Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/HK1cOv6fhcTI4Aq7Lax_uorXL0E.roa
File:                     HK1cOv6fhcTI4Aq7Lax_uorXL0E.roa (raw, json)
Hash identifier:          vZOsIs6T6ZzmwMPa3qSeeujTTVj1CVx1OCdUcNv98GA=
Subject key identifier:   1C:AD:5C:3A:FE:9F:85:C4:C8:E0:0A:BB:2D:AC:7F:BA:8A:D7:2F:41
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       01857390076909D1CB3003061D21FD093E67
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/HK1cOv6fhcTI4Aq7Lax_uorXL0E.roa
Signing time:             Mon 02 Jan 2023 17:38:16 +0000
ROA not before:           Mon 02 Jan 2023 17:38:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210632
IP address blocks:        2a0b:b87:ff13::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:90:07:69:09:d1:cb:30:03:06:1d:21:fd:09:3e:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  2 17:38:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1cad5c3afe9f85c4c8e00abb2dac7fba8ad72f41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:c3:2e:18:7e:2d:92:10:6e:e4:a6:8a:46:15:
                    c1:dc:81:f9:59:33:4f:75:8b:53:cd:e9:e1:0a:94:
                    81:0e:3f:34:75:58:99:db:4d:1a:09:86:78:d7:c6:
                    72:84:ae:ae:ee:30:d1:03:6b:e4:43:ba:78:f1:93:
                    c3:4e:37:55:f2:c3:9d:9c:d5:27:ac:a3:bf:4e:a9:
                    fa:9f:8d:75:92:ba:11:95:d0:e5:14:13:a6:86:c3:
                    e4:df:ad:f4:81:86:c2:7b:40:1b:e9:53:5d:0f:e4:
                    8b:d7:9b:a6:11:3d:88:db:2c:02:73:fc:bf:7c:74:
                    17:fe:2b:77:4a:63:ab:f5:95:b6:82:6b:c4:7b:97:
                    7d:cc:45:b5:71:04:6a:6f:1a:eb:06:ff:7b:c6:de:
                    a6:2a:08:c7:bc:08:c4:4a:bf:f1:33:08:56:c0:53:
                    e8:50:e0:2c:6e:3f:b9:57:a9:ca:d8:5d:8e:15:34:
                    12:13:b4:fb:1d:27:40:d7:e6:d2:0e:95:91:ba:a2:
                    ad:2b:32:88:ac:c8:c2:19:5a:06:3c:ae:0c:ed:9f:
                    3c:96:26:84:cd:0e:df:ac:3c:2a:12:01:a7:98:2a:
                    a7:a2:38:ab:00:ac:ca:23:b7:fb:3d:66:d1:a7:a9:
                    d8:4d:54:68:1c:94:0a:2b:49:0a:01:b8:b7:a6:b8:
                    2f:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:AD:5C:3A:FE:9F:85:C4:C8:E0:0A:BB:2D:AC:7F:BA:8A:D7:2F:41
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/HK1cOv6fhcTI4Aq7Lax_uorXL0E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:b87:ff13::/48

    Signature Algorithm: sha256WithRSAEncryption
         16:f6:20:8a:ee:5f:2f:d9:2d:73:1c:2c:3f:58:17:8e:ab:30:
         b4:85:c5:97:80:34:81:c8:2a:fe:fc:9c:14:63:61:44:8d:78:
         02:50:3d:4b:74:5b:e9:41:fc:16:6f:4d:6d:a9:64:ac:ed:8d:
         bf:82:b8:c6:da:72:23:b2:6b:25:97:86:49:ae:a2:57:a2:94:
         e7:f8:a0:5b:4c:84:dd:13:dc:9a:8d:63:f2:2d:b6:cf:79:43:
         11:99:07:0a:c2:5d:1e:21:8e:77:94:52:58:51:87:ed:02:a5:
         63:8e:c4:19:d7:3f:20:f0:58:37:b6:70:c2:ee:56:0e:b1:60:
         2b:39:cc:b0:62:70:23:0d:38:01:78:de:aa:da:75:54:a4:da:
         fb:fc:0f:38:2f:c7:05:b8:2d:b5:21:20:3c:00:14:c8:c7:7d:
         2f:23:c1:6a:80:89:27:b0:b2:7d:31:43:d8:3e:e4:40:9b:dd:
         57:d1:b2:52:68:17:d2:9b:2f:07:66:3d:4a:a2:7b:92:04:00:
         b3:22:a4:c0:87:7b:ba:b2:b1:cc:2f:85:32:56:b9:f0:d3:b7:
         46:08:48:68:d8:50:f0:ec:fe:14:85:fd:a3:76:85:b0:b6:be:
         84:9e:50:5e:44:e8:a3:2d:ed:3f:0f:e7:d1:c6:f6:17:fb:21:
         44:05:70:aa
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzkAdpCdHLMAMGHSH9CT5nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2FkNWMzYWZlOWY4NWM0YzhlMDBhYmIyZGFjN2ZiYThhZDcyZjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMMuGH4tkhBu5KaKRhXB3IH5WTNP
dYtTzenhCpSBDj80dViZ200aCYZ418ZyhK6u7jDRA2vkQ7p48ZPDTjdV8sOdnNUn
rKO/Tqn6n411kroRldDlFBOmhsPk3630gYbCe0Ab6VNdD+SL15umET2I2ywCc/y/
fHQX/it3SmOr9ZW2gmvEe5d9zEW1cQRqbxrrBv97xt6mKgjHvAjESr/xMwhWwFPo
UOAsbj+5V6nK2F2OFTQSE7T7HSdA1+bSDpWRuqKtKzKIrMjCGVoGPK4M7Z88liaE
zQ7frDwqEgGnmCqnojirAKzKI7f7PWbRp6nYTVRoHJQKK0kKAbi3prgvcwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBytXDr+n4XEyOAKuy2sf7qK1y9BMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvSEsxY092NmZoY1RJNEFxN0xheF91b3JYTDBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh/8T
MA0GCSqGSIb3DQEBCwUAA4IBAQAW9iCK7l8v2S1zHCw/WBeOqzC0hcWXgDSByCr+
/JwUY2FEjXgCUD1LdFvpQfwWb01tqWSs7Y2/grjG2nIjsmsll4ZJrqJXopTn+KBb
TITdE9yajWPyLbbPeUMRmQcKwl0eIY53lFJYUYftAqVjjsQZ1z8g8Fg3tnDC7lYO
sWArOcywYnAjDTgBeN6q2nVUpNr7/A84L8cFuC21ISA8ABTIx30vI8FqgIknsLJ9
MUPYPuRAm91X0bJSaBfSmy8HZj1KonuSBACzIqTAh3u6srHML4UyVrnw07dGCEho
2FDw7P4Uhf2jdoWwtr6EnlBeROijLe0/D+fRxvYX+yFEBXCq
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:39 2024 by rpki-client on console-ams.rpki-client.org