Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/8iF7i3K3TGgKZUwshoUQw3JrbrQ.roa
File:                     8iF7i3K3TGgKZUwshoUQw3JrbrQ.roa (raw, json)
Hash identifier:          ukJuY2LNz9JbFD8wdQwYRhYf3iXzF7MpXPH/rgQoEnU=
Subject key identifier:   F2:21:7B:8B:72:B7:4C:68:0A:65:4C:2C:86:85:10:C3:72:6B:6E:B4
Certificate issuer:       /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial:       01856C4172DBBD6848C191830DBC95E68363
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/8iF7i3K3TGgKZUwshoUQw3JrbrQ.roa
Signing time:             Sun 01 Jan 2023 07:35:06 +0000
ROA not before:           Sun 01 Jan 2023 07:35:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210934
IP address blocks:        2a0d:2686::/32 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:41:72:db:bd:68:48:c1:91:83:0d:bc:95:e6:83:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
        Validity
            Not Before: Jan  1 07:35:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f2217b8b72b74c680a654c2c868510c3726b6eb4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:af:db:bb:1f:de:2b:9e:82:cd:9b:50:5f:88:
                    7c:e5:67:2d:a7:58:9c:14:0d:1d:c4:68:2e:4e:0e:
                    2a:71:a3:89:91:11:23:de:22:41:32:bc:02:30:c3:
                    98:cb:a8:cb:46:fe:83:e4:6d:92:15:14:e9:09:f9:
                    e4:df:af:27:7f:83:62:39:a3:0a:15:f2:e7:e7:0a:
                    55:39:c0:86:eb:fb:83:f6:5c:51:ae:6b:86:bb:94:
                    36:b8:ca:c8:d0:7d:b0:15:3d:13:3d:b9:63:30:ee:
                    45:33:f6:b9:06:ff:7c:bd:18:af:fb:4a:c4:53:65:
                    d7:85:42:a4:f0:da:8c:65:2f:9a:35:51:e9:12:f4:
                    89:ff:54:b9:f1:1a:85:c0:b8:22:c4:68:04:7c:9f:
                    5b:43:0d:d3:b4:50:9b:0f:61:4f:39:29:6b:e6:bf:
                    51:cf:88:6f:79:76:80:cc:42:21:83:7c:c5:89:9d:
                    9d:97:1e:9f:9b:e9:4b:29:b1:7d:bf:50:da:f5:8c:
                    18:9e:88:b0:5c:b3:af:a1:b7:1f:c7:23:32:08:e7:
                    0a:2d:4f:26:8f:ac:c5:c2:9c:b5:77:59:e2:c9:0e:
                    00:38:22:06:f5:d1:8c:0d:41:45:14:b7:6a:52:53:
                    98:b2:39:9d:3d:75:83:95:02:d6:e7:c9:f8:65:2a:
                    4b:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:21:7B:8B:72:B7:4C:68:0A:65:4C:2C:86:85:10:C3:72:6B:6E:B4
            X509v3 Authority Key Identifier:
                keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/8iF7i3K3TGgKZUwshoUQw3JrbrQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:2686::/32

    Signature Algorithm: sha256WithRSAEncryption
         05:6d:b4:88:8e:eb:46:ee:b1:22:e7:e0:67:dd:37:7e:d6:1e:
         ab:30:b0:83:00:e7:2a:21:50:12:83:61:a9:a7:b1:16:56:4d:
         b0:65:88:ae:b1:0d:17:c1:dd:f1:59:4b:32:15:fa:16:da:7b:
         73:6d:80:30:f2:36:8c:e1:0e:ee:62:e9:ce:e8:30:38:9a:dd:
         a9:3e:43:4c:84:38:b4:a9:53:33:5c:52:c1:9f:e2:1c:83:d7:
         18:33:8d:6b:ae:99:c5:2b:2c:86:f2:f0:d6:61:cb:2b:b2:61:
         d0:18:73:72:01:62:9b:94:6d:88:fd:25:97:b5:2e:5f:1d:b1:
         6a:f0:bf:5e:c4:a0:f5:15:81:51:c3:7e:d3:f4:f8:c6:e0:36:
         12:c7:98:2b:a3:e6:44:6b:51:95:69:b8:e3:c5:c6:54:8f:c4:
         2d:64:62:62:d8:7b:80:ac:9d:67:26:29:f9:8c:57:3f:55:ca:
         67:75:c7:c8:d8:d8:90:d3:3b:37:e2:01:10:5e:d8:bc:0a:93:
         4f:52:a9:6a:2d:d6:68:4d:81:d7:66:00:ac:a0:d2:54:2b:06:
         72:8f:8c:5e:e1:3e:6d:f1:57:fd:a4:38:26:6b:50:5b:ea:29:
         aa:1f:37:b9:89:ba:1e:fe:ca:22:99:b0:b4:d7:33:37:2c:f0:
         d8:be:ae:a9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVsQXLbvWhIwZGDDbyV5oNjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYzY5ZDA0NTgzNTAwYzVlZjgxMTM2ODMxMjM3NTkzZTBi
Yjg2Y2UwHhcNMjMwMTAxMDczNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjIxN2I4YjcyYjc0YzY4MGE2NTRjMmM4Njg1MTBjMzcyNmI2ZWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAga/bux/eK56CzZtQX4h85Wctp1ic
FA0dxGguTg4qcaOJkREj3iJBMrwCMMOYy6jLRv6D5G2SFRTpCfnk368nf4NiOaMK
FfLn5wpVOcCG6/uD9lxRrmuGu5Q2uMrI0H2wFT0TPbljMO5FM/a5Bv98vRiv+0rE
U2XXhUKk8NqMZS+aNVHpEvSJ/1S58RqFwLgixGgEfJ9bQw3TtFCbD2FPOSlr5r9R
z4hveXaAzEIhg3zFiZ2dlx6fm+lLKbF9v1Da9YwYnoiwXLOvobcfxyMyCOcKLU8m
j6zFwpy1d1niyQ4AOCIG9dGMDUFFFLdqUlOYsjmdPXWDlQLW58n4ZSpL5QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPIhe4tyt0xoCmVMLIaFEMNya260MB8GA1UdIwQY
MBaAFHPGnQRYNQDF74ETaDEjdZPgu4bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQt
ZjljYjBhN2IyMDZjLzEvOGlGN2kzSzNUR2dLWlV3c2hvVVF3M0pyYnJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQtZjljYjBhN2IyMDZj
LzEvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg0mhjAN
BgkqhkiG9w0BAQsFAAOCAQEABW20iI7rRu6xIufgZ903ftYeqzCwgwDnKiFQEoNh
qaexFlZNsGWIrrENF8Hd8VlLMhX6Ftp7c22AMPI2jOEO7mLpzugwOJrdqT5DTIQ4
tKlTM1xSwZ/iHIPXGDONa66ZxSsshvLw1mHLK7Jh0BhzcgFim5RtiP0ll7UuXx2x
avC/XsSg9RWBUcN+0/T4xuA2EseYK6PmRGtRlWm448XGVI/ELWRiYth7gKydZyYp
+YxXP1XKZ3XHyNjYkNM7N+IBEF7YvAqTT1Kpai3WaE2B12YArKDSVCsGco+MXuE+
bfFX/aQ4JmtQW+opqh83uYm6Hv7KIpmwtNczNyzw2L6uqQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:39 2024 by rpki-client on console-fra.rpki-client.org