Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/d7fb6d-ebbe-43a2-b119-393c45742259/1/1-VACrAPbBLEiT9bd2MWrcDcMKm4.roa
File:                     1-VACrAPbBLEiT9bd2MWrcDcMKm4.roa (raw, json)
Hash identifier:          zwIwrNI30vNq9rFlLqD556pKHZyApyDBu7ywvQjMLM0=
Subject key identifier:   F9:50:02:AC:03:DB:04:B1:22:4F:D6:DD:D8:C5:AB:70:37:0C:2A:6E
Certificate issuer:       /CN=b720f3ceb0e6b597a38145c5a743369c7f4966e0
Certificate serial:       01856FF0488CA51C5796FBBEA07291FDD4DB
Authority key identifier: B7:20:F3:CE:B0:E6:B5:97:A3:81:45:C5:A7:43:36:9C:7F:49:66:E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tyDzzrDmtZejgUXFp0M2nH9JZuA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/d7fb6d-ebbe-43a2-b119-393c45742259/1/1-VACrAPbBLEiT9bd2MWrcDcMKm4.roa
Signing time:             Mon 02 Jan 2023 00:44:56 +0000
ROA not before:           Mon 02 Jan 2023 00:44:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25222
IP address blocks:        2a03:1c80::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f0:48:8c:a5:1c:57:96:fb:be:a0:72:91:fd:d4:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b720f3ceb0e6b597a38145c5a743369c7f4966e0
        Validity
            Not Before: Jan  2 00:44:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f95002ac03db04b1224fd6ddd8c5ab70370c2a6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:a2:3d:b2:a1:24:00:11:2b:96:4d:bc:64:89:
                    ca:36:f8:4c:12:7e:ae:01:dd:c0:02:77:65:38:e9:
                    8d:27:a0:18:db:ac:73:07:50:c1:0a:d3:47:ef:97:
                    83:0d:3a:92:7a:5d:47:dd:80:b0:19:22:eb:28:56:
                    82:f9:ba:07:0f:42:c3:d7:48:45:97:8a:33:df:a4:
                    41:1c:c4:76:ef:71:75:c3:b3:e4:ef:ee:a0:ec:bd:
                    8b:24:12:78:e6:20:80:b8:fd:56:e8:45:25:7f:1c:
                    4d:7c:4c:01:6d:3f:d9:89:63:b3:fa:d7:59:49:ab:
                    0f:5f:a8:5b:bb:51:28:3b:10:41:52:dc:25:47:1d:
                    0b:ec:c8:f4:92:05:e8:61:55:a4:37:3c:cc:1b:ac:
                    f1:9d:83:01:52:78:3a:98:39:8d:41:2b:63:cb:d5:
                    46:3c:bc:8d:56:be:9b:e1:29:c0:57:81:6f:d9:c1:
                    4b:57:dc:1a:47:8f:35:e1:3f:fc:43:ce:b1:68:55:
                    d5:58:4b:7b:d3:23:ff:fa:b3:af:37:b2:a2:da:29:
                    1b:0e:b0:41:7f:cd:e2:5d:a2:a1:ec:fe:5a:96:fb:
                    e4:f4:20:f0:73:f4:67:89:cb:fc:bf:d0:55:97:b9:
                    8a:bd:73:3f:b7:a5:36:cf:cb:54:74:90:1d:b2:ae:
                    73:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:50:02:AC:03:DB:04:B1:22:4F:D6:DD:D8:C5:AB:70:37:0C:2A:6E
            X509v3 Authority Key Identifier:
                keyid:B7:20:F3:CE:B0:E6:B5:97:A3:81:45:C5:A7:43:36:9C:7F:49:66:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tyDzzrDmtZejgUXFp0M2nH9JZuA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/d7fb6d-ebbe-43a2-b119-393c45742259/1/1-VACrAPbBLEiT9bd2MWrcDcMKm4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/d7fb6d-ebbe-43a2-b119-393c45742259/1/tyDzzrDmtZejgUXFp0M2nH9JZuA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a03:1c80::/32

