Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/4bfdc5-08e5-49bc-8b23-4f6c351ca35a/1/dYucEo3mXz1WudXIgLc-iqK-VU4.roa
File:                     dYucEo3mXz1WudXIgLc-iqK-VU4.roa (raw, json)
Hash identifier:          GkyyuFeRpiMirDLovtKWvu0i1/gIiTFbj2Bgo4Dg72Y=
Subject key identifier:   75:8B:9C:12:8D:E6:5F:3D:56:B9:D5:C8:80:B7:3E:8A:A2:BE:55:4E
Certificate issuer:       /CN=7660143814c34d292c75abcdb45f81819534edc1
Certificate serial:       01856D6F7CC4EB8312ED78BDDA11A0AF5903
Authority key identifier: 76:60:14:38:14:C3:4D:29:2C:75:AB:CD:B4:5F:81:81:95:34:ED:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dmAUOBTDTSksdavNtF-BgZU07cE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/4bfdc5-08e5-49bc-8b23-4f6c351ca35a/1/dYucEo3mXz1WudXIgLc-iqK-VU4.roa
Signing time:             Sun 01 Jan 2023 13:05:01 +0000
ROA not before:           Sun 01 Jan 2023 13:05:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29478
IP address blocks:        2001:67c:14c8::/47 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:6f:7c:c4:eb:83:12:ed:78:bd:da:11:a0:af:59:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7660143814c34d292c75abcdb45f81819534edc1
        Validity
            Not Before: Jan  1 13:05:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=758b9c128de65f3d56b9d5c880b73e8aa2be554e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:b7:63:33:25:31:77:dd:bc:79:79:89:2e:db:
                    bf:9f:21:e4:1f:82:a8:36:92:e0:91:e3:5e:f7:22:
                    d2:70:40:65:67:f3:33:a6:f2:32:0d:86:ce:b8:7f:
                    c0:fa:0e:36:b7:61:f0:45:58:36:df:18:20:cb:87:
                    2d:54:07:ca:e8:ee:26:4a:b5:df:9a:d4:22:d7:22:
                    21:73:be:86:37:fb:d1:04:d5:8e:2e:bb:a6:37:79:
                    5a:6f:df:c0:73:a6:24:82:a4:45:c9:b3:65:93:fa:
                    72:1b:ec:94:08:fd:42:fe:0d:68:94:56:2b:85:43:
                    5b:b4:ee:1d:e2:73:ad:cd:0f:16:38:1a:d0:e0:0b:
                    d3:44:73:42:8a:37:72:5a:82:3f:72:4c:0d:1b:43:
                    7e:c4:0b:4e:3e:21:be:be:5f:06:88:3c:c4:4b:2a:
                    16:35:4b:0e:08:c5:7a:6a:36:26:f3:a0:85:e6:db:
                    d9:81:8e:a9:aa:c5:b3:e1:cd:29:fb:f4:11:b1:e9:
                    fc:96:bc:21:c6:ea:3c:9c:4b:96:01:d1:cd:5f:07:
                    65:4e:a4:c7:bf:c1:34:87:0b:8d:ad:aa:ac:7a:9e:
                    e7:af:8d:17:ae:26:9c:0d:1a:b5:d4:bb:7a:8b:84:
                    7a:f7:3c:59:ef:83:6e:85:2e:8d:7c:a1:a6:a4:cf:
                    75:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:8B:9C:12:8D:E6:5F:3D:56:B9:D5:C8:80:B7:3E:8A:A2:BE:55:4E
            X509v3 Authority Key Identifier:
                keyid:76:60:14:38:14:C3:4D:29:2C:75:AB:CD:B4:5F:81:81:95:34:ED:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmAUOBTDTSksdavNtF-BgZU07cE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/4bfdc5-08e5-49bc-8b23-4f6c351ca35a/1/dYucEo3mXz1WudXIgLc-iqK-VU4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/4bfdc5-08e5-49bc-8b23-4f6c351ca35a/1/dmAUOBTDTSksdavNtF-BgZU07cE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:14c8::/47

