Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b716ad-ed04-4de4-b994-4aab2d68fa5a/1/1-r1eBh6Ni-VIbS3crfZ1oMpVRT0.roa
File:                     1-r1eBh6Ni-VIbS3crfZ1oMpVRT0.roa (raw, json)
Hash identifier:          4JdxYWJT8HpUnqv9T62MmtE23sM/5bLjDnaR600Fguk=
Subject key identifier:   FA:BD:5E:06:1E:8D:8B:E5:48:6D:2D:DC:AD:F6:75:A0:CA:55:45:3D
Certificate issuer:       /CN=8d1bef730527aae1ecf8fb3085659d6fdfeed797
Certificate serial:       018CC34941E602ADF1E1A96BD85C43C17955
Authority key identifier: 8D:1B:EF:73:05:27:AA:E1:EC:F8:FB:30:85:65:9D:6F:DF:EE:D7:97
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRvvcwUnquHs-PswhWWdb9_u15c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/b716ad-ed04-4de4-b994-4aab2d68fa5a/1/1-r1eBh6Ni-VIbS3crfZ1oMpVRT0.roa
Signing time:             Mon 01 Jan 2024 04:30:07 +0000
ROA not before:           Mon 01 Jan 2024 04:30:07 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216285
IP address blocks:        2a14:4280::/32 maxlen: 32

Validation:               Failed, certificate revoked on Sun 14 Jan 2024 10:49:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:41:e6:02:ad:f1:e1:a9:6b:d8:5c:43:c1:79:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1bef730527aae1ecf8fb3085659d6fdfeed797
        Validity
            Not Before: Jan  1 04:30:07 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fabd5e061e8d8be5486d2ddcadf675a0ca55453d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:f0:70:58:8d:0f:8c:63:ee:df:fb:9b:5b:d5:
                    3f:47:27:04:b1:f9:39:a0:e6:8f:07:3f:17:29:93:
                    b1:81:4f:e3:7d:93:ba:1f:66:23:0f:4a:0c:05:c8:
                    2c:70:a2:1a:83:68:f1:7b:2e:f7:07:05:8d:8c:6e:
                    5d:1d:30:9b:03:32:82:9d:21:c4:5d:4a:79:9c:b6:
                    36:8c:8e:f4:d7:d0:92:55:15:ef:71:a7:9d:69:c1:
                    ce:62:be:45:ed:55:d7:a0:33:4a:07:fb:e5:f9:eb:
                    fa:ac:63:2b:09:18:88:38:dd:d0:4b:9b:a7:4e:f9:
                    22:90:a8:ae:87:89:be:ee:f8:20:4a:ff:68:82:2b:
                    bd:b7:af:f7:75:4d:fb:5e:8f:45:bd:25:68:34:a0:
                    5d:14:e6:36:a9:f2:ee:d8:da:04:6d:2e:7c:06:8c:
                    83:4e:50:0a:f2:5e:72:b9:ec:dd:1b:ea:5d:17:e9:
                    71:dd:a4:31:b1:43:25:09:cb:45:67:ba:28:62:1b:
                    fa:69:19:f4:7a:ea:2e:0b:57:8c:43:5d:0d:84:28:
                    6b:1f:7a:a6:26:d3:f3:0c:f0:0a:e8:c7:7c:ac:f8:
                    58:52:35:31:e0:83:a1:5c:d5:92:df:72:d9:c4:3f:
                    1a:9e:20:dd:bc:2e:73:68:10:c4:4b:5a:d5:61:6d:
                    db:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:BD:5E:06:1E:8D:8B:E5:48:6D:2D:DC:AD:F6:75:A0:CA:55:45:3D
            X509v3 Authority Key Identifier:
