Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/5IajLXMKtcvydDlHgTb4frUifCc.roa
File:                     5IajLXMKtcvydDlHgTb4frUifCc.roa (raw, json)
Hash identifier:          HkD4S3Gh7XPnWQYdYE+V9z+z2I6V2FwpqFnQHuAvKiY=
Subject key identifier:   E4:86:A3:2D:73:0A:B5:CB:F2:74:39:47:81:36:F8:7E:B5:22:7C:27
Certificate issuer:       /CN=b2ccda1c5487cb938d57ea61cc2d62d31070db51
Certificate serial:       01857169AA0A54CB666FFF9E432AB7EAC994
Authority key identifier: B2:CC:DA:1C:54:87:CB:93:8D:57:EA:61:CC:2D:62:D3:10:70:DB:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sszaHFSHy5ONV-phzC1i0xBw21E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/5IajLXMKtcvydDlHgTb4frUifCc.roa
Signing time:             Mon 02 Jan 2023 07:37:08 +0000
ROA not before:           Mon 02 Jan 2023 07:37:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204186
IP address blocks:        2001:67c:a38::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:30:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:69:aa:0a:54:cb:66:6f:ff:9e:43:2a:b7:ea:c9:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2ccda1c5487cb938d57ea61cc2d62d31070db51
        Validity
            Not Before: Jan  2 07:37:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e486a32d730ab5cbf27439478136f87eb5227c27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:aa:72:5a:a1:dc:2b:7d:6b:bf:6f:6b:e5:4c:
                    de:1a:fe:b6:c1:c3:92:64:9d:db:dc:db:44:30:36:
                    ad:9c:8d:2d:19:26:21:3d:f6:1b:0e:cd:bb:32:5c:
                    e8:fa:8d:69:f1:f2:fa:fc:b2:41:ef:b3:fa:54:bc:
                    9e:f5:97:76:83:bf:30:25:6f:13:2a:48:4c:cc:ea:
                    ce:1a:24:c3:ce:7e:fd:3c:05:16:9c:bd:aa:67:07:
                    41:a5:77:bb:ec:c3:ee:88:d1:93:b5:74:41:95:24:
                    a0:a5:07:8f:b8:51:70:08:d4:eb:01:54:35:c0:a9:
                    a0:56:6c:6d:d3:38:eb:e2:68:22:9a:ed:21:e8:a4:
                    2f:62:32:69:e6:f7:6b:ef:b2:cb:b1:1b:aa:88:56:
                    0d:5f:f7:d8:b7:fe:b6:e2:ae:cc:63:c2:59:b5:64:
                    ff:c9:7f:49:14:c8:9a:1d:c6:34:6c:b1:24:71:d1:
                    fd:14:db:53:f5:91:06:9d:0f:12:ac:7b:51:e6:00:
                    e0:0e:af:cd:90:17:00:a4:b1:23:22:72:0d:27:b5:
                    d3:89:0b:a9:79:05:20:f4:0a:97:2d:72:4e:45:ef:
                    a7:d8:ab:31:0f:cd:db:2c:43:05:94:c0:73:81:aa:
                    ad:3c:29:c4:0e:21:9f:f0:1a:ae:cb:26:60:c8:ec:
                    a5:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:86:A3:2D:73:0A:B5:CB:F2:74:39:47:81:36:F8:7E:B5:22:7C:27
            X509v3 Authority Key Identifier:
                keyid:B2:CC:DA:1C:54:87:CB:93:8D:57:EA:61:CC:2D:62:D3:10:70:DB:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sszaHFSHy5ONV-phzC1i0xBw21E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/5IajLXMKtcvydDlHgTb4frUifCc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/sszaHFSHy5ONV-phzC1i0xBw21E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:a38::/48

