Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/0JqYqesQigjyjet7fA656DLEr0M.roa
File:                     0JqYqesQigjyjet7fA656DLEr0M.roa (raw, json)
Hash identifier:          TCuCy+vguo/43/F4ID91BHK1pJyNB3rTiltqblVpbkU=
Subject key identifier:   D0:9A:98:A9:EB:10:8A:08:F2:8D:EB:7B:7C:0E:B9:E8:32:C4:AF:43
Certificate issuer:       /CN=1f46f57735a4e63dbef848ee0d9d199e215f8304
Certificate serial:       01889F71237D8FDFE539E9FF6C223D7A726C
Authority key identifier: 1F:46:F5:77:35:A4:E6:3D:BE:F8:48:EE:0D:9D:19:9E:21:5F:83:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/0JqYqesQigjyjet7fA656DLEr0M.roa
Signing time:             Fri 09 Jun 2023 09:16:11 +0000
ROA not before:           Fri 09 Jun 2023 09:16:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12337
IP address blocks:        2001:67c:192c::/48 maxlen: 48

Validation:               Failed, certificate revoked on Fri 09 Jun 2023 12:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:9f:71:23:7d:8f:df:e5:39:e9:ff:6c:22:3d:7a:72:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f46f57735a4e63dbef848ee0d9d199e215f8304
        Validity
            Not Before: Jun  9 09:16:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d09a98a9eb108a08f28deb7b7c0eb9e832c4af43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:4c:f8:d0:0e:69:9d:32:6d:d1:96:81:ad:5c:
                    83:e6:a7:a3:2a:7d:ec:4d:62:d4:34:17:4a:c4:cf:
                    fd:04:aa:49:98:20:f4:88:54:18:76:8a:6a:78:53:
                    11:c5:5e:ed:47:5a:f5:98:17:d3:c1:0e:ac:a9:e6:
                    3d:e0:cc:9a:75:51:51:9b:7c:2f:2a:fd:d2:7d:ad:
                    cf:ce:d5:24:fb:4a:6c:cd:89:5c:69:6e:cf:1f:54:
                    e6:b9:2d:2a:83:78:63:72:e6:88:06:e9:4b:87:e7:
                    a4:29:51:0f:d2:b3:ef:a8:ec:cd:56:97:68:0c:c3:
                    52:bb:0f:04:4b:f7:fb:1b:33:cf:34:87:f2:70:cc:
                    75:03:eb:cf:34:c6:a8:57:a3:4c:30:29:26:e8:f2:
                    b2:ef:79:39:bd:09:dc:fa:9e:73:2a:15:ba:9a:32:
                    44:92:5f:e8:8f:0d:fa:09:59:83:70:11:0a:34:b9:
                    0f:20:62:fe:96:86:e8:81:68:34:60:e6:f1:36:9c:
                    8e:23:54:e4:47:46:a9:da:c6:9f:9d:e8:40:0c:18:
                    ff:67:a5:27:b0:4b:4b:f8:20:4b:e3:0f:46:58:a9:
                    0b:4f:28:d6:2d:80:c8:4a:ef:a4:2e:b9:35:b5:58:
                    a0:51:7f:17:aa:77:7c:80:7a:8d:f7:79:f5:1c:56:
                    cd:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:9A:98:A9:EB:10:8A:08:F2:8D:EB:7B:7C:0E:B9:E8:32:C4:AF:43
            X509v3 Authority Key Identifier:
                keyid:1F:46:F5:77:35:A4:E6:3D:BE:F8:48:EE:0D:9D:19:9E:21:5F:83:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/0JqYqesQigjyjet7fA656DLEr0M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:192c::/48

