Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/v1hcLDvaBlVM99Qk0fmvK5j03F0.roa
File:                     v1hcLDvaBlVM99Qk0fmvK5j03F0.roa (raw, json)
Hash identifier:          q4MiCkdD53IRw8Zzyp++XIvAGLLm4v04gyfVDoy9FUk=
Subject key identifier:   BF:58:5C:2C:3B:DA:06:55:4C:F7:D4:24:D1:F9:AF:2B:98:F4:DC:5D
Certificate issuer:       /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial:       01871F0FE06398CC35927126855848A9314A
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/v1hcLDvaBlVM99Qk0fmvK5j03F0.roa
Signing time:             Sun 26 Mar 2023 17:55:46 +0000
ROA not before:           Sun 26 Mar 2023 17:55:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204693
IP address blocks:        2a0a:280:2500::/40 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:31:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:1f:0f:e0:63:98:cc:35:92:71:26:85:58:48:a9:31:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
        Validity
            Not Before: Mar 26 17:55:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bf585c2c3bda06554cf7d424d1f9af2b98f4dc5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:5c:50:9b:f3:60:4f:8d:9d:5b:23:f0:10:54:
                    67:85:70:46:f1:14:05:b8:ff:8f:9f:fd:1c:ee:1c:
                    d0:37:94:c5:d6:10:c1:9c:d1:17:3e:ce:52:09:01:
                    3b:4b:8e:eb:b9:a5:50:6e:52:cf:48:c7:f1:61:7e:
                    cd:58:3e:96:29:df:38:de:58:66:dd:85:84:2b:d0:
                    ee:09:a7:e5:f6:00:d2:db:91:a1:65:c5:ba:0b:b6:
                    de:cb:c1:f7:23:79:45:26:53:c3:b7:94:d9:e2:d3:
                    cb:7c:6a:c1:e4:86:27:07:be:ce:a8:9a:33:90:08:
                    16:2b:17:4a:01:b6:f5:2a:38:c5:5a:d3:b9:a9:cf:
                    5b:28:83:eb:95:e7:7a:f0:eb:da:f3:ad:dd:84:55:
                    2b:72:7e:d5:7a:d5:43:e6:0d:d0:52:f4:e3:f8:da:
                    68:09:7a:4e:5a:cb:3c:07:99:17:ba:ea:db:b9:fb:
                    ef:fb:b4:d7:ef:97:8a:bd:2f:fe:3f:69:75:b2:a1:
                    89:dc:41:55:1f:bf:2e:26:da:a7:28:0c:24:e7:78:
                    c5:2f:e7:d5:91:50:a2:f9:47:e3:08:e1:c9:f4:5f:
                    f9:eb:ee:18:87:b4:25:fa:2a:41:a2:54:82:b7:0f:
                    ae:e2:d8:4d:76:cb:01:a5:cc:4d:af:b3:86:99:e1:
                    bd:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:58:5C:2C:3B:DA:06:55:4C:F7:D4:24:D1:F9:AF:2B:98:F4:DC:5D
            X509v3 Authority Key Identifier:
                keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/v1hcLDvaBlVM99Qk0fmvK5j03F0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:280:2500::/40

    Signature Algorithm: sha256WithRSAEncryption
         43:75:5b:e4:4e:20:fb:7e:ce:3f:6c:a9:2e:84:7e:ba:18:43:
         44:47:6d:1b:92:d7:6a:41:a9:b3:38:10:16:99:4e:09:50:05:
         fc:7f:a8:04:60:f5:7d:22:fc:0b:76:99:65:bd:2c:62:e0:4e:
         e6:a5:37:28:62:86:6f:96:a6:a4:9e:f7:80:05:13:bc:ea:33:
         d7:8b:55:33:01:a6:f5:0d:17:74:f1:a1:86:1f:cd:34:b8:45:
         d9:49:4c:95:f5:ca:6b:c0:88:a7:e3:9e:53:58:7e:3c:fb:17:
         39:a7:db:06:66:d8:b5:41:a3:df:8c:6c:f9:00:ec:8e:a0:92:
         40:f0:28:aa:b5:34:b0:9c:f3:dd:21:7b:07:12:cb:8c:4b:36:
         1e:12:75:7a:93:7f:53:c7:4b:96:87:cf:ca:9f:c8:56:90:63:
         c6:77:02:e5:96:1a:db:64:52:93:bf:3d:d4:e8:6c:30:e5:cc:
         34:39:db:6b:6f:2c:a3:36:c4:cc:38:74:86:18:02:c8:85:1d:
         07:78:80:d8:0f:ec:69:4c:0c:fc:42:95:44:79:3a:15:95:9e:
         0c:7a:b1:d8:a9:5f:a6:f1:15:c9:85:21:49:66:eb:7d:3f:a8:
         9f:c0:c8:b1:06:e3:2d:b6:8b:45:1f:4c:51:a9:5c:66:64:26:
         04:f6:0a:9b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYcfD+BjmMw1knEmhVhIqTFKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwMzI2MTc1NTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjU4NWMyYzNiZGEwNjU1NGNmN2Q0MjRkMWY5YWYyYjk4ZjRkYzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFxQm/NgT42dWyPwEFRnhXBG8RQF
uP+Pn/0c7hzQN5TF1hDBnNEXPs5SCQE7S47ruaVQblLPSMfxYX7NWD6WKd843lhm
3YWEK9DuCafl9gDS25GhZcW6C7bey8H3I3lFJlPDt5TZ4tPLfGrB5IYnB77OqJoz
kAgWKxdKAbb1KjjFWtO5qc9bKIPrled68Ova863dhFUrcn7VetVD5g3QUvTj+Npo
CXpOWss8B5kXuurbufvv+7TX75eKvS/+P2l1sqGJ3EFVH78uJtqnKAwk53jFL+fV
kVCi+UfjCOHJ9F/56+4Yh7Ql+ipBolSCtw+u4thNdssBpcxNr7OGmeG9uQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFL9YXCw72gZVTPfUJNH5ryuY9NxdMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvdjFoY0xEdmFCbFZNOTlRazBmbXZLNWowM0YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgCUw
DQYJKoZIhvcNAQELBQADggEBAEN1W+ROIPt+zj9sqS6EfroYQ0RHbRuS12pBqbM4
EBaZTglQBfx/qARg9X0i/At2mWW9LGLgTualNyhihm+WpqSe94AFE7zqM9eLVTMB
pvUNF3TxoYYfzTS4RdlJTJX1ymvAiKfjnlNYfjz7Fzmn2wZm2LVBo9+MbPkA7I6g
kkDwKKq1NLCc890hewcSy4xLNh4SdXqTf1PHS5aHz8qfyFaQY8Z3AuWWGttkUpO/
PdTobDDlzDQ522tvLKM2xMw4dIYYAsiFHQd4gNgP7GlMDPxClUR5OhWVngx6sdip
X6bxFcmFIUlm630/qJ/AyLEG4y22i0UfTFGpXGZkJgT2Cps=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:06 2024 by rpki-client on console-ams.rpki-client.org