Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/3e77dc-4868-41d4-90c4-2ac8bcd83550/1/nlghoLdPOvetDz4ssJyk9E9Tb-w.roa
File:                     nlghoLdPOvetDz4ssJyk9E9Tb-w.roa (raw, json)
Hash identifier:          X+H87wNnqk3rylSZWPPPJkzyqjZHBjaJRBfQA+6HjY4=
Subject key identifier:   9E:58:21:A0:B7:4F:3A:F7:AD:0F:3E:2C:B0:9C:A4:F4:4F:53:6F:EC
Certificate issuer:       /CN=32967a7747365c819de6076f7f5aa0ba3c9e598a
Certificate serial:       018571BA0C88DA2EC1001CF4C4F5541149B9
Authority key identifier: 32:96:7A:77:47:36:5C:81:9D:E6:07:6F:7F:5A:A0:BA:3C:9E:59:8A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MpZ6d0c2XIGd5gdvf1qgujyeWYo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/3e77dc-4868-41d4-90c4-2ac8bcd83550/1/nlghoLdPOvetDz4ssJyk9E9Tb-w.roa
Signing time:             Mon 02 Jan 2023 09:04:56 +0000
ROA not before:           Mon 02 Jan 2023 09:04:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41709
IP address blocks:        2001:67c:26f8::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:ba:0c:88:da:2e:c1:00:1c:f4:c4:f5:54:11:49:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32967a7747365c819de6076f7f5aa0ba3c9e598a
        Validity
            Not Before: Jan  2 09:04:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9e5821a0b74f3af7ad0f3e2cb09ca4f44f536fec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:d8:03:bd:d5:dd:6d:da:bb:90:54:08:a0:91:
                    6d:9f:4a:dd:65:52:2a:16:bc:24:c6:67:99:8b:c6:
                    48:c2:70:99:a8:86:bd:07:71:8c:bb:17:77:85:a8:
                    31:01:72:b3:9e:2f:bf:41:53:d7:cf:b2:5b:f6:1e:
                    6f:f1:de:e4:29:7c:09:d5:19:4e:03:dc:de:28:96:
                    34:b5:d1:ae:89:af:c7:fa:77:56:2f:66:01:6f:cf:
                    33:f2:ac:d7:5e:6e:d8:63:ae:2b:4b:07:2d:9d:fc:
                    32:26:2c:b1:24:50:eb:71:2e:f7:bb:db:4f:fc:1d:
                    0c:7b:d7:f1:f2:94:b4:3b:2d:ec:9e:57:08:77:f1:
                    7f:83:d8:57:db:b3:38:13:f5:70:71:26:34:f3:9d:
                    f0:df:f7:87:ae:34:5e:54:02:bc:59:f7:df:a6:19:
                    21:e7:bc:e7:8d:93:1c:5f:b8:67:13:c4:74:03:ea:
                    ce:ce:a0:ab:9e:a6:f3:a5:2c:23:e8:05:e4:a4:7c:
                    fe:a7:bc:d3:ad:55:ef:8f:7b:16:a8:f9:d7:e0:16:
                    57:cf:81:75:ec:97:7b:15:a5:81:15:54:89:06:cd:
                    c7:25:36:89:b6:a7:7c:35:96:6a:2a:a8:3c:c2:3a:
                    4d:61:c1:f9:06:70:6b:fb:9f:aa:25:44:f8:85:28:
                    71:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:58:21:A0:B7:4F:3A:F7:AD:0F:3E:2C:B0:9C:A4:F4:4F:53:6F:EC
            X509v3 Authority Key Identifier:
                keyid:32:96:7A:77:47:36:5C:81:9D:E6:07:6F:7F:5A:A0:BA:3C:9E:59:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MpZ6d0c2XIGd5gdvf1qgujyeWYo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/3e77dc-4868-41d4-90c4-2ac8bcd83550/1/nlghoLdPOvetDz4ssJyk9E9Tb-w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/3e77dc-4868-41d4-90c4-2ac8bcd83550/1/MpZ6d0c2XIGd5gdvf1qgujyeWYo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:26f8::/48

