Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/eca809-d942-4d89-b438-a1c29992bfbe/1/oUT8j00ypnyCz57NO5uC6Rvtg-A.roa
File:                     oUT8j00ypnyCz57NO5uC6Rvtg-A.roa (raw, json)
Hash identifier:          A8MYB/ywLCJTfzAX4iPHtXK/reJg/MMSp6je5hcqUvM=
Subject key identifier:   A1:44:FC:8F:4D:32:A6:7C:82:CF:9E:CD:3B:9B:82:E9:1B:ED:83:E0
Certificate issuer:       /CN=5251b40b33198ac5a1edf50fff08628160335dfd
Certificate serial:       0185719E6781A9CD135F95558C3DAA1F3ABF
Authority key identifier: 52:51:B4:0B:33:19:8A:C5:A1:ED:F5:0F:FF:08:62:81:60:33:5D:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UlG0CzMZisWh7fUP_whigWAzXf0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/eca809-d942-4d89-b438-a1c29992bfbe/1/oUT8j00ypnyCz57NO5uC6Rvtg-A.roa
Signing time:             Mon 02 Jan 2023 08:34:44 +0000
ROA not before:           Mon 02 Jan 2023 08:34:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62041
IP address blocks:        2001:67c:4e8::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:9e:67:81:a9:cd:13:5f:95:55:8c:3d:aa:1f:3a:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5251b40b33198ac5a1edf50fff08628160335dfd
        Validity
            Not Before: Jan  2 08:34:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a144fc8f4d32a67c82cf9ecd3b9b82e91bed83e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:b5:d6:10:72:91:0e:5a:27:8b:be:13:e6:15:
                    e1:84:b0:90:14:30:ba:66:10:ba:6b:57:e0:10:a9:
                    30:ff:d8:06:10:d6:3a:7d:bb:bc:50:f0:77:5b:12:
                    fe:6e:fb:b9:17:9c:57:3e:d9:db:d8:df:b6:78:f3:
                    f5:6d:f5:be:8e:d4:7e:e3:0f:9d:6e:04:46:fa:c0:
                    f1:ed:ed:1c:59:82:2c:36:6a:18:cd:fa:ed:6f:39:
                    9c:62:65:62:ac:c3:3e:e9:1c:e3:2e:d7:14:c1:e0:
                    92:fa:47:8f:c5:10:0b:c2:5c:f2:50:09:99:46:eb:
                    23:08:85:8d:cc:bf:74:71:cf:23:8a:b0:6f:fd:9e:
                    87:f5:bc:bf:32:81:95:5b:4a:9a:e9:fd:b2:b7:73:
                    ca:02:b5:2e:58:b6:f8:f3:8d:b5:67:e8:f0:22:a9:
                    71:e8:cb:1d:e1:90:28:80:8d:36:8f:b7:73:ff:d7:
                    9f:de:b8:f8:a2:44:56:cf:4d:18:e3:b2:c0:1c:98:
                    ad:02:9e:cb:4c:73:80:14:77:41:6a:44:25:a4:03:
                    05:bf:00:76:6c:38:1e:e3:c1:1c:79:fa:52:25:a4:
                    33:cf:60:79:11:86:cb:72:74:1d:01:6a:16:bc:5d:
                    73:54:ad:59:ee:71:df:a0:3a:23:77:b0:f7:3a:b5:
                    ab:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:44:FC:8F:4D:32:A6:7C:82:CF:9E:CD:3B:9B:82:E9:1B:ED:83:E0
            X509v3 Authority Key Identifier:
                keyid:52:51:B4:0B:33:19:8A:C5:A1:ED:F5:0F:FF:08:62:81:60:33:5D:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UlG0CzMZisWh7fUP_whigWAzXf0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/eca809-d942-4d89-b438-a1c29992bfbe/1/oUT8j00ypnyCz57NO5uC6Rvtg-A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/eca809-d942-4d89-b438-a1c29992bfbe/1/UlG0CzMZisWh7fUP_whigWAzXf0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:4e8::/48

