Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d800be-4acf-49f2-969d-db227c496804/1/ILaMLWDY9p0xxRnXtrDf-k7pGwM.roa
File:                     ILaMLWDY9p0xxRnXtrDf-k7pGwM.roa (raw, json)
Hash identifier:          ilbxJx+bLBBuRn8brbyeLQ/Va2F5Nno7sFFXs36yt2w=
Subject key identifier:   20:B6:8C:2D:60:D8:F6:9D:31:C5:19:D7:B6:B0:DF:FA:4E:E9:1B:03
Certificate issuer:       /CN=89bd54e7d69c147d6b56f8c6a209d3deaea277dd
Certificate serial:       01856CE637CFCFDE4640BA1E41DCA5E907F6
Authority key identifier: 89:BD:54:E7:D6:9C:14:7D:6B:56:F8:C6:A2:09:D3:DE:AE:A2:77:DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ib1U59acFH1rVvjGognT3q6id90.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/d800be-4acf-49f2-969d-db227c496804/1/ILaMLWDY9p0xxRnXtrDf-k7pGwM.roa
Signing time:             Sun 01 Jan 2023 10:35:04 +0000
ROA not before:           Sun 01 Jan 2023 10:35:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        2001:678:f64::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e6:37:cf:cf:de:46:40:ba:1e:41:dc:a5:e9:07:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89bd54e7d69c147d6b56f8c6a209d3deaea277dd
        Validity
            Not Before: Jan  1 10:35:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=20b68c2d60d8f69d31c519d7b6b0dffa4ee91b03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:fe:ad:e2:21:cc:f2:39:c1:40:6a:cb:39:4a:
                    37:a1:a3:39:4d:ee:25:35:10:31:5d:a9:5c:4b:47:
                    48:39:16:12:a5:1a:3c:5c:10:7b:6b:a7:d2:4d:2e:
                    ea:32:bf:31:b3:6c:26:8b:dc:7d:29:d2:2d:39:9f:
                    89:0a:71:63:17:f3:a3:36:51:8a:12:f2:7e:f9:a1:
                    7e:64:50:d2:e0:56:76:65:46:7b:08:52:0e:e5:21:
                    66:8a:6f:9a:d9:8b:6f:39:06:cd:10:a2:65:c2:24:
                    12:aa:05:f5:27:33:73:9b:8e:f6:b4:da:b5:b3:28:
                    00:04:85:81:e2:00:64:01:d6:5b:76:aa:fb:58:5f:
                    3a:b7:48:3a:ff:0a:03:fa:27:12:2b:53:9b:b0:3a:
                    a4:68:26:cc:e7:8e:76:a7:16:73:54:40:88:b7:69:
                    01:60:74:05:34:df:68:ed:10:83:67:4d:a9:35:a3:
                    9e:c9:a8:0b:71:d6:53:da:59:5d:7a:0d:f0:f0:d0:
                    a9:6f:38:4b:0b:6b:c9:13:00:01:c6:cf:1e:47:e2:
                    12:a3:78:df:3e:83:94:d5:c8:1a:99:5e:1f:e6:6b:
                    cb:e0:34:cc:dc:be:31:99:2e:e4:02:bf:8d:9c:20:
                    e6:94:2a:4c:95:de:1d:71:21:98:a3:62:50:0f:a9:
                    de:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:B6:8C:2D:60:D8:F6:9D:31:C5:19:D7:B6:B0:DF:FA:4E:E9:1B:03
            X509v3 Authority Key Identifier:
                keyid:89:BD:54:E7:D6:9C:14:7D:6B:56:F8:C6:A2:09:D3:DE:AE:A2:77:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ib1U59acFH1rVvjGognT3q6id90.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d800be-4acf-49f2-969d-db227c496804/1/ILaMLWDY9p0xxRnXtrDf-k7pGwM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d800be-4acf-49f2-969d-db227c496804/1/ib1U59acFH1rVvjGognT3q6id90.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:f64::/48

