Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/e7d1a9-ac76-4a9f-b175-47c10a5ce534/1/1luxWKPVzQJmHlL0RByoT9_D0Ts.roa
File:                     1luxWKPVzQJmHlL0RByoT9_D0Ts.roa (raw, json)
Hash identifier:          DsPuNQmm5oOjjXdmb8argIyV+8HIC6IDWjXsdG0pzTg=
Subject key identifier:   D6:5B:B1:58:A3:D5:CD:02:66:1E:52:F4:44:1C:A8:4F:DF:C3:D1:3B
Certificate issuer:       /CN=e12f64f7f697aa9b6e9982c0b76bb7842133876a
Certificate serial:       0187949A6E81926EF36DBA1BC4F295938814
Authority key identifier: E1:2F:64:F7:F6:97:AA:9B:6E:99:82:C0:B7:6B:B7:84:21:33:87:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4S9k9_aXqptumYLAt2u3hCEzh2o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/e7d1a9-ac76-4a9f-b175-47c10a5ce534/1/1luxWKPVzQJmHlL0RByoT9_D0Ts.roa
Signing time:             Tue 18 Apr 2023 13:42:41 +0000
ROA not before:           Tue 18 Apr 2023 13:42:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199685
IP address blocks:        2001:67c:2aa0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:94:9a:6e:81:92:6e:f3:6d:ba:1b:c4:f2:95:93:88:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e12f64f7f697aa9b6e9982c0b76bb7842133876a
        Validity
            Not Before: Apr 18 13:42:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d65bb158a3d5cd02661e52f4441ca84fdfc3d13b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:37:ff:f5:e8:b8:1d:68:33:be:88:4c:bc:51:
                    1c:b6:bb:01:3f:a9:86:71:30:0d:3a:d4:d0:3d:4c:
                    ce:22:da:72:db:88:fb:aa:98:23:f0:dc:22:cc:0e:
                    c8:a0:ec:b6:5d:c6:33:29:97:15:b8:78:ef:0b:3a:
                    c4:15:50:d4:ec:31:a9:b6:7d:e6:5f:20:71:6c:a8:
                    24:d6:88:c9:f1:d9:1c:7d:06:4f:b2:ae:a4:71:92:
                    fd:19:14:f0:01:5e:19:10:6b:8b:14:b5:e3:47:54:
                    ab:ba:a2:82:d2:05:e9:a0:9d:3b:f2:21:b1:1d:58:
                    a8:87:c2:ea:a0:ac:f8:99:10:2e:3a:37:98:e1:29:
                    7a:75:a8:62:c7:b1:f5:1f:73:17:ee:ea:d0:de:be:
                    d4:9a:3a:26:7c:f0:3e:66:63:a4:b4:a7:be:91:ca:
                    5a:f6:f2:87:6e:f0:ac:f2:33:d4:d2:70:ce:cb:df:
                    b6:d6:bd:29:32:b1:dc:9c:d2:04:78:3b:cb:03:0b:
                    95:27:40:92:91:9a:9b:3f:24:7c:84:5f:62:98:0f:
                    1b:04:fe:3f:ba:86:18:12:8c:14:40:eb:27:e2:1f:
                    48:90:65:a1:69:76:43:50:46:f2:01:c1:f5:2d:1a:
                    48:ea:f6:7e:6d:12:ca:fe:47:3c:7b:3f:45:12:df:
                    66:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:5B:B1:58:A3:D5:CD:02:66:1E:52:F4:44:1C:A8:4F:DF:C3:D1:3B
            X509v3 Authority Key Identifier:
                keyid:E1:2F:64:F7:F6:97:AA:9B:6E:99:82:C0:B7:6B:B7:84:21:33:87:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4S9k9_aXqptumYLAt2u3hCEzh2o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e7d1a9-ac76-4a9f-b175-47c10a5ce534/1/1luxWKPVzQJmHlL0RByoT9_D0Ts.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e7d1a9-ac76-4a9f-b175-47c10a5ce534/1/4S9k9_aXqptumYLAt2u3hCEzh2o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:2aa0::/48

