Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/bg698aAW9S0Emk8K5iqL8K0DBGM.roa
File:                     bg698aAW9S0Emk8K5iqL8K0DBGM.roa (raw, json)
Hash identifier:          6Oo3GKeeknwzo+GIta2Bl8GiqDpvQBsmfU5x34Je02o=
Subject key identifier:   6E:0E:BD:F1:A0:16:F5:2D:04:9A:4F:0A:E6:2A:8B:F0:AD:03:04:63
Certificate issuer:       /CN=5f0fd90d987297cb5dd4e07be840d280d1e2cc4a
Certificate serial:       0186BCC87AF1566D45CEAD9CCDDC6CE7358F
Authority key identifier: 5F:0F:D9:0D:98:72:97:CB:5D:D4:E0:7B:E8:40:D2:80:D1:E2:CC:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xw_ZDZhyl8td1OB76EDSgNHizEo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/bg698aAW9S0Emk8K5iqL8K0DBGM.roa
Signing time:             Tue 07 Mar 2023 15:55:00 +0000
ROA not before:           Tue 07 Mar 2023 15:55:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60802
IP address blocks:        2001:67c:bcc::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:bc:c8:7a:f1:56:6d:45:ce:ad:9c:cd:dc:6c:e7:35:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f0fd90d987297cb5dd4e07be840d280d1e2cc4a
        Validity
            Not Before: Mar  7 15:55:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6e0ebdf1a016f52d049a4f0ae62a8bf0ad030463
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:6f:5f:a2:22:bf:b0:81:25:23:30:3b:26:c0:
                    c1:67:7c:07:ad:52:e9:e2:22:63:7d:fa:5b:55:de:
                    cc:0d:3d:dd:b2:72:71:01:7e:26:f1:73:ab:7f:f0:
                    78:06:54:50:10:ef:85:38:85:f1:cb:14:b2:de:45:
                    98:21:57:6d:4c:fc:5b:ea:c5:3c:b3:29:81:87:ba:
                    53:06:e4:99:f5:dc:cf:4c:3c:9a:9f:2c:b5:74:d4:
                    5d:0f:95:e6:65:82:c5:47:dd:be:0e:d3:bc:cd:08:
                    7e:04:48:62:4d:6a:b8:fc:95:f3:a7:9b:02:a4:47:
                    14:33:b7:f9:63:3a:5a:db:cc:6b:0b:8b:0d:ad:49:
                    f4:56:91:61:2a:29:c7:97:ea:44:2d:4c:c3:ff:1a:
                    8b:cb:f2:93:8f:4c:84:98:cd:84:2d:1e:92:9e:88:
                    22:20:dc:67:51:eb:08:34:1a:59:8b:bb:72:a4:89:
                    6b:5a:1f:d4:7f:01:ab:42:6a:a2:4e:b3:88:70:b3:
                    71:d5:9b:35:3f:ba:60:84:57:69:f0:49:9a:42:2e:
                    d8:4e:b6:82:22:6c:18:9c:ee:0a:91:68:f5:b9:45:
                    38:93:b7:83:9d:3e:e9:ca:fb:f2:cb:08:a5:86:e7:
                    7c:79:e6:5d:a0:67:f4:03:c9:dd:e6:a2:99:03:ce:
                    26:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:0E:BD:F1:A0:16:F5:2D:04:9A:4F:0A:E6:2A:8B:F0:AD:03:04:63
            X509v3 Authority Key Identifier:
                keyid:5F:0F:D9:0D:98:72:97:CB:5D:D4:E0:7B:E8:40:D2:80:D1:E2:CC:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xw_ZDZhyl8td1OB76EDSgNHizEo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/bg698aAW9S0Emk8K5iqL8K0DBGM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/Xw_ZDZhyl8td1OB76EDSgNHizEo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:bcc::/48

