Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/NZ17jiO9jePHoo7sxACs-HUvh04.roa
File:                     NZ17jiO9jePHoo7sxACs-HUvh04.roa (raw, json)
Hash identifier:          ddk93talBxxdA+F+lQEx7nnAVQLIRxMJP701P6PO800=
Subject key identifier:   35:9D:7B:8E:23:BD:8D:E3:C7:A2:8E:EC:C4:00:AC:F8:75:2F:87:4E
Certificate issuer:       /CN=c68c65e699b576ab113a79be8828948f1e6cc260
Certificate serial:       01857246C5323088F962137DD34479AFFD56
Authority key identifier: C6:8C:65:E6:99:B5:76:AB:11:3A:79:BE:88:28:94:8F:1E:6C:C2:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/NZ17jiO9jePHoo7sxACs-HUvh04.roa
Signing time:             Mon 02 Jan 2023 11:38:38 +0000
ROA not before:           Mon 02 Jan 2023 11:38:38 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60767
IP address blocks:        2a0d:2d46:18::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:46:c5:32:30:88:f9:62:13:7d:d3:44:79:af:fd:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c68c65e699b576ab113a79be8828948f1e6cc260
        Validity
            Not Before: Jan  2 11:38:38 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=359d7b8e23bd8de3c7a28eecc400acf8752f874e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:0d:03:44:8b:1a:d1:77:df:49:c2:0e:75:e7:
                    6b:9f:6f:e5:8e:a7:56:83:6f:19:6c:ac:db:b1:2a:
                    7d:83:67:ba:fc:4e:84:00:42:a2:d9:30:ec:50:4b:
                    01:99:60:db:c7:32:48:33:7e:6c:c6:b4:8f:7e:1c:
                    86:a3:2d:a6:f4:29:92:93:20:72:f1:79:6f:77:79:
                    e6:ba:b7:da:47:5f:21:c3:bc:3f:9d:4b:a8:9a:92:
                    13:a2:1f:55:c8:cf:e8:60:97:b0:2f:28:4b:9a:eb:
                    76:30:3c:95:ab:69:75:c1:25:85:09:91:00:8a:a7:
                    d3:16:78:1c:8c:67:ed:a3:2d:c7:2c:92:72:89:3f:
                    ee:19:a3:9a:45:37:0a:cd:4b:99:92:62:89:a0:ef:
                    71:f0:cc:47:a3:80:55:62:cd:89:d9:9c:af:b7:27:
                    19:28:70:10:21:76:2b:7b:b5:c4:50:9b:3e:f0:70:
                    77:0f:45:16:15:e7:50:8e:81:f5:2c:60:e5:b8:3b:
                    62:f6:65:5a:6d:20:8a:e5:ae:17:91:12:e8:7c:05:
                    9b:e3:bf:18:ad:15:0c:50:ce:90:27:9b:77:8a:c5:
                    64:76:ff:97:93:b7:19:6c:b0:c9:0f:c6:88:30:67:
                    f1:07:35:ab:4c:07:b8:36:0d:fc:32:3e:8f:14:4f:
                    c2:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:9D:7B:8E:23:BD:8D:E3:C7:A2:8E:EC:C4:00:AC:F8:75:2F:87:4E
            X509v3 Authority Key Identifier:
                keyid:C6:8C:65:E6:99:B5:76:AB:11:3A:79:BE:88:28:94:8F:1E:6C:C2:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/NZ17jiO9jePHoo7sxACs-HUvh04.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/xoxl5pm1dqsROnm-iCiUjx5swmA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:2d46:18::/48

