Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/81bf03-695c-4bb1-a10c-e7edeba7b702/1/4HoNr2ogRs8SnCKbISXLzz8Yc78.roa
File:                     4HoNr2ogRs8SnCKbISXLzz8Yc78.roa (raw, json)
Hash identifier:          Z+tLbbz1qIas8UGXLmESz4YNt0WHx7hiZiTY3sOyYaM=
Subject key identifier:   E0:7A:0D:AF:6A:20:46:CF:12:9C:22:9B:21:25:CB:CF:3F:18:73:BF
Certificate issuer:       /CN=a8c6ee76c4e8d94614e082505ffe8c991a24af8a
Certificate serial:       01856ED4D7B75CA20C71332A8E44E3BCFE33
Authority key identifier: A8:C6:EE:76:C4:E8:D9:46:14:E0:82:50:5F:FE:8C:99:1A:24:AF:8A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qMbudsTo2UYU4IJQX_6MmRokr4o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/81bf03-695c-4bb1-a10c-e7edeba7b702/1/4HoNr2ogRs8SnCKbISXLzz8Yc78.roa
Signing time:             Sun 01 Jan 2023 19:35:20 +0000
ROA not before:           Sun 01 Jan 2023 19:35:20 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212125
IP address blocks:        2001:67c:2904::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:d4:d7:b7:5c:a2:0c:71:33:2a:8e:44:e3:bc:fe:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8c6ee76c4e8d94614e082505ffe8c991a24af8a
        Validity
            Not Before: Jan  1 19:35:20 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e07a0daf6a2046cf129c229b2125cbcf3f1873bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:0c:4b:af:4b:c5:ea:3d:1c:da:b7:8a:8d:cf:
                    ef:3b:1a:ea:7b:a2:04:c6:dd:e5:60:97:f9:50:75:
                    4f:bb:ef:ee:2a:2b:73:95:40:0b:e3:22:13:7b:be:
                    eb:af:4a:84:cf:25:c1:10:a6:b2:f3:e3:90:67:1a:
                    fa:2f:58:e6:8b:9b:9f:36:aa:c4:3a:84:be:94:ba:
                    eb:c4:c0:a3:7e:69:81:40:7d:d8:94:a9:73:b2:c9:
                    fc:4b:c0:b2:e2:7b:b9:59:57:56:e1:c9:90:da:94:
                    3b:eb:3d:e8:62:49:55:de:23:f6:3a:45:56:7f:ed:
                    8a:76:bf:da:6a:5c:a9:9a:7d:c6:a7:05:b3:bb:7b:
                    f8:2d:f9:6f:f9:7d:91:2b:48:ed:3a:6d:d8:6d:09:
                    7a:79:23:6d:70:d4:75:a7:c7:9c:b6:11:07:d4:c5:
                    f5:aa:2c:2e:c9:01:14:23:22:4e:6e:32:35:75:a1:
                    57:e1:40:dc:b6:fa:b8:dc:28:55:a9:5c:75:94:d2:
                    b8:1b:87:07:21:e0:fd:05:cd:3c:fb:7f:b9:ce:f7:
                    9e:b4:31:a7:64:27:86:68:9d:7d:ea:8c:6c:e8:e0:
                    1e:94:ec:bc:7b:92:c9:c1:66:5e:65:0e:71:c8:c0:
                    eb:9f:b2:ed:35:33:56:e7:41:99:4b:fd:97:ba:79:
                    e3:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:7A:0D:AF:6A:20:46:CF:12:9C:22:9B:21:25:CB:CF:3F:18:73:BF
            X509v3 Authority Key Identifier:
                keyid:A8:C6:EE:76:C4:E8:D9:46:14:E0:82:50:5F:FE:8C:99:1A:24:AF:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qMbudsTo2UYU4IJQX_6MmRokr4o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/81bf03-695c-4bb1-a10c-e7edeba7b702/1/4HoNr2ogRs8SnCKbISXLzz8Yc78.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/81bf03-695c-4bb1-a10c-e7edeba7b702/1/qMbudsTo2UYU4IJQX_6MmRokr4o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:2904::/48

