Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/63e305-46e6-4363-8733-7d948dba5e3c/1/8EtqCJ3vKma1X05V1otLUgsiyIo.roa
File:                     8EtqCJ3vKma1X05V1otLUgsiyIo.roa (raw, json)
Hash identifier:          usyJV0qmSYS/Rk0BJJaxC6AVRT7LvhYUbHgyNUdrJc4=
Subject key identifier:   F0:4B:6A:08:9D:EF:2A:66:B5:5F:4E:55:D6:8B:4B:52:0B:22:C8:8A
Certificate issuer:       /CN=63c1b9ffe98672bf62f487f47dafea30f5bef09c
Certificate serial:       01857102F36DC318F2BF70E1468D39B539B5
Authority key identifier: 63:C1:B9:FF:E9:86:72:BF:62:F4:87:F4:7D:AF:EA:30:F5:BE:F0:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y8G5_-mGcr9i9If0fa_qMPW-8Jw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/63e305-46e6-4363-8733-7d948dba5e3c/1/8EtqCJ3vKma1X05V1otLUgsiyIo.roa
Signing time:             Mon 02 Jan 2023 05:44:56 +0000
ROA not before:           Mon 02 Jan 2023 05:44:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39702
IP address blocks:        2001:678:a9c::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:02:f3:6d:c3:18:f2:bf:70:e1:46:8d:39:b5:39:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63c1b9ffe98672bf62f487f47dafea30f5bef09c
        Validity
            Not Before: Jan  2 05:44:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f04b6a089def2a66b55f4e55d68b4b520b22c88a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ae:54:71:d7:4f:33:26:0a:d7:4a:05:4b:92:
                    06:18:15:7f:e3:63:64:fd:f3:81:af:fc:84:30:8f:
                    6f:b7:92:41:41:2a:67:20:93:e1:34:2b:53:67:18:
                    b8:86:46:87:9a:65:a4:d8:fe:ff:bb:92:57:4a:6c:
                    09:49:7e:0d:a5:6c:e5:26:4d:bf:b3:4b:01:83:c0:
                    61:77:4d:38:d2:05:40:88:91:f2:f3:25:4e:ee:c7:
                    3b:4e:ca:6d:29:6f:a2:3f:43:61:35:78:ab:3c:3a:
                    56:49:97:ab:68:04:ba:a3:84:9d:d2:df:9d:5a:c4:
                    f4:fc:d6:42:e2:63:6a:ca:18:33:51:ab:78:8b:9c:
                    82:90:1d:99:e2:cc:39:08:9c:8b:40:9d:e7:e6:e2:
                    76:a6:76:ec:1e:4c:50:76:c7:a9:16:30:b4:c0:28:
                    4b:cc:30:72:d1:7d:74:85:14:1c:29:19:7e:f6:5d:
                    23:4a:8f:ed:bd:5c:78:b0:c8:fa:a1:ee:6b:52:df:
                    55:95:9a:f0:cc:dd:f4:9a:ee:f6:15:35:3e:8a:1d:
                    6e:f8:aa:df:73:bd:3f:e8:68:ef:db:d4:17:03:3c:
                    76:65:5b:f5:da:bf:68:cc:34:f2:f2:a5:a9:73:d4:
                    22:00:24:e9:05:e0:9e:ae:44:2e:bc:64:ce:f8:fd:
                    3b:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:4B:6A:08:9D:EF:2A:66:B5:5F:4E:55:D6:8B:4B:52:0B:22:C8:8A
            X509v3 Authority Key Identifier:
                keyid:63:C1:B9:FF:E9:86:72:BF:62:F4:87:F4:7D:AF:EA:30:F5:BE:F0:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y8G5_-mGcr9i9If0fa_qMPW-8Jw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/63e305-46e6-4363-8733-7d948dba5e3c/1/8EtqCJ3vKma1X05V1otLUgsiyIo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/63e305-46e6-4363-8733-7d948dba5e3c/1/Y8G5_-mGcr9i9If0fa_qMPW-8Jw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:a9c::/48

