Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/8y9Qe75it_AMoRPtO3MUJaaAfl0.roa
File:                     8y9Qe75it_AMoRPtO3MUJaaAfl0.roa (raw, json)
Hash identifier:          chaoSJCtfphehpVlZoGfZTD479Ebreyfj4STaUi4iZ0=
Subject key identifier:   F3:2F:50:7B:BE:62:B7:F0:0C:A1:13:ED:3B:73:14:25:A6:80:7E:5D
Certificate issuer:       /CN=27df042824273fcff3f093d0f9b1dec6960bae6a
Certificate serial:       018571D7B9799646199FCF44645BC5B60FCC
Authority key identifier: 27:DF:04:28:24:27:3F:CF:F3:F0:93:D0:F9:B1:DE:C6:96:0B:AE:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J98EKCQnP8_z8JPQ-bHexpYLrmo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/8y9Qe75it_AMoRPtO3MUJaaAfl0.roa
Signing time:             Mon 02 Jan 2023 09:37:21 +0000
ROA not before:           Mon 02 Jan 2023 09:37:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     65533
IP address blocks:        2001:718:ffff::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:d7:b9:79:96:46:19:9f:cf:44:64:5b:c5:b6:0f:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27df042824273fcff3f093d0f9b1dec6960bae6a
        Validity
            Not Before: Jan  2 09:37:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f32f507bbe62b7f00ca113ed3b731425a6807e5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:1e:74:66:91:84:9a:b3:92:56:ca:13:b1:39:
                    2e:01:02:85:3e:86:6e:04:38:46:1d:a9:64:f7:1b:
                    43:ed:5f:b4:4a:00:91:73:f1:3d:0b:7a:65:08:02:
                    00:1d:29:71:6b:44:d7:5c:61:f0:f5:9f:0f:3f:ac:
                    65:36:b0:8b:0a:c7:87:db:54:21:53:af:66:f6:02:
                    3e:a5:c3:44:98:d4:71:d1:9c:df:ad:c6:f2:51:b5:
                    77:16:f4:8b:da:14:55:14:ae:ef:84:2d:54:cd:d1:
                    5e:1a:98:9d:50:1f:49:9b:02:a5:6e:e8:3a:06:0d:
                    f0:15:c3:94:ff:0d:c5:a4:c5:06:c8:41:f7:d8:4a:
                    60:78:c1:46:4c:5b:96:e5:91:a0:bc:15:d6:7f:70:
                    6e:b4:a2:12:2a:c1:96:da:f6:38:c9:ec:14:2e:8f:
                    e6:c0:06:1b:ab:14:b2:19:6c:6e:0a:30:9c:40:82:
                    3a:a0:e9:d9:69:41:5f:ce:28:52:c7:97:db:9e:20:
                    50:65:6d:03:96:b5:02:ea:90:dd:84:03:67:ac:cf:
                    eb:52:c5:d4:96:10:42:a8:0c:0f:fe:a5:06:3a:ca:
                    77:1f:3c:da:9f:6c:39:a9:52:ab:af:8d:7e:5a:78:
                    70:c2:24:b7:67:48:63:7e:6a:57:47:cd:74:6b:b4:
                    92:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:2F:50:7B:BE:62:B7:F0:0C:A1:13:ED:3B:73:14:25:A6:80:7E:5D
            X509v3 Authority Key Identifier:
                keyid:27:DF:04:28:24:27:3F:CF:F3:F0:93:D0:F9:B1:DE:C6:96:0B:AE:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J98EKCQnP8_z8JPQ-bHexpYLrmo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/8y9Qe75it_AMoRPtO3MUJaaAfl0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/J98EKCQnP8_z8JPQ-bHexpYLrmo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:718:ffff::/48

