Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/t2L_h1PMTSCirmhj8RruZlzbp-U.roa
File:                     t2L_h1PMTSCirmhj8RruZlzbp-U.roa (raw, json)
Hash identifier:          UiJ8FvjnbWXincUN4e9nHS/hMtQveDOMQ54DzZkDKAs=
Subject key identifier:   B7:62:FF:87:53:CC:4D:20:A2:AE:68:63:F1:1A:EE:66:5C:DB:A7:E5
Certificate issuer:       /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial:       01857355D743E2D2F28DF5E27B462065E754
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/t2L_h1PMTSCirmhj8RruZlzbp-U.roa
Signing time:             Mon 02 Jan 2023 16:34:43 +0000
ROA not before:           Mon 02 Jan 2023 16:34:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16260
IP address blocks:        2001:668:1fc::/46 maxlen: 46

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:55:d7:43:e2:d2:f2:8d:f5:e2:7b:46:20:65:e7:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
        Validity
            Not Before: Jan  2 16:34:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b762ff8753cc4d20a2ae6863f11aee665cdba7e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:ed:de:03:86:4e:cf:0b:b2:50:eb:ec:5d:ac:
                    8f:4a:59:52:9c:78:f0:db:84:83:ad:cf:c1:47:b2:
                    ba:0b:5d:64:be:17:dc:c4:76:ac:45:2c:76:2b:77:
                    23:0c:a8:a4:8a:4a:43:35:e3:0d:1b:ec:a2:40:b2:
                    a3:ce:ea:0e:70:da:5e:39:80:52:fd:95:a9:54:4b:
                    f7:76:d0:6e:da:d4:e9:18:f4:68:45:f0:8e:c4:b4:
                    38:10:24:ca:00:54:43:6d:eb:03:16:ea:80:2f:77:
                    ec:cb:5e:76:38:7b:64:8a:b8:e7:06:e8:47:46:c1:
                    b3:3a:21:24:ea:fa:40:27:a3:bb:47:a3:b4:7e:00:
                    0e:a6:2b:b7:0f:47:5d:63:ed:e3:f2:24:57:97:5e:
                    24:d5:43:6d:d5:9c:7a:7a:f3:49:47:fe:b8:e2:34:
                    c4:e8:78:9f:0c:1f:78:04:81:84:91:2f:73:90:29:
                    21:13:70:cd:e8:0d:ea:37:63:f4:71:a3:e8:83:91:
                    a6:06:a3:93:43:63:ae:ba:e8:f7:3f:02:40:10:1a:
                    c0:a0:f1:fa:03:4c:48:2c:5c:37:3a:90:cf:7e:6c:
                    4e:ec:b9:47:ab:b2:72:83:f9:45:e4:ce:be:5a:cd:
                    ce:a3:f9:3a:f6:da:d4:3a:2e:c1:73:96:52:fd:01:
                    b4:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:62:FF:87:53:CC:4D:20:A2:AE:68:63:F1:1A:EE:66:5C:DB:A7:E5
            X509v3 Authority Key Identifier:
                keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/t2L_h1PMTSCirmhj8RruZlzbp-U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:668:1fc::/46

    Signature Algorithm: sha256WithRSAEncryption
         1c:74:a6:cd:48:94:8c:4e:0a:f1:1e:f5:31:b1:bc:82:43:32:
         c9:dd:83:47:86:a0:ff:02:b6:cf:64:19:6a:1c:12:3a:d5:88:
         34:be:f3:4c:72:a0:9f:5d:10:73:47:60:d4:f7:18:62:47:36:
         72:fc:0f:19:72:9e:ed:e6:08:71:1c:77:1d:c3:e7:4f:2f:fd:
         6f:b3:44:f1:d7:04:aa:47:3d:c8:c5:5a:8e:3a:9a:29:2c:7a:
         d6:5b:fb:84:00:1b:39:71:c7:62:01:5e:66:ff:b2:72:14:34:
         38:56:69:29:b7:7c:a0:75:b4:f2:23:cd:93:50:38:23:98:aa:
         ef:e4:94:ef:3c:27:8f:d9:8b:24:91:b3:97:13:c8:d5:9d:a2:
         44:82:3a:84:45:bb:f8:22:bf:67:10:24:c3:38:5c:b5:04:4b:
         e1:d2:10:2f:a9:53:6d:4a:6e:18:a2:f4:f6:61:48:3e:3b:b1:
         e2:61:c0:57:8f:5f:bf:0d:a6:b1:5d:13:7e:15:81:89:0c:06:
         76:9f:86:ec:23:2b:13:9b:dc:d2:d2:71:8f:18:65:e2:b3:c9:
         2e:d6:78:aa:62:99:5a:1b:06:a9:02:1e:ce:15:fe:a3:3b:f8:
         22:36:8a:0a:ee:a3:80:27:b6:55:35:4f:05:81:62:2c:08:06:
         14:27:cd:56
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzVddD4tLyjfXie0YgZedUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjMwMTAyMTYzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzYyZmY4NzUzY2M0ZDIwYTJhZTY4NjNmMTFhZWU2NjVjZGJhN2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1O3eA4ZOzwuyUOvsXayPSllSnHjw
24SDrc/BR7K6C11kvhfcxHasRSx2K3cjDKikikpDNeMNG+yiQLKjzuoOcNpeOYBS
/ZWpVEv3dtBu2tTpGPRoRfCOxLQ4ECTKAFRDbesDFuqAL3fsy152OHtkirjnBuhH
RsGzOiEk6vpAJ6O7R6O0fgAOpiu3D0ddY+3j8iRXl14k1UNt1Zx6evNJR/644jTE
6HifDB94BIGEkS9zkCkhE3DN6A3qN2P0caPog5GmBqOTQ2Ouuuj3PwJAEBrAoPH6
A0xILFw3OpDPfmxO7LlHq7Jyg/lF5M6+Ws3Oo/k69trUOi7Bc5ZS/QG0RwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLdi/4dTzE0goq5oY/Ea7mZc26flMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvdDJMX2gxUE1UU0Npcm1oajhScnVabHpicC1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCIAEGaAH8
MA0GCSqGSIb3DQEBCwUAA4IBAQAcdKbNSJSMTgrxHvUxsbyCQzLJ3YNHhqD/ArbP
ZBlqHBI61Yg0vvNMcqCfXRBzR2DU9xhiRzZy/A8Zcp7t5ghxHHcdw+dPL/1vs0Tx
1wSqRz3IxVqOOpopLHrWW/uEABs5ccdiAV5m/7JyFDQ4Vmkpt3ygdbTyI82TUDgj
mKrv5JTvPCeP2YskkbOXE8jVnaJEgjqERbv4Ir9nECTDOFy1BEvh0hAvqVNtSm4Y
ovT2YUg+O7HiYcBXj1+/DaaxXRN+FYGJDAZ2n4bsIysTm9zS0nGPGGXis8ku1niq
YplaGwapAh7OFf6jO/giNooK7qOAJ7ZVNU8FgWIsCAYUJ81W
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:34 2024 by rpki-client on console-ams.rpki-client.org