    Signature Algorithm: sha256WithRSAEncryption
         78:66:fa:df:77:f1:b0:0e:c9:1e:fe:a4:93:1d:1c:f5:66:e9:
         24:b2:59:28:d6:25:67:1a:5f:11:0a:67:6a:ca:8f:be:0a:9b:
         f1:e7:3d:1b:e3:71:79:83:06:6f:54:42:e1:aa:8e:aa:1e:e0:
         8c:85:3d:54:ee:d2:55:51:cf:84:51:24:ff:c2:71:b4:cf:48:
         54:8e:4f:a0:cf:ff:fa:53:eb:45:65:34:25:2e:a3:44:31:fb:
         fc:26:cb:0d:c0:c9:c6:78:3e:7a:4e:9c:48:50:32:77:c6:ca:
         64:e5:69:95:90:0a:33:49:2a:69:5e:2a:b0:1d:8c:b2:1a:09:
         8b:2d:93:29:86:de:fd:47:d9:b5:73:4b:10:9b:2d:fe:53:c9:
         81:4c:9f:86:4c:62:1f:4b:d0:e7:d9:b7:fd:5a:67:79:b4:b0:
         36:8d:72:33:14:6c:fb:81:38:66:d6:7b:a2:95:e2:02:3c:bb:
         fb:9e:e1:20:a8:b1:d8:8c:51:96:41:d5:ca:3d:db:08:29:34:
         8e:a7:1b:ed:64:db:2a:b0:97:16:4f:9b:7b:0f:97:b4:24:c2:
         b7:b8:f8:57:14:4e:c9:51:36:9e:dd:ab:83:d3:2b:32:47:07:
         15:c1:7a:e1:16:48:e3:25:c1:ad:1d:e4:ba:c6:fe:ec:8b:6c:
         82:87:24:26
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVv8EiMpRxXlvu+oHKR/dTbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MjBmM2NlYjBlNmI1OTdhMzgxNDVjNWE3NDMzNjljN2Y0
OTY2ZTAwHhcNMjMwMTAyMDA0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTUwMDJhYzAzZGIwNGIxMjI0ZmQ2ZGRkOGM1YWI3MDM3MGMyYTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6I9sqEkABErlk28ZInKNvhMEn6u
Ad3AAndlOOmNJ6AY26xzB1DBCtNH75eDDTqSel1H3YCwGSLrKFaC+boHD0LD10hF
l4oz36RBHMR273F1w7Pk7+6g7L2LJBJ45iCAuP1W6EUlfxxNfEwBbT/ZiWOz+tdZ
SasPX6hbu1EoOxBBUtwlRx0L7Mj0kgXoYVWkNzzMG6zxnYMBUng6mDmNQStjy9VG
PLyNVr6b4SnAV4Fv2cFLV9waR4814T/8Q86xaFXVWEt70yP/+rOvN7Ki2ikbDrBB
f83iXaKh7P5alvvk9CDwc/Rnicv8v9BVl7mKvXM/t6U2z8tUdJAdsq5zmwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPlQAqwD2wSxIk/W3djFq3A3DCpuMB8GA1UdIwQY
MBaAFLcg886w5rWXo4FFxadDNpx/SWbgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlEenpyRG10WmVqZ1VYRnAwTTJuSDlKWnVBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9kN2ZiNmQtZWJiZS00M2EyLWIxMTkt
MzkzYzQ1NzQyMjU5LzEvMS1WQUNyQVBiQkxFaVQ5YmQyTVdyY0RjTUttNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmYvZDdmYjZkLWViYmUtNDNhMi1iMTE5LTM5M2M0NTc0MjI1
OS8xL3R5RHp6ckRtdFplamdVWEZwME0ybkg5Slp1QS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoDHIAw
DQYJKoZIhvcNAQELBQADggEBAHhm+t938bAOyR7+pJMdHPVm6SSyWSjWJWcaXxEK
Z2rKj74Km/HnPRvjcXmDBm9UQuGqjqoe4IyFPVTu0lVRz4RRJP/CcbTPSFSOT6DP
//pT60VlNCUuo0Qx+/wmyw3AycZ4PnpOnEhQMnfGymTlaZWQCjNJKmleKrAdjLIa
CYstkymG3v1H2bVzSxCbLf5TyYFMn4ZMYh9L0OfZt/1aZ3m0sDaNcjMUbPuBOGbW
e6KV4gI8u/ue4SCosdiMUZZB1co92wgpNI6nG+1k2yqwlxZPm3sPl7Qkwre4+FcU
TslRNp7dq4PTKzJHBxXBeuEWSOMlwa0d5LrG/uyLbIKHJCY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:23 2024 by rpki-client on console-fra.rpki-client.org