Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/52554c-389d-4aea-a00c-741d0898da4e/1/Ka9QnfRqJkAkU81SS0grPv22YIA.roa
File:                     Ka9QnfRqJkAkU81SS0grPv22YIA.roa (raw, json)
Hash identifier:          Yc82hYAHRxfexhvvmRjFZCE/5b5VYv8MgL7VZOzzQOY=
Subject key identifier:   29:AF:50:9D:F4:6A:26:40:24:53:CD:52:4B:48:2B:3E:FD:B6:60:80
Certificate issuer:       /CN=6f6a28b85b917982072b9f4f406d7eb099913a31
Certificate serial:       018C5D917DC5964EF9BC17C746F5C30497A8
Authority key identifier: 6F:6A:28:B8:5B:91:79:82:07:2B:9F:4F:40:6D:7E:B0:99:91:3A:31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b2oouFuReYIHK59PQG1-sJmROjE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/52554c-389d-4aea-a00c-741d0898da4e/1/Ka9QnfRqJkAkU81SS0grPv22YIA.roa
Signing time:             Tue 12 Dec 2023 10:27:45 +0000
ROA not before:           Tue 12 Dec 2023 10:27:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     13045
IP address blocks:        2001:678:9d4::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:5d:91:7d:c5:96:4e:f9:bc:17:c7:46:f5:c3:04:97:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f6a28b85b917982072b9f4f406d7eb099913a31
        Validity
            Not Before: Dec 12 10:27:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=29af509df46a26402453cd524b482b3efdb66080
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:24:3a:d6:b7:c7:a6:a8:9e:da:fb:fc:f4:88:
                    c8:d6:11:b4:38:dc:f4:d4:bd:d3:50:c8:fa:fb:8f:
                    43:8d:de:ed:8e:bf:61:a2:7a:0a:68:24:a6:6d:79:
                    03:8b:80:61:57:a6:34:79:a2:14:fe:9b:0a:d2:91:
                    e3:57:b5:22:2a:2f:ba:f3:27:53:ad:f0:8b:3e:12:
                    f2:0b:ba:d2:a1:d4:c6:9c:df:2a:7d:46:d7:79:91:
                    5f:89:45:25:2f:5d:93:62:6e:98:09:bb:a2:66:5f:
                    1e:7b:86:9a:be:d4:2a:16:4d:4a:46:c3:26:e9:a3:
                    05:87:7b:5d:8f:3e:dd:26:ff:60:c7:79:6e:1f:50:
                    62:98:6c:b6:d4:1c:8a:f7:d7:ec:d0:87:8e:59:e0:
                    f5:7b:47:c2:bc:04:13:31:e0:c4:1b:30:1d:ae:9b:
                    a0:f7:96:b1:eb:e7:62:33:84:b8:d3:69:ec:d7:16:
                    d1:7f:9c:fd:a4:0f:0a:e7:4e:e9:37:91:9d:1a:07:
                    f3:b3:8c:08:76:0c:98:07:f3:5f:4e:28:a1:76:27:
                    ee:d1:75:65:8f:1d:a4:3e:b1:76:28:27:a1:15:59:
                    40:96:b3:20:55:5e:a8:1e:a9:48:61:b4:ef:3f:ed:
                    27:d5:35:49:5e:27:e3:73:5a:c1:c3:5d:ac:fa:2c:
                    63:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:AF:50:9D:F4:6A:26:40:24:53:CD:52:4B:48:2B:3E:FD:B6:60:80
            X509v3 Authority Key Identifier:
                keyid:6F:6A:28:B8:5B:91:79:82:07:2B:9F:4F:40:6D:7E:B0:99:91:3A:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2oouFuReYIHK59PQG1-sJmROjE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/52554c-389d-4aea-a00c-741d0898da4e/1/Ka9QnfRqJkAkU81SS0grPv22YIA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/52554c-389d-4aea-a00c-741d0898da4e/1/b2oouFuReYIHK59PQG1-sJmROjE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:9d4::/48