    Signature Algorithm: sha256WithRSAEncryption
         3d:0a:1e:76:2f:3f:10:40:9a:73:4c:1a:18:bd:14:d2:d4:d0:
         a0:0a:7a:63:37:8e:16:52:00:08:bf:0c:67:ad:2f:e1:89:84:
         22:91:35:cf:c6:5d:71:ac:ce:b0:0e:b4:65:b3:f7:fd:2a:8c:
         fd:bc:fe:0e:6f:53:6a:38:0d:e7:bf:99:a7:53:2c:ca:39:96:
         66:37:d2:fb:b5:62:f1:18:91:51:6e:ae:d4:99:69:fe:ed:a1:
         68:50:d6:c6:fe:43:e2:77:1a:30:47:79:a1:c1:96:7c:58:84:
         1a:1c:14:ca:fc:a9:96:bb:cc:09:d0:50:30:8e:41:2e:ba:0e:
         93:d3:57:81:f6:68:e9:7e:96:77:99:d3:7d:cc:76:5a:24:ee:
         81:f0:f8:80:ed:1c:5a:2e:1e:3e:e6:01:50:a9:0e:8d:ea:55:
         ab:8e:ba:7e:4a:26:e3:de:21:60:3b:42:ae:2f:92:5e:7e:5b:
         a2:55:fb:70:00:35:62:66:e7:82:e1:f6:e0:f4:1e:eb:d7:73:
         35:63:c7:f8:b8:3b:91:d4:0b:74:67:39:d8:cc:c2:d5:32:19:
         b8:c9:d7:04:70:b8:38:8a:8d:86:0a:d4:a5:0b:56:36:b9:11:
         ab:85:3c:a2:01:6b:97:ae:3f:99:da:ab:b2:2b:f5:07:2a:b5:
         c7:68:e9:96
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYeUmm6Bkm7zbbobxPKVk4gUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMmY2NGY3ZjY5N2FhOWI2ZTk5ODJjMGI3NmJiNzg0MjEz
Mzg3NmEwHhcNMjMwNDE4MTM0MjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjViYjE1OGEzZDVjZDAyNjYxZTUyZjQ0NDFjYTg0ZmRmYzNkMTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTf/9ei4HWgzvohMvFEctrsBP6mG
cTANOtTQPUzOItpy24j7qpgj8NwizA7IoOy2XcYzKZcVuHjvCzrEFVDU7DGptn3m
XyBxbKgk1ojJ8dkcfQZPsq6kcZL9GRTwAV4ZEGuLFLXjR1SruqKC0gXpoJ078iGx
HVioh8LqoKz4mRAuOjeY4Sl6dahix7H1H3MX7urQ3r7UmjomfPA+ZmOktKe+kcpa
9vKHbvCs8jPU0nDOy9+21r0pMrHcnNIEeDvLAwuVJ0CSkZqbPyR8hF9imA8bBP4/
uoYYEowUQOsn4h9IkGWhaXZDUEbyAcH1LRpI6vZ+bRLK/kc8ez9FEt9mPwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNZbsVij1c0CZh5S9EQcqE/fw9E7MB8GA1UdIwQY
MBaAFOEvZPf2l6qbbpmCwLdrt4QhM4dqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFM5azlfYVhxcHR1bVlMQXQydTNoQ0V6aDJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9lN2QxYTktYWM3Ni00YTlmLWIxNzUt
NDdjMTBhNWNlNTM0LzEvMWx1eFdLUFZ6UUptSGxMMFJCeW9UOV9EMFRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9lN2QxYTktYWM3Ni00YTlmLWIxNzUtNDdjMTBhNWNlNTM0
LzEvNFM5azlfYVhxcHR1bVlMQXQydTNoQ0V6aDJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCqg
MA0GCSqGSIb3DQEBCwUAA4IBAQA9Ch52Lz8QQJpzTBoYvRTS1NCgCnpjN44WUgAI
vwxnrS/hiYQikTXPxl1xrM6wDrRls/f9Koz9vP4Ob1NqOA3nv5mnUyzKOZZmN9L7
tWLxGJFRbq7UmWn+7aFoUNbG/kPidxowR3mhwZZ8WIQaHBTK/KmWu8wJ0FAwjkEu
ug6T01eB9mjpfpZ3mdN9zHZaJO6B8PiA7RxaLh4+5gFQqQ6N6lWrjrp+Sibj3iFg
O0KuL5JefluiVftwADViZueC4fbg9B7r13M1Y8f4uDuR1At0ZznYzMLVMhm4ydcE
cLg4io2GCtSlC1Y2uRGrhTyiAWuXrj+Z2quyK/UHKrXHaOmW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:22 2024 by rpki-client on console-fra.rpki-client.org