKuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxY2IyYWMzNzdmYzYwM2Y5NWZhZWNjNTRhYzdkNTkwZjJj
YzMxOWQwHhcNMjMxMTA5MDg1ODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmRlNjRlYTQzMWM4OTE3N2Q0OWY3MDViYTI0ZGMwZDIwZjFjYjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqQgzJ2v+rDbbX3jNmbs43o5bwlr
vwDFvxKvbnVBCeIQ+r+pZRI3DSWQmHkdX8ZCsoyZThHCmzTxjaQnuGuTzWGO3xzV
+Sj9xWLmXkefuMzgF1nFrLWYzNWsIjxF4HgVMsP218BvGkBuNl57k1Nf+s6b4Jt8
bh3EMEWVdClwbibm7MPuiEdroZM9RZNK7JM4/nkLNgWGL6xi82wTOU7yPcySpv5Z
aoL15Ux7sVNST+QuvL2ht/R87RQwhKvWn9G62IJv2JBPs2iA5I4TmZFIG5DcwTnD
Br0zRJoLOWthpiFnYn8vxOw4R8nJf4LKrwKjpZsPmmgRqNg9qmVe9OakKwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNbeZOpDHIkXfUn3Bbok3A0g8cs6MB8GA1UdIwQY
MBaAFCHLKsN3/GA/lfrsxUrH1ZDyzDGdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUt
ZmI0MGQ2ZGEyNDY4LzEvMXQ1azZrTWNpUmQ5U2ZjRnVpVGNEU0R4eXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUtZmI0MGQ2ZGEyNDY4
LzEvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgovgDAN
BgkqhkiG9w0BAQsFAAOCAQEATzRyjrzD5co5pHp47P9a8jOyZ2MyEPzeOzJC2vrP
g71zpUyRWAjQy27dlcnHmSy0JC+rLWad03tMDhTShn1DkuCCqAtw4TOgX91ZzVCM
rWSSJfCnmfgbAkdkDpWkJVMwN4m0FlVkWsqp1eTDQZwQEybs3V4r4N8UBL4FXsN3
bprG22EWvk3aF+7m8VxifPe34BxGTCIXPF/iOCUlxoCGLqkxJJLHEb5dssqKBrDM
KVhDawmTqxBO+zz7PCLr7y/mRnjEqsxXW8RhSKDYhrnPpoV7SrA3yG7AlPDTynhg
u5Y/c5zvg77r82I1jZjpRW/rjgXdd04GdNS5vAKLamqauw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:37 2024 by rpki-client on console-fra.rpki-client.org