    Signature Algorithm: sha256WithRSAEncryption
         e2:3b:00:0c:fa:8a:e3:48:bf:f3:20:38:23:d1:d7:06:60:9f:
         d8:cb:6d:82:63:da:91:7e:7c:f1:85:58:3c:9e:0d:2a:6f:cc:
         14:0f:e7:b9:2d:c5:5d:99:b2:d1:99:90:1b:46:50:e1:f9:ba:
         45:f3:e3:33:a4:74:82:5d:37:8c:c2:5a:3d:ce:c0:eb:6e:75:
         9e:c8:26:96:f5:d7:b6:3a:04:63:9e:3e:e7:6b:9d:4e:ec:be:
         a7:5a:ee:d0:53:93:59:a2:9a:e3:dd:26:a7:51:f8:e8:d1:4b:
         a5:07:63:8a:70:a5:fa:fb:d9:66:d0:14:26:36:12:dc:2f:08:
         d7:9b:56:85:68:1a:d4:86:c7:53:3e:78:54:07:60:5f:ba:b2:
         53:0f:84:61:64:37:02:4b:13:d5:4a:47:61:0f:92:d1:45:a7:
         a5:05:80:28:5c:5d:fd:0c:5e:81:e3:ad:6f:cf:9f:12:8f:0a:
         b5:48:9b:98:2e:fe:1c:28:53:b3:5f:a5:f9:f8:18:d8:57:ee:
         78:69:5d:3f:d0:2d:80:ed:eb:96:d6:88:b7:38:21:e7:8b:4f:
         f4:49:64:68:88:41:33:3a:d8:35:94:79:33:fc:d3:7c:b6:ab:
         45:c0:15:08:23:32:3a:9d:e1:a6:53:da:e8:af:d3:83:2a:15:
         4d:26:d8:07
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVs5jfPz95GQLoeQdyl6Qf2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YmQ1NGU3ZDY5YzE0N2Q2YjU2ZjhjNmEyMDlkM2RlYWVh
Mjc3ZGQwHhcNMjMwMTAxMTAzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGI2OGMyZDYwZDhmNjlkMzFjNTE5ZDdiNmIwZGZmYTRlZTkxYjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlv6t4iHM8jnBQGrLOUo3oaM5Te4l
NRAxXalcS0dIORYSpRo8XBB7a6fSTS7qMr8xs2wmi9x9KdItOZ+JCnFjF/OjNlGK
EvJ++aF+ZFDS4FZ2ZUZ7CFIO5SFmim+a2YtvOQbNEKJlwiQSqgX1JzNzm472tNq1
sygABIWB4gBkAdZbdqr7WF86t0g6/woD+icSK1ObsDqkaCbM5452pxZzVECIt2kB
YHQFNN9o7RCDZ02pNaOeyagLcdZT2lldeg3w8NCpbzhLC2vJEwABxs8eR+ISo3jf
PoOU1cgamV4f5mvL4DTM3L4xmS7kAr+NnCDmlCpMld4dcSGYo2JQD6nexQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCC2jC1g2PadMcUZ17aw3/pO6RsDMB8GA1UdIwQY
MBaAFIm9VOfWnBR9a1b4xqIJ096uonfdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWIxVTU5YWNGSDFyVnZqR29nblQzcTZpZDkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kODAwYmUtNGFjZi00OWYyLTk2OWQt
ZGIyMjdjNDk2ODA0LzEvSUxhTUxXRFk5cDB4eFJuWHRyRGYtazdwR3dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kODAwYmUtNGFjZi00OWYyLTk2OWQtZGIyMjdjNDk2ODA0
LzEvaWIxVTU5YWNGSDFyVnZqR29nblQzcTZpZDkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA9k
MA0GCSqGSIb3DQEBCwUAA4IBAQDiOwAM+orjSL/zIDgj0dcGYJ/Yy22CY9qRfnzx
hVg8ng0qb8wUD+e5LcVdmbLRmZAbRlDh+bpF8+MzpHSCXTeMwlo9zsDrbnWeyCaW
9de2OgRjnj7na51O7L6nWu7QU5NZoprj3SanUfjo0UulB2OKcKX6+9lm0BQmNhLc
LwjXm1aFaBrUhsdTPnhUB2BfurJTD4RhZDcCSxPVSkdhD5LRRaelBYAoXF39DF6B
461vz58Sjwq1SJuYLv4cKFOzX6X5+BjYV+54aV0/0C2A7euW1oi3OCHni0/0SWRo
iEEzOtg1lHkz/NN8tqtFwBUIIzI6neGmU9ror9ODKhVNJtgH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:33 2024 by rpki-client on console-fra.rpki-client.org