Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/1pz6PB4kPlmCaRtCY61s109o0sE.roa
File:                     1pz6PB4kPlmCaRtCY61s109o0sE.roa (raw, json)
Hash identifier:          i0c+Zz6M1TbrsZfHQVSuoFJC03Z7nRZE55BIuGn+w2E=
Subject key identifier:   D6:9C:FA:3C:1E:24:3E:59:82:69:1B:42:63:AD:6C:D7:4F:68:D2:C1
Certificate issuer:       /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial:       0187E2A1202259023B61B5DD393A24CECDEB
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/1pz6PB4kPlmCaRtCY61s109o0sE.roa
Signing time:             Wed 03 May 2023 17:20:23 +0000
ROA not before:           Wed 03 May 2023 17:20:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        2a05:1087::/32 maxlen: 48

Validation:               Failed, certificate revoked on Wed 06 Dec 2023 09:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:e2:a1:20:22:59:02:3b:61:b5:dd:39:3a:24:ce:cd:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
        Validity
            Not Before: May  3 17:20:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d69cfa3c1e243e5982691b4263ad6cd74f68d2c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:46:ea:aa:29:f2:4d:f9:e2:a8:65:e5:b8:ec:
                    cb:67:e9:9e:94:43:8a:91:8a:a0:f7:f1:68:48:6d:
                    96:81:50:23:52:6a:64:76:c5:a5:67:49:4a:c6:72:
                    ea:8c:3c:9c:41:a7:15:99:be:ad:42:1f:91:1b:54:
                    e8:54:8b:ab:50:82:9c:35:b8:73:ea:e8:47:2c:e8:
                    07:a3:ce:c4:f3:b5:e9:f7:34:12:80:38:d5:0e:62:
                    96:36:cd:1c:34:99:9c:d2:70:a5:81:9a:71:aa:5d:
                    65:de:2b:9f:f7:01:01:0d:98:f3:a3:d4:57:3e:3e:
                    dc:a7:1a:b0:23:4f:26:c8:99:5b:28:de:2a:69:50:
                    a4:9f:15:f6:10:68:8f:f2:10:e5:c5:9c:33:c6:5b:
                    ac:48:49:0a:e1:d5:6a:24:63:d1:32:1b:b9:40:3a:
                    4f:5e:30:27:8d:34:5b:5f:dd:23:83:13:93:f3:c0:
                    94:79:9b:c9:cf:41:56:8f:cf:90:ee:91:bc:dd:7f:
                    3f:66:c6:54:9b:08:7c:da:f3:46:5a:8a:74:61:4d:
                    83:4a:4a:2b:e2:6a:6c:b9:9d:53:ae:8d:9e:46:0d:
                    62:bc:b4:e2:7c:af:d7:d7:d4:52:31:ce:00:73:33:
                    df:5c:96:f7:3d:86:b1:62:a6:20:7a:fb:8a:ae:e7:
                    2e:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:9C:FA:3C:1E:24:3E:59:82:69:1B:42:63:AD:6C:D7:4F:68:D2:C1
            X509v3 Authority Key Identifier:
                keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/1pz6PB4kPlmCaRtCY61s109o0sE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:1087::/32

    Signature Algorithm: sha256WithRSAEncryption
         37:18:ca:41:a3:38:b5:37:ce:3a:08:b0:62:79:c5:4d:35:17:
         fb:b3:3a:1a:1b:19:aa:c3:8d:97:8c:33:cf:ee:97:0e:4c:ce:
         fb:58:08:02:7e:a0:db:24:54:ba:5a:63:db:53:ee:a8:b6:e6:
         a7:62:6c:61:bf:5c:1b:a8:9d:85:09:50:04:a2:40:e6:fa:18:
         8a:f1:1a:04:61:5a:47:35:52:b5:2b:2b:31:b2:b1:a6:1b:46:
         9a:9b:44:0e:fc:55:cb:ba:0d:0a:5a:36:fa:c4:89:c4:42:e3:
         50:b4:22:02:5a:4c:0b:4c:dc:b0:bd:f5:af:73:e5:ce:11:73:
         cf:a0:1a:79:e1:b8:c6:35:dd:ed:e5:ca:fb:b9:d8:c9:f3:59:
         a4:25:40:bf:d6:be:77:c7:d4:ab:6e:3d:b6:f4:9f:52:44:33:
         9d:0f:26:5d:96:9f:74:34:29:8b:68:ee:a0:4f:47:14:ff:88:
         12:10:2f:77:bc:b2:a3:d6:74:b3:e4:b6:bb:b9:57:0e:ab:8d:
         d8:2e:19:4f:34:50:94:51:8e:ec:b7:ac:25:61:c3:9f:43:e1:
         c3:df:4f:48:71:21:46:d9:a6:9a:7c:0e:6a:48:de:43:bb:19:
         12:8b:e5:23:d9:bf:df:86:d6:3c:e8:70:2d:11:4b:2d:f6:e1:
         f8:97:4b:2c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYfioSAiWQI7YbXdOTokzs3rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYzY5ZDA0NTgzNTAwYzVlZjgxMTM2ODMxMjM3NTkzZTBi
Yjg2Y2UwHhcNMjMwNTAzMTcyMDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjljZmEzYzFlMjQzZTU5ODI2OTFiNDI2M2FkNmNkNzRmNjhkMmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0bqqinyTfniqGXluOzLZ+melEOK
kYqg9/FoSG2WgVAjUmpkdsWlZ0lKxnLqjDycQacVmb6tQh+RG1ToVIurUIKcNbhz
6uhHLOgHo87E87Xp9zQSgDjVDmKWNs0cNJmc0nClgZpxql1l3iuf9wEBDZjzo9RX
Pj7cpxqwI08myJlbKN4qaVCknxX2EGiP8hDlxZwzxlusSEkK4dVqJGPRMhu5QDpP
XjAnjTRbX90jgxOT88CUeZvJz0FWj8+Q7pG83X8/ZsZUmwh82vNGWop0YU2DSkor
4mpsuZ1Tro2eRg1ivLTifK/X19RSMc4AczPfXJb3PYaxYqYgevuKrucuQQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNac+jweJD5ZgmkbQmOtbNdPaNLBMB8GA1UdIwQY
MBaAFHPGnQRYNQDF74ETaDEjdZPgu4bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQt
ZjljYjBhN2IyMDZjLzEvMXB6NlBCNGtQbG1DYVJ0Q1k2MXMxMDlvMHNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQtZjljYjBhN2IyMDZj
LzEvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgUQhzAN
BgkqhkiG9w0BAQsFAAOCAQEANxjKQaM4tTfOOgiwYnnFTTUX+7M6GhsZqsONl4wz
z+6XDkzO+1gIAn6g2yRUulpj21PuqLbmp2JsYb9cG6idhQlQBKJA5voYivEaBGFa
RzVStSsrMbKxphtGmptEDvxVy7oNClo2+sSJxELjULQiAlpMC0zcsL31r3PlzhFz
z6AaeeG4xjXd7eXK+7nYyfNZpCVAv9a+d8fUq249tvSfUkQznQ8mXZafdDQpi2ju
oE9HFP+IEhAvd7yyo9Z0s+S2u7lXDquN2C4ZTzRQlFGO7LesJWHDn0Phw99PSHEh
RtmmmnwOakjeQ7sZEovlI9m/34bWPOhwLRFLLfbh+JdLLA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:39 2024 by rpki-client on console-fra.rpki-client.org