Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/de9d72-fcd4-4c7c-89ca-de4ba786f872/1/Zkp8auE52OIIdBYxS2iFXnToozQ.roa
File:                     Zkp8auE52OIIdBYxS2iFXnToozQ.roa (raw, json)
Hash identifier:          j0EhtKoUgJxHV/mxfodJHr5I9g/oeAptdAQbdQrvR7Q=
Subject key identifier:   66:4A:7C:6A:E1:39:D8:E2:08:74:16:31:4B:68:85:5E:74:E8:A3:34
Certificate issuer:       /CN=de5e6c2330911bc1dc8c83d411ef6b1208b3bbd6
Certificate serial:       018CED3FD2EA10F2C5DDF8B2E04DDA050E53
Authority key identifier: DE:5E:6C:23:30:91:1B:C1:DC:8C:83:D4:11:EF:6B:12:08:B3:BB:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3l5sIzCRG8HcjIPUEe9rEgizu9Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/de9d72-fcd4-4c7c-89ca-de4ba786f872/1/Zkp8auE52OIIdBYxS2iFXnToozQ.roa
Signing time:             Tue 09 Jan 2024 08:03:52 +0000
ROA not before:           Tue 09 Jan 2024 08:03:52 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215756
IP address blocks:        2001:678:8cc::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sat 20 Jan 2024 15:27:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ed:3f:d2:ea:10:f2:c5:dd:f8:b2:e0:4d:da:05:0e:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de5e6c2330911bc1dc8c83d411ef6b1208b3bbd6
        Validity
            Not Before: Jan  9 08:03:52 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=664a7c6ae139d8e2087416314b68855e74e8a334
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:56:99:4f:36:b8:b0:68:ce:36:cf:80:f9:ae:
                    67:16:96:7f:cb:b6:6a:58:e2:43:09:bd:a6:0e:8d:
                    c8:e8:02:aa:7d:ad:44:a5:e4:87:1c:7c:96:18:4e:
                    b3:a8:fa:7c:30:e6:6d:8c:42:20:57:34:3e:7b:19:
                    13:83:fe:0e:bf:10:6a:20:87:08:aa:0a:14:7a:7a:
                    36:e1:08:7c:01:16:0b:8f:e4:68:8f:63:30:ea:63:
                    06:fb:be:b3:60:81:ae:5e:6d:a3:c5:29:8f:f4:82:
                    c2:9a:13:52:92:36:08:e1:20:c7:af:b7:17:12:47:
                    43:e1:89:30:04:ca:fb:8b:74:7f:a9:28:dc:2e:c4:
                    ba:6a:aa:1e:03:66:38:ac:fa:35:39:bb:48:84:39:
                    b1:e7:18:62:3c:10:96:95:00:a5:f9:00:cf:b2:e4:
                    b6:3b:65:25:a4:d2:f2:24:4c:d2:d4:47:cf:e7:7d:
                    a4:77:a8:a0:29:95:47:a5:a1:9b:56:d2:43:0b:e6:
                    27:08:59:32:44:37:b6:86:0a:56:6c:38:e7:4b:fd:
                    cf:2d:26:e4:7e:f8:8d:08:08:9a:5e:46:d8:b9:a8:
                    8c:38:fe:73:c4:ac:34:f7:7d:b3:b1:94:56:de:72:
                    d7:16:10:a0:99:dc:d8:4d:31:23:81:32:46:48:e6:
                    7f:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:4A:7C:6A:E1:39:D8:E2:08:74:16:31:4B:68:85:5E:74:E8:A3:34
            X509v3 Authority Key Identifier:
