Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/RFK-Xege2ueazmJpALD9SBGk2rQ.roa
File:                     RFK-Xege2ueazmJpALD9SBGk2rQ.roa (raw, json)
Hash identifier:          FMhvyfCCHVxWxk8/WCfAMes4zHWvYygixVf2KpoQ95c=
Subject key identifier:   44:52:BE:5D:E8:1E:DA:E7:9A:CE:62:69:00:B0:FD:48:11:A4:DA:B4
Certificate issuer:       /CN=5f0fd90d987297cb5dd4e07be840d280d1e2cc4a
Certificate serial:       01896E1A06D82C3CCBF1D46F7E12F8452BA3
Authority key identifier: 5F:0F:D9:0D:98:72:97:CB:5D:D4:E0:7B:E8:40:D2:80:D1:E2:CC:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xw_ZDZhyl8td1OB76EDSgNHizEo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/RFK-Xege2ueazmJpALD9SBGk2rQ.roa
Signing time:             Wed 19 Jul 2023 12:22:26 +0000
ROA not before:           Wed 19 Jul 2023 12:22:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61218
IP address blocks:        2001:67c:bd4::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:6e:1a:06:d8:2c:3c:cb:f1:d4:6f:7e:12:f8:45:2b:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f0fd90d987297cb5dd4e07be840d280d1e2cc4a
        Validity
            Not Before: Jul 19 12:22:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4452be5de81edae79ace626900b0fd4811a4dab4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:43:93:ee:c8:22:e5:8c:17:8d:68:1c:4e:8e:
                    55:ef:ff:b5:fb:8e:b4:c0:2d:8c:bb:f5:99:a0:ce:
                    52:15:20:c5:06:10:61:88:75:bd:62:24:29:e2:82:
                    7c:6e:90:57:a8:1e:c5:d3:f2:1e:70:77:09:02:5d:
                    5f:ec:e9:7e:d0:dc:eb:87:e9:05:5f:c7:0e:bc:c4:
                    38:e7:6c:3a:33:a6:61:13:d1:1a:90:ba:d4:30:99:
                    98:a9:2a:45:4e:92:67:44:7a:ad:02:51:49:5a:0b:
                    16:80:dd:e3:c0:4d:01:1e:06:5c:a4:45:6b:1a:17:
                    bb:80:3c:7b:ca:aa:64:df:17:8c:a5:be:a3:8f:4e:
                    da:d7:f1:64:5a:70:15:f0:0b:dd:ae:af:b4:12:62:
                    74:02:6b:13:8c:63:4f:cf:07:07:82:93:a3:5b:46:
                    b8:a0:92:d6:8b:82:40:c5:b1:93:de:e1:12:c7:57:
                    e8:39:68:3d:b4:e9:a4:0d:3b:ef:31:f4:94:00:d9:
                    f0:7c:4b:46:0a:52:8e:02:b9:3c:f1:ed:d8:7b:95:
                    62:0e:2d:1d:e0:19:4d:cd:5c:a5:16:27:3c:4c:a8:
                    33:59:5e:61:65:e8:55:0c:80:be:85:83:fe:e1:0b:
                    83:34:ad:79:48:a9:1f:2d:c4:e5:d5:cb:1a:0b:c3:
                    1b:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:52:BE:5D:E8:1E:DA:E7:9A:CE:62:69:00:B0:FD:48:11:A4:DA:B4
            X509v3 Authority Key Identifier:
                keyid:5F:0F:D9:0D:98:72:97:CB:5D:D4:E0:7B:E8:40:D2:80:D1:E2:CC:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xw_ZDZhyl8td1OB76EDSgNHizEo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/RFK-Xege2ueazmJpALD9SBGk2rQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/Xw_ZDZhyl8td1OB76EDSgNHizEo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:bd4::/48

