Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/a7cced-da54-4037-bc9a-2f906da2ef20/1/u2EV1-yyOr-s9N5_So2t1qM_GiI.roa
File:                     u2EV1-yyOr-s9N5_So2t1qM_GiI.roa (raw, json)
Hash identifier:          o5fIpZ99C/7PeKDoyb5VIDsCzG1wdBX1CoF3GU4fn8k=
Subject key identifier:   BB:61:15:D7:EC:B2:3A:BF:AC:F4:DE:7F:4A:8D:AD:D6:A3:3F:1A:22
Certificate issuer:       /CN=42e7fc6b74b2b8632811fdfd816d03e939afd712
Certificate serial:       018907A4F0686063CFF6A01C68E45328B452
Authority key identifier: 42:E7:FC:6B:74:B2:B8:63:28:11:FD:FD:81:6D:03:E9:39:AF:D7:12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Quf8a3SyuGMoEf39gW0D6Tmv1xI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/a7cced-da54-4037-bc9a-2f906da2ef20/1/u2EV1-yyOr-s9N5_So2t1qM_GiI.roa
Signing time:             Thu 29 Jun 2023 14:53:17 +0000
ROA not before:           Thu 29 Jun 2023 14:53:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211509
IP address blocks:        2001:678:3f4::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:07:a4:f0:68:60:63:cf:f6:a0:1c:68:e4:53:28:b4:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=42e7fc6b74b2b8632811fdfd816d03e939afd712
        Validity
            Not Before: Jun 29 14:53:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bb6115d7ecb23abfacf4de7f4a8dadd6a33f1a22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:80:ac:bb:22:39:2f:9b:b4:ae:7c:97:21:2b:
                    54:bc:e3:0c:06:da:6d:53:bc:fc:9d:bb:c9:f9:28:
                    4c:1e:38:0e:a1:43:53:13:0c:73:b8:a3:4e:9c:ef:
                    29:d1:17:ea:2d:5b:52:c9:08:31:5b:c0:ba:d4:52:
                    0c:5d:fc:2a:54:f3:e0:32:d6:70:b6:d3:27:a2:4b:
                    50:ce:87:81:9e:e4:ff:9e:7c:03:3a:c8:c6:2e:00:
                    69:f6:41:c9:bd:fd:95:55:20:f3:83:8a:d1:a2:a0:
                    34:0f:5b:a6:07:5f:7e:f3:f1:6a:c1:8c:c3:b8:f5:
                    5f:d2:c7:9a:dd:6d:67:48:d8:fa:0d:6e:c3:42:27:
                    9c:f5:14:f8:ca:5a:72:23:e2:8c:eb:21:9e:75:aa:
                    68:26:96:b6:1b:a6:1d:ec:79:62:e7:51:da:60:1e:
                    17:90:ee:4d:12:46:53:fc:31:f1:69:a3:4a:f2:3f:
                    40:41:cd:65:94:c0:ff:3d:99:ea:0a:96:86:ab:d2:
                    35:06:28:c5:5d:11:57:01:75:cd:56:8b:f1:0f:64:
                    e4:10:f0:76:66:d8:1b:91:4f:31:84:86:7c:49:8e:
                    61:38:6f:9b:cb:85:73:3d:c1:43:7a:65:18:52:fe:
                    81:6e:83:43:7b:64:30:87:56:de:1c:fb:6c:84:ab:
                    4a:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:61:15:D7:EC:B2:3A:BF:AC:F4:DE:7F:4A:8D:AD:D6:A3:3F:1A:22
            X509v3 Authority Key Identifier:
                keyid:42:E7:FC:6B:74:B2:B8:63:28:11:FD:FD:81:6D:03:E9:39:AF:D7:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Quf8a3SyuGMoEf39gW0D6Tmv1xI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/a7cced-da54-4037-bc9a-2f906da2ef20/1/u2EV1-yyOr-s9N5_So2t1qM_GiI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/a7cced-da54-4037-bc9a-2f906da2ef20/1/Quf8a3SyuGMoEf39gW0D6Tmv1xI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:3f4::/48

