Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/hLz3ncaB6VnzQuTwoh_Fvz1K5qo.roa
File:                     hLz3ncaB6VnzQuTwoh_Fvz1K5qo.roa (raw, json)
Hash identifier:          /3wCnNWav5qdSM5s527o0ZVH/L+EkTu2bZUi/9qzymM=
Subject key identifier:   84:BC:F7:9D:C6:81:E9:59:F3:42:E4:F0:A2:1F:C5:BF:3D:4A:E6:AA
Certificate issuer:       /CN=87de085975de6588e07fed135513aa38acedb763
Certificate serial:       018CC5DBE4EA7845D0D854B70081D928E691
Authority key identifier: 87:DE:08:59:75:DE:65:88:E0:7F:ED:13:55:13:AA:38:AC:ED:B7:63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/hLz3ncaB6VnzQuTwoh_Fvz1K5qo.roa
Signing time:             Mon 01 Jan 2024 16:29:31 +0000
ROA not before:           Mon 01 Jan 2024 16:29:31 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     6830
IP address blocks:        2001:67c:2350::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 12 Mar 2024 10:16:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:db:e4:ea:78:45:d0:d8:54:b7:00:81:d9:28:e6:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87de085975de6588e07fed135513aa38acedb763
        Validity
            Not Before: Jan  1 16:29:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=84bcf79dc681e959f342e4f0a21fc5bf3d4ae6aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:8e:d9:ca:e0:74:01:f2:9b:cf:30:0b:63:62:
                    f9:a1:de:b4:c1:b0:aa:6c:1f:34:01:1d:ab:98:3c:
                    68:ac:4c:06:ac:93:cd:b1:54:41:d5:6e:92:3b:d0:
                    cd:90:90:f2:d4:ca:ea:55:03:f0:b6:1c:49:76:88:
                    bc:25:e9:77:05:51:58:4a:58:f6:8f:ae:28:07:c7:
                    c6:55:44:8c:d1:a7:64:02:11:de:67:9c:e3:68:81:
                    fc:83:e6:34:e9:00:cb:36:31:40:c6:3f:49:ca:ac:
                    fd:11:62:3e:da:c8:e7:28:15:8e:90:72:49:78:53:
                    32:bf:55:da:72:6f:72:db:ae:3f:84:5f:80:a7:ce:
                    3f:f6:0f:d5:f9:3f:74:19:33:63:80:d1:2b:2b:06:
                    d3:4e:2e:c1:2e:cb:54:f5:f1:76:46:f9:e1:bc:3c:
                    63:14:50:16:da:1f:5d:b2:8c:43:f9:3e:1f:a6:8b:
                    69:5a:87:5e:87:be:13:3a:dd:09:24:c4:d6:12:c0:
                    a2:b2:dd:cf:65:71:fc:0f:c7:cb:19:e5:bf:5e:fa:
                    d0:0e:a8:25:90:e0:be:2d:77:b3:f1:88:54:44:bd:
                    ff:bc:78:24:12:c3:a1:60:33:bc:35:e7:d2:be:d5:
                    c7:17:6a:ee:6e:e3:72:3e:2d:2b:ed:a3:d2:32:58:
                    36:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:BC:F7:9D:C6:81:E9:59:F3:42:E4:F0:A2:1F:C5:BF:3D:4A:E6:AA
            X509v3 Authority Key Identifier:
                keyid:87:DE:08:59:75:DE:65:88:E0:7F:ED:13:55:13:AA:38:AC:ED:B7:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/hLz3ncaB6VnzQuTwoh_Fvz1K5qo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:2350::/48

