Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/10393d-a030-4af5-8995-8f2d6684c814/1/FYFF0z6PSqLv14Ok59XIV_UMjrY.roa
File:                     FYFF0z6PSqLv14Ok59XIV_UMjrY.roa (raw, json)
Hash identifier:          PErNmATyKHE76dswSRXfOlNMOh1/4rEfwlVXYojTZ+g=
Subject key identifier:   15:81:45:D3:3E:8F:4A:A2:EF:D7:83:A4:E7:D5:C8:57:F5:0C:8E:B6
Certificate issuer:       /CN=1c864813c0862e6b4756f8dfda8957c6aeac6654
Certificate serial:       0185729EB8700CCFBD93469B79B1FE7EDEE4
Authority key identifier: 1C:86:48:13:C0:86:2E:6B:47:56:F8:DF:DA:89:57:C6:AE:AC:66:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HIZIE8CGLmtHVvjf2olXxq6sZlQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/10393d-a030-4af5-8995-8f2d6684c814/1/FYFF0z6PSqLv14Ok59XIV_UMjrY.roa
Signing time:             Mon 02 Jan 2023 13:14:42 +0000
ROA not before:           Mon 02 Jan 2023 13:14:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208333
IP address blocks:        2001:4d78:f200::/40 maxlen: 40

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:31:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:9e:b8:70:0c:cf:bd:93:46:9b:79:b1:fe:7e:de:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c864813c0862e6b4756f8dfda8957c6aeac6654
        Validity
            Not Before: Jan  2 13:14:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=158145d33e8f4aa2efd783a4e7d5c857f50c8eb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:53:f3:28:91:37:d4:4a:73:22:ea:c6:36:32:
                    c3:0f:0f:13:ee:56:e0:47:88:10:30:35:5a:be:c4:
                    58:b2:75:fd:bf:aa:0d:56:98:6f:d9:77:2f:5d:05:
                    5f:ea:d8:3c:03:fc:1b:1d:15:45:2f:3b:9c:e2:2a:
                    7c:dc:b2:1a:0e:c9:03:8a:11:a5:cc:5b:ec:1b:f5:
                    39:c8:6a:f2:fb:0b:2b:0a:c5:c9:19:46:be:97:62:
                    15:f2:63:a9:08:c2:79:1b:89:b0:4f:ef:c2:85:25:
                    ab:71:c1:9d:ea:87:87:be:20:31:a6:02:e5:c7:db:
                    a5:9f:ab:38:cd:af:fe:fa:f5:12:6d:cf:3d:c0:c6:
                    aa:d5:aa:5a:ec:52:47:28:54:32:07:97:fa:59:3e:
                    9c:c8:74:81:0f:df:50:fe:5b:f8:6f:63:38:0c:82:
                    46:9b:71:1f:32:fe:b7:15:38:df:1e:b0:56:fc:65:
                    64:43:96:08:2e:22:ad:fb:23:96:7c:5b:9f:bc:d4:
                    7b:97:4f:dc:4b:34:bb:a3:01:e7:b4:2c:93:50:b9:
                    23:09:b5:80:85:7d:57:99:c8:84:45:eb:35:92:b2:
                    86:27:f7:c3:56:4b:47:90:b6:16:b5:50:fe:e4:89:
                    ca:bf:5b:75:cf:f7:88:a9:92:8e:a1:cf:03:bd:5d:
                    00:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:81:45:D3:3E:8F:4A:A2:EF:D7:83:A4:E7:D5:C8:57:F5:0C:8E:B6
            X509v3 Authority Key Identifier:
                keyid:1C:86:48:13:C0:86:2E:6B:47:56:F8:DF:DA:89:57:C6:AE:AC:66:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HIZIE8CGLmtHVvjf2olXxq6sZlQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/10393d-a030-4af5-8995-8f2d6684c814/1/FYFF0z6PSqLv14Ok59XIV_UMjrY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/10393d-a030-4af5-8995-8f2d6684c814/1/HIZIE8CGLmtHVvjf2olXxq6sZlQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:4d78:f200::/40

    Signature Algorithm: sha256WithRSAEncryption
         7e:f5:75:4b:7f:19:a4:d0:32:a5:a4:25:3e:e0:6d:25:e7:ea:
         a7:f8:25:e6:4d:ca:72:38:90:c7:f6:a2:20:8a:d4:31:0d:ff:
         c4:ea:11:da:9e:ff:68:c0:85:d6:9f:88:25:b4:92:34:47:39:
         a8:b8:60:47:e6:f1:c0:e3:d9:72:51:e6:b6:f1:8e:4d:9c:30:
         58:39:a9:81:96:87:69:0f:98:09:bb:3a:55:d5:4c:ae:0d:2b:
         80:66:53:11:4f:c9:3d:e0:8d:c7:05:c2:39:f7:bd:fb:d7:59:
         80:93:9c:d2:10:76:90:25:ae:12:a9:03:7b:99:c0:53:06:52:
         3f:3a:1e:96:03:f6:69:54:cf:d4:a4:44:2b:7f:1e:b2:dd:9c:
         72:f7:01:bc:98:55:03:2e:0b:6a:4e:2b:ef:36:57:b0:07:6b:
         3e:30:2d:e7:ae:a5:73:8b:f8:c0:07:56:f0:8e:28:f2:7d:ac:
         ca:e0:e9:97:2e:ac:88:b9:b8:60:fd:b2:9f:bd:40:bf:b0:ba:
         d9:1a:a2:77:8c:9c:99:8d:27:82:0a:49:6e:3b:93:73:7b:28:
         c8:c4:73:9a:dd:88:f6:9c:d2:40:36:78:ba:68:2e:ab:ff:bc:
         2c:a1:22:2c:74:9b:5a:ee:07:1a:e5:86:11:b5:34:c1:28:7c:
         89:a2:bb:ac
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVynrhwDM+9k0abebH+ft7kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjODY0ODEzYzA4NjJlNmI0NzU2ZjhkZmRhODk1N2M2YWVh
YzY2NTQwHhcNMjMwMTAyMTMxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTgxNDVkMzNlOGY0YWEyZWZkNzgzYTRlN2Q1Yzg1N2Y1MGM4ZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlPzKJE31EpzIurGNjLDDw8T7lbg
R4gQMDVavsRYsnX9v6oNVphv2XcvXQVf6tg8A/wbHRVFLzuc4ip83LIaDskDihGl
zFvsG/U5yGry+wsrCsXJGUa+l2IV8mOpCMJ5G4mwT+/ChSWrccGd6oeHviAxpgLl
x9uln6s4za/++vUSbc89wMaq1apa7FJHKFQyB5f6WT6cyHSBD99Q/lv4b2M4DIJG
m3EfMv63FTjfHrBW/GVkQ5YILiKt+yOWfFufvNR7l0/cSzS7owHntCyTULkjCbWA
hX1XmciERes1krKGJ/fDVktHkLYWtVD+5InKv1t1z/eIqZKOoc8DvV0A7wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFBWBRdM+j0qi79eDpOfVyFf1DI62MB8GA1UdIwQY
MBaAFByGSBPAhi5rR1b439qJV8aurGZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSElaSUU4Q0dMbXRIVnZqZjJvbFh4cTZzWmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8xMDM5M2QtYTAzMC00YWY1LTg5OTUt
OGYyZDY2ODRjODE0LzEvRllGRjB6NlBTcUx2MTRPazU5WElWX1VNanJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8xMDM5M2QtYTAzMC00YWY1LTg5OTUtOGYyZDY2ODRjODE0
LzEvSElaSUU4Q0dMbXRIVnZqZjJvbFh4cTZzWmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAIAFNePIw
DQYJKoZIhvcNAQELBQADggEBAH71dUt/GaTQMqWkJT7gbSXn6qf4JeZNynI4kMf2
oiCK1DEN/8TqEdqe/2jAhdafiCW0kjRHOai4YEfm8cDj2XJR5rbxjk2cMFg5qYGW
h2kPmAm7OlXVTK4NK4BmUxFPyT3gjccFwjn3vfvXWYCTnNIQdpAlrhKpA3uZwFMG
Uj86HpYD9mlUz9SkRCt/HrLdnHL3AbyYVQMuC2pOK+82V7AHaz4wLeeupXOL+MAH
VvCOKPJ9rMrg6ZcurIi5uGD9sp+9QL+wutkaoneMnJmNJ4IKSW47k3N7KMjEc5rd
iPac0kA2eLpoLqv/vCyhIix0m1ruBxrlhhG1NMEofImiu6w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:00 2024 by rpki-client on console-fra.rpki-client.org