                keyid:DE:5E:6C:23:30:91:1B:C1:DC:8C:83:D4:11:EF:6B:12:08:B3:BB:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3l5sIzCRG8HcjIPUEe9rEgizu9Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/de9d72-fcd4-4c7c-89ca-de4ba786f872/1/Zkp8auE52OIIdBYxS2iFXnToozQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/de9d72-fcd4-4c7c-89ca-de4ba786f872/1/3l5sIzCRG8HcjIPUEe9rEgizu9Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:8cc::/48

    Signature Algorithm: sha256WithRSAEncryption
         b5:5e:0f:02:67:9e:ad:e4:39:03:1b:55:e6:b9:f5:c7:75:0b:
         d5:93:88:c2:63:06:02:9b:54:db:c2:02:e8:ec:6e:1d:91:a2:
         a9:d5:b4:7d:82:a3:01:cd:07:a9:b3:f5:67:ec:73:06:72:4a:
         c0:6c:77:23:e4:ed:f2:54:ee:b8:a6:14:23:8a:94:08:7d:b1:
         2e:c8:ea:88:08:ad:b5:56:34:87:22:96:d2:2b:58:a8:4b:c3:
         d3:fb:c5:e7:86:1d:cc:26:fa:67:e1:ad:f7:97:5e:37:28:8f:
         37:8a:92:c0:4e:72:34:5c:cf:59:71:24:48:7e:08:55:49:de:
         a5:ef:ae:29:d8:c8:bc:94:a4:c5:73:81:df:3e:ac:0f:22:03:
         f1:e7:2a:3e:e3:d0:ef:3c:bb:7d:db:dd:93:aa:1e:8c:e7:ae:
         f2:92:8e:32:88:80:ec:fb:27:c4:20:b1:a2:9e:cf:54:5e:f2:
         8c:c5:e3:c0:f3:69:b5:74:cb:8d:55:2f:b9:f8:a6:19:36:25:
         61:eb:37:74:18:e2:36:96:0e:2b:26:0b:2a:06:4a:0c:d6:6e:
         f4:59:45:85:b0:98:b9:01:fd:bd:a9:0b:e6:e6:49:c4:a2:d3:
         c3:52:06:56:0e:fd:d2:c3:e0:b0:f9:1c:a0:50:8e:3e:d2:74:
         cf:2e:56:26
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYztP9LqEPLF3fiy4E3aBQ5TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNWU2YzIzMzA5MTFiYzFkYzhjODNkNDExZWY2YjEyMDhi
M2JiZDYwHhcNMjQwMTA5MDgwMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjRhN2M2YWUxMzlkOGUyMDg3NDE2MzE0YjY4ODU1ZTc0ZThhMzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3VaZTza4sGjONs+A+a5nFpZ/y7Zq
WOJDCb2mDo3I6AKqfa1EpeSHHHyWGE6zqPp8MOZtjEIgVzQ+exkTg/4OvxBqIIcI
qgoUeno24Qh8ARYLj+Roj2Mw6mMG+76zYIGuXm2jxSmP9ILCmhNSkjYI4SDHr7cX
EkdD4YkwBMr7i3R/qSjcLsS6aqoeA2Y4rPo1ObtIhDmx5xhiPBCWlQCl+QDPsuS2
O2UlpNLyJEzS1EfP532kd6igKZVHpaGbVtJDC+YnCFkyRDe2hgpWbDjnS/3PLSbk
fviNCAiaXkbYuaiMOP5zxKw0932zsZRW3nLXFhCgmdzYTTEjgTJGSOZ/hQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGZKfGrhOdjiCHQWMUtohV506KM0MB8GA1UdIwQY
MBaAFN5ebCMwkRvB3IyD1BHvaxIIs7vWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2w1c0l6Q1JHOEhjaklQVUVlOXJFZ2l6dTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kZTlkNzItZmNkNC00YzdjLTg5Y2Et
ZGU0YmE3ODZmODcyLzEvWmtwOGF1RTUyT0lJZEJZeFMyaUZYblRvb3pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kZTlkNzItZmNkNC00YzdjLTg5Y2EtZGU0YmE3ODZmODcy
LzEvM2w1c0l6Q1JHOEhjaklQVUVlOXJFZ2l6dTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAjM
MA0GCSqGSIb3DQEBCwUAA4IBAQC1Xg8CZ56t5DkDG1XmufXHdQvVk4jCYwYCm1Tb
wgLo7G4dkaKp1bR9gqMBzQeps/Vn7HMGckrAbHcj5O3yVO64phQjipQIfbEuyOqI
CK21VjSHIpbSK1ioS8PT+8Xnhh3MJvpn4a33l143KI83ipLATnI0XM9ZcSRIfghV
Sd6l764p2Mi8lKTFc4HfPqwPIgPx5yo+49DvPLt9292Tqh6M567yko4yiIDs+yfE
ILGins9UXvKMxePA82m1dMuNVS+5+KYZNiVh6zd0GOI2lg4rJgsqBkoM1m70WUWF
sJi5Af29qQvm5knEotPDUgZWDv3Sw+Cw+RygUI4+0nTPLlYm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:38 2024 by rpki-client on console-fra.rpki-client.org