Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/a5a3a2-ad53-46a5-8fd5-065ed4d8441f/1/fyRNlsZrcUSThgA1VLKs3oAVRQI.roa
File:                     fyRNlsZrcUSThgA1VLKs3oAVRQI.roa (raw, json)
Hash identifier:          H/T6zt59hUA95sO3IISw4b2WmIntF3BIIKa1hjltiHU=
Subject key identifier:   7F:24:4D:96:C6:6B:71:44:93:86:00:35:54:B2:AC:DE:80:15:45:02
Certificate issuer:       /CN=ea22ab6bbe42ed9cf367bb0317df7e640e2836dc
Certificate serial:       0185737AB43F4A99B95C9ADBBAAEF5A40DDE
Authority key identifier: EA:22:AB:6B:BE:42:ED:9C:F3:67:BB:03:17:DF:7E:64:0E:28:36:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6iKra75C7ZzzZ7sDF99-ZA4oNtw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/a5a3a2-ad53-46a5-8fd5-065ed4d8441f/1/fyRNlsZrcUSThgA1VLKs3oAVRQI.roa
Signing time:             Mon 02 Jan 2023 17:14:59 +0000
ROA not before:           Mon 02 Jan 2023 17:14:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3303
IP address blocks:        2001:67c:420::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:7a:b4:3f:4a:99:b9:5c:9a:db:ba:ae:f5:a4:0d:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ea22ab6bbe42ed9cf367bb0317df7e640e2836dc
        Validity
            Not Before: Jan  2 17:14:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7f244d96c66b71449386003554b2acde80154502
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:74:b0:be:ce:db:78:15:3a:55:d5:39:6f:d7:
                    f9:cc:da:c2:a2:c2:66:bd:48:c0:aa:51:7a:68:14:
                    a3:72:8e:21:02:13:97:fd:d2:5d:7d:15:ad:cb:98:
                    cc:3d:52:c6:9b:e8:fe:e1:7e:3f:4c:4f:77:0d:b6:
                    85:60:25:50:67:f5:96:a8:62:3c:3e:15:38:d4:9f:
                    80:44:bd:66:7a:3a:52:bf:89:49:47:2e:57:ed:96:
                    17:de:fc:30:5a:0b:bf:b8:c6:0d:e3:7a:11:1e:a0:
                    cf:59:28:12:4b:82:2c:c9:fb:19:39:bb:0d:f2:88:
                    6b:a7:b5:27:91:c3:91:df:53:b6:3d:c8:47:14:5e:
                    4f:f1:f4:0c:08:49:84:4d:ad:73:eb:75:c6:64:5f:
                    67:68:dd:d4:b6:d8:1b:ae:c3:1a:a1:cb:d5:35:69:
                    25:43:0b:b7:6e:89:e9:18:b6:7b:86:d5:9a:c4:6a:
                    b6:c0:35:28:75:21:2b:56:4f:c0:a5:f7:f0:5a:f9:
                    4b:b2:01:dc:27:85:a4:7c:07:f2:c7:18:a9:19:34:
                    6d:52:85:9d:0b:32:ef:58:4a:aa:cb:6f:66:e8:17:
                    00:13:33:43:16:22:a5:98:dd:e0:6e:2a:a1:08:4b:
                    e2:89:69:f2:a6:aa:26:dd:c3:1d:36:a8:aa:68:c0:
                    d5:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:24:4D:96:C6:6B:71:44:93:86:00:35:54:B2:AC:DE:80:15:45:02
            X509v3 Authority Key Identifier:
                keyid:EA:22:AB:6B:BE:42:ED:9C:F3:67:BB:03:17:DF:7E:64:0E:28:36:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6iKra75C7ZzzZ7sDF99-ZA4oNtw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/a5a3a2-ad53-46a5-8fd5-065ed4d8441f/1/fyRNlsZrcUSThgA1VLKs3oAVRQI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/a5a3a2-ad53-46a5-8fd5-065ed4d8441f/1/6iKra75C7ZzzZ7sDF99-ZA4oNtw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:420::/48