    Signature Algorithm: sha256WithRSAEncryption
         88:c3:1b:32:e0:16:32:b8:fa:ca:3d:59:6f:ec:5c:b6:d6:44:
         05:0b:31:0f:84:88:30:94:e3:66:e2:0b:38:13:71:4e:11:b3:
         6f:1a:86:90:47:31:53:30:01:33:ac:11:4c:02:c0:21:26:a7:
         6e:9b:4d:de:3e:52:a3:76:01:60:bd:7a:d1:53:3f:80:d5:94:
         55:07:8f:bb:65:77:7e:3b:e0:51:42:b8:ce:b4:fc:7b:3f:6e:
         cc:a2:cd:56:20:ec:12:c7:a1:c9:bc:f6:86:c2:3d:eb:6f:3a:
         c1:ff:ec:50:dd:48:e6:04:3c:1e:f6:32:3b:e7:59:61:72:45:
         61:f7:58:93:6b:bc:96:27:3e:de:9c:50:6e:eb:e6:06:5d:5f:
         c1:48:b2:ed:94:fe:48:34:be:aa:fa:5c:3d:0b:8d:66:77:29:
         5d:41:de:f4:ea:7c:7b:12:17:ce:b9:8c:67:8b:b1:16:5c:54:
         97:6e:1a:e4:d6:e4:ab:53:38:38:71:81:4a:a6:cf:0f:fd:09:
         d7:6d:ee:08:9c:15:4c:e0:0d:21:19:28:e2:0a:d0:17:79:8c:
         60:64:00:9e:99:9f:a8:7a:18:0c:ed:7d:3a:18:9b:c0:3d:7a:
         dc:5c:7b:41:94:e4:db:6f:2b:fc:bb:91:00:93:b9:c2:54:d4:
         eb:44:0e:26
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxaaoKVMtmb/+eQyq36smUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyY2NkYTFjNTQ4N2NiOTM4ZDU3ZWE2MWNjMmQ2MmQzMTA3
MGRiNTEwHhcNMjMwMTAyMDczNzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDg2YTMyZDczMGFiNWNiZjI3NDM5NDc4MTM2Zjg3ZWI1MjI3YzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA46pyWqHcK31rv29r5UzeGv62wcOS
ZJ3b3NtEMDatnI0tGSYhPfYbDs27Mlzo+o1p8fL6/LJB77P6VLye9Zd2g78wJW8T
KkhMzOrOGiTDzn79PAUWnL2qZwdBpXe77MPuiNGTtXRBlSSgpQePuFFwCNTrAVQ1
wKmgVmxt0zjr4mgimu0h6KQvYjJp5vdr77LLsRuqiFYNX/fYt/624q7MY8JZtWT/
yX9JFMiaHcY0bLEkcdH9FNtT9ZEGnQ8SrHtR5gDgDq/NkBcApLEjInINJ7XTiQup
eQUg9AqXLXJORe+n2KsxD83bLEMFlMBzgaqtPCnEDiGf8BquyyZgyOylYQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOSGoy1zCrXL8nQ5R4E2+H61InwnMB8GA1UdIwQY
MBaAFLLM2hxUh8uTjVfqYcwtYtMQcNtRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3N6YUhGU0h5NU9OVi1waHpDMWkweEJ3MjFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9lNmI3N2YtNDBlNi00YzkzLWFjMzIt
M2RiOTYxNzAzZWE5LzEvNUlhakxYTUt0Y3Z5ZERsSGdUYjRmclVpZkNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9lNmI3N2YtNDBlNi00YzkzLWFjMzItM2RiOTYxNzAzZWE5
LzEvc3N6YUhGU0h5NU9OVi1waHpDMWkweEJ3MjFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAo4
MA0GCSqGSIb3DQEBCwUAA4IBAQCIwxsy4BYyuPrKPVlv7Fy21kQFCzEPhIgwlONm
4gs4E3FOEbNvGoaQRzFTMAEzrBFMAsAhJqdum03ePlKjdgFgvXrRUz+A1ZRVB4+7
ZXd+O+BRQrjOtPx7P27Mos1WIOwSx6HJvPaGwj3rbzrB/+xQ3UjmBDwe9jI751lh
ckVh91iTa7yWJz7enFBu6+YGXV/BSLLtlP5INL6q+lw9C41mdyldQd706nx7EhfO
uYxni7EWXFSXbhrk1uSrUzg4cYFKps8P/QnXbe4InBVM4A0hGSjiCtAXeYxgZACe
mZ+oehgM7X06GJvAPXrcXHtBlOTbbyv8u5EAk7nCVNTrRA4m
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:58 2024 by rpki-client on console-ams.rpki-client.org