Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c1fe4d-ab5a-4071-ba2a-d5a06d8ab984/1/wXLGURJwjFQH7hOHJiYD0kTLlLs.roa
File:                     wXLGURJwjFQH7hOHJiYD0kTLlLs.roa (raw, json)
Hash identifier:          4FuBUoUWFTaS0UGGJDUx6UA7HJGiDW9UM/nA+KxaT3w=
Subject key identifier:   C1:72:C6:51:12:70:8C:54:07:EE:13:87:26:26:03:D2:44:CB:94:BB
Certificate issuer:       /CN=dfa24f8298be18c8a69f18128f064e7003e1d3dd
Certificate serial:       01856D8AC18DFAFE06C46C0991F1EE7B4733
Authority key identifier: DF:A2:4F:82:98:BE:18:C8:A6:9F:18:12:8F:06:4E:70:03:E1:D3:DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/36JPgpi-GMimnxgSjwZOcAPh090.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6b/c1fe4d-ab5a-4071-ba2a-d5a06d8ab984/1/wXLGURJwjFQH7hOHJiYD0kTLlLs.roa
Signing time:             Sun 01 Jan 2023 13:34:48 +0000
ROA not before:           Sun 01 Jan 2023 13:34:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60033
IP address blocks:        2001:678:b5c::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:8a:c1:8d:fa:fe:06:c4:6c:09:91:f1:ee:7b:47:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dfa24f8298be18c8a69f18128f064e7003e1d3dd
        Validity
            Not Before: Jan  1 13:34:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c172c65112708c5407ee1387262603d244cb94bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:09:fc:6f:39:56:de:86:6e:66:46:67:dc:7f:
                    7d:46:18:ad:eb:6f:58:7b:db:88:3b:b1:e9:e6:e1:
                    35:e1:3f:7c:45:d7:c8:d3:00:00:7f:72:5e:00:b6:
                    07:50:28:7d:e6:d5:8b:15:61:9d:d0:a8:43:57:be:
                    2b:27:77:43:3e:63:31:d1:61:2b:01:24:86:e9:42:
                    c6:82:70:18:8b:4b:b9:54:34:85:47:80:0f:24:15:
                    13:88:1b:0c:90:b8:32:2b:56:de:b7:cb:8d:1f:11:
                    6f:42:fc:2e:f2:c7:64:ae:b9:6a:51:4e:10:59:c6:
                    7a:ef:9f:8e:7a:03:52:eb:19:83:7e:b6:68:6f:5a:
                    b3:d6:ac:47:08:fe:bb:5f:97:cd:66:4c:2a:be:68:
                    6c:9f:b5:55:fc:de:84:9f:f5:37:0d:e1:cc:fe:08:
                    ca:3e:3e:07:e5:ed:77:74:3f:21:2f:7e:c0:f0:01:
                    4c:24:e8:df:f2:ad:31:d9:3c:7b:db:a4:7c:a1:ba:
                    c5:5b:e8:fb:37:24:c3:a8:67:ad:1f:ff:13:9c:03:
                    b4:e0:84:d5:06:10:93:89:16:4e:f1:0e:5f:c4:f0:
                    89:6a:20:ca:9e:f5:8d:89:d1:5a:c3:fa:55:71:99:
                    75:dc:d7:b0:14:a2:6d:6b:95:6e:a4:7d:40:95:4b:
                    de:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:72:C6:51:12:70:8C:54:07:EE:13:87:26:26:03:D2:44:CB:94:BB
            X509v3 Authority Key Identifier:
                keyid:DF:A2:4F:82:98:BE:18:C8:A6:9F:18:12:8F:06:4E:70:03:E1:D3:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/36JPgpi-GMimnxgSjwZOcAPh090.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c1fe4d-ab5a-4071-ba2a-d5a06d8ab984/1/wXLGURJwjFQH7hOHJiYD0kTLlLs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c1fe4d-ab5a-4071-ba2a-d5a06d8ab984/1/36JPgpi-GMimnxgSjwZOcAPh090.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:b5c::/48

