Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/4c7b8c-f131-4996-b8f5-5f9f0ac0fae7/1/SO8bK6EODp2QHkGbS4A1JbfAlk0.roa
File:                     SO8bK6EODp2QHkGbS4A1JbfAlk0.roa (raw, json)
Hash identifier:          Fr5b2oNThv3sJ78u0zLh5I2/iEQh74768pX0RxEUTcw=
Subject key identifier:   48:EF:1B:2B:A1:0E:0E:9D:90:1E:41:9B:4B:80:35:25:B7:C0:96:4D
Certificate issuer:       /CN=1a88af93845bd25386452dbdfaa0216e13caf8c7
Certificate serial:       01856E6669085C12F7B6BAFD2B9361DD4A3D
Authority key identifier: 1A:88:AF:93:84:5B:D2:53:86:45:2D:BD:FA:A0:21:6E:13:CA:F8:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Goivk4Rb0lOGRS29-qAhbhPK-Mc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/4c7b8c-f131-4996-b8f5-5f9f0ac0fae7/1/SO8bK6EODp2QHkGbS4A1JbfAlk0.roa
Signing time:             Sun 01 Jan 2023 17:34:43 +0000
ROA not before:           Sun 01 Jan 2023 17:34:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213103
IP address blocks:        2001:678:800::/48 maxlen: 48
                          2001:678:fd0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:66:69:08:5c:12:f7:b6:ba:fd:2b:93:61:dd:4a:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a88af93845bd25386452dbdfaa0216e13caf8c7
        Validity
            Not Before: Jan  1 17:34:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=48ef1b2ba10e0e9d901e419b4b803525b7c0964d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:95:79:66:ca:30:81:ba:af:95:d9:19:d8:43:
                    af:d3:ab:ad:d6:1d:48:39:14:1f:90:f6:f2:72:e4:
                    0b:63:b6:ac:58:e7:1b:25:9c:c8:98:fa:ee:6e:c9:
                    05:db:db:04:1e:1f:44:3e:1a:be:39:89:13:fd:50:
                    45:65:75:98:eb:72:44:47:03:b3:f9:14:1f:0c:a7:
                    f7:d0:70:18:1d:3f:e5:c0:19:cb:ad:87:ff:97:f7:
                    30:62:be:35:75:08:2c:27:24:0f:8f:b5:c9:00:6c:
                    04:a4:e6:2b:19:d7:d8:c4:96:79:fe:06:07:81:ac:
                    01:87:37:cd:a5:6b:f9:24:5d:df:8b:50:49:29:d3:
                    7f:67:e0:ed:87:4e:14:10:d7:80:49:33:e8:24:5c:
                    fd:d0:fc:f9:c6:f9:1c:a2:7b:08:dc:6e:06:09:06:
                    d6:06:a3:c7:32:5e:1d:5c:57:4e:37:b8:54:cb:d8:
                    7f:2c:91:dd:a7:e7:bc:05:06:2e:43:f2:77:a0:41:
                    1c:24:4e:1e:2f:c6:72:2e:28:0a:45:89:f7:01:b9:
                    95:e1:fa:ca:60:a3:0e:89:be:bf:67:7d:14:ee:74:
                    47:f8:30:fb:99:a9:21:c9:83:13:a3:e9:f1:83:78:
                    e3:b6:25:bb:aa:ab:90:03:84:7d:e8:d3:6b:16:96:
                    c0:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:EF:1B:2B:A1:0E:0E:9D:90:1E:41:9B:4B:80:35:25:B7:C0:96:4D
            X509v3 Authority Key Identifier:
                keyid:1A:88:AF:93:84:5B:D2:53:86:45:2D:BD:FA:A0:21:6E:13:CA:F8:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Goivk4Rb0lOGRS29-qAhbhPK-Mc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/4c7b8c-f131-4996-b8f5-5f9f0ac0fae7/1/SO8bK6EODp2QHkGbS4A1JbfAlk0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/4c7b8c-f131-4996-b8f5-5f9f0ac0fae7/1/Goivk4Rb0lOGRS29-qAhbhPK-Mc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:800::/48