                keyid:8D:1B:EF:73:05:27:AA:E1:EC:F8:FB:30:85:65:9D:6F:DF:EE:D7:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRvvcwUnquHs-PswhWWdb9_u15c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b716ad-ed04-4de4-b994-4aab2d68fa5a/1/1-r1eBh6Ni-VIbS3crfZ1oMpVRT0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b716ad-ed04-4de4-b994-4aab2d68fa5a/1/jRvvcwUnquHs-PswhWWdb9_u15c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:4280::/32

    Signature Algorithm: sha256WithRSAEncryption
         99:5b:f7:fe:82:7c:d7:e8:55:61:4e:94:c5:e3:18:be:02:e6:
         14:da:75:bf:d5:6c:da:bd:b4:70:96:01:10:7f:ff:70:f9:03:
         3e:14:d4:bb:3d:fd:17:f5:c2:45:1b:75:73:fd:32:10:32:5a:
         12:6d:73:d1:10:c1:c7:7f:36:f2:75:ea:b3:4c:b8:75:07:f8:
         24:a1:cb:bb:22:ae:3b:7d:d2:b6:a0:eb:de:de:49:f6:82:46:
         77:b9:1b:76:c2:81:03:d5:0d:2e:51:39:f7:ec:3d:dc:f2:f1:
         d0:0e:9f:9f:dd:a6:c8:c4:9d:8f:9c:45:32:72:ea:53:9a:47:
         b2:ce:70:69:c6:6f:8a:ae:6a:4a:c4:3d:b3:b2:06:6c:63:61:
         7d:eb:4f:fc:29:f1:c7:83:1e:d5:a9:55:02:ab:81:06:09:f6:
         e3:c7:d6:c0:ed:ca:e6:60:1e:bf:88:2d:d7:dd:1f:18:fd:81:
         04:96:8d:da:66:5b:5e:5e:e3:85:13:44:58:14:1d:2d:01:20:
         3a:13:15:01:aa:91:d9:58:b7:40:34:e2:82:6c:21:f6:b6:bb:
         ed:78:f3:f1:0f:58:8a:c2:24:4a:ea:ee:69:82:1c:ea:60:2b:
         06:1a:ac:f1:8f:d6:4a:8c:7f:18:6a:6b:59:04:f9:df:c1:bf:
         9f:2c:9d:84
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzDSUHmAq3x4alr2FxDwXlVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWJlZjczMDUyN2FhZTFlY2Y4ZmIzMDg1NjU5ZDZmZGZl
ZWQ3OTcwHhcNMjQwMTAxMDQzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWJkNWUwNjFlOGQ4YmU1NDg2ZDJkZGNhZGY2NzVhMGNhNTU0NTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/BwWI0PjGPu3/ubW9U/RycEsfk5
oOaPBz8XKZOxgU/jfZO6H2YjD0oMBcgscKIag2jxey73BwWNjG5dHTCbAzKCnSHE
XUp5nLY2jI7019CSVRXvcaedacHOYr5F7VXXoDNKB/vl+ev6rGMrCRiION3QS5un
TvkikKiuh4m+7vggSv9ogiu9t6/3dU37Xo9FvSVoNKBdFOY2qfLu2NoEbS58BoyD
TlAK8l5yuezdG+pdF+lx3aQxsUMlCctFZ7ooYhv6aRn0euouC1eMQ10NhChrH3qm
JtPzDPAK6Md8rPhYUjUx4IOhXNWS33LZxD8aniDdvC5zaBDES1rVYW3b9wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPq9XgYejYvlSG0t3K32daDKVUU9MB8GA1UdIwQY
MBaAFI0b73MFJ6rh7Pj7MIVlnW/f7teXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJ2dmN3VW5xdUhzLVBzd2hXV2RiOV91MTVjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iNzE2YWQtZWQwNC00ZGU0LWI5OTQt
NGFhYjJkNjhmYTVhLzEvMS1yMWVCaDZOaS1WSWJTM2NyZloxb01wVlJUMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGYvYjcxNmFkLWVkMDQtNGRlNC1iOTk0LTRhYWIyZDY4ZmE1
YS8xL2pSdnZjd1VucXVIcy1Qc3doV1dkYjlfdTE1Yy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoUQoAw
DQYJKoZIhvcNAQELBQADggEBAJlb9/6CfNfoVWFOlMXjGL4C5hTadb/VbNq9tHCW
ARB//3D5Az4U1Ls9/Rf1wkUbdXP9MhAyWhJtc9EQwcd/NvJ16rNMuHUH+CShy7si
rjt90rag697eSfaCRne5G3bCgQPVDS5ROffsPdzy8dAOn5/dpsjEnY+cRTJy6lOa
R7LOcGnGb4quakrEPbOyBmxjYX3rT/wp8ceDHtWpVQKrgQYJ9uPH1sDtyuZgHr+I
LdfdHxj9gQSWjdpmW15e44UTRFgUHS0BIDoTFQGqkdlYt0A04oJsIfa2u+148/EP
WIrCJErq7mmCHOpgKwYarPGP1kqMfxhqa1kE+d/Bv58snYQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:04 2024 by rpki-client on console-fra.rpki-client.org