Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/5a1279-ba32-4840-ab9f-1805b3083886/1/qYcZEoSrazdx7OVxSmq4YouxqNE.roa
File:                     qYcZEoSrazdx7OVxSmq4YouxqNE.roa (raw, json)
Hash identifier:          t8wkBFgBL7HH9fqptANfBA5SenP+SwllN2YBanaOstw=
Subject key identifier:   A9:87:19:12:84:AB:6B:37:71:EC:E5:71:4A:6A:B8:62:8B:B1:A8:D1
Certificate issuer:       /CN=7436d6e8002334c7434eacdef8bf2ce7216c953f
Certificate serial:       01856DE63D59BE1380781FE41C92BEB8AA9C
Authority key identifier: 74:36:D6:E8:00:23:34:C7:43:4E:AC:DE:F8:BF:2C:E7:21:6C:95:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dDbW6AAjNMdDTqze-L8s5yFslT8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/5a1279-ba32-4840-ab9f-1805b3083886/1/qYcZEoSrazdx7OVxSmq4YouxqNE.roa
Signing time:             Sun 01 Jan 2023 15:14:43 +0000
ROA not before:           Sun 01 Jan 2023 15:14:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210814
IP address blocks:        2001:678:778::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:e6:3d:59:be:13:80:78:1f:e4:1c:92:be:b8:aa:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7436d6e8002334c7434eacdef8bf2ce7216c953f
        Validity
            Not Before: Jan  1 15:14:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a987191284ab6b3771ece5714a6ab8628bb1a8d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:71:6d:18:4e:b8:67:bb:e0:d1:43:f3:8a:93:
                    95:f1:8c:05:b9:ba:ef:f7:1e:bb:57:33:1e:4d:d2:
                    50:11:b6:2f:de:3a:cf:cc:32:49:fe:fb:d0:b6:61:
                    de:a4:e7:bd:1a:75:d3:31:42:41:35:9e:1d:e3:7e:
                    0c:cd:53:ad:12:c9:95:d6:55:76:ad:ea:21:6f:de:
                    af:2a:50:65:f7:c1:22:55:fb:15:31:00:b2:6e:fe:
                    9f:3e:92:a9:77:d8:b9:f1:45:91:c2:68:d8:61:a4:
                    bf:b7:19:8b:e5:a6:54:1a:66:33:3a:f1:86:88:aa:
                    1e:bb:d3:eb:2d:75:28:88:0d:62:53:97:98:c2:9b:
                    45:fd:44:97:86:d6:f2:0c:6e:4d:9a:31:59:70:f3:
                    c1:b9:21:bc:0c:06:b9:59:71:7b:2e:f7:e4:f3:96:
                    cb:1f:c1:1f:c7:c4:c7:55:6f:b1:fc:06:0e:2e:d5:
                    a1:11:36:24:6e:05:16:a9:f7:a2:de:92:71:19:85:
                    a6:eb:2d:eb:d6:6f:30:40:1b:26:96:6c:8b:bf:f4:
                    e7:da:e1:23:d1:9b:df:0d:1b:82:4b:6b:d9:51:52:
                    9d:bf:16:b4:ff:3c:97:6f:49:02:89:6b:37:35:02:
                    46:4b:ed:e8:ef:ef:99:28:a4:9e:97:a0:40:e8:da:
                    0d:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:87:19:12:84:AB:6B:37:71:EC:E5:71:4A:6A:B8:62:8B:B1:A8:D1
            X509v3 Authority Key Identifier:
                keyid:74:36:D6:E8:00:23:34:C7:43:4E:AC:DE:F8:BF:2C:E7:21:6C:95:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dDbW6AAjNMdDTqze-L8s5yFslT8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/5a1279-ba32-4840-ab9f-1805b3083886/1/qYcZEoSrazdx7OVxSmq4YouxqNE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/5a1279-ba32-4840-ab9f-1805b3083886/1/dDbW6AAjNMdDTqze-L8s5yFslT8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:778::/48