    Signature Algorithm: sha256WithRSAEncryption
         81:14:dc:aa:97:d4:f6:e9:75:cf:b1:ea:3c:51:69:58:ef:82:
         9d:ed:ee:82:61:0a:56:57:07:6b:1e:8c:82:f0:31:66:36:5b:
         5b:18:3e:c6:7d:2c:f9:37:bf:6d:80:82:4a:4d:39:e1:43:ac:
         01:80:ad:db:26:3b:80:38:28:f1:46:f4:16:18:cf:d1:ef:87:
         7a:30:4d:c6:63:77:ce:93:bb:50:4b:f6:e1:04:65:d2:cf:e0:
         8b:65:49:4c:21:67:ac:60:3d:70:c6:68:80:bf:c3:11:39:cb:
         fe:97:84:3f:bd:2f:52:14:88:aa:2a:2f:fb:df:06:f4:cf:0d:
         45:1e:83:d0:c0:c7:9a:d3:84:01:82:7a:49:73:2f:cd:b5:71:
         f2:ed:ed:f5:2e:6e:06:5d:bb:20:70:1c:40:76:9a:5b:0d:75:
         81:9c:f5:19:02:b7:ae:5a:72:2d:ab:36:7a:98:bf:59:71:00:
         9e:bd:0f:03:26:60:71:f8:d0:5f:eb:b1:25:95:e0:d3:e2:b7:
         6d:50:9d:7f:b5:d3:0d:46:07:82:09:d4:63:dd:7f:28:18:07:
         d3:e0:6f:d6:4e:ef:e5:bf:59:c3:73:77:71:83:00:15:dc:62:
         07:1f:7e:77:09:c4:6d:5d:49:05:c8:3b:da:f1:5c:e2:0b:04:
         54:ad:63:5e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtb3zE64MS7Xi92hGgr1kDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjAxNDM4MTRjMzRkMjkyYzc1YWJjZGI0NWY4MTgxOTUz
NGVkYzEwHhcNMjMwMTAxMTMwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NThiOWMxMjhkZTY1ZjNkNTZiOWQ1Yzg4MGI3M2U4YWEyYmU1NTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7djMyUxd928eXmJLtu/nyHkH4Ko
NpLgkeNe9yLScEBlZ/MzpvIyDYbOuH/A+g42t2HwRVg23xggy4ctVAfK6O4mSrXf
mtQi1yIhc76GN/vRBNWOLrumN3lab9/Ac6YkgqRFybNlk/pyG+yUCP1C/g1olFYr
hUNbtO4d4nOtzQ8WOBrQ4AvTRHNCijdyWoI/ckwNG0N+xAtOPiG+vl8GiDzESyoW
NUsOCMV6ajYm86CF5tvZgY6pqsWz4c0p+/QRsen8lrwhxuo8nEuWAdHNXwdlTqTH
v8E0hwuNraqsep7nr40XriacDRq11Lt6i4R69zxZ74NuhS6NfKGmpM91gQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHWLnBKN5l89VrnVyIC3PoqivlVOMB8GA1UdIwQY
MBaAFHZgFDgUw00pLHWrzbRfgYGVNO3BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1BVU9CVERUU2tzZGF2TnRGLUJnWlUwN2NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC80YmZkYzUtMDhlNS00OWJjLThiMjMt
NGY2YzM1MWNhMzVhLzEvZFl1Y0VvM21YejFXdWRYSWdMYy1pcUstVlU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC80YmZkYzUtMDhlNS00OWJjLThiMjMtNGY2YzM1MWNhMzVh
LzEvZG1BVU9CVERUU2tzZGF2TnRGLUJnWlUwN2NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBIAEGfBTI
MA0GCSqGSIb3DQEBCwUAA4IBAQCBFNyql9T26XXPseo8UWlY74Kd7e6CYQpWVwdr
HoyC8DFmNltbGD7GfSz5N79tgIJKTTnhQ6wBgK3bJjuAOCjxRvQWGM/R74d6ME3G
Y3fOk7tQS/bhBGXSz+CLZUlMIWesYD1wxmiAv8MROcv+l4Q/vS9SFIiqKi/73wb0
zw1FHoPQwMea04QBgnpJcy/NtXHy7e31Lm4GXbsgcBxAdppbDXWBnPUZAreuWnIt
qzZ6mL9ZcQCevQ8DJmBx+NBf67ElleDT4rdtUJ1/tdMNRgeCCdRj3X8oGAfT4G/W
Tu/lv1nDc3dxgwAV3GIHH353CcRtXUkFyDva8VziCwRUrWNe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:01 2024 by rpki-client on console-ams.rpki-client.org