                  2001:678:fd0::/48

    Signature Algorithm: sha256WithRSAEncryption
         25:8a:33:03:c2:06:3b:56:fe:57:6c:de:0c:77:d6:e6:af:00:
         81:cd:ce:28:63:8c:57:ef:7d:7a:5f:d3:2a:26:6a:95:9a:86:
         e3:c6:4c:ef:a3:0f:75:2e:71:cd:71:e8:ec:db:c3:93:b6:1d:
         92:cb:93:6a:93:e6:48:b1:28:c1:12:52:5a:92:e4:1b:87:17:
         57:14:66:03:a8:62:2c:fa:0a:31:17:ae:91:d4:e1:18:90:09:
         5a:f7:6a:dd:6a:15:5a:9b:6b:08:e3:7c:18:84:d9:62:03:0f:
         7a:06:2c:ba:9d:c9:cf:98:8d:c4:1c:d0:b6:bc:21:00:94:63:
         e7:a0:50:ad:3a:f1:ce:8b:79:91:7a:64:4a:b9:e1:35:e4:ba:
         05:96:44:ab:10:f2:16:47:21:cd:6f:01:1c:85:52:0b:98:9b:
         b4:aa:bb:cd:18:b3:7c:24:2a:52:13:4d:80:78:77:93:7a:74:
         1f:8b:60:c6:82:da:85:af:81:2c:d7:7a:6f:5f:bf:53:28:96:
         85:11:8d:e5:14:fb:b4:bf:29:db:27:69:4f:b4:08:eb:b5:75:
         b1:52:37:48:bb:10:36:39:99:1e:05:be:8c:e3:fe:f0:96:7b:
         36:e5:5c:fc:97:64:b8:a6:bd:c5:13:40:b4:8c:5b:8b:82:ac:
         d0:ca:ac:d7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuZmkIXBL3trr9K5Nh3Uo9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhODhhZjkzODQ1YmQyNTM4NjQ1MmRiZGZhYTAyMTZlMTNj
YWY4YzcwHhcNMjMwMTAxMTczNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGVmMWIyYmExMGUwZTlkOTAxZTQxOWI0YjgwMzUyNWI3YzA5NjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5V5ZsowgbqvldkZ2EOv06ut1h1I
ORQfkPbycuQLY7asWOcbJZzImPrubskF29sEHh9EPhq+OYkT/VBFZXWY63JERwOz
+RQfDKf30HAYHT/lwBnLrYf/l/cwYr41dQgsJyQPj7XJAGwEpOYrGdfYxJZ5/gYH
gawBhzfNpWv5JF3fi1BJKdN/Z+Dth04UENeASTPoJFz90Pz5xvkconsI3G4GCQbW
BqPHMl4dXFdON7hUy9h/LJHdp+e8BQYuQ/J3oEEcJE4eL8ZyLigKRYn3AbmV4frK
YKMOib6/Z30U7nRH+DD7makhyYMTo+nxg3jjtiW7qquQA4R96NNrFpbAJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEjvGyuhDg6dkB5Bm0uANSW3wJZNMB8GA1UdIwQY
MBaAFBqIr5OEW9JThkUtvfqgIW4TyvjHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR29pdms0UmIwbE9HUlMyOS1xQWhiaFBLLU1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy80YzdiOGMtZjEzMS00OTk2LWI4ZjUt
NWY5ZjBhYzBmYWU3LzEvU084Yks2RU9EcDJRSGtHYlM0QTFKYmZBbGswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy80YzdiOGMtZjEzMS00OTk2LWI4ZjUtNWY5ZjBhYzBmYWU3
LzEvR29pdms0UmIwbE9HUlMyOS1xQWhiaFBLLU1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGeAgA
AwcAIAEGeA/QMA0GCSqGSIb3DQEBCwUAA4IBAQAlijMDwgY7Vv5XbN4Md9bmrwCB
zc4oY4xX7316X9MqJmqVmobjxkzvow91LnHNcejs28OTth2Sy5Nqk+ZIsSjBElJa
kuQbhxdXFGYDqGIs+goxF66R1OEYkAla92rdahVam2sI43wYhNliAw96Biy6ncnP
mI3EHNC2vCEAlGPnoFCtOvHOi3mRemRKueE15LoFlkSrEPIWRyHNbwEchVILmJu0
qrvNGLN8JCpSE02AeHeTenQfi2DGgtqFr4Es13pvX79TKJaFEY3lFPu0vynbJ2lP
tAjrtXWxUjdIuxA2OZkeBb6M4/7wlns25Vz8l2S4pr3FE0C0jFuLgqzQyqzX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:24 2024 by rpki-client on console-fra.rpki-client.org