    Signature Algorithm: sha256WithRSAEncryption
         14:1f:6b:7e:6e:32:87:c8:fd:f4:0b:0f:c6:8e:e1:f4:65:4a:
         47:81:59:00:ab:bb:7f:aa:51:4b:b5:3b:d1:86:08:4b:a2:49:
         df:2d:45:6a:7a:aa:f7:ef:08:14:e2:ca:5e:8f:ce:b0:b4:60:
         d8:7d:4a:59:11:f7:ec:b2:2a:11:91:ff:e4:98:d0:dc:cf:d6:
         ca:c9:9f:f4:4a:01:8e:c3:7d:e7:0c:5e:6c:71:48:9b:a4:28:
         2f:01:88:37:ee:8b:dc:40:22:83:11:a4:b8:15:ca:ee:59:7f:
         e9:9e:34:73:d5:e6:99:db:71:89:bd:bf:4d:72:8f:03:65:08:
         64:9c:80:ef:5a:42:2f:1d:71:f7:3c:55:57:48:da:d4:2b:2d:
         14:7c:eb:dc:2b:82:db:c0:3f:e4:15:bf:ac:49:c1:b7:ce:ca:
         69:e3:80:8c:b1:38:d7:d7:41:6a:84:4f:ef:be:f2:9a:9f:4d:
         43:3c:c1:bd:50:c2:bb:4e:d5:75:ec:53:fd:41:e1:65:e5:dc:
         03:53:8b:02:d1:f9:84:eb:90:b6:df:43:2c:70:c1:65:26:d4:
         ea:51:73:d5:ad:11:aa:e4:26:fe:c1:28:1a:74:16:5b:6c:a9:
         b2:85:42:65:f0:d3:f2:a7:41:76:b0:3e:a9:15:f3:41:b6:21:
         53:3b:5f:7e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxnmeBqc0TX5VVjD2qHzq/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNTFiNDBiMzMxOThhYzVhMWVkZjUwZmZmMDg2MjgxNjAz
MzVkZmQwHhcNMjMwMTAyMDgzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTQ0ZmM4ZjRkMzJhNjdjODJjZjllY2QzYjliODJlOTFiZWQ4M2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17XWEHKRDloni74T5hXhhLCQFDC6
ZhC6a1fgEKkw/9gGENY6fbu8UPB3WxL+bvu5F5xXPtnb2N+2ePP1bfW+jtR+4w+d
bgRG+sDx7e0cWYIsNmoYzfrtbzmcYmVirMM+6RzjLtcUweCS+kePxRALwlzyUAmZ
RusjCIWNzL90cc8jirBv/Z6H9by/MoGVW0qa6f2yt3PKArUuWLb48421Z+jwIqlx
6Msd4ZAogI02j7dz/9ef3rj4okRWz00Y47LAHJitAp7LTHOAFHdBakQlpAMFvwB2
bDge48EcefpSJaQzz2B5EYbLcnQdAWoWvF1zVK1Z7nHfoDojd7D3OrWr/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKFE/I9NMqZ8gs+ezTubgukb7YPgMB8GA1UdIwQY
MBaAFFJRtAszGYrFoe31D/8IYoFgM139MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWxHMEN6TVppc1doN2ZVUF93aGlnV0F6WGYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9lY2E4MDktZDk0Mi00ZDg5LWI0Mzgt
YTFjMjk5OTJiZmJlLzEvb1VUOGowMHlwbnlDejU3Tk81dUM2UnZ0Zy1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9lY2E4MDktZDk0Mi00ZDg5LWI0MzgtYTFjMjk5OTJiZmJl
LzEvVWxHMEN6TVppc1doN2ZVUF93aGlnV0F6WGYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfATo
MA0GCSqGSIb3DQEBCwUAA4IBAQAUH2t+bjKHyP30Cw/GjuH0ZUpHgVkAq7t/qlFL
tTvRhghLoknfLUVqeqr37wgU4spej86wtGDYfUpZEffssioRkf/kmNDcz9bKyZ/0
SgGOw33nDF5scUibpCgvAYg37ovcQCKDEaS4FcruWX/pnjRz1eaZ23GJvb9Nco8D
ZQhknIDvWkIvHXH3PFVXSNrUKy0UfOvcK4LbwD/kFb+sScG3zspp44CMsTjX10Fq
hE/vvvKan01DPMG9UMK7TtV17FP9QeFl5dwDU4sC0fmE65C230MscMFlJtTqUXPV
rRGq5Cb+wSgadBZbbKmyhUJl8NPyp0F2sD6pFfNBtiFTO19+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:39 2024 by rpki-client on console-ams.rpki-client.org