    Signature Algorithm: sha256WithRSAEncryption
         56:88:7c:02:99:5a:53:b1:22:46:de:85:93:13:ed:84:80:1f:
         76:5c:e9:ea:cf:2a:7e:a8:a7:b7:40:04:0d:65:f8:b6:1a:b8:
         ce:7a:b2:ba:6f:25:e8:5c:87:df:df:2a:28:c4:dc:94:87:03:
         3b:b8:64:57:d5:69:13:4c:34:1c:4e:16:ad:34:d2:8b:23:f6:
         06:67:d4:6d:5f:93:55:f3:b8:44:c4:71:3a:e6:15:7f:81:42:
         f7:81:ae:7a:6f:f1:04:f9:66:2b:14:60:e0:7e:4c:70:fb:9d:
         d4:32:cd:ce:d9:49:4b:b3:4a:be:64:70:b0:3f:f8:40:86:e1:
         bf:c6:95:cb:88:5a:d7:30:c1:9b:be:74:df:fa:77:20:1b:55:
         7a:ff:7f:29:44:41:5a:41:1c:86:1a:83:b7:03:31:6d:55:9e:
         a1:8c:13:9e:09:af:a7:3f:b7:7d:82:a4:9c:a7:38:33:ef:60:
         fd:62:f9:a0:0c:dc:b3:47:05:16:73:65:cd:d1:07:84:95:8a:
         8d:60:bb:48:3f:28:ca:7d:22:6c:5d:ce:22:c4:fe:34:38:53:
         e7:c5:e0:9b:9f:e3:ff:b6:5d:25:87:72:19:0e:44:d6:8c:fd:
         10:12:a9:2b:6f:9d:8f:15:69:8a:cb:26:12:0f:fe:e4:40:04:
         46:fc:84:26
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxugyI2i7BABz0xPVUEUm5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyOTY3YTc3NDczNjVjODE5ZGU2MDc2ZjdmNWFhMGJhM2M5
ZTU5OGEwHhcNMjMwMTAyMDkwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTU4MjFhMGI3NGYzYWY3YWQwZjNlMmNiMDljYTRmNDRmNTM2ZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNgDvdXdbdq7kFQIoJFtn0rdZVIq
FrwkxmeZi8ZIwnCZqIa9B3GMuxd3hagxAXKzni+/QVPXz7Jb9h5v8d7kKXwJ1RlO
A9zeKJY0tdGuia/H+ndWL2YBb88z8qzXXm7YY64rSwctnfwyJiyxJFDrcS73u9tP
/B0Me9fx8pS0Oy3snlcId/F/g9hX27M4E/VwcSY0853w3/eHrjReVAK8Wfffphkh
57znjZMcX7hnE8R0A+rOzqCrnqbzpSwj6AXkpHz+p7zTrVXvj3sWqPnX4BZXz4F1
7Jd7FaWBFVSJBs3HJTaJtqd8NZZqKqg8wjpNYcH5BnBr+5+qJUT4hShxHQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ5YIaC3Tzr3rQ8+LLCcpPRPU2/sMB8GA1UdIwQY
MBaAFDKWendHNlyBneYHb39aoLo8nlmKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXBaNmQwYzJYSUdkNWdkdmYxcWd1anllV1lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8zZTc3ZGMtNDg2OC00MWQ0LTkwYzQt
MmFjOGJjZDgzNTUwLzEvbmxnaG9MZFBPdmV0RHo0c3NKeWs5RTlUYi13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8zZTc3ZGMtNDg2OC00MWQ0LTkwYzQtMmFjOGJjZDgzNTUw
LzEvTXBaNmQwYzJYSUdkNWdkdmYxcWd1anllV1lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCb4
MA0GCSqGSIb3DQEBCwUAA4IBAQBWiHwCmVpTsSJG3oWTE+2EgB92XOnqzyp+qKe3
QAQNZfi2GrjOerK6byXoXIff3yooxNyUhwM7uGRX1WkTTDQcThatNNKLI/YGZ9Rt
X5NV87hExHE65hV/gUL3ga56b/EE+WYrFGDgfkxw+53UMs3O2UlLs0q+ZHCwP/hA
huG/xpXLiFrXMMGbvnTf+ncgG1V6/38pREFaQRyGGoO3AzFtVZ6hjBOeCa+nP7d9
gqScpzgz72D9YvmgDNyzRwUWc2XN0QeElYqNYLtIPyjKfSJsXc4ixP40OFPnxeCb
n+P/tl0lh3IZDkTWjP0QEqkrb52PFWmKyyYSD/7kQARG/IQm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:29 2024 by rpki-client on console-ams.rpki-client.org