    Signature Algorithm: sha256WithRSAEncryption
         91:25:ff:0c:b5:ec:fb:57:aa:1b:97:bc:ca:55:c1:9d:a2:68:
         40:c0:df:eb:c1:94:8d:8c:4e:84:e5:a2:67:85:fa:77:6a:3a:
         d0:f7:63:f4:c7:d7:b6:a3:88:28:d9:48:d1:4e:57:a2:db:3f:
         e0:00:17:d5:c6:a4:30:eb:9d:b0:ee:0a:1e:ac:5e:ae:07:d4:
         1f:48:24:64:97:57:c6:37:1a:1c:db:cd:c4:36:ca:44:57:d5:
         6d:81:17:d1:81:4d:e7:c6:5a:a6:99:d3:8f:46:ab:d2:70:0e:
         82:35:23:63:cc:a8:9e:98:ce:ac:ee:da:ce:96:79:37:ec:4b:
         51:7a:5d:08:03:82:76:fb:be:2a:c8:8e:a3:7b:6f:5e:a0:33:
         ce:b9:cb:11:66:14:57:01:94:9b:72:64:54:ab:ca:05:bc:31:
         e9:b7:de:00:1d:0b:d6:09:01:3a:4d:d0:ba:58:2e:0a:cf:31:
         e2:ca:12:37:fb:ae:e8:64:86:90:f3:4d:db:d6:bc:79:55:13:
         68:b4:58:6d:25:55:2d:44:b0:34:7e:88:be:dd:f1:c8:80:74:
         57:ee:e0:8b:0a:85:62:2d:a9:48:69:61:4c:69:e3:ed:24:df:
         95:73:17:50:6f:a3:e3:90:8d:24:ab:f6:5c:1f:30:72:14:93:
         aa:07:77:ee
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxAvNtwxjyv3DhRo05tTm1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYzFiOWZmZTk4NjcyYmY2MmY0ODdmNDdkYWZlYTMwZjVi
ZWYwOWMwHhcNMjMwMTAyMDU0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDRiNmEwODlkZWYyYTY2YjU1ZjRlNTVkNjhiNGI1MjBiMjJjODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArq5UcddPMyYK10oFS5IGGBV/42Nk
/fOBr/yEMI9vt5JBQSpnIJPhNCtTZxi4hkaHmmWk2P7/u5JXSmwJSX4NpWzlJk2/
s0sBg8Bhd0040gVAiJHy8yVO7sc7TsptKW+iP0NhNXirPDpWSZeraAS6o4Sd0t+d
WsT0/NZC4mNqyhgzUat4i5yCkB2Z4sw5CJyLQJ3n5uJ2pnbsHkxQdsepFjC0wChL
zDBy0X10hRQcKRl+9l0jSo/tvVx4sMj6oe5rUt9VlZrwzN30mu72FTU+ih1u+Krf
c70/6Gjv29QXAzx2ZVv12r9ozDTy8qWpc9QiACTpBeCerkQuvGTO+P07cwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPBLagid7ypmtV9OVdaLS1ILIsiKMB8GA1UdIwQY
MBaAFGPBuf/phnK/YvSH9H2v6jD1vvCcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWThHNV8tbUdjcjlpOUlmMGZhX3FNUFctOEp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82M2UzMDUtNDZlNi00MzYzLTg3MzMt
N2Q5NDhkYmE1ZTNjLzEvOEV0cUNKM3ZLbWExWDA1VjFvdExVZ3NpeUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82M2UzMDUtNDZlNi00MzYzLTg3MzMtN2Q5NDhkYmE1ZTNj
LzEvWThHNV8tbUdjcjlpOUlmMGZhX3FNUFctOEp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAqc
MA0GCSqGSIb3DQEBCwUAA4IBAQCRJf8Mtez7V6obl7zKVcGdomhAwN/rwZSNjE6E
5aJnhfp3ajrQ92P0x9e2o4go2UjRTlei2z/gABfVxqQw652w7goerF6uB9QfSCRk
l1fGNxoc283ENspEV9VtgRfRgU3nxlqmmdOPRqvScA6CNSNjzKiemM6s7trOlnk3
7EtRel0IA4J2+74qyI6je29eoDPOucsRZhRXAZSbcmRUq8oFvDHpt94AHQvWCQE6
TdC6WC4KzzHiyhI3+67oZIaQ803b1rx5VRNotFhtJVUtRLA0foi+3fHIgHRX7uCL
CoViLalIaWFMaePtJN+VcxdQb6PjkI0kq/ZcHzByFJOqB3fu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:22 2024 by rpki-client on console-fra.rpki-client.org