    Signature Algorithm: sha256WithRSAEncryption
         01:d8:53:a1:29:b5:3f:89:a7:5d:29:bf:d0:28:44:dc:a5:90:
         70:13:8f:5c:e1:16:a2:c5:c8:60:4e:f0:3e:7d:52:63:d3:56:
         cb:68:fe:e1:e9:82:de:31:67:45:18:b8:92:aa:96:b5:59:fb:
         b1:27:cb:d1:78:03:11:54:d1:5f:7c:1c:7d:5a:38:55:03:94:
         c9:bf:89:25:ae:6d:98:40:cb:5b:ab:41:c0:02:c3:d3:a3:e2:
         60:6d:3f:db:10:a9:8a:9d:a1:3c:3b:98:12:08:68:04:74:c1:
         16:a7:0d:4a:b6:13:9c:f1:40:9f:02:c5:5b:38:05:94:01:cd:
         a8:bd:ad:6a:56:f7:f8:f7:0f:dd:44:33:bd:d8:5a:cd:3c:d0:
         55:40:d4:93:33:0f:bf:35:d0:be:f1:53:a1:10:5d:43:18:88:
         5a:9c:8d:6e:3d:cb:bd:74:22:3c:f1:b0:49:e8:91:24:39:5e:
         aa:26:b4:f2:c2:48:8e:c5:4c:2a:01:4c:9f:e9:89:e6:5b:88:
         77:74:08:02:67:4c:b1:64:8e:35:38:f3:51:1c:d2:26:fe:82:
         85:3f:60:a8:ec:6c:cd:f9:d6:a8:d1:07:bb:d1:08:94:b6:72:
         88:5d:7d:61:6c:f1:85:ae:23:2a:08:61:cd:14:7f:4f:a5:30:
         2c:e5:e6:e3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYluGgbYLDzL8dRvfhL4RSujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMGZkOTBkOTg3Mjk3Y2I1ZGQ0ZTA3YmU4NDBkMjgwZDFl
MmNjNGEwHhcNMjMwNzE5MTIyMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDUyYmU1ZGU4MWVkYWU3OWFjZTYyNjkwMGIwZmQ0ODExYTRkYWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0OT7sgi5YwXjWgcTo5V7/+1+460
wC2Mu/WZoM5SFSDFBhBhiHW9YiQp4oJ8bpBXqB7F0/IecHcJAl1f7Ol+0Nzrh+kF
X8cOvMQ452w6M6ZhE9EakLrUMJmYqSpFTpJnRHqtAlFJWgsWgN3jwE0BHgZcpEVr
Ghe7gDx7yqpk3xeMpb6jj07a1/FkWnAV8Avdrq+0EmJ0AmsTjGNPzwcHgpOjW0a4
oJLWi4JAxbGT3uESx1foOWg9tOmkDTvvMfSUANnwfEtGClKOArk88e3Ye5ViDi0d
4BlNzVylFic8TKgzWV5hZehVDIC+hYP+4QuDNK15SKkfLcTl1csaC8MbIQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFERSvl3oHtrnms5iaQCw/UgRpNq0MB8GA1UdIwQY
MBaAFF8P2Q2YcpfLXdTge+hA0oDR4sxKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHdfWkRaaHlsOHRkMU9CNzZFRFNnTkhpekVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9mNjZjYTktM2JkYy00Mjk0LWFkNjIt
N2JjZWZhOWY1OWU4LzEvUkZLLVhlZ2UydWVhem1KcEFMRDlTQkdrMnJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9mNjZjYTktM2JkYy00Mjk0LWFkNjItN2JjZWZhOWY1OWU4
LzEvWHdfWkRaaHlsOHRkMU9CNzZFRFNnTkhpekVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAvU
MA0GCSqGSIb3DQEBCwUAA4IBAQAB2FOhKbU/iaddKb/QKETcpZBwE49c4Raixchg
TvA+fVJj01bLaP7h6YLeMWdFGLiSqpa1WfuxJ8vReAMRVNFffBx9WjhVA5TJv4kl
rm2YQMtbq0HAAsPTo+JgbT/bEKmKnaE8O5gSCGgEdMEWpw1KthOc8UCfAsVbOAWU
Ac2ova1qVvf49w/dRDO92FrNPNBVQNSTMw+/NdC+8VOhEF1DGIhanI1uPcu9dCI8
8bBJ6JEkOV6qJrTywkiOxUwqAUyf6YnmW4h3dAgCZ0yxZI41OPNRHNIm/oKFP2Co
7GzN+dao0Qe70QiUtnKIXX1hbPGFriMqCGHNFH9PpTAs5ebj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:31 2024 by rpki-client on console-fra.rpki-client.org