    Signature Algorithm: sha256WithRSAEncryption
         90:ab:6b:94:84:bb:8d:42:bb:2c:f7:e3:f8:9d:4f:8b:93:c8:
         fb:2f:38:1e:d2:f0:34:5b:b5:99:01:16:da:0c:50:69:c1:6e:
         e9:97:79:ad:11:46:21:5a:8f:4a:02:42:52:e5:43:c2:17:dc:
         9c:07:80:b0:d2:9b:82:76:b8:d3:ce:39:cd:f4:83:bd:b4:11:
         42:a9:22:77:c0:e6:97:81:cb:12:f3:82:e6:81:52:40:d2:ef:
         cb:55:ef:c7:7d:11:c8:fb:98:0c:fe:9a:ad:1a:48:0e:63:b0:
         1f:85:70:fc:99:45:d7:9a:23:4f:1c:9f:54:bb:91:62:bc:41:
         cf:b3:c2:d2:f1:7a:3b:4d:b1:6f:3f:b6:01:65:6d:ea:d7:cd:
         73:fe:41:db:8f:d7:12:d2:40:dc:d5:1b:f2:76:1a:54:0f:56:
         a5:ad:b8:42:9e:81:bc:54:7b:4b:56:7b:b7:b0:b9:d9:d9:c3:
         31:e7:64:4a:fd:99:bb:9b:b4:61:b8:10:32:5d:81:2c:3c:e0:
         88:e6:f0:5d:38:fa:9a:c0:84:a0:84:d1:1f:fe:88:02:06:33:
         ac:6f:9e:9b:fb:7f:42:ad:3c:8f:66:8f:6b:5d:30:ca:3c:c8:
         cb:db:ce:61:f5:79:bb:05:46:58:dc:aa:34:93:d0:63:44:9b:
         8d:d0:32:bd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzF2+TqeEXQ2FS3AIHZKOaRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZGUwODU5NzVkZTY1ODhlMDdmZWQxMzU1MTNhYTM4YWNl
ZGI3NjMwHhcNMjQwMTAxMTYyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGJjZjc5ZGM2ODFlOTU5ZjM0MmU0ZjBhMjFmYzViZjNkNGFlNmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAko7ZyuB0AfKbzzALY2L5od60wbCq
bB80AR2rmDxorEwGrJPNsVRB1W6SO9DNkJDy1MrqVQPwthxJdoi8Jel3BVFYSlj2
j64oB8fGVUSM0adkAhHeZ5zjaIH8g+Y06QDLNjFAxj9Jyqz9EWI+2sjnKBWOkHJJ
eFMyv1Xacm9y264/hF+Ap84/9g/V+T90GTNjgNErKwbTTi7BLstU9fF2RvnhvDxj
FFAW2h9dsoxD+T4fpotpWodeh74TOt0JJMTWEsCist3PZXH8D8fLGeW/XvrQDqgl
kOC+LXez8YhURL3/vHgkEsOhYDO8NefSvtXHF2rubuNyPi0r7aPSMlg2XQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIS8953GgelZ80Lk8KIfxb89SuaqMB8GA1UdIwQY
MBaAFIfeCFl13mWI4H/tE1UTqjis7bdjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wNGVmNzEtZjEyMi00N2NlLThhNDAt
Y2MwZjk3MDcxNDBlLzEvaEx6M25jYUI2Vm56UXVUd29oX0Z2ejFLNXFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wNGVmNzEtZjEyMi00N2NlLThhNDAtY2MwZjk3MDcxNDBl
LzEvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCNQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCQq2uUhLuNQrss9+P4nU+Lk8j7Lzge0vA0W7WZ
ARbaDFBpwW7pl3mtEUYhWo9KAkJS5UPCF9ycB4Cw0puCdrjTzjnN9IO9tBFCqSJ3
wOaXgcsS84LmgVJA0u/LVe/HfRHI+5gM/pqtGkgOY7AfhXD8mUXXmiNPHJ9Uu5Fi
vEHPs8LS8Xo7TbFvP7YBZW3q181z/kHbj9cS0kDc1RvydhpUD1alrbhCnoG8VHtL
Vnu3sLnZ2cMx52RK/Zm7m7RhuBAyXYEsPOCI5vBdOPqawISghNEf/ogCBjOsb56b
+39CrTyPZo9rXTDKPMjL285h9Xm7BUZY3Ko0k9BjRJuN0DK9
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:10 2024 by rpki-client on console-ams.rpki-client.org