Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/2cD4hfWwteiWbAuOnPN9lUwJFlg.roa
File:                     2cD4hfWwteiWbAuOnPN9lUwJFlg.roa (raw, json)
Hash identifier:          edP3EQ31rb70LDJW8ZYJjR5dq9ZPqOEbwGuYXQbSc5E=
Subject key identifier:   D9:C0:F8:85:F5:B0:B5:E8:96:6C:0B:8E:9C:F3:7D:95:4C:09:16:58
Certificate issuer:       /CN=b58522dac6bcde8c481333599132a16200e6a5be
Certificate serial:       0186A2502FB0B32878196B1F9D927161B12F
Authority key identifier: B5:85:22:DA:C6:BC:DE:8C:48:13:33:59:91:32:A1:62:00:E6:A5:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tYUi2sa83oxIEzNZkTKhYgDmpb4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/2cD4hfWwteiWbAuOnPN9lUwJFlg.roa
Signing time:             Thu 02 Mar 2023 12:33:29 +0000
ROA not before:           Thu 02 Mar 2023 12:33:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49825
IP address blocks:        2001:67c:12d4::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:a2:50:2f:b0:b3:28:78:19:6b:1f:9d:92:71:61:b1:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b58522dac6bcde8c481333599132a16200e6a5be
        Validity
            Not Before: Mar  2 12:33:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d9c0f885f5b0b5e8966c0b8e9cf37d954c091658
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:85:26:8c:18:10:49:9a:43:14:55:9a:b2:ca:
                    1f:01:f3:7e:49:46:6e:80:09:53:72:d6:50:db:bb:
                    5b:76:e0:e6:69:50:85:86:6e:5a:fa:79:67:29:36:
                    90:05:36:48:42:c4:15:6c:1b:ae:20:1a:dd:06:f7:
                    fc:31:f9:5c:56:07:f2:26:63:db:25:d3:e0:f9:c0:
                    15:c0:6d:7a:d1:60:02:9a:b5:ad:6a:b1:3b:53:6e:
                    2b:1f:76:01:ec:8e:d5:84:f9:17:54:34:bd:fb:89:
                    d7:ec:ca:da:8e:aa:b5:6a:a6:5b:4d:36:c9:7d:57:
                    43:fe:9d:5b:37:49:98:4e:da:aa:29:97:a7:d0:e9:
                    7f:93:16:51:cc:f1:2a:f8:01:7f:a1:71:6e:84:e6:
                    c9:37:69:c3:1c:eb:09:9b:fa:2f:2e:49:1c:d3:4c:
                    4c:b6:2f:ab:55:c5:5e:b5:81:be:6e:ec:51:d5:4e:
                    09:35:c0:c3:84:a7:d3:a0:cd:a7:18:9d:1f:a4:d0:
                    01:c0:e4:21:fa:80:1b:2c:59:ba:88:ce:04:c8:4b:
                    59:75:dd:55:bd:76:2f:c3:be:b9:f1:26:d0:c3:c2:
                    ae:2e:d6:ea:9f:eb:3f:ff:f6:89:d9:34:cc:7a:a9:
                    b5:3c:44:85:f1:50:66:67:08:af:14:9e:13:52:7b:
                    c4:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:C0:F8:85:F5:B0:B5:E8:96:6C:0B:8E:9C:F3:7D:95:4C:09:16:58
            X509v3 Authority Key Identifier:
                keyid:B5:85:22:DA:C6:BC:DE:8C:48:13:33:59:91:32:A1:62:00:E6:A5:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tYUi2sa83oxIEzNZkTKhYgDmpb4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/2cD4hfWwteiWbAuOnPN9lUwJFlg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/tYUi2sa83oxIEzNZkTKhYgDmpb4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:12d4::/48

