Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/HKJqYqQAumXYeCNFYt34R8f3NbY.roa
File:                     HKJqYqQAumXYeCNFYt34R8f3NbY.roa (raw, json)
Hash identifier:          5ByvaK2vkeGYiY20HIx4Rbir31Q0C5oXWPU11Fj5BK8=
Subject key identifier:   1C:A2:6A:62:A4:00:BA:65:D8:78:23:45:62:DD:F8:47:C7:F7:35:B6
Certificate issuer:       /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial:       01856CB8543A22A568F07D3DC45B9411B1F7
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/HKJqYqQAumXYeCNFYt34R8f3NbY.roa
Signing time:             Sun 01 Jan 2023 09:44:57 +0000
ROA not before:           Sun 01 Jan 2023 09:44:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51964
IP address blocks:        2a01:ce80::/26 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:b8:54:3a:22:a5:68:f0:7d:3d:c4:5b:94:11:b1:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
        Validity
            Not Before: Jan  1 09:44:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1ca26a62a400ba65d878234562ddf847c7f735b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:59:cc:55:bd:d2:a8:4f:1a:7b:ff:51:3d:c0:
                    9c:6a:c1:b6:cd:19:24:2a:d8:13:f1:54:ae:27:0b:
                    fb:09:18:7c:c6:3c:cd:25:18:2f:be:96:43:58:c4:
                    38:54:51:ed:a5:8f:19:a0:35:95:4b:cd:95:16:ce:
                    0a:4e:91:1e:7e:94:b7:2a:78:60:c0:f6:ac:44:c6:
                    0f:ca:55:d1:76:a9:e0:c2:ef:45:98:bd:75:a1:45:
                    71:25:bb:5f:be:ff:45:0b:91:17:d6:03:c7:22:57:
                    4e:5e:05:34:71:d1:e1:36:b6:9a:2c:ef:4f:2c:0c:
                    f0:19:9e:4e:9a:8d:7a:29:1b:e1:99:0e:e5:9a:d9:
                    39:4f:79:38:e7:58:80:b7:66:7b:da:da:34:64:e2:
                    bd:10:51:6d:b0:87:c9:81:0e:c2:e0:0e:2f:73:a0:
                    47:da:e6:00:de:0b:6e:b7:44:1c:b9:0c:64:5b:2c:
                    32:54:f0:e1:b2:2d:7a:4b:c8:48:73:1a:a2:4d:af:
                    95:42:93:3b:a8:e4:c7:0e:99:1d:bf:9d:f4:52:34:
                    e3:a5:bc:01:3a:39:cc:53:9f:62:0c:79:97:e9:2c:
                    5a:47:40:27:48:05:16:d0:48:ab:e9:74:33:bb:65:
                    d1:c0:97:28:85:04:7c:7d:c7:56:95:f6:ee:5b:56:
                    fe:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:A2:6A:62:A4:00:BA:65:D8:78:23:45:62:DD:F8:47:C7:F7:35:B6
            X509v3 Authority Key Identifier:
                keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/HKJqYqQAumXYeCNFYt34R8f3NbY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a01:ce80::/26

    Signature Algorithm: sha256WithRSAEncryption
         25:bc:2f:e1:0c:3f:2c:44:51:d7:5f:ef:60:c2:e8:0b:27:93:
         61:f6:f3:c7:91:27:f5:a7:bf:9f:3e:d6:7f:ff:82:51:96:89:
         dc:44:bb:b3:87:b1:83:83:b4:69:54:af:37:ae:31:9a:bd:71:
         10:c8:f4:2c:9b:9f:75:42:dc:6d:72:c8:53:58:30:fe:07:42:
         a6:57:6e:3f:06:8d:99:bb:83:cb:07:45:02:0a:e6:82:92:c3:
         4e:22:62:99:fa:d4:09:71:65:b9:a6:f6:c9:be:92:9f:0e:dc:
         f8:56:df:5d:55:d8:2a:6d:0d:c5:bf:e9:54:f6:d4:fa:c6:4a:
         30:3a:80:6c:14:7f:29:49:2b:d9:f1:85:f4:55:de:e6:50:78:
         78:b5:3a:dc:e2:33:84:bc:95:5f:43:db:a6:76:30:4f:0a:11:
         c7:79:92:88:00:3f:b4:32:cf:e4:e2:9c:bc:89:2f:ad:f5:49:
         ec:66:c6:00:7f:34:1c:d1:c5:ad:a0:12:07:11:39:17:b2:19:
         77:b3:55:dd:e6:9b:a9:13:3a:05:b3:83:33:ef:f5:b6:f2:45:
         76:9a:20:1c:b0:5c:c4:d5:f7:46:c0:5e:bf:a6:71:ac:07:f1:
         ec:ca:0b:80:ec:5a:e2:63:63:46:f6:de:77:8a:59:c8:3d:1d:
         66:79:83:f0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVsuFQ6IqVo8H09xFuUEbH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2EyNmE2MmE0MDBiYTY1ZDg3ODIzNDU2MmRkZjg0N2M3ZjczNWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1nMVb3SqE8ae/9RPcCcasG2zRkk
KtgT8VSuJwv7CRh8xjzNJRgvvpZDWMQ4VFHtpY8ZoDWVS82VFs4KTpEefpS3Knhg
wPasRMYPylXRdqngwu9FmL11oUVxJbtfvv9FC5EX1gPHIldOXgU0cdHhNraaLO9P
LAzwGZ5Omo16KRvhmQ7lmtk5T3k451iAt2Z72to0ZOK9EFFtsIfJgQ7C4A4vc6BH
2uYA3gtut0QcuQxkWywyVPDhsi16S8hIcxqiTa+VQpM7qOTHDpkdv530UjTjpbwB
OjnMU59iDHmX6SxaR0AnSAUW0Eir6XQzu2XRwJcohQR8fcdWlfbuW1b+UQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFByiamKkALpl2HgjRWLd+EfH9zW2MB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvSEtKcVlxUUF1bVhZZUNORll0MzRSOGYzTmJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUGKgHOgDAN
BgkqhkiG9w0BAQsFAAOCAQEAJbwv4Qw/LERR11/vYMLoCyeTYfbzx5En9ae/nz7W
f/+CUZaJ3ES7s4exg4O0aVSvN64xmr1xEMj0LJufdULcbXLIU1gw/gdCplduPwaN
mbuDywdFAgrmgpLDTiJimfrUCXFluab2yb6Snw7c+FbfXVXYKm0Nxb/pVPbU+sZK
MDqAbBR/KUkr2fGF9FXe5lB4eLU63OIzhLyVX0PbpnYwTwoRx3mSiAA/tDLP5OKc
vIkvrfVJ7GbGAH80HNHFraASBxE5F7IZd7NV3eabqRM6BbODM+/1tvJFdpogHLBc
xNX3RsBev6ZxrAfx7MoLgOxa4mNjRvbed4pZyD0dZnmD8A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org