    Signature Algorithm: sha256WithRSAEncryption
         c3:25:39:47:30:ab:e4:d9:a7:48:46:b8:87:52:d4:34:24:6a:
         fe:0b:b9:8c:b2:30:5e:0f:89:9a:04:79:0a:17:01:13:2f:26:
         ce:ed:b5:95:a0:b1:3d:ed:05:50:41:65:64:12:40:34:dc:e0:
         1a:de:0a:fc:25:88:89:ab:96:bc:88:c4:eb:e4:3c:ea:e3:c9:
         88:db:09:55:92:13:36:a9:0b:9e:cc:c6:8c:1c:60:41:41:96:
         49:94:26:b2:3e:77:22:88:57:ec:21:0f:33:b5:3b:fe:1a:af:
         b4:d7:f4:30:92:c4:c3:9b:10:df:2b:83:2a:6c:6e:2f:80:ac:
         b7:47:0b:d4:6f:55:3e:ec:2c:32:38:17:47:5a:c7:00:09:d5:
         ff:41:f5:68:38:db:cd:b6:8b:3e:e3:67:1b:e1:04:6a:4b:66:
         b7:07:7d:70:fa:3b:32:2b:cf:4a:38:8f:4f:2f:39:40:77:a1:
         79:26:cc:30:f8:c5:ca:20:2e:57:8d:64:21:88:1b:c3:f4:aa:
         54:49:b1:f9:81:a2:18:3c:46:8a:46:62:4e:a2:85:8b:09:52:
         cc:fb:1b:6b:ae:73:10:2a:ba:f1:c2:e8:59:b2:3b:48:44:23:
         aa:24:8e:29:3c:3a:9b:ce:19:cd:d0:d2:b7:c9:58:4e:9e:e6:
         49:af:ab:86
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVx17l5lkYZn89EZFvFtg/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZGYwNDI4MjQyNzNmY2ZmM2YwOTNkMGY5YjFkZWM2OTYw
YmFlNmEwHhcNMjMwMTAyMDkzNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzJmNTA3YmJlNjJiN2YwMGNhMTEzZWQzYjczMTQyNWE2ODA3ZTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgR50ZpGEmrOSVsoTsTkuAQKFPoZu
BDhGHalk9xtD7V+0SgCRc/E9C3plCAIAHSlxa0TXXGHw9Z8PP6xlNrCLCseH21Qh
U69m9gI+pcNEmNRx0ZzfrcbyUbV3FvSL2hRVFK7vhC1UzdFeGpidUB9JmwKlbug6
Bg3wFcOU/w3FpMUGyEH32EpgeMFGTFuW5ZGgvBXWf3ButKISKsGW2vY4yewULo/m
wAYbqxSyGWxuCjCcQII6oOnZaUFfzihSx5fbniBQZW0DlrUC6pDdhANnrM/rUsXU
lhBCqAwP/qUGOsp3Hzzan2w5qVKrr41+WnhwwiS3Z0hjfmpXR810a7SSjwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPMvUHu+YrfwDKET7TtzFCWmgH5dMB8GA1UdIwQY
MBaAFCffBCgkJz/P8/CT0Pmx3saWC65qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjk4RUtDUW5QOF96OEpQUS1iSGV4cFlMcm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9hY2ZmZDYtZGMxZS00ZTBkLThkMjUt
Y2UyMmQ1ZWFiODJmLzEvOHk5UWU3NWl0X0FNb1JQdE8zTVVKYWFBZmwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9hY2ZmZDYtZGMxZS00ZTBkLThkMjUtY2UyMmQ1ZWFiODJm
LzEvSjk4RUtDUW5QOF96OEpQUS1iSGV4cFlMcm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEHGP//
MA0GCSqGSIb3DQEBCwUAA4IBAQDDJTlHMKvk2adIRriHUtQ0JGr+C7mMsjBeD4ma
BHkKFwETLybO7bWVoLE97QVQQWVkEkA03OAa3gr8JYiJq5a8iMTr5Dzq48mI2wlV
khM2qQuezMaMHGBBQZZJlCayPnciiFfsIQ8ztTv+Gq+01/QwksTDmxDfK4MqbG4v
gKy3RwvUb1U+7CwyOBdHWscACdX/QfVoONvNtos+42cb4QRqS2a3B31w+jsyK89K
OI9PLzlAd6F5Jsww+MXKIC5XjWQhiBvD9KpUSbH5gaIYPEaKRmJOooWLCVLM+xtr
rnMQKrrxwuhZsjtIRCOqJI4pPDqbzhnN0NK3yVhOnuZJr6uG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:48 2024 by rpki-client on console-fra.rpki-client.org