    Signature Algorithm: sha256WithRSAEncryption
         64:2a:8b:68:64:0c:89:bf:74:85:02:1e:cc:8b:ce:ba:f6:a3:
         9e:f1:29:dd:5d:9e:4d:53:17:12:c0:86:33:02:8b:b2:ee:64:
         bc:9c:f3:83:e2:bc:fd:88:ed:c6:1c:71:84:eb:69:8b:cd:c9:
         40:c0:44:c8:16:7b:d1:39:49:1f:3d:0c:85:0e:3f:8d:d4:3b:
         8a:e2:c3:5a:9e:c4:96:fb:e6:19:90:77:0c:60:6f:90:87:af:
         90:08:e9:42:e5:5b:57:1f:d7:30:57:8d:27:23:65:04:11:c4:
         55:48:2f:ea:c0:06:20:62:35:18:1a:cb:04:af:cc:22:b0:24:
         d7:d7:96:c0:43:05:d7:17:12:2a:96:36:68:4b:26:5e:a6:61:
         1a:87:2a:4a:6a:08:e2:ee:a6:0d:20:2b:6b:4c:d0:e2:f4:31:
         96:dd:4e:e5:fc:c6:48:cd:fc:4d:ce:5c:b0:4b:f8:c9:9a:4d:
         77:52:f5:92:b9:40:b2:67:bc:3d:29:87:b0:59:5d:9a:b3:01:
         82:50:95:13:61:13:e5:bc:84:fd:d8:c8:ff:b2:08:0b:b0:54:
         23:32:cf:0c:15:23:a9:12:2b:f0:7e:06:c4:46:5e:30:68:6a:
         da:67:88:37:96:13:3c:f5:ac:1e:53:37:2f:e4:87:41:75:ad:
         ff:d8:14:10
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVu1Ne3XKIMcTMqjkTjvP4zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YzZlZTc2YzRlOGQ5NDYxNGUwODI1MDVmZmU4Yzk5MWEy
NGFmOGEwHhcNMjMwMTAxMTkzNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDdhMGRhZjZhMjA0NmNmMTI5YzIyOWIyMTI1Y2JjZjNmMTg3M2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQxLr0vF6j0c2reKjc/vOxrqe6IE
xt3lYJf5UHVPu+/uKitzlUAL4yITe77rr0qEzyXBEKay8+OQZxr6L1jmi5ufNqrE
OoS+lLrrxMCjfmmBQH3YlKlzssn8S8Cy4nu5WVdW4cmQ2pQ76z3oYklV3iP2OkVW
f+2Kdr/aalypmn3GpwWzu3v4Lflv+X2RK0jtOm3YbQl6eSNtcNR1p8ecthEH1MX1
qiwuyQEUIyJObjI1daFX4UDctvq43ChVqVx1lNK4G4cHIeD9Bc08+3+5zveetDGn
ZCeGaJ196oxs6OAelOy8e5LJwWZeZQ5xyMDrn7LtNTNW50GZS/2Xunnj1wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOB6Da9qIEbPEpwimyEly88/GHO/MB8GA1UdIwQY
MBaAFKjG7nbE6NlGFOCCUF/+jJkaJK+KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcU1idWRzVG8yVVlVNElKUVhfNk1tUm9rcjRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi84MWJmMDMtNjk1Yy00YmIxLWExMGMt
ZTdlZGViYTdiNzAyLzEvNEhvTnIyb2dSczhTbkNLYklTWEx6ejhZYzc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi84MWJmMDMtNjk1Yy00YmIxLWExMGMtZTdlZGViYTdiNzAy
LzEvcU1idWRzVG8yVVlVNElKUVhfNk1tUm9rcjRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCkE
MA0GCSqGSIb3DQEBCwUAA4IBAQBkKotoZAyJv3SFAh7Mi8669qOe8SndXZ5NUxcS
wIYzAouy7mS8nPOD4rz9iO3GHHGE62mLzclAwETIFnvROUkfPQyFDj+N1DuK4sNa
nsSW++YZkHcMYG+Qh6+QCOlC5VtXH9cwV40nI2UEEcRVSC/qwAYgYjUYGssEr8wi
sCTX15bAQwXXFxIqljZoSyZepmEahypKagji7qYNICtrTNDi9DGW3U7l/MZIzfxN
zlywS/jJmk13UvWSuUCyZ7w9KYewWV2aswGCUJUTYRPlvIT92Mj/sggLsFQjMs8M
FSOpEivwfgbERl4waGraZ4g3lhM89aweUzcv5IdBda3/2BQQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:03 2024 by rpki-client on console-fra.rpki-client.org