    Signature Algorithm: sha256WithRSAEncryption
         1a:b3:cb:13:e7:19:b2:7d:bb:a1:24:e1:67:bc:19:5a:a4:ca:
         f3:0e:06:56:e9:ed:78:64:09:0c:2f:6c:58:fb:7c:6f:f7:5d:
         62:97:d6:f8:fb:52:63:75:6b:46:c3:c6:d6:35:dd:5e:73:c6:
         00:8b:51:1f:a7:e6:29:f6:fe:6e:0b:62:7a:03:8d:28:93:06:
         be:f3:6e:bd:3a:35:64:f8:0a:ed:47:1e:64:ce:cd:aa:36:59:
         04:6b:85:ae:ff:f6:7f:0d:ad:19:15:5d:c5:4d:da:c9:83:b0:
         e2:5c:dc:cb:56:83:bf:51:26:43:12:a7:6b:91:cd:f1:b9:ca:
         b6:63:d0:01:ec:1d:48:45:29:e4:86:6f:c9:c6:61:6c:b4:29:
         5e:e9:60:cf:e6:53:e9:60:7c:6c:16:e0:d6:ef:8e:38:7d:d8:
         5c:bb:73:b2:80:39:7b:1d:46:73:33:d1:dc:df:e1:20:75:8a:
         11:19:ce:44:42:8c:c2:6e:7c:53:a5:7c:72:c3:f1:ac:ca:4c:
         06:c3:20:81:22:de:e5:8d:dc:45:a0:31:fe:ea:cc:7a:da:43:
         80:db:a4:0a:e7:d5:d5:a3:bd:4b:81:c9:f5:05:25:b4:de:1a:
         44:91:f9:52:de:66:c9:e2:ce:97:ff:ba:b3:86:01:74:2e:dd:
         ca:25:8f:bf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYa8yHrxVm1Fzq2czdxs5zWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMGZkOTBkOTg3Mjk3Y2I1ZGQ0ZTA3YmU4NDBkMjgwZDFl
MmNjNGEwHhcNMjMwMzA3MTU1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTBlYmRmMWEwMTZmNTJkMDQ5YTRmMGFlNjJhOGJmMGFkMDMwNDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmG9foiK/sIElIzA7JsDBZ3wHrVLp
4iJjffpbVd7MDT3dsnJxAX4m8XOrf/B4BlRQEO+FOIXxyxSy3kWYIVdtTPxb6sU8
symBh7pTBuSZ9dzPTDyanyy1dNRdD5XmZYLFR92+DtO8zQh+BEhiTWq4/JXzp5sC
pEcUM7f5Yzpa28xrC4sNrUn0VpFhKinHl+pELUzD/xqLy/KTj0yEmM2ELR6Snogi
INxnUesINBpZi7typIlrWh/UfwGrQmqiTrOIcLNx1Zs1P7pghFdp8EmaQi7YTraC
ImwYnO4KkWj1uUU4k7eDnT7pyvvyywilhud8eeZdoGf0A8nd5qKZA84m9QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFG4OvfGgFvUtBJpPCuYqi/CtAwRjMB8GA1UdIwQY
MBaAFF8P2Q2YcpfLXdTge+hA0oDR4sxKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHdfWkRaaHlsOHRkMU9CNzZFRFNnTkhpekVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9mNjZjYTktM2JkYy00Mjk0LWFkNjIt
N2JjZWZhOWY1OWU4LzEvYmc2OThhQVc5UzBFbWs4SzVpcUw4SzBEQkdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9mNjZjYTktM2JkYy00Mjk0LWFkNjItN2JjZWZhOWY1OWU4
LzEvWHdfWkRaaHlsOHRkMU9CNzZFRFNnTkhpekVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAvM
MA0GCSqGSIb3DQEBCwUAA4IBAQAas8sT5xmyfbuhJOFnvBlapMrzDgZW6e14ZAkM
L2xY+3xv911il9b4+1JjdWtGw8bWNd1ec8YAi1Efp+Yp9v5uC2J6A40okwa+8269
OjVk+ArtRx5kzs2qNlkEa4Wu//Z/Da0ZFV3FTdrJg7DiXNzLVoO/USZDEqdrkc3x
ucq2Y9AB7B1IRSnkhm/JxmFstCle6WDP5lPpYHxsFuDW7444fdhcu3OygDl7HUZz
M9Hc3+EgdYoRGc5EQozCbnxTpXxyw/GsykwGwyCBIt7ljdxFoDH+6sx62kOA26QK
59XVo71Lgcn1BSW03hpEkflS3mbJ4s6X/7qzhgF0Lt3KJY+/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:31 2024 by rpki-client on console-fra.rpki-client.org