Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/066da9-995e-48f2-b9f1-801cab720edb/1/juzTBcfiziS7yaK24BaUjeRY17U.roa
File:                     juzTBcfiziS7yaK24BaUjeRY17U.roa (raw, json)
Hash identifier:          l+qBijfoYcZ76jljb6KGeNSyNcZvHPVuTsjH5fz49Go=
Subject key identifier:   8E:EC:D3:05:C7:E2:CE:24:BB:C9:A2:B6:E0:16:94:8D:E4:58:D7:B5
Certificate issuer:       /CN=efa4772463cdbe12b73b16ad0d2516f07d63830d
Certificate serial:       01856BEED3A0B6580C515714BE86087865A5
Authority key identifier: EF:A4:77:24:63:CD:BE:12:B7:3B:16:AD:0D:25:16:F0:7D:63:83:0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/76R3JGPNvhK3OxatDSUW8H1jgw0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/066da9-995e-48f2-b9f1-801cab720edb/1/juzTBcfiziS7yaK24BaUjeRY17U.roa
Signing time:             Sun 01 Jan 2023 06:04:51 +0000
ROA not before:           Sun 01 Jan 2023 06:04:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15404
IP address blocks:        2001:67c:2ea0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Fri 23 Jun 2023 07:26:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:ee:d3:a0:b6:58:0c:51:57:14:be:86:08:78:65:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=efa4772463cdbe12b73b16ad0d2516f07d63830d
        Validity
            Not Before: Jan  1 06:04:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8eecd305c7e2ce24bbc9a2b6e016948de458d7b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:dc:8a:a4:a9:d6:da:42:7c:b0:0f:7f:3b:2c:
                    c5:d6:c5:f9:11:ad:3b:32:5e:ef:79:85:9c:58:81:
                    f4:b7:42:99:c5:86:62:30:42:b5:b9:e5:16:d6:da:
                    3a:26:cd:22:32:54:ff:2b:6b:8f:e5:43:f3:41:9a:
                    6a:da:1b:b5:9c:12:fd:e3:ce:59:85:f9:22:de:26:
                    86:c6:a1:76:8b:36:3e:d4:f3:32:89:fe:d6:70:93:
                    78:56:1f:36:5d:8e:bf:1a:64:af:a4:9e:f1:e2:5d:
                    0f:24:cc:1c:e2:b9:a8:ac:fd:c1:3a:ad:9d:7c:35:
                    9a:53:bb:0e:44:cf:45:a4:0b:95:2b:19:01:c9:f0:
                    1e:c2:77:da:a6:f8:92:34:a7:03:ca:51:c7:c9:8e:
                    e0:8d:10:ff:a8:6b:dc:1a:f6:88:21:5c:99:8c:72:
                    f3:96:05:c9:6b:5a:f5:0f:ba:6f:88:e2:b3:68:ee:
                    23:93:f4:ed:fa:04:81:11:f1:be:fc:78:36:fc:c4:
                    d0:f1:15:5c:a1:30:0e:78:74:98:5d:fe:af:86:c6:
                    53:30:68:4e:b2:b2:38:2e:b2:3e:34:12:f7:87:a6:
                    d0:2b:cb:be:76:12:76:cd:d1:83:db:53:75:12:b3:
                    63:79:f3:2b:a3:5b:49:6b:d5:ee:48:0f:68:3e:70:
                    68:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:EC:D3:05:C7:E2:CE:24:BB:C9:A2:B6:E0:16:94:8D:E4:58:D7:B5
            X509v3 Authority Key Identifier:
                keyid:EF:A4:77:24:63:CD:BE:12:B7:3B:16:AD:0D:25:16:F0:7D:63:83:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76R3JGPNvhK3OxatDSUW8H1jgw0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/066da9-995e-