    Signature Algorithm: sha256WithRSAEncryption
         ae:e5:4d:47:13:61:39:25:bb:96:0d:15:fb:f8:fe:54:87:13:
         76:eb:49:33:ec:d1:06:3c:6f:b7:60:4e:ef:7f:ed:b6:c1:10:
         bf:0d:95:41:b3:ce:fa:88:cd:ca:6a:02:5e:c8:9b:12:6b:b8:
         a2:18:ad:62:9c:4a:5d:0b:f7:40:c0:57:df:83:b9:44:72:24:
         f5:fb:32:3d:5d:8f:10:38:93:a5:7a:1c:28:12:aa:d7:99:2e:
         13:c5:dd:9c:b5:a5:0b:eb:36:e7:53:24:bd:0e:43:67:9c:1e:
         34:2c:c7:f9:4f:aa:65:db:39:2a:8e:f2:d2:28:1e:7b:e7:67:
         f6:ff:7e:84:37:cf:0a:f4:62:51:2a:76:29:8a:01:9a:ca:ff:
         3a:d7:2e:64:23:e8:0d:92:4d:28:b0:12:b7:9d:54:b8:0d:76:
         48:a7:07:29:77:ad:3b:99:7d:1a:ba:c5:c4:a5:dc:82:94:ae:
         fd:e7:d7:40:99:6e:d5:f7:ad:b1:f8:b3:5c:bf:cc:60:f2:8c:
         c3:a9:f7:93:87:32:55:88:cd:dd:45:80:8b:e0:ad:4c:a4:79:
         89:9c:47:bf:f5:6a:9c:d7:16:b9:45:14:56:42:c4:52:59:f0:
         cf:9d:19:22:77:ec:74:bd:f3:05:76:31:a1:fd:14:79:0d:fe:
         d5:4c:1c:c2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzerQ/Spm5XJrbuq71pA3eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMjJhYjZiYmU0MmVkOWNmMzY3YmIwMzE3ZGY3ZTY0MGUy
ODM2ZGMwHhcNMjMwMTAyMTcxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjI0NGQ5NmM2NmI3MTQ0OTM4NjAwMzU1NGIyYWNkZTgwMTU0NTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3nSwvs7beBU6VdU5b9f5zNrCosJm
vUjAqlF6aBSjco4hAhOX/dJdfRWty5jMPVLGm+j+4X4/TE93DbaFYCVQZ/WWqGI8
PhU41J+ARL1mejpSv4lJRy5X7ZYX3vwwWgu/uMYN43oRHqDPWSgSS4IsyfsZObsN
8ohrp7UnkcOR31O2PchHFF5P8fQMCEmETa1z63XGZF9naN3UttgbrsMaocvVNWkl
Qwu3bonpGLZ7htWaxGq2wDUodSErVk/ApffwWvlLsgHcJ4WkfAfyxxipGTRtUoWd
CzLvWEqqy29m6BcAEzNDFiKlmN3gbiqhCEviiWnypqom3cMdNqiqaMDVuQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFH8kTZbGa3FEk4YANVSyrN6AFUUCMB8GA1UdIwQY
MBaAFOoiq2u+Qu2c82e7AxfffmQOKDbcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmlLcmE3NUM3Wnp6WjdzREY5OS1aQTRvTnR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9hNWEzYTItYWQ1My00NmE1LThmZDUt
MDY1ZWQ0ZDg0NDFmLzEvZnlSTmxzWnJjVVNUaGdBMVZMS3Mzb0FWUlFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9hNWEzYTItYWQ1My00NmE1LThmZDUtMDY1ZWQ0ZDg0NDFm
LzEvNmlLcmE3NUM3Wnp6WjdzREY5OS1aQTRvTnR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAQg
MA0GCSqGSIb3DQEBCwUAA4IBAQCu5U1HE2E5JbuWDRX7+P5UhxN260kz7NEGPG+3
YE7vf+22wRC/DZVBs876iM3KagJeyJsSa7iiGK1inEpdC/dAwFffg7lEciT1+zI9
XY8QOJOlehwoEqrXmS4Txd2ctaUL6zbnUyS9DkNnnB40LMf5T6pl2zkqjvLSKB57
52f2/36EN88K9GJRKnYpigGayv861y5kI+gNkk0osBK3nVS4DXZIpwcpd607mX0a
usXEpdyClK7959dAmW7V962x+LNcv8xg8ozDqfeThzJViM3dRYCL4K1MpHmJnEe/
9Wqc1xa5RRRWQsRSWfDPnRkid+x0vfMFdjGh/RR5Df7VTBzC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:16 2024 by rpki-client on console-fra.rpki-client.org