    Signature Algorithm: sha256WithRSAEncryption
         4c:0e:bc:b1:ce:bc:32:5c:4d:2b:da:8d:1f:c5:95:7e:82:81:
         28:20:a8:5a:44:24:4b:31:38:c9:86:d1:17:f1:50:30:97:1d:
         e3:81:f8:cb:41:9d:59:53:f9:23:ae:07:6a:29:46:da:75:a3:
         e6:71:56:6b:d4:8a:90:57:f9:c1:9a:d6:fa:31:2c:55:58:e1:
         f3:74:5d:19:18:92:a7:b8:41:a5:e9:83:14:f6:8e:8b:1d:66:
         aa:13:3f:a6:59:89:56:48:55:bf:d7:31:3d:6f:5f:21:b1:7a:
         58:6c:37:ab:d8:a5:95:39:67:b9:18:8a:ed:d7:15:a3:35:88:
         ac:a8:13:02:f7:6b:93:b9:31:38:42:c0:d6:e1:9b:d0:ba:3f:
         73:1f:99:0b:d6:98:35:50:e6:35:ac:8e:a7:0d:d2:a1:b8:bd:
         ed:75:12:08:a2:bb:29:4b:98:62:6d:26:f8:93:b0:c9:5a:d0:
         72:57:ea:28:61:fd:96:96:9a:6c:6d:e1:3a:24:4f:8c:f9:7c:
         f0:5b:ca:e0:51:c3:e2:75:b6:20:8d:02:dc:1e:0f:71:d7:b6:
         a2:a9:06:89:c2:94:d6:7d:d6:f2:02:3f:2e:05:d2:b2:01:77:
         bc:a5:cb:77:ed:6a:85:3f:c9:20:27:b7:28:b0:4d:80:9f:ec:
         21:5f:03:99
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyRsUyMIj5YhN900R5r/1WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2OGM2NWU2OTliNTc2YWIxMTNhNzliZTg4Mjg5NDhmMWU2
Y2MyNjAwHhcNMjMwMTAyMTEzODM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTlkN2I4ZTIzYmQ4ZGUzYzdhMjhlZWNjNDAwYWNmODc1MmY4NzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQ0DRIsa0XffScIOdedrn2/ljqdW
g28ZbKzbsSp9g2e6/E6EAEKi2TDsUEsBmWDbxzJIM35sxrSPfhyGoy2m9CmSkyBy
8Xlvd3nmurfaR18hw7w/nUuompIToh9VyM/oYJewLyhLmut2MDyVq2l1wSWFCZEA
iqfTFngcjGftoy3HLJJyiT/uGaOaRTcKzUuZkmKJoO9x8MxHo4BVYs2J2ZyvtycZ
KHAQIXYre7XEUJs+8HB3D0UWFedQjoH1LGDluDti9mVabSCK5a4XkRLofAWb478Y
rRUMUM6QJ5t3isVkdv+Xk7cZbLDJD8aIMGfxBzWrTAe4Ng38Mj6PFE/CmwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDWde44jvY3jx6KO7MQArPh1L4dOMB8GA1UdIwQY
MBaAFMaMZeaZtXarETp5vogolI8ebMJgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG94bDVwbTFkcXNST25tLWlDaVVqeDVzd21BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zNDBjNzMtNzllZS00OTI2LThlNGYt
NjA3ZDRmMzdmNTlmLzEvTloxN2ppTzlqZVBIb283c3hBQ3MtSFV2aDA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zNDBjNzMtNzllZS00OTI2LThlNGYtNjA3ZDRmMzdmNTlm
LzEveG94bDVwbTFkcXNST25tLWlDaVVqeDVzd21BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg0tRgAY
MA0GCSqGSIb3DQEBCwUAA4IBAQBMDryxzrwyXE0r2o0fxZV+goEoIKhaRCRLMTjJ
htEX8VAwlx3jgfjLQZ1ZU/kjrgdqKUbadaPmcVZr1IqQV/nBmtb6MSxVWOHzdF0Z
GJKnuEGl6YMU9o6LHWaqEz+mWYlWSFW/1zE9b18hsXpYbDer2KWVOWe5GIrt1xWj
NYisqBMC92uTuTE4QsDW4ZvQuj9zH5kL1pg1UOY1rI6nDdKhuL3tdRIIorspS5hi
bSb4k7DJWtByV+ooYf2WlppsbeE6JE+M+XzwW8rgUcPidbYgjQLcHg9x17aiqQaJ
wpTWfdbyAj8uBdKyAXe8pct37WqFP8kgJ7cosE2An+whXwOZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:56 2024 by rpki-client on console-ams.rpki-client.org