    Signature Algorithm: sha256WithRSAEncryption
         a2:61:d9:7d:62:37:c5:01:f9:75:bb:13:66:c8:2b:a5:08:38:
         7a:28:5c:2d:a6:de:14:4d:23:6b:c6:1f:97:92:f0:67:16:e6:
         c1:3b:9b:d4:93:0b:df:30:b2:56:05:9a:05:d3:9c:11:12:cb:
         8b:8f:a9:7c:96:52:1b:16:9c:4c:2c:02:95:2a:e4:de:a6:76:
         c0:8d:39:69:11:04:7d:c5:60:2f:73:9b:b8:37:d5:6c:8f:9a:
         9b:d2:9a:71:bd:3b:9d:c1:de:da:ce:e9:b6:73:7a:81:fb:d3:
         e3:91:57:cd:6d:36:1e:62:d4:27:c8:26:fb:da:9e:f1:ea:a3:
         75:93:8a:5c:d8:67:58:d6:c4:cc:74:40:67:f6:fb:87:ba:38:
         02:77:fa:2f:ff:99:ac:31:af:40:5f:24:ce:bd:35:75:ae:02:
         e3:72:9c:83:07:e5:4e:5e:d2:f4:b6:5d:e2:7e:4e:3e:e0:1a:
         37:9e:32:ed:d6:5d:c3:76:0b:2e:0a:34:67:53:e4:4a:80:da:
         2e:fd:2e:ca:4a:30:5a:ee:f3:58:8b:ba:e6:f6:0b:36:d5:6b:
         67:3e:af:f9:ae:44:0d:fc:23:74:8f:57:e9:c4:15:38:4c:a8:
         5d:53:23:14:a9:a6:05:70:2d:fd:5b:39:5d:c7:97:82:98:44:
         16:82:da:98
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYaiUC+wsyh4GWsfnZJxYbEvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1ODUyMmRhYzZiY2RlOGM0ODEzMzM1OTkxMzJhMTYyMDBl
NmE1YmUwHhcNMjMwMzAyMTIzMzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWMwZjg4NWY1YjBiNWU4OTY2YzBiOGU5Y2YzN2Q5NTRjMDkxNjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4UmjBgQSZpDFFWassofAfN+SUZu
gAlTctZQ27tbduDmaVCFhm5a+nlnKTaQBTZIQsQVbBuuIBrdBvf8MflcVgfyJmPb
JdPg+cAVwG160WACmrWtarE7U24rH3YB7I7VhPkXVDS9+4nX7Mrajqq1aqZbTTbJ
fVdD/p1bN0mYTtqqKZen0Ol/kxZRzPEq+AF/oXFuhObJN2nDHOsJm/ovLkkc00xM
ti+rVcVetYG+buxR1U4JNcDDhKfToM2nGJ0fpNABwOQh+oAbLFm6iM4EyEtZdd1V
vXYvw7658SbQw8KuLtbqn+s///aJ2TTMeqm1PESF8VBmZwivFJ4TUnvE4wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNnA+IX1sLXolmwLjpzzfZVMCRZYMB8GA1UdIwQY
MBaAFLWFItrGvN6MSBMzWZEyoWIA5qW+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFlVaTJzYTgzb3hJRXpOWmtUS2hZZ0RtcGI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC84YjVkMmEtNGJjNC00MDZmLTk3ZDUt
YmEzOTQ3YzliMjJiLzEvMmNENGhmV3d0ZWlXYkF1T25QTjlsVXdKRmxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC84YjVkMmEtNGJjNC00MDZmLTk3ZDUtYmEzOTQ3YzliMjJi
LzEvdFlVaTJzYTgzb3hJRXpOWmtUS2hZZ0RtcGI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBLU
MA0GCSqGSIb3DQEBCwUAA4IBAQCiYdl9YjfFAfl1uxNmyCulCDh6KFwtpt4UTSNr
xh+XkvBnFubBO5vUkwvfMLJWBZoF05wREsuLj6l8llIbFpxMLAKVKuTepnbAjTlp
EQR9xWAvc5u4N9Vsj5qb0ppxvTudwd7azum2c3qB+9PjkVfNbTYeYtQnyCb72p7x
6qN1k4pc2GdY1sTMdEBn9vuHujgCd/ov/5msMa9AXyTOvTV1rgLjcpyDB+VOXtL0
tl3ifk4+4Bo3njLt1l3DdgsuCjRnU+RKgNou/S7KSjBa7vNYi7rm9gs21WtnPq/5
rkQN/CN0j1fpxBU4TKhdUyMUqaYFcC39Wzldx5eCmEQWgtqY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:11 2024 by rpki-client on console-fra.rpki-client.org