Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/022606-4faa-4e99-be29-963480e9be79/1/vvuXyGJxOHGDq0rAEnR8Y3U0vTQ.roa
File:                     vvuXyGJxOHGDq0rAEnR8Y3U0vTQ.roa (raw, json)
Hash identifier:          +RcPmPKPvIaQ3DvynEbxxtxmQo5gSDwGjJiVnawILiM=
Subject key identifier:   BE:FB:97:C8:62:71:38:71:83:AB:4A:C0:12:74:7C:63:75:34:BD:34
Certificate issuer:       /CN=57504a4efd51dc95847c156f4a36dbfe5583c2b0
Certificate serial:       018573561CF790113A1528442084C7DFEEC6
Authority key identifier: 57:50:4A:4E:FD:51:DC:95:84:7C:15:6F:4A:36:DB:FE:55:83:C2:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V1BKTv1R3JWEfBVvSjbb_lWDwrA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/022606-4faa-4e99-be29-963480e9be79/1/vvuXyGJxOHGDq0rAEnR8Y3U0vTQ.roa
Signing time:             Mon 02 Jan 2023 16:35:01 +0000
ROA not before:           Mon 02 Jan 2023 16:35:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2119
IP address blocks:        2001:67c:17e4::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:56:1c:f7:90:11:3a:15:28:44:20:84:c7:df:ee:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57504a4efd51dc95847c156f4a36dbfe5583c2b0
        Validity
            Not Before: Jan  2 16:35:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=befb97c86271387183ab4ac012747c637534bd34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:9f:96:e3:82:47:90:db:a9:e1:48:e8:6b:5d:
                    c5:0d:2a:13:9d:ed:27:df:e1:53:b7:72:bd:bd:29:
                    25:d5:3e:cf:73:e9:43:c2:a6:ec:c7:00:58:08:ee:
                    d3:2a:65:29:47:4f:cb:94:50:4a:97:bd:a7:e6:42:
                    60:8c:07:25:87:a3:89:26:83:72:d2:1b:ba:93:e2:
                    25:da:6f:e9:e8:97:75:ec:61:f0:83:8b:3d:dc:07:
                    db:67:0b:37:df:de:9e:52:4c:8c:03:54:fc:13:72:
                    b2:c5:ef:ff:cc:c9:34:d9:f7:80:ac:a0:53:1e:e0:
                    de:a4:45:95:6b:85:91:57:d4:90:03:75:7a:55:6d:
                    ea:e5:00:75:a7:cf:ba:25:5c:65:c3:b8:ce:b8:71:
                    e4:31:d3:3c:b2:d7:d3:26:7a:38:17:97:04:3b:ab:
                    7a:a5:a7:4e:8f:05:64:91:46:37:62:f2:d2:b9:c2:
                    79:f2:a1:2d:bb:7e:37:9b:ac:05:7a:cd:0b:a4:fb:
                    4c:50:ce:ba:b2:07:b7:1d:59:0a:63:9e:b9:44:fd:
                    86:dd:bc:a7:55:36:82:3f:ca:25:dc:db:fe:85:20:
                    0f:29:9e:8a:d9:cd:f3:b3:8d:c4:49:5a:93:fc:fa:
                    10:fc:f9:59:0f:bd:7d:39:a8:81:1b:61:6d:dd:d1:
                    f8:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:FB:97:C8:62:71:38:71:83:AB:4A:C0:12:74:7C:63:75:34:BD:34
            X509v3 Authority Key Identifier:
                keyid:57:50:4A:4E:FD:51:DC:95:84:7C:15:6F:4A:36:DB:FE:55:83:C2:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1BKTv1R3JWEfBVvSjbb_lWDwrA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/022606-4faa-4e99-be29-963480e9be79/1/vvuXyGJxOHGDq0rAEnR8Y3U0vTQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/022606-4faa-4e99-be29-963480e9be79/1/V1BKTv1R3JWEfBVvSjbb_lWDwrA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:17e4::/48

