Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/098cf4-07c0-4ab7-9cc7-be8c78c06fc7/1/SZZn8PmL_qheiSejCFOJe4Vnl44.roa
File:                     SZZn8PmL_qheiSejCFOJe4Vnl44.roa (raw, json)
Hash identifier:          MBNIu9ILITfBdpyDCqTa7LO26nssQFd5YvmtRTu88Sk=
Subject key identifier:   49:96:67:F0:F9:8B:FE:A8:5E:89:27:A3:08:53:89:7B:85:67:97:8E
Certificate issuer:       /CN=3acd90cb637d3d2c73d99dea9a4fe813e6485843
Certificate serial:       01856D66252D88BA986349BAF88346449DA7
Authority key identifier: 3A:CD:90:CB:63:7D:3D:2C:73:D9:9D:EA:9A:4F:E8:13:E6:48:58:43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Os2Qy2N9PSxz2Z3qmk_oE-ZIWEM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/098cf4-07c0-4ab7-9cc7-be8c78c06fc7/1/SZZn8PmL_qheiSejCFOJe4Vnl44.roa
Signing time:             Sun 01 Jan 2023 12:54:48 +0000
ROA not before:           Sun 01 Jan 2023 12:54:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211042
IP address blocks:        2001:678:fb8::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:35:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:66:25:2d:88:ba:98:63:49:ba:f8:83:46:44:9d:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3acd90cb637d3d2c73d99dea9a4fe813e6485843
        Validity
            Not Before: Jan  1 12:54:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=499667f0f98bfea85e8927a30853897b8567978e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:ee:c7:24:f6:78:f4:85:50:26:71:0c:b9:0a:
                    95:7d:e3:fe:c6:1e:69:f2:fc:1e:ea:99:01:7c:6f:
                    14:9f:e9:97:1c:88:c8:9e:9f:ea:42:50:c0:d4:37:
                    16:80:40:70:ef:b0:ef:cc:fc:d0:73:c2:dc:6b:90:
                    c8:73:b1:74:bb:d2:6f:80:33:33:e1:93:3b:c1:6d:
                    7f:77:9b:2a:33:69:35:82:3a:83:88:6b:1f:2f:36:
                    22:19:0f:7b:b6:5a:55:da:0a:54:cd:5c:d1:2a:fd:
                    be:d5:9b:58:0c:f1:17:95:fc:06:31:d2:26:49:eb:
                    15:23:25:27:86:7f:39:a1:f9:af:71:96:4f:53:c2:
                    ed:31:3a:c6:b9:96:7b:e6:22:17:bf:8a:d3:05:b1:
                    6b:0e:91:54:78:ac:a5:76:7a:91:15:6a:6b:38:65:
                    c5:28:95:98:05:17:72:52:98:5c:36:a6:35:e9:48:
                    ce:f3:45:c3:5c:06:7d:0f:f4:70:e3:b5:5b:2c:e9:
                    ca:1e:a8:e8:5a:ae:74:1b:d1:4a:95:38:21:d2:40:
                    a4:24:99:ad:99:ac:07:ac:73:10:ce:42:33:ce:c1:
                    e1:30:81:e8:60:84:70:13:67:d7:1d:1d:c1:6f:59:
                    0a:17:e7:ce:14:db:53:0a:92:17:34:aa:65:b1:e8:
                    ef:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:96:67:F0:F9:8B:FE:A8:5E:89:27:A3:08:53:89:7B:85:67:97:8E
            X509v3 Authority Key Identifier:
                keyid:3A:CD:90:CB:63:7D:3D:2C:73:D9:9D:EA:9A:4F:E8:13:E6:48:58:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Os2Qy2N9PSxz2Z3qmk_oE-ZIWEM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/098cf4-07c0-4ab7-9cc7-be8c78c06fc7/1/SZZn8PmL_qheiSejCFOJe4Vnl44.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/098cf4-07c0-4ab7-9cc7-be8c78c06fc7/1/Os2Qy2N9PSxz2Z3qmk_oE-ZIWEM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:fb8::/48

    Signature Algorithm: sha256WithRSAEncryption
         09:3b:7e:e7:30:dd:2e:0e:ef:ed:90:84:c9:08:11:32:c6:5f:
         1e:31:81:cd:06:e0:55:ad:64:72:0f:ab:0b:50:9b:16:c9:c9:
         fa:08:6f:6b:ca:58:e9:14:4f:d7:5f:9f:44:37:fe:84:85:c6:
         c8:7f:97:29:50:1f:18:61:23:23:74:c1:c2:89:3f:2a:22:53:
         1f:bd:5b:ae:44:21:02:02:e8:3d:07:17:e1:fc:e2:56:e8:f3:
         ec:4a:bc:46:f5:e6:3c:a2:9b:b3:57:e4:31:27:a5:9d:0d:bc:
         00:16:c5:61:47:b3:e9:b8:47:04:4e:b2:e1:e1:dd:73:9b:7a:
         1a:08:97:44:9c:b6:1f:a4:ad:17:bb:fc:6a:d3:76:d1:05:86:
         67:18:06:14:9a:29:d9:07:67:5b:14:ae:57:16:89:f7:22:24:
         d9:8f:35:00:bd:80:6a:c7:44:3e:df:a4:af:fc:21:71:dc:a6:
         76:c4:86:ae:55:8e:85:eb:d9:1e:bc:db:ea:df:bd:93:01:02:
         6d:11:01:9f:bc:8a:7b:cf:e9:e8:df:ac:0c:2d:83:b8:0a:c4:
         72:d9:b2:c1:9e:00:6d:ac:31:96:a7:a8:f3:bd:60:e9:3f:93:
         cd:fa:0a:8c:5d:3d:2f:dd:35:eb:b6:fe:fe:f8:c3:f6:6f:b2:
         8e:4b:1b:c3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtZiUtiLqYY0m6+INGRJ2nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhY2Q5MGNiNjM3ZDNkMmM3M2Q5OWRlYTlhNGZlODEzZTY0
ODU4NDMwHhcNMjMwMTAxMTI1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTk2NjdmMGY5OGJmZWE4NWU4OTI3YTMwODUzODk3Yjg1Njc5NzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAje7HJPZ49IVQJnEMuQqVfeP+xh5p
8vwe6pkBfG8Un+mXHIjInp/qQlDA1DcWgEBw77DvzPzQc8Lca5DIc7F0u9JvgDMz
4ZM7wW1/d5sqM2k1gjqDiGsfLzYiGQ97tlpV2gpUzVzRKv2+1ZtYDPEXlfwGMdIm
SesVIyUnhn85ofmvcZZPU8LtMTrGuZZ75iIXv4rTBbFrDpFUeKyldnqRFWprOGXF
KJWYBRdyUphcNqY16UjO80XDXAZ9D/Rw47VbLOnKHqjoWq50G9FKlTgh0kCkJJmt
mawHrHMQzkIzzsHhMIHoYIRwE2fXHR3Bb1kKF+fOFNtTCpIXNKplsejvHwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEmWZ/D5i/6oXoknowhTiXuFZ5eOMB8GA1UdIwQY
MBaAFDrNkMtjfT0sc9md6ppP6BPmSFhDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3MyUXkyTjlQU3h6MlozcW1rX29FLVpJV0VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wOThjZjQtMDdjMC00YWI3LTljYzct
YmU4Yzc4YzA2ZmM3LzEvU1pabjhQbUxfcWhlaVNlakNGT0plNFZubDQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8wOThjZjQtMDdjMC00YWI3LTljYzctYmU4Yzc4YzA2ZmM3
LzEvT3MyUXkyTjlQU3h6MlozcW1rX29FLVpJV0VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA+4
MA0GCSqGSIb3DQEBCwUAA4IBAQAJO37nMN0uDu/tkITJCBEyxl8eMYHNBuBVrWRy
D6sLUJsWycn6CG9ryljpFE/XX59EN/6EhcbIf5cpUB8YYSMjdMHCiT8qIlMfvVuu
RCECAug9Bxfh/OJW6PPsSrxG9eY8opuzV+QxJ6WdDbwAFsVhR7PpuEcETrLh4d1z
m3oaCJdEnLYfpK0Xu/xq03bRBYZnGAYUminZB2dbFK5XFon3IiTZjzUAvYBqx0Q+
36Sv/CFx3KZ2xIauVY6F69kevNvq372TAQJtEQGfvIp7z+no36wMLYO4CsRy2bLB
ngBtrDGWp6jzvWDpP5PN+gqMXT0v3TXrtv7++MP2b7KOSxvD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:20 2024 by rpki-client on console-fra.rpki-client.org