    Signature Algorithm: sha256WithRSAEncryption
         88:f3:fb:c5:f4:e8:ad:3f:5b:3c:3d:df:7d:c4:5b:fc:25:7f:
         40:fe:68:15:90:96:1a:d4:c8:2e:82:00:d5:f8:29:69:db:f8:
         29:67:21:44:be:79:be:f9:4b:52:6e:98:f9:2c:c3:9b:a0:e5:
         51:fe:2b:19:b9:17:c6:79:d6:a1:89:8b:0a:51:1a:d5:b6:cb:
         a6:cd:ff:a5:f0:ac:74:4f:a6:81:98:9c:70:a1:ed:9a:4a:fd:
         b6:a7:37:39:27:0d:09:33:7c:d8:81:fd:26:f1:fe:00:c5:5b:
         48:d4:59:98:64:22:29:dc:94:bc:4b:95:63:b6:06:20:84:90:
         3f:49:21:3c:d9:23:5e:ea:6f:34:3c:cc:9e:21:7e:31:f0:da:
         b8:1c:88:02:9e:a7:ed:ed:c8:9d:d5:80:c0:2e:39:e7:ee:2b:
         fd:40:b9:40:6c:96:92:85:0a:a3:51:63:1b:61:f7:6d:96:ec:
         69:a3:b1:66:a4:c7:fd:85:92:21:8d:ed:f3:3b:0a:aa:d7:ea:
         69:71:70:62:a8:a6:6b:ff:90:fa:30:7f:30:f5:50:24:e7:d0:
         ea:cc:3c:0f:93:c3:1e:22:21:c2:10:11:e1:9c:14:f1:30:23:
         aa:e0:18:01:3c:29:4b:24:fe:2b:ff:df:e3:a6:4f:cd:6f:cf:
         da:a1:fa:48
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtisGN+v4GxGwJkfHue0czMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYTI0ZjgyOThiZTE4YzhhNjlmMTgxMjhmMDY0ZTcwMDNl
MWQzZGQwHhcNMjMwMTAxMTMzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTcyYzY1MTEyNzA4YzU0MDdlZTEzODcyNjI2MDNkMjQ0Y2I5NGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwn8bzlW3oZuZkZn3H99Rhit629Y
e9uIO7Hp5uE14T98RdfI0wAAf3JeALYHUCh95tWLFWGd0KhDV74rJ3dDPmMx0WEr
ASSG6ULGgnAYi0u5VDSFR4APJBUTiBsMkLgyK1bet8uNHxFvQvwu8sdkrrlqUU4Q
WcZ675+OegNS6xmDfrZob1qz1qxHCP67X5fNZkwqvmhsn7VV/N6En/U3DeHM/gjK
Pj4H5e13dD8hL37A8AFMJOjf8q0x2Tx726R8obrFW+j7NyTDqGetH/8TnAO04ITV
BhCTiRZO8Q5fxPCJaiDKnvWNidFaw/pVcZl13NewFKJta5VupH1AlUve3wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMFyxlEScIxUB+4ThyYmA9JEy5S7MB8GA1UdIwQY
MBaAFN+iT4KYvhjIpp8YEo8GTnAD4dPdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzZKUGdwaS1HTWltbnhnU2p3Wk9jQVBoMDkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jMWZlNGQtYWI1YS00MDcxLWJhMmEt
ZDVhMDZkOGFiOTg0LzEvd1hMR1VSSndqRlFIN2hPSEppWUQwa1RMbExzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jMWZlNGQtYWI1YS00MDcxLWJhMmEtZDVhMDZkOGFiOTg0
LzEvMzZKUGdwaS1HTWltbnhnU2p3Wk9jQVBoMDkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAtc
MA0GCSqGSIb3DQEBCwUAA4IBAQCI8/vF9OitP1s8Pd99xFv8JX9A/mgVkJYa1Mgu
ggDV+Clp2/gpZyFEvnm++UtSbpj5LMOboOVR/isZuRfGedahiYsKURrVtsumzf+l
8Kx0T6aBmJxwoe2aSv22pzc5Jw0JM3zYgf0m8f4AxVtI1FmYZCIp3JS8S5VjtgYg
hJA/SSE82SNe6m80PMyeIX4x8Nq4HIgCnqft7cid1YDALjnn7iv9QLlAbJaShQqj
UWMbYfdtluxpo7FmpMf9hZIhje3zOwqq1+ppcXBiqKZr/5D6MH8w9VAk59DqzDwP
k8MeIiHCEBHhnBTxMCOq4BgBPClLJP4r/9/jpk/Nb8/aofpI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:55 2024 by rpki-client on console-fra.rpki-client.org