Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/DBZhJfHwO9cL10HbLz7d2iCIN60.roa
File:                     DBZhJfHwO9cL10HbLz7d2iCIN60.roa (raw, json)
Hash identifier:          9s/1h8lYbRQRj+Lw4VI99wviyEpnxNaA0FIm5JWntuM=
Subject key identifier:   0C:16:61:25:F1:F0:3B:D7:0B:D7:41:DB:2F:3E:DD:DA:20:88:37:AD
Certificate issuer:       /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial:       01856F429E35FC5A8C7F15C5D3FB7224075C
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/DBZhJfHwO9cL10HbLz7d2iCIN60.roa
Signing time:             Sun 01 Jan 2023 21:35:14 +0000
ROA not before:           Sun 01 Jan 2023 21:35:14 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204729
IP address blocks:        2a05:4140:1220::/43 maxlen: 43

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:9e:35:fc:5a:8c:7f:15:c5:d3:fb:72:24:07:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
        Validity
            Not Before: Jan  1 21:35:14 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0c166125f1f03bd70bd741db2f3eddda208837ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:fa:ac:26:7c:0a:b9:00:73:b8:b8:df:60:34:
                    03:4d:7f:75:63:00:e5:6e:74:3b:8b:be:47:4e:10:
                    1d:76:07:f7:52:3d:16:73:c4:c8:5e:e7:f0:36:bc:
                    1a:d2:d0:a7:62:4c:f6:18:c6:21:ea:53:37:52:e6:
                    0e:94:d8:57:89:ce:bc:69:4c:df:98:50:e6:f8:92:
                    81:1d:78:a3:c3:81:0c:04:8c:81:84:c1:b4:16:14:
                    31:17:2f:82:db:05:60:29:0f:3d:2b:ea:fa:4d:b5:
                    83:ec:aa:94:ce:05:af:b5:84:fb:74:e1:7d:9f:62:
                    8a:43:e6:3b:67:59:57:af:2a:0e:58:c2:8d:42:dd:
                    d9:5a:03:93:26:5f:5c:34:5e:15:bd:68:91:1b:51:
                    82:29:38:06:6f:22:37:ab:61:42:97:d3:8e:83:71:
                    22:4c:c6:85:13:19:d7:62:7f:bd:35:8c:54:55:16:
                    62:54:df:41:9e:69:a4:30:3b:60:b6:01:28:c6:74:
                    d6:7a:3c:75:8a:10:1d:d4:22:0c:a0:06:84:76:11:
                    e4:20:a9:3b:a3:c8:ef:e1:9b:63:00:b3:07:cc:f4:
                    ce:81:b5:c1:aa:73:3f:58:44:6a:f9:33:bc:f8:61:
                    3b:7f:9b:0a:a0:1e:f0:0f:08:b8:87:28:74:f0:55:
                    9b:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:16:61:25:F1:F0:3B:D7:0B:D7:41:DB:2F:3E:DD:DA:20:88:37:AD
            X509v3 Authority Key Identifier:
                keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/DBZhJfHwO9cL10HbLz7d2iCIN60.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:4140:1220::/43

    Signature Algorithm: sha256WithRSAEncryption
         14:0e:f0:19:5f:d3:7c:b6:e3:4f:bf:6f:16:1e:37:f5:43:d0:
         2a:f8:29:e5:54:d0:99:bc:c6:59:93:ec:02:89:2f:72:a0:29:
         0a:38:38:e0:a4:ce:ea:07:df:ab:b4:e7:8f:92:8f:04:82:78:
         df:37:1b:a7:e5:96:fe:04:ad:a5:b3:5e:66:c9:1e:21:fd:4d:
         53:ed:ab:91:01:47:b9:7d:be:3b:ae:7a:f2:cd:fc:14:c0:03:
         e0:be:3c:d6:3d:ae:31:ab:0d:13:d0:aa:4e:bd:3b:c6:d4:1b:
         c0:7e:62:20:6f:04:dc:f9:8c:f9:76:ec:38:94:9c:9c:09:2a:
         ab:35:6c:04:21:3e:ef:3b:18:38:e0:04:47:b9:35:76:b4:c4:
         cc:7f:dd:89:94:d2:02:cf:e4:9c:cd:0a:d6:fd:f3:ec:96:a9:
         77:08:01:9e:72:67:07:7f:84:62:33:a0:b1:d7:f6:dd:52:ad:
         af:20:8b:a6:d1:a7:14:54:df:d7:cd:8e:d0:7c:2c:12:65:1f:
         ab:b0:45:f9:e7:bb:f8:f9:c3:37:23:71:de:62:00:6a:84:0a:
         a4:b4:be:ca:74:e8:c7:da:a7:15:eb:a7:03:aa:5f:b8:23:9d:
         c8:05:f5:8f:0a:ee:68:fc:98:cb:66:25:68:01:f7:7a:e7:a7:
         68:1f:43:ed
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQp41/FqMfxXF0/tyJAdcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjMwMTAxMjEzNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzE2NjEyNWYxZjAzYmQ3MGJkNzQxZGIyZjNlZGRkYTIwODgzN2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfqsJnwKuQBzuLjfYDQDTX91YwDl
bnQ7i75HThAddgf3Uj0Wc8TIXufwNrwa0tCnYkz2GMYh6lM3UuYOlNhXic68aUzf
mFDm+JKBHXijw4EMBIyBhMG0FhQxFy+C2wVgKQ89K+r6TbWD7KqUzgWvtYT7dOF9
n2KKQ+Y7Z1lXryoOWMKNQt3ZWgOTJl9cNF4VvWiRG1GCKTgGbyI3q2FCl9OOg3Ei
TMaFExnXYn+9NYxUVRZiVN9BnmmkMDtgtgEoxnTWejx1ihAd1CIMoAaEdhHkIKk7
o8jv4ZtjALMHzPTOgbXBqnM/WERq+TO8+GE7f5sKoB7wDwi4hyh08FWbpQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAwWYSXx8DvXC9dB2y8+3dogiDetMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvREJaaEpmSHdPOWNMMTBIYkx6N2QyaUNJTjYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcFKgVBQBIg
MA0GCSqGSIb3DQEBCwUAA4IBAQAUDvAZX9N8tuNPv28WHjf1Q9Aq+CnlVNCZvMZZ
k+wCiS9yoCkKODjgpM7qB9+rtOePko8EgnjfNxun5Zb+BK2ls15myR4h/U1T7auR
AUe5fb47rnryzfwUwAPgvjzWPa4xqw0T0KpOvTvG1BvAfmIgbwTc+Yz5duw4lJyc
CSqrNWwEIT7vOxg44ARHuTV2tMTMf92JlNICz+SczQrW/fPslql3CAGecmcHf4Ri
M6Cx1/bdUq2vIIum0acUVN/XzY7QfCwSZR+rsEX557v4+cM3I3HeYgBqhAqktL7K
dOjH2qcV66cDql+4I53IBfWPCu5o/JjLZiVoAfd656doH0Pt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:53 2024 by rpki-client on console-fra.rpki-client.org