    Signature Algorithm: sha256WithRSAEncryption
         70:51:6f:f5:a8:93:fe:f1:2c:21:b9:97:5f:f2:f0:dd:e4:98:
         4a:c7:91:ce:b5:63:99:b7:bd:95:2f:b5:4c:3d:11:31:f8:eb:
         06:d6:f0:f7:39:2c:ed:5e:38:3f:29:75:35:97:04:24:76:3d:
         db:99:8d:b7:cc:ee:60:68:4b:c3:60:bd:36:72:6b:0d:e7:17:
         f9:5c:a3:e3:12:bd:7b:a5:52:5b:00:72:04:bc:28:53:40:78:
         c7:ea:28:5f:aa:41:3f:9d:b4:26:bb:38:af:f0:ac:b9:b8:19:
         d9:9b:6e:2d:58:dc:be:12:63:e8:56:43:32:3f:e4:6b:f1:95:
         5b:5e:8a:0e:68:d0:a2:9e:f1:98:dc:c0:90:5d:7c:d7:80:65:
         47:42:70:35:cc:6a:14:09:a8:a4:b3:e3:be:74:19:40:5f:b4:
         6a:ea:b3:70:98:bc:d4:3b:d0:26:6a:b1:b9:7d:ff:8c:f2:e3:
         bf:6b:d5:5b:1e:16:19:71:f9:fa:0f:bc:bd:35:65:12:03:fd:
         7b:8b:cd:f8:60:39:54:a1:34:aa:c4:c6:66:97:c1:91:b2:b1:
         e9:38:fd:27:70:09:85:5e:ca:be:21:0c:be:16:1f:3b:de:ca:
         1f:8d:39:fa:ed:25:c6:75:fe:00:43:83:9b:b2:25:cb:08:4c:
         7d:06:e7:78
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYkHpPBoYGPP9qAcaORTKLRSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZTdmYzZiNzRiMmI4NjMyODExZmRmZDgxNmQwM2U5Mzlh
ZmQ3MTIwHhcNMjMwNjI5MTQ1MzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjYxMTVkN2VjYjIzYWJmYWNmNGRlN2Y0YThkYWRkNmEzM2YxYTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjICsuyI5L5u0rnyXIStUvOMMBtpt
U7z8nbvJ+ShMHjgOoUNTEwxzuKNOnO8p0RfqLVtSyQgxW8C61FIMXfwqVPPgMtZw
ttMnoktQzoeBnuT/nnwDOsjGLgBp9kHJvf2VVSDzg4rRoqA0D1umB19+8/FqwYzD
uPVf0sea3W1nSNj6DW7DQiec9RT4ylpyI+KM6yGedapoJpa2G6Yd7Hli51HaYB4X
kO5NEkZT/DHxaaNK8j9AQc1llMD/PZnqCpaGq9I1BijFXRFXAXXNVovxD2TkEPB2
ZtgbkU8xhIZ8SY5hOG+by4VzPcFDemUYUv6BboNDe2Qwh1beHPtshKtKMQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLthFdfssjq/rPTef0qNrdajPxoiMB8GA1UdIwQY
MBaAFELn/Gt0srhjKBH9/YFtA+k5r9cSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXVmOGEzU3l1R01vRWYzOWdXMEQ2VG12MXhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9hN2NjZWQtZGE1NC00MDM3LWJjOWEt
MmY5MDZkYTJlZjIwLzEvdTJFVjEteXlPci1zOU41X1NvMnQxcU1fR2lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9hN2NjZWQtZGE1NC00MDM3LWJjOWEtMmY5MDZkYTJlZjIw
LzEvUXVmOGEzU3l1R01vRWYzOWdXMEQ2VG12MXhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAP0
MA0GCSqGSIb3DQEBCwUAA4IBAQBwUW/1qJP+8SwhuZdf8vDd5JhKx5HOtWOZt72V
L7VMPREx+OsG1vD3OSztXjg/KXU1lwQkdj3bmY23zO5gaEvDYL02cmsN5xf5XKPj
Er17pVJbAHIEvChTQHjH6ihfqkE/nbQmuziv8Ky5uBnZm24tWNy+EmPoVkMyP+Rr
8ZVbXooOaNCinvGY3MCQXXzXgGVHQnA1zGoUCaiks+O+dBlAX7Rq6rNwmLzUO9Am
arG5ff+M8uO/a9VbHhYZcfn6D7y9NWUSA/17i834YDlUoTSqxMZml8GRsrHpOP0n
cAmFXsq+IQy+Fh873sofjTn67SXGdf4AQ4ObsiXLCEx9Bud4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:25 2024 by rpki-client on console-fra.rpki-client.org