Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/005a47-b13c-42d7-8332-d099617beb56/1/ALhWJrIVBp446zvouvtHZNB9ftw.roa
File:                     ALhWJrIVBp446zvouvtHZNB9ftw.roa (raw, json)
Hash identifier:          y7XNHhNWKDqc2SNTL0LZw3fNtaLGC8X7SCD/NOdkDno=
Subject key identifier:   00:B8:56:26:B2:15:06:9E:38:EB:3B:E8:BA:FB:47:64:D0:7D:7E:DC
Certificate issuer:       /CN=be3f74f2b6e4e28e9ff6ca3cca3a5d78ca2cad6a
Certificate serial:       01867D7DBB94B06AEA80779481AF2821ACDD
Authority key identifier: BE:3F:74:F2:B6:E4:E2:8E:9F:F6:CA:3C:CA:3A:5D:78:CA:2C:AD:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vj908rbk4o6f9so8yjpdeMosrWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/005a47-b13c-42d7-8332-d099617beb56/1/ALhWJrIVBp446zvouvtHZNB9ftw.roa
Signing time:             Thu 23 Feb 2023 08:57:17 +0000
ROA not before:           Thu 23 Feb 2023 08:57:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        2001:678:934::/48 maxlen: 48

Validation:               Failed, certificate revoked on Fri 03 Mar 2023 10:41:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:7d:7d:bb:94:b0:6a:ea:80:77:94:81:af:28:21:ac:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be3f74f2b6e4e28e9ff6ca3cca3a5d78ca2cad6a
        Validity
            Not Before: Feb 23 08:57:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=00b85626b215069e38eb3be8bafb4764d07d7edc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:9b:a8:d1:03:c7:1d:0c:01:04:ee:9c:7b:90:
                    a4:8b:19:92:07:d3:fa:2e:90:2d:88:e5:9d:39:93:
                    a9:d9:6d:39:68:f5:6e:b4:c1:47:d4:7c:68:4d:7b:
                    ec:ae:a1:38:1b:c0:94:75:a4:5a:ab:00:75:af:50:
                    d3:dd:12:11:1f:f1:f7:99:e3:9a:2d:8f:6d:bd:06:
                    77:f6:d2:8b:ee:78:05:d9:93:4c:96:0e:d0:c6:15:
                    a4:26:b5:e9:8b:62:95:e0:6a:72:b6:70:9c:46:bf:
                    cc:db:a0:b0:49:6e:66:94:a3:86:03:98:c2:b1:37:
                    ac:69:a8:f8:f1:e4:ae:0e:64:3e:6a:04:61:cc:d0:
                    f1:05:e3:77:74:d7:52:51:13:25:ac:7d:03:5d:f1:
                    fc:c7:99:4e:1c:0f:6e:de:6d:23:3f:63:92:4a:41:
                    7a:87:3e:80:f6:44:ac:32:7f:32:8d:28:91:4e:50:
                    41:d5:5a:ae:e1:82:ca:85:56:7c:f1:60:9a:6e:9d:
                    72:20:6c:48:71:96:7d:34:96:68:6c:08:ee:7d:71:
                    a3:6d:40:f0:94:3d:4f:f7:91:67:b5:9a:b5:af:91:
                    57:8a:62:60:1a:b5:ae:01:41:e5:32:81:ee:cf:01:
                    9c:80:c4:dc:6c:df:24:2d:fb:8e:0b:65:dd:4b:ce:
                    49:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:B8:56:26:B2:15:06:9E:38:EB:3B:E8:BA:FB:47:64:D0:7D:7E:DC
            X509v3 Authority Key Identifier:
