Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/VlXvsT5QrzzhCVcCsfOrh4Geu4s.roa
File:                     VlXvsT5QrzzhCVcCsfOrh4Geu4s.roa (raw, json)
Hash identifier:          AgWGZqUGJDttLESrCreiYDc07kKEbmSVybYlUoG6hfo=
Subject key identifier:   56:55:EF:B1:3E:50:AF:3C:E1:09:57:02:B1:F3:AB:87:81:9E:BB:8B
Certificate issuer:       /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial:       018C5BC80CEE75B8B244EA6A1C614C6520B8
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/VlXvsT5QrzzhCVcCsfOrh4Geu4s.roa
Signing time:             Tue 12 Dec 2023 02:08:06 +0000
ROA not before:           Tue 12 Dec 2023 02:08:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199684
IP address blocks:        2a0d:2683:2::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:5b:c8:0c:ee:75:b8:b2:44:ea:6a:1c:61:4c:65:20:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
        Validity
            Not Before: Dec 12 02:08:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5655efb13e50af3ce1095702b1f3ab87819ebb8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:a5:dc:0f:db:8c:bf:53:0f:48:96:31:b0:9b:
                    4d:1b:4c:10:c5:a9:59:6f:68:66:ed:58:13:42:e2:
                    a9:89:84:d5:bf:43:bc:4c:b6:5f:02:d8:42:f6:63:
                    4c:8f:15:6c:46:22:87:f0:75:8a:07:88:0f:44:fe:
                    18:35:95:40:79:27:77:5e:41:38:41:e6:c3:b1:1f:
                    79:05:e1:c5:ab:a7:80:3f:39:c6:d3:7b:b9:a8:bd:
                    7f:a8:19:d4:37:ae:f0:73:89:62:36:5d:2d:a8:2b:
                    72:16:18:bf:ae:0a:d8:b7:84:c9:d3:68:2d:c9:9a:
                    ad:18:f4:bc:0c:c3:f6:ad:c2:ca:2b:48:4b:d6:9f:
                    72:3b:41:48:3d:03:fb:54:69:db:8b:3f:8e:75:a1:
                    86:ea:81:e5:f5:57:07:5b:bc:7f:70:9e:79:96:11:
                    2b:ed:d3:48:ed:4f:6b:4b:ac:96:d8:58:b8:6b:ca:
                    55:bb:ba:99:2f:70:d7:ea:2c:f6:48:14:33:a6:ff:
                    ee:c4:23:ae:cb:dd:3b:d4:12:3b:f1:32:c1:7e:dc:
                    3d:13:70:1a:60:80:e2:47:67:7b:9f:23:4a:2b:6b:
                    4f:67:2a:fc:e1:38:04:00:c6:93:70:f0:94:7f:89:
                    2a:3e:51:c8:0b:84:3f:c8:dc:a8:ac:fa:15:cc:a0:
                    be:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:55:EF:B1:3E:50:AF:3C:E1:09:57:02:B1:F3:AB:87:81:9E:BB:8B
            X509v3 Authority Key Identifier:
                keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/VlXvsT5QrzzhCVcCsfOrh4Geu4s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:2683:2::/48

    Signature Algorithm: sha256WithRSAEncryption
         bc:17:ad:c2:37:ef:2c:a8:99:69:ad:c8:67:5e:ff:9e:f4:34:
         bf:63:11:5f:04:cb:72:de:51:db:60:eb:e6:20:b0:17:d3:2f:
         d5:f5:ad:4f:57:16:6f:f5:1e:f2:b5:7b:a7:97:e5:01:5f:11:
         2f:1a:ee:0a:38:da:0a:ea:ab:06:20:73:9c:06:0d:09:20:b5:
         18:0f:86:bb:07:18:85:18:0b:05:e7:08:30:27:d6:19:08:80:
         38:f7:f9:03:3c:20:ba:b9:46:c5:0e:ac:59:c0:c1:2c:c2:65:
         c6:71:cd:2c:ba:b8:6b:9e:cf:87:2a:ed:27:35:9e:19:a3:d4:
         97:e7:91:9c:fb:48:c9:98:9b:8c:73:42:1c:b9:cf:c2:79:54:
         cd:39:e3:f1:63:7c:8d:7d:04:03:8d:85:09:2c:a0:a3:78:a8:
         00:c7:6d:1d:0e:b9:96:23:ea:04:71:cc:dd:41:38:5f:a0:0e:
         2c:12:4b:a2:ff:43:e3:d4:b2:a7:85:c3:12:ac:97:01:78:bb:
         fe:87:4d:53:ea:f1:94:82:a4:2c:8e:ca:c6:14:25:df:3d:7b:
         70:19:45:fd:84:83:1a:b7:cc:90:b5:ac:88:a0:28:9f:a2:14:
         24:f9:92:98:8b:48:37:92:c6:46:9f:30:06:0c:e3:47:01:e3:
         f2:bf:a9:5e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYxbyAzudbiyROpqHGFMZSC4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYzY5ZDA0NTgzNTAwYzVlZjgxMTM2ODMxMjM3NTkzZTBi
Yjg2Y2UwHhcNMjMxMjEyMDIwODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjU1ZWZiMTNlNTBhZjNjZTEwOTU3MDJiMWYzYWI4NzgxOWViYjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaXcD9uMv1MPSJYxsJtNG0wQxalZ
b2hm7VgTQuKpiYTVv0O8TLZfAthC9mNMjxVsRiKH8HWKB4gPRP4YNZVAeSd3XkE4
QebDsR95BeHFq6eAPznG03u5qL1/qBnUN67wc4liNl0tqCtyFhi/rgrYt4TJ02gt
yZqtGPS8DMP2rcLKK0hL1p9yO0FIPQP7VGnbiz+OdaGG6oHl9VcHW7x/cJ55lhEr
7dNI7U9rS6yW2Fi4a8pVu7qZL3DX6iz2SBQzpv/uxCOuy9071BI78TLBftw9E3Aa
YIDiR2d7nyNKK2tPZyr84TgEAMaTcPCUf4kqPlHIC4Q/yNyorPoVzKC+FwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFZV77E+UK884QlXArHzq4eBnruLMB8GA1UdIwQY
MBaAFHPGnQRYNQDF74ETaDEjdZPgu4bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQt
ZjljYjBhN2IyMDZjLzEvVmxYdnNUNVFyenpoQ1ZjQ3NmT3JoNEdldTRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQtZjljYjBhN2IyMDZj
LzEvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg0mgwAC
MA0GCSqGSIb3DQEBCwUAA4IBAQC8F63CN+8sqJlprchnXv+e9DS/YxFfBMty3lHb
YOvmILAX0y/V9a1PVxZv9R7ytXunl+UBXxEvGu4KONoK6qsGIHOcBg0JILUYD4a7
BxiFGAsF5wgwJ9YZCIA49/kDPCC6uUbFDqxZwMEswmXGcc0surhrns+HKu0nNZ4Z
o9SX55Gc+0jJmJuMc0Icuc/CeVTNOePxY3yNfQQDjYUJLKCjeKgAx20dDrmWI+oE
cczdQThfoA4sEkui/0Pj1LKnhcMSrJcBeLv+h01T6vGUgqQsjsrGFCXfPXtwGUX9
hIMat8yQtayIoCifohQk+ZKYi0g3ksZGnzAGDONHAePyv6le
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:39 2024 by rpki-client on console-fra.rpki-client.org