Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/e7d1a9-ac76-4a9f-b175-47c10a5ce534/1/YE9AJGeummXszLAV__7L1z8s-fA.roa
File:                     YE9AJGeummXszLAV__7L1z8s-fA.roa (raw, json)
Hash identifier:          sp0u1zxALSWE1yeWrfo6TrRk4sKtgUDYULXlW2Wx9sU=
Subject key identifier:   60:4F:40:24:67:AE:9A:65:EC:CC:B0:15:FF:FE:CB:D7:3F:2C:F9:F0
Certificate issuer:       /CN=e12f64f7f697aa9b6e9982c0b76bb7842133876a
Certificate serial:       018872617EA5A92A309FAC5E246F7032119A
Authority key identifier: E1:2F:64:F7:F6:97:AA:9B:6E:99:82:C0:B7:6B:B7:84:21:33:87:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4S9k9_aXqptumYLAt2u3hCEzh2o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/e7d1a9-ac76-4a9f-b175-47c10a5ce534/1/YE9AJGeummXszLAV__7L1z8s-fA.roa
Signing time:             Wed 31 May 2023 15:16:11 +0000
ROA not before:           Wed 31 May 2023 15:16:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61298
IP address blocks:        2001:67c:2aa0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:72:61:7e:a5:a9:2a:30:9f:ac:5e:24:6f:70:32:11:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e12f64f7f697aa9b6e9982c0b76bb7842133876a
        Validity
            Not Before: May 31 15:16:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=604f402467ae9a65ecccb015fffecbd73f2cf9f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:31:a3:a4:a5:7d:de:ff:31:00:7b:9d:7a:09:
                    48:cd:70:5c:a7:0d:a6:67:57:77:f8:1d:6e:8e:51:
                    5e:09:2b:6d:5b:f7:c5:99:f3:98:4a:ce:77:9d:95:
                    62:83:21:24:a7:48:ed:14:54:43:62:25:94:4f:e8:
                    6c:37:dd:ae:ef:99:29:22:d7:5c:d4:b1:85:7d:d0:
                    3a:b9:23:1e:4f:a6:a4:9a:36:ba:34:f2:74:7c:8e:
                    24:e9:e9:6d:f6:87:c7:1e:29:cb:ea:ac:29:ee:53:
                    01:f3:c6:15:f1:f2:ba:a8:ab:80:7a:e2:89:b9:35:
                    42:e3:0a:b4:f8:13:72:a5:bb:47:f1:6c:4c:d9:f1:
                    2a:75:fc:66:ab:26:a2:60:da:6b:d6:fb:c9:df:ec:
                    4b:e2:79:60:f7:8c:71:27:ea:77:89:c9:62:cd:00:
                    b5:7c:37:5a:d1:24:56:37:94:e7:8c:28:06:98:63:
                    be:36:91:01:9f:cc:fb:10:23:17:37:f0:b0:7c:e2:
                    52:44:d4:18:96:f1:b1:c7:ca:d6:d6:0b:cc:1b:b8:
                    84:4e:a4:d2:8f:fc:5c:03:7f:2b:8a:06:35:cb:21:
                    d4:72:ad:b9:05:b1:ff:f5:0c:24:d5:a9:76:ab:d4:
                    68:81:78:5a:73:70:bd:82:65:a1:3d:17:d9:eb:49:
                    5a:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:4F:40:24:67:AE:9A:65:EC:CC:B0:15:FF:FE:CB:D7:3F:2C:F9:F0
            X509v3 Authority Key Identifier:
                keyid:E1:2F:64:F7:F6:97:AA:9B:6E:99:82:C0:B7:6B:B7:84:21:33:87:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4S9k9_aXqptumYLAt2u3hCEzh2o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e7d1a9-ac76-4a9f-b175-47c10a5ce534/1/YE9AJGeummXszLAV__7L1z8s-fA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e7d1a9-ac76-4a9f-b175-47c10a5ce534/1/4S9k9_aXqptumYLAt2u3hCEzh2o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:2aa0::/48