    Signature Algorithm: sha256WithRSAEncryption
         97:48:87:ef:6a:a2:e1:2a:fb:59:86:e6:11:7f:73:c7:bd:09:
         51:64:ea:a7:51:c4:90:8a:9f:73:a9:7e:3b:89:23:1c:85:b3:
         35:22:51:5a:10:94:9f:b6:67:8f:34:d3:1a:23:f7:60:27:e1:
         ce:11:84:e8:50:f8:b7:e9:48:48:c9:4c:4b:b0:c4:70:f8:e8:
         2e:e7:57:39:f9:bb:a4:d9:b4:60:dd:bb:d6:fd:0a:8a:dc:42:
         c4:58:ff:d6:65:48:ef:ff:3b:cd:8a:5d:0f:89:d1:2f:21:a9:
         1a:d2:e6:d9:c2:90:a5:9d:a7:00:e9:bc:5f:24:bb:b0:71:c5:
         b0:8a:25:28:89:44:0d:88:85:e1:8e:8b:a1:f0:a7:de:b7:b5:
         29:2c:8d:c5:8e:a7:79:43:cd:3f:59:ee:3d:ab:b4:1b:c3:be:
         9f:b6:42:ee:f0:78:ed:ae:2a:47:ce:43:b8:15:32:48:bb:88:
         16:c7:e8:f5:42:d5:ee:6c:c1:4c:54:b6:b8:63:27:ed:49:65:
         df:25:21:92:07:cb:b4:78:43:e7:29:85:e8:c3:3c:60:8d:f9:
         1c:91:3f:8d:d7:ac:2f:2b:08:bf:6a:cb:a8:ad:bd:84:67:56:
         d4:99:47:1b:0d:32:fc:bb:34:26:3d:c9:e8:9c:f9:27:a4:1e:
         c0:4e:01:e6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVt5j1ZvhOAeB/kHJK+uKqcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MzZkNmU4MDAyMzM0Yzc0MzRlYWNkZWY4YmYyY2U3MjE2
Yzk1M2YwHhcNMjMwMTAxMTUxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTg3MTkxMjg0YWI2YjM3NzFlY2U1NzE0YTZhYjg2MjhiYjFhOGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunFtGE64Z7vg0UPzipOV8YwFubrv
9x67VzMeTdJQEbYv3jrPzDJJ/vvQtmHepOe9GnXTMUJBNZ4d434MzVOtEsmV1lV2
reohb96vKlBl98EiVfsVMQCybv6fPpKpd9i58UWRwmjYYaS/txmL5aZUGmYzOvGG
iKoeu9PrLXUoiA1iU5eYwptF/USXhtbyDG5NmjFZcPPBuSG8DAa5WXF7Lvfk85bL
H8Efx8THVW+x/AYOLtWhETYkbgUWqfei3pJxGYWm6y3r1m8wQBsmlmyLv/Tn2uEj
0ZvfDRuCS2vZUVKdvxa0/zyXb0kCiWs3NQJGS+3o7++ZKKSel6BA6NoNewIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKmHGRKEq2s3cezlcUpquGKLsajRMB8GA1UdIwQY
MBaAFHQ21ugAIzTHQ06s3vi/LOchbJU/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZERiVzZBQWpOTWREVHF6ZS1MOHM1eUZzbFQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS81YTEyNzktYmEzMi00ODQwLWFiOWYt
MTgwNWIzMDgzODg2LzEvcVljWkVvU3JhemR4N09WeFNtcTRZb3V4cU5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS81YTEyNzktYmEzMi00ODQwLWFiOWYtMTgwNWIzMDgzODg2
LzEvZERiVzZBQWpOTWREVHF6ZS1MOHM1eUZzbFQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAd4
MA0GCSqGSIb3DQEBCwUAA4IBAQCXSIfvaqLhKvtZhuYRf3PHvQlRZOqnUcSQip9z
qX47iSMchbM1IlFaEJSftmePNNMaI/dgJ+HOEYToUPi36UhIyUxLsMRw+Ogu51c5
+buk2bRg3bvW/QqK3ELEWP/WZUjv/zvNil0PidEvIaka0ubZwpClnacA6bxfJLuw
ccWwiiUoiUQNiIXhjouh8Kfet7UpLI3Fjqd5Q80/We49q7Qbw76ftkLu8HjtripH
zkO4FTJIu4gWx+j1QtXubMFMVLa4YyftSWXfJSGSB8u0eEPnKYXowzxgjfkckT+N
16wvKwi/asuorb2EZ1bUmUcbDTL8uzQmPcnonPknpB7ATgHm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:11 2024 by rpki-client on console-fra.rpki-client.org