Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/hLy7-chQfhRbCB1MJe4WWmnoCz4.roa
File:                     hLy7-chQfhRbCB1MJe4WWmnoCz4.roa (raw, json)
Hash identifier:          E8hGAlLkW04oVGWPsJVw8UuPZfZ+WxdR3SCOQwICwJ8=
Subject key identifier:   84:BC:BB:F9:C8:50:7E:14:5B:08:1D:4C:25:EE:16:5A:69:E8:0B:3E
Certificate issuer:       /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial:       018570E7534B9C828899DC1A5DC18A9E088A
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/hLy7-chQfhRbCB1MJe4WWmnoCz4.roa
Signing time:             Mon 02 Jan 2023 05:14:46 +0000
ROA not before:           Mon 02 Jan 2023 05:14:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47583
IP address blocks:        2a00:1eb8:c006::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:53:4b:9c:82:88:99:dc:1a:5d:c1:8a:9e:08:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
        Validity
            Not Before: Jan  2 05:14:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=84bcbbf9c8507e145b081d4c25ee165a69e80b3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:f7:85:12:c1:ea:f0:e9:24:b0:5c:d3:34:7c:
                    f6:a6:35:41:f7:eb:15:67:02:20:e4:3b:28:47:29:
                    6d:80:b7:f3:ae:37:2e:b5:15:5c:f6:83:ea:d7:93:
                    b7:a1:41:82:ca:f4:66:7c:80:49:e7:5b:34:59:a5:
                    18:8c:05:93:0b:5b:83:c2:7a:12:ab:6b:dd:84:c5:
                    dd:92:f9:e2:44:d8:ae:99:c9:d3:d0:75:73:1f:cf:
                    d6:89:5c:6e:a1:b7:ee:1f:c4:b6:7c:19:97:de:b0:
                    b0:c4:b0:72:38:42:7a:89:b2:b2:18:53:00:3c:42:
                    b3:c4:29:be:af:11:99:52:df:6a:65:2e:39:5c:f8:
                    23:3e:08:6e:0c:98:f1:ad:51:f5:b4:57:b0:36:95:
                    ca:7e:c1:89:3b:6e:cf:f8:ff:d8:54:24:81:2e:78:
                    f4:e2:7d:78:54:de:e9:47:c8:db:ff:80:f6:57:00:
                    9f:91:39:d5:14:ca:97:13:b6:e9:c3:53:c6:39:f9:
                    c6:d9:16:d1:a1:6f:44:de:e3:9f:15:24:65:06:b4:
                    f5:25:a5:12:4b:fd:9f:a6:50:2a:72:66:7a:fe:57:
                    ac:56:b6:cf:69:08:22:ae:45:f4:5f:02:1e:f3:ed:
                    7e:41:3a:f1:97:b2:58:6e:b0:4c:e2:90:95:af:08:
                    36:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:BC:BB:F9:C8:50:7E:14:5B:08:1D:4C:25:EE:16:5A:69:E8:0B:3E
            X509v3 Authority Key Identifier:
                keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/hLy7-chQfhRbCB1MJe4WWmnoCz4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:1eb8:c006::/48

    Signature Algorithm: sha256WithRSAEncryption
         2b:68:a7:29:39:8b:c5:a1:56:06:53:5e:27:ac:e4:6c:76:b1:
         85:e9:4a:a9:a2:24:37:ca:fd:dc:60:0b:b7:b7:a1:27:91:71:
         73:7d:ee:52:b3:7a:01:20:e6:a3:21:6f:9d:a0:31:00:56:64:
         2c:ae:ba:88:1e:39:fa:89:4b:21:3e:15:59:37:6f:37:05:71:
         23:a4:1b:a3:62:3e:fd:71:6e:92:3b:89:7f:aa:24:10:c4:d9:
         5f:56:82:26:45:4d:55:4e:e1:c0:61:da:8d:4f:70:00:ae:c7:
         76:65:d0:9b:3c:e7:57:ac:cc:6a:5c:8a:f7:f8:e8:75:4a:02:
         1b:f6:ba:13:13:f3:1a:1d:5d:61:98:93:df:2e:be:5b:08:f2:
         2c:cb:20:fb:c4:18:5c:fa:4b:58:a0:cb:50:74:80:de:b5:90:
         72:42:c8:0e:62:41:45:c7:24:a2:ff:2b:32:d9:e4:52:68:b9:
         18:2c:7e:4a:dc:1e:43:27:73:91:87:8e:fa:91:40:6f:5a:f6:
         d3:45:02:de:82:be:c8:52:57:c6:72:d6:37:2d:20:85:ea:c1:
         f5:28:0d:51:7f:49:0d:c3:1e:e9:16:41:3a:fb:bd:13:16:5f:
         73:00:52:af:4e:28:02:61:23:0a:62:50:2f:e1:fb:45:82:35:
         de:ce:df:41
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYVw51NLnIKImdwaXcGKngiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiOTg3MjQ0NjExYjUyMzA1MzY3NDRiNmE4OWYwNDRmMzJm
NDYyZWEwHhcNMjMwMTAyMDUxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGJjYmJmOWM4NTA3ZTE0NWIwODFkNGMyNWVlMTY1YTY5ZTgwYjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfeFEsHq8OkksFzTNHz2pjVB9+sV
ZwIg5DsoRyltgLfzrjcutRVc9oPq15O3oUGCyvRmfIBJ51s0WaUYjAWTC1uDwnoS
q2vdhMXdkvniRNiumcnT0HVzH8/WiVxuobfuH8S2fBmX3rCwxLByOEJ6ibKyGFMA
PEKzxCm+rxGZUt9qZS45XPgjPghuDJjxrVH1tFewNpXKfsGJO27P+P/YVCSBLnj0
4n14VN7pR8jb/4D2VwCfkTnVFMqXE7bpw1PGOfnG2RbRoW9E3uOfFSRlBrT1JaUS
S/2fplAqcmZ6/lesVrbPaQgirkX0XwIe8+1+QTrxl7JYbrBM4pCVrwg2WQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFIS8u/nIUH4UWwgdTCXuFlpp6As+MB8GA1UdIwQY
MBaAFPuYckRhG1IwU2dEtqifBE8y9GLqMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS01aHlSR0ViVWpCVFowUzJxSjhFVHpMMFl1by5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAw
LWJlNTgzMmQ1ZjdhYS8xL2hMeTctY2hRZmhSYkNCMU1KZTRXV21ub0N6NC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAwLWJlNTgzMmQ1Zjdh
YS8xLzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqAB64
wAYwDQYJKoZIhvcNAQELBQADggEBACtopyk5i8WhVgZTXies5Gx2sYXpSqmiJDfK
/dxgC7e3oSeRcXN97lKzegEg5qMhb52gMQBWZCyuuogeOfqJSyE+FVk3bzcFcSOk
G6NiPv1xbpI7iX+qJBDE2V9WgiZFTVVO4cBh2o1PcACux3Zl0Js851eszGpcivf4
6HVKAhv2uhMT8xodXWGYk98uvlsI8izLIPvEGFz6S1igy1B0gN61kHJCyA5iQUXH
JKL/KzLZ5FJouRgsfkrcHkMnc5GHjvqRQG9a9tNFAt6CvshSV8Zy1jctIIXqwfUo
DVF/SQ3DHukWQTr7vRMWX3MAUq9OKAJhIwpiUC/h+0WCNd7O30E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:42 2024 by rpki-client on console-ams.rpki-client.org