Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/yRfwpB7Xzzk81u50TxUqWHRELL4.roa
File:                     yRfwpB7Xzzk81u50TxUqWHRELL4.roa (raw, json)
Hash identifier:          sy9cfpIxCTcHGLaNLNlID5vtCNcUeIyOJT0K3w5tia8=
Subject key identifier:   C9:17:F0:A4:1E:D7:CF:39:3C:D6:EE:74:4F:15:2A:58:74:44:2C:BE
Certificate issuer:       /CN=b58522dac6bcde8c481333599132a16200e6a5be
Certificate serial:       0186A24F441233B3A9083DBF2FCCE8861DF6
Authority key identifier: B5:85:22:DA:C6:BC:DE:8C:48:13:33:59:91:32:A1:62:00:E6:A5:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tYUi2sa83oxIEzNZkTKhYgDmpb4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/yRfwpB7Xzzk81u50TxUqWHRELL4.roa
Signing time:             Thu 02 Mar 2023 12:32:29 +0000
ROA not before:           Thu 02 Mar 2023 12:32:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199678
IP address blocks:        2001:67c:12d4::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:a2:4f:44:12:33:b3:a9:08:3d:bf:2f:cc:e8:86:1d:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b58522dac6bcde8c481333599132a16200e6a5be
        Validity
            Not Before: Mar  2 12:32:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c917f0a41ed7cf393cd6ee744f152a5874442cbe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:77:a6:a8:65:6d:43:6d:7e:b3:8a:40:28:46:
                    7d:45:c5:c3:a0:b6:23:a8:3d:ea:4d:86:19:a7:cf:
                    95:29:ee:f9:d1:d6:1a:6e:3d:e6:e0:6e:9f:4d:03:
                    bb:ff:d4:e5:89:21:d2:78:6c:5d:5e:60:e8:72:1d:
                    46:ab:d8:ef:43:70:11:5c:2a:d9:b7:bc:50:6b:97:
                    3a:e7:c5:0f:eb:ac:5b:c4:22:5c:3e:b1:98:62:32:
                    60:da:b3:cb:b6:c0:e0:96:5b:e4:f8:4f:3a:7d:d1:
                    c6:66:ee:53:d2:8c:12:75:b7:61:e7:98:41:23:fa:
                    f4:5a:34:85:fc:09:3b:4b:ac:64:d4:54:70:63:e7:
                    31:f5:68:c4:31:c6:44:a5:1c:e2:04:3a:29:8a:ca:
                    51:18:e5:2f:73:90:91:00:71:0c:69:27:c6:81:63:
                    13:0b:87:96:77:10:4c:c0:ff:f7:a3:46:de:06:24:
                    77:ee:fa:3e:23:ff:0e:79:1b:de:18:4e:dd:88:69:
                    8b:68:37:d4:e8:d3:aa:d5:5e:80:83:fd:e3:69:2c:
                    2f:51:a6:df:4c:a9:0d:17:41:4d:0f:22:62:ee:f3:
                    a0:c0:e8:68:c9:3a:1e:a7:16:51:b6:b2:18:04:7d:
                    b8:a7:30:b6:32:89:ed:03:1c:b3:68:9a:6f:9f:4b:
                    51:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:17:F0:A4:1E:D7:CF:39:3C:D6:EE:74:4F:15:2A:58:74:44:2C:BE
            X509v3 Authority Key Identifier:
                keyid:B5:85:22:DA:C6:BC:DE:8C:48:13:33:59:91:32:A1:62:00:E6:A5:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tYUi2sa83oxIEzNZkTKhYgDmpb4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/yRfwpB7Xzzk81u50TxUqWHRELL4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/tYUi2sa83oxIEzNZkTKhYgDmpb4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:12d4::/48