    Signature Algorithm: sha256WithRSAEncryption
         cf:c4:b2:72:19:25:b8:77:e8:0f:50:ec:fc:df:d9:76:1e:c2:
         7c:96:4d:5f:db:fd:1c:01:40:06:f8:d9:45:4c:6a:aa:91:8b:
         18:b4:fc:71:c6:f2:20:f4:cc:7b:e0:99:e7:27:f6:2a:58:37:
         7f:1e:fa:4f:64:40:b9:9f:1e:d6:ba:7f:f6:aa:dd:5a:d1:68:
         31:fd:25:0d:5f:07:b6:cd:cd:46:cb:4a:d1:18:b3:13:42:5b:
         c6:54:25:25:00:0d:4d:05:81:1d:dd:12:9b:e3:c9:e1:4f:32:
         cc:f6:bc:c9:9e:dc:d1:16:73:25:cb:96:eb:3d:f5:a6:82:f9:
         2d:e4:9e:97:7a:1c:14:b6:7c:d4:b3:3c:a0:77:c4:2a:f1:bc:
         55:68:7e:0d:e8:48:8a:f0:f4:ac:c6:11:6b:5b:14:40:30:41:
         d5:a3:35:eb:cb:22:29:f9:83:84:30:2c:94:5a:81:41:a7:25:
         35:0a:72:3a:e5:bf:ab:a1:42:70:6e:e2:03:8a:d0:1c:1d:ba:
         d0:8e:e0:12:80:f8:41:cb:26:e3:d9:f3:2d:a0:00:13:73:11:
         46:8b:fb:e1:f4:43:cd:8c:05:ab:50:bc:da:74:01:ea:77:51:
         01:69:02:16:4f:25:5e:17:fb:fb:fa:c8:86:af:6f:8b:26:1b:
         48:91:fd:fd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzVhz3kBE6FShEIITH3+7GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NTA0YTRlZmQ1MWRjOTU4NDdjMTU2ZjRhMzZkYmZlNTU4
M2MyYjAwHhcNMjMwMTAyMTYzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWZiOTdjODYyNzEzODcxODNhYjRhYzAxMjc0N2M2Mzc1MzRiZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZ+W44JHkNup4Ujoa13FDSoTne0n
3+FTt3K9vSkl1T7Pc+lDwqbsxwBYCO7TKmUpR0/LlFBKl72n5kJgjAclh6OJJoNy
0hu6k+Il2m/p6Jd17GHwg4s93AfbZws3396eUkyMA1T8E3Kyxe//zMk02feArKBT
HuDepEWVa4WRV9SQA3V6VW3q5QB1p8+6JVxlw7jOuHHkMdM8stfTJno4F5cEO6t6
padOjwVkkUY3YvLSucJ58qEtu343m6wFes0LpPtMUM66sge3HVkKY565RP2G3byn
VTaCP8ol3Nv+hSAPKZ6K2c3zs43ESVqT/PoQ/PlZD719OaiBG2Ft3dH4UwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFL77l8hicThxg6tKwBJ0fGN1NL00MB8GA1UdIwQY
MBaAFFdQSk79UdyVhHwVb0o22/5Vg8KwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFCS1R2MVIzSldFZkJWdlNqYmJfbFdEd3JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8wMjI2MDYtNGZhYS00ZTk5LWJlMjkt
OTYzNDgwZTliZTc5LzEvdnZ1WHlHSnhPSEdEcTByQUVuUjhZM1UwdlRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8wMjI2MDYtNGZhYS00ZTk5LWJlMjktOTYzNDgwZTliZTc5
LzEvVjFCS1R2MVIzSldFZkJWdlNqYmJfbFdEd3JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBfk
MA0GCSqGSIb3DQEBCwUAA4IBAQDPxLJyGSW4d+gPUOz839l2HsJ8lk1f2/0cAUAG
+NlFTGqqkYsYtPxxxvIg9Mx74JnnJ/YqWDd/HvpPZEC5nx7Wun/2qt1a0Wgx/SUN
Xwe2zc1Gy0rRGLMTQlvGVCUlAA1NBYEd3RKb48nhTzLM9rzJntzRFnMly5brPfWm
gvkt5J6XehwUtnzUszygd8Qq8bxVaH4N6EiK8PSsxhFrWxRAMEHVozXryyIp+YOE
MCyUWoFBpyU1CnI65b+roUJwbuIDitAcHbrQjuASgPhByybj2fMtoAATcxFGi/vh
9EPNjAWrULzadAHqd1EBaQIWTyVeF/v7+siGr2+LJhtIkf39
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:52 2024 by rpki-client on console-ams.rpki-client.org