                keyid:BE:3F:74:F2:B6:E4:E2:8E:9F:F6:CA:3C:CA:3A:5D:78:CA:2C:AD:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vj908rbk4o6f9so8yjpdeMosrWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/005a47-b13c-42d7-8332-d099617beb56/1/ALhWJrIVBp446zvouvtHZNB9ftw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/005a47-b13c-42d7-8332-d099617beb56/1/vj908rbk4o6f9so8yjpdeMosrWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:934::/48

    Signature Algorithm: sha256WithRSAEncryption
         b8:3c:d5:39:96:cb:6d:f6:98:ab:40:21:95:13:15:65:16:f5:
         f4:d7:80:ba:0b:47:d2:19:c4:05:6a:85:bd:1e:a2:b8:e8:44:
         0c:e9:60:c5:20:95:4b:a9:68:6b:fa:a1:30:e7:1f:b5:2a:d8:
         c1:8b:bc:56:9a:9f:e8:8d:28:04:03:02:60:ee:25:4f:9f:f7:
         ea:3b:30:4b:1f:84:f0:e7:54:2b:db:d4:81:95:ad:8b:39:2b:
         b8:de:49:8c:2b:bf:eb:32:48:f4:23:59:23:f6:d8:8c:49:0d:
         cb:47:87:d6:cc:a8:63:0f:8c:27:79:9b:2a:ad:2d:0a:b6:4c:
         da:6e:0b:c8:f1:c6:f2:9b:2d:90:79:23:61:33:51:67:69:c1:
         60:de:1d:0d:36:d2:e8:80:6a:88:77:54:84:94:fe:c7:a0:41:
         db:73:b0:e2:77:9f:50:a7:08:4f:98:0e:3c:fd:df:db:b8:76:
         84:8d:04:3e:50:b6:8b:44:f1:94:ce:bd:d1:b3:14:95:b7:3b:
         dd:64:36:64:57:c9:77:44:86:b7:b4:c9:9f:4b:00:16:af:21:
         29:35:96:3f:57:2c:9e:75:a7:ca:93:25:b6:01:b3:35:fc:4a:
         84:86:89:8f:15:5e:80:de:07:21:31:fa:6b:63:5b:37:79:1f:
         41:13:23:17
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYZ9fbuUsGrqgHeUga8oIazdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlM2Y3NGYyYjZlNGUyOGU5ZmY2Y2EzY2NhM2E1ZDc4Y2Ey
Y2FkNmEwHhcNMjMwMjIzMDg1NzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGI4NTYyNmIyMTUwNjllMzhlYjNiZThiYWZiNDc2NGQwN2Q3ZWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5uo0QPHHQwBBO6ce5CkixmSB9P6
LpAtiOWdOZOp2W05aPVutMFH1HxoTXvsrqE4G8CUdaRaqwB1r1DT3RIRH/H3meOa
LY9tvQZ39tKL7ngF2ZNMlg7QxhWkJrXpi2KV4GpytnCcRr/M26CwSW5mlKOGA5jC
sTesaaj48eSuDmQ+agRhzNDxBeN3dNdSURMlrH0DXfH8x5lOHA9u3m0jP2OSSkF6
hz6A9kSsMn8yjSiRTlBB1Vqu4YLKhVZ88WCabp1yIGxIcZZ9NJZobAjufXGjbUDw
lD1P95FntZq1r5FXimJgGrWuAUHlMoHuzwGcgMTcbN8kLfuOC2XdS85J3wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAC4ViayFQaeOOs76Lr7R2TQfX7cMB8GA1UdIwQY
MBaAFL4/dPK25OKOn/bKPMo6XXjKLK1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmo5MDhyYms0bzZmOXNvOHlqcGRlTW9zcldvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8wMDVhNDctYjEzYy00MmQ3LTgzMzIt
ZDA5OTYxN2JlYjU2LzEvQUxoV0pySVZCcDQ0Nnp2b3V2dEhaTkI5ZnR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8wMDVhNDctYjEzYy00MmQ3LTgzMzItZDA5OTYxN2JlYjU2
LzEvdmo5MDhyYms0bzZmOXNvOHlqcGRlTW9zcldvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAk0
MA0GCSqGSIb3DQEBCwUAA4IBAQC4PNU5lstt9pirQCGVExVlFvX014C6C0fSGcQF
aoW9HqK46EQM6WDFIJVLqWhr+qEw5x+1KtjBi7xWmp/ojSgEAwJg7iVPn/fqOzBL
H4Tw51Qr29SBla2LOSu43kmMK7/rMkj0I1kj9tiMSQ3LR4fWzKhjD4wneZsqrS0K
tkzabgvI8cbymy2QeSNhM1FnacFg3h0NNtLogGqId1SElP7HoEHbc7Did59QpwhP
mA48/d/buHaEjQQ+ULaLRPGUzr3RsxSVtzvdZDZkV8l3RIa3tMmfSwAWryEpNZY/
VyyedafKkyW2AbM1/EqEhomPFV6A3gchMfprY1s3eR9BEyMX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:01 2024 by rpki-client on console-ams.rpki-client.org