    Signature Algorithm: sha256WithRSAEncryption
         80:bb:ad:34:e2:70:06:0b:4c:46:ff:96:b7:67:e4:54:9f:e3:
         ab:bb:c1:36:3c:43:ef:52:05:7a:eb:9b:35:a7:21:32:ee:c8:
         df:87:85:e3:76:8b:06:a7:2e:9d:13:d7:62:68:73:31:33:57:
         0f:dd:dd:15:0e:8b:17:4b:c3:12:8e:8f:16:55:e4:cc:c5:d8:
         1e:05:b0:21:20:74:14:ef:a4:54:f6:18:36:c1:4b:fa:14:76:
         44:3e:00:83:9a:23:44:3b:18:a5:1c:47:00:9a:55:ba:5f:c6:
         2e:34:93:63:28:52:66:8d:04:da:c2:ef:90:e0:c5:53:42:ad:
         e1:a8:c3:be:eb:f4:18:61:3b:1c:74:e8:c0:18:e6:e7:53:84:
         c5:96:dd:43:81:a6:fc:30:b9:0a:86:f2:59:9b:91:88:55:a0:
         bb:63:0e:85:a2:1b:9d:5f:57:c3:42:ab:bd:ee:11:9a:fd:1f:
         a3:0c:c0:39:29:22:45:cc:63:4c:f8:bb:23:39:5f:e0:6a:d6:
         3e:77:fb:ce:ff:53:e7:8d:5d:6e:48:6a:37:fa:c4:93:52:be:
         8f:3d:5b:19:ad:0a:36:1f:d6:36:54:50:bf:16:70:3a:e0:ed:
         e6:a9:6b:8d:ba:b6:6b:73:c0:c2:e7:fa:ab:c8:c2:c2:67:15:
         98:95:f2:fe
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYxdkX3Flk75vBfHRvXDBJeoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNmEyOGI4NWI5MTc5ODIwNzJiOWY0ZjQwNmQ3ZWIwOTk5
MTNhMzEwHhcNMjMxMjEyMTAyNzQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWFmNTA5ZGY0NmEyNjQwMjQ1M2NkNTI0YjQ4MmIzZWZkYjY2MDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSQ61rfHpqie2vv89IjI1hG0ONz0
1L3TUMj6+49Djd7tjr9honoKaCSmbXkDi4BhV6Y0eaIU/psK0pHjV7UiKi+68ydT
rfCLPhLyC7rSodTGnN8qfUbXeZFfiUUlL12TYm6YCbuiZl8ee4aavtQqFk1KRsMm
6aMFh3tdjz7dJv9gx3luH1BimGy21ByK99fs0IeOWeD1e0fCvAQTMeDEGzAdrpug
95ax6+diM4S402ns1xbRf5z9pA8K507pN5GdGgfzs4wIdgyYB/NfTiihdifu0XVl
jx2kPrF2KCehFVlAlrMgVV6oHqlIYbTvP+0n1TVJXifjc1rBw12s+ixjHQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCmvUJ30aiZAJFPNUktIKz79tmCAMB8GA1UdIwQY
MBaAFG9qKLhbkXmCByufT0BtfrCZkToxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjJvb3VGdVJlWUlISzU5UFFHMS1zSm1ST2pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81MjU1NGMtMzg5ZC00YWVhLWEwMGMt
NzQxZDA4OThkYTRlLzEvS2E5UW5mUnFKa0FrVTgxU1MwZ3JQdjIyWUlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81MjU1NGMtMzg5ZC00YWVhLWEwMGMtNzQxZDA4OThkYTRl
LzEvYjJvb3VGdVJlWUlISzU5UFFHMS1zSm1ST2pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAnU
MA0GCSqGSIb3DQEBCwUAA4IBAQCAu6004nAGC0xG/5a3Z+RUn+Oru8E2PEPvUgV6
65s1pyEy7sjfh4XjdosGpy6dE9diaHMxM1cP3d0VDosXS8MSjo8WVeTMxdgeBbAh
IHQU76RU9hg2wUv6FHZEPgCDmiNEOxilHEcAmlW6X8YuNJNjKFJmjQTawu+Q4MVT
Qq3hqMO+6/QYYTscdOjAGObnU4TFlt1Dgab8MLkKhvJZm5GIVaC7Yw6FohudX1fD
Qqu97hGa/R+jDMA5KSJFzGNM+LsjOV/gatY+d/vO/1PnjV1uSGo3+sSTUr6PPVsZ
rQo2H9Y2VFC/FnA64O3mqWuNurZrc8DC5/qryMLCZxWYlfL+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:36 2024 by rpki-client on console-fra.rpki-client.org