    Signature Algorithm: sha256WithRSAEncryption
         6b:80:bf:36:f6:ef:8d:31:af:64:dd:8d:86:d7:26:e1:bb:ff:
         bb:ac:5d:f8:cc:08:04:3f:82:85:8a:aa:e9:bc:84:fe:eb:18:
         67:f9:40:57:3b:63:f7:88:74:46:90:61:c9:a2:20:f0:8b:52:
         f0:60:f9:e6:23:3b:55:99:55:89:f8:24:bc:d9:c5:32:33:65:
         72:b7:f8:c2:e2:3a:80:68:59:66:ae:52:29:51:3c:e6:20:2f:
         ca:49:bc:30:0b:16:81:92:85:3a:36:50:c6:98:fd:21:55:08:
         c6:00:0b:1b:c9:69:59:51:45:cd:0f:d7:b3:26:98:02:02:50:
         e2:18:45:64:09:ae:af:d2:fe:71:1f:6a:b5:2c:7c:93:01:c7:
         67:55:ea:25:f3:77:e2:22:b0:6d:8f:98:0c:29:be:25:0c:81:
         c7:55:fc:d5:42:73:b2:cd:0f:5f:c2:0f:05:10:6a:90:1d:da:
         62:94:1f:e4:f0:a2:65:e6:cf:ca:25:80:fb:cb:97:71:61:57:
         fa:59:c9:b5:b0:b8:72:d5:38:cf:21:b5:7d:86:b2:19:d3:93:
         9d:85:c7:55:85:c8:d5:07:3a:2e:8b:9c:be:0d:33:8a:14:5c:
         20:a7:82:72:05:3b:ba:2e:42:8b:aa:e0:5c:75:ec:33:4f:ba:
         94:5d:0c:6e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYifcSN9j9/lOen/bCI9enJsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDZmNTc3MzVhNGU2M2RiZWY4NDhlZTBkOWQxOTllMjE1
ZjgzMDQwHhcNMjMwNjA5MDkxNjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDlhOThhOWViMTA4YTA4ZjI4ZGViN2I3YzBlYjllODMyYzRhZjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEz40A5pnTJt0ZaBrVyD5qejKn3s
TWLUNBdKxM/9BKpJmCD0iFQYdopqeFMRxV7tR1r1mBfTwQ6sqeY94MyadVFRm3wv
Kv3Sfa3PztUk+0pszYlcaW7PH1TmuS0qg3hjcuaIBulLh+ekKVEP0rPvqOzNVpdo
DMNSuw8ES/f7GzPPNIfycMx1A+vPNMaoV6NMMCkm6PKy73k5vQnc+p5zKhW6mjJE
kl/ojw36CVmDcBEKNLkPIGL+lobogWg0YObxNpyOI1TkR0ap2safnehADBj/Z6Un
sEtL+CBL4w9GWKkLTyjWLYDISu+kLrk1tVigUX8Xqnd8gHqN93n1HFbNdwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNCamKnrEIoI8o3re3wOuegyxK9DMB8GA1UdIwQY
MBaAFB9G9Xc1pOY9vvhI7g2dGZ4hX4MEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBiMWR6V2s1ajItLUVqdURaMFpuaUZmZ3dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8xMDcyNjYtYWI1MS00NjJiLTlmYzIt
YTdjOTg5OGVlY2JjLzEvMEpxWXFlc1FpZ2p5amV0N2ZBNjU2RExFcjBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8xMDcyNjYtYWI1MS00NjJiLTlmYzItYTdjOTg5OGVlY2Jj
LzEvSDBiMWR6V2s1ajItLUVqdURaMFpuaUZmZ3dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBks
MA0GCSqGSIb3DQEBCwUAA4IBAQBrgL829u+NMa9k3Y2G1ybhu/+7rF34zAgEP4KF
iqrpvIT+6xhn+UBXO2P3iHRGkGHJoiDwi1LwYPnmIztVmVWJ+CS82cUyM2Vyt/jC
4jqAaFlmrlIpUTzmIC/KSbwwCxaBkoU6NlDGmP0hVQjGAAsbyWlZUUXND9ezJpgC
AlDiGEVkCa6v0v5xH2q1LHyTAcdnVeol83fiIrBtj5gMKb4lDIHHVfzVQnOyzQ9f
wg8FEGqQHdpilB/k8KJl5s/KJYD7y5dxYVf6Wcm1sLhy1TjPIbV9hrIZ05OdhcdV
hcjVBzoui5y+DTOKFFwgp4JyBTu6LkKLquBcdewzT7qUXQxu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:56 2024 by rpki-client on console-fra.rpki-client.org