    Signature Algorithm: sha256WithRSAEncryption
         a9:99:7d:06:17:31:0b:e0:d3:84:65:06:a1:83:e9:95:9c:c2:
         93:05:3c:28:c9:a6:cc:e2:e2:69:5f:b1:89:f5:11:89:96:c6:
         e8:c3:b5:56:be:e5:a4:0e:9e:23:fb:ee:32:44:25:5e:fe:0b:
         79:b9:4d:d4:a1:33:b7:de:4a:2e:85:94:77:e9:a4:47:99:61:
         04:9f:56:04:8b:f7:02:03:31:01:83:8d:e9:fa:97:b5:ee:70:
         c9:93:d1:f9:d5:ae:7e:e1:3c:32:0c:fe:23:dd:20:4a:d3:5f:
         10:6b:1a:88:51:9f:cf:27:50:cb:08:f6:2a:34:65:be:c6:a4:
         9c:ab:ed:82:17:21:f9:2f:24:3a:5c:c6:ea:0c:a9:96:15:5a:
         17:5a:d8:36:1f:4d:a4:84:27:b7:fd:38:02:d8:13:b8:8f:f1:
         19:07:a9:ff:23:52:97:fb:8e:9b:06:95:aa:5a:42:3a:fe:50:
         54:20:3e:5d:9f:c2:5b:9a:a3:a3:8f:79:61:d0:27:1c:40:32:
         35:85:af:02:6e:2f:27:db:33:a8:c5:f8:51:17:be:e0:1d:d1:
         33:3b:01:bf:2a:35:e5:b8:e6:ca:21:11:9a:86:3d:b1:b5:df:
         0e:68:1b:24:4c:f6:96:45:3a:ed:fd:7e:b9:a9:f7:c0:7e:f2:
         bf:8c:ff:b2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYaiT0QSM7OpCD2/L8zohh32MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1ODUyMmRhYzZiY2RlOGM0ODEzMzM1OTkxMzJhMTYyMDBl
NmE1YmUwHhcNMjMwMzAyMTIzMjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTE3ZjBhNDFlZDdjZjM5M2NkNmVlNzQ0ZjE1MmE1ODc0NDQyY2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinemqGVtQ21+s4pAKEZ9RcXDoLYj
qD3qTYYZp8+VKe750dYabj3m4G6fTQO7/9TliSHSeGxdXmDoch1Gq9jvQ3ARXCrZ
t7xQa5c658UP66xbxCJcPrGYYjJg2rPLtsDgllvk+E86fdHGZu5T0owSdbdh55hB
I/r0WjSF/Ak7S6xk1FRwY+cx9WjEMcZEpRziBDopispRGOUvc5CRAHEMaSfGgWMT
C4eWdxBMwP/3o0beBiR37vo+I/8OeRveGE7diGmLaDfU6NOq1V6Ag/3jaSwvUabf
TKkNF0FNDyJi7vOgwOhoyToepxZRtrIYBH24pzC2MontAxyzaJpvn0tRawIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMkX8KQe1885PNbudE8VKlh0RCy+MB8GA1UdIwQY
MBaAFLWFItrGvN6MSBMzWZEyoWIA5qW+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFlVaTJzYTgzb3hJRXpOWmtUS2hZZ0RtcGI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC84YjVkMmEtNGJjNC00MDZmLTk3ZDUt
YmEzOTQ3YzliMjJiLzEveVJmd3BCN1h6ems4MXU1MFR4VXFXSFJFTEw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC84YjVkMmEtNGJjNC00MDZmLTk3ZDUtYmEzOTQ3YzliMjJi
LzEvdFlVaTJzYTgzb3hJRXpOWmtUS2hZZ0RtcGI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBLU
MA0GCSqGSIb3DQEBCwUAA4IBAQCpmX0GFzEL4NOEZQahg+mVnMKTBTwoyabM4uJp
X7GJ9RGJlsbow7VWvuWkDp4j++4yRCVe/gt5uU3UoTO33kouhZR36aRHmWEEn1YE
i/cCAzEBg43p+pe17nDJk9H51a5+4TwyDP4j3SBK018QaxqIUZ/PJ1DLCPYqNGW+
xqScq+2CFyH5LyQ6XMbqDKmWFVoXWtg2H02khCe3/TgC2BO4j/EZB6n/I1KX+46b
BpWqWkI6/lBUID5dn8JbmqOjj3lh0CccQDI1ha8Cbi8n2zOoxfhRF77gHdEzOwG/
KjXluObKIRGahj2xtd8OaBskTPaWRTrt/X65qffAfvK/jP+y
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:31 2024 by rpki-client on console-ams.rpki-client.org