    Signature Algorithm: sha256WithRSAEncryption
         7a:76:ec:78:68:e1:49:0a:41:1d:7f:fd:82:ab:d5:1f:e6:4e:
         1b:9c:5c:f9:15:a0:bf:e3:66:e5:8a:f9:b1:93:6e:24:81:c6:
         2f:7f:f0:4e:0f:12:18:21:a8:13:09:ec:7f:26:1f:e9:1e:5a:
         ca:da:93:8a:0e:a7:ef:80:5b:13:5b:04:a2:d9:e9:75:42:cb:
         ce:2a:74:5d:98:5e:43:dc:66:99:18:08:f1:cc:dc:69:dc:91:
         48:db:c1:fb:db:fc:ae:f6:b5:75:db:91:4f:b4:3f:cd:97:9f:
         fb:c1:7a:2a:11:d8:19:ad:6a:9d:e5:4a:2b:6e:a8:b5:47:24:
         7e:df:21:c8:bf:ff:6f:ae:fa:d1:da:c9:45:af:8f:10:36:66:
         ec:9c:f5:71:82:7e:8c:1f:4a:c7:a4:f5:0c:04:c5:98:1f:59:
         10:5b:01:12:4e:0a:13:8b:bb:40:57:dd:7a:d5:03:b7:a5:ed:
         7a:ce:72:5f:99:2b:60:8c:be:ec:47:6b:12:42:03:52:72:ec:
         30:21:75:e4:96:0d:44:df:fa:eb:d4:24:72:6f:72:18:ff:97:
         6e:22:a3:0e:73:a7:5b:30:52:ac:24:7d:c6:4d:65:92:91:5d:
         69:38:78:96:9f:84:3a:d5:56:6a:77:56:e8:ee:6c:d5:a4:a3:
         c4:a1:72:43
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYhyYX6lqSown6xeJG9wMhGaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMmY2NGY3ZjY5N2FhOWI2ZTk5ODJjMGI3NmJiNzg0MjEz
Mzg3NmEwHhcNMjMwNTMxMTUxNjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDRmNDAyNDY3YWU5YTY1ZWNjY2IwMTVmZmZlY2JkNzNmMmNmOWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTGjpKV93v8xAHudeglIzXBcpw2m
Z1d3+B1ujlFeCSttW/fFmfOYSs53nZVigyEkp0jtFFRDYiWUT+hsN92u75kpItdc
1LGFfdA6uSMeT6akmja6NPJ0fI4k6elt9ofHHinL6qwp7lMB88YV8fK6qKuAeuKJ
uTVC4wq0+BNypbtH8WxM2fEqdfxmqyaiYNpr1vvJ3+xL4nlg94xxJ+p3iclizQC1
fDda0SRWN5TnjCgGmGO+NpEBn8z7ECMXN/CwfOJSRNQYlvGxx8rW1gvMG7iETqTS
j/xcA38rigY1yyHUcq25BbH/9Qwk1al2q9RogXhac3C9gmWhPRfZ60laswIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGBPQCRnrppl7MywFf/+y9c/LPnwMB8GA1UdIwQY
MBaAFOEvZPf2l6qbbpmCwLdrt4QhM4dqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFM5azlfYVhxcHR1bVlMQXQydTNoQ0V6aDJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9lN2QxYTktYWM3Ni00YTlmLWIxNzUt
NDdjMTBhNWNlNTM0LzEvWUU5QUpHZXVtbVhzekxBVl9fN0wxejhzLWZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9lN2QxYTktYWM3Ni00YTlmLWIxNzUtNDdjMTBhNWNlNTM0
LzEvNFM5azlfYVhxcHR1bVlMQXQydTNoQ0V6aDJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCqg
MA0GCSqGSIb3DQEBCwUAA4IBAQB6dux4aOFJCkEdf/2Cq9Uf5k4bnFz5FaC/42bl
ivmxk24kgcYvf/BODxIYIagTCex/Jh/pHlrK2pOKDqfvgFsTWwSi2el1QsvOKnRd
mF5D3GaZGAjxzNxp3JFI28H72/yu9rV125FPtD/Nl5/7wXoqEdgZrWqd5Uorbqi1
RyR+3yHIv/9vrvrR2slFr48QNmbsnPVxgn6MH0rHpPUMBMWYH1kQWwESTgoTi7tA
V9161QO3pe16znJfmStgjL7sR2sSQgNScuwwIXXklg1E3/rr1CRyb3IY/5duIqMO
c6dbMFKsJH3GTWWSkV1pOHiWn4Q61VZqd1bo7mzVpKPEoXJD
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:48 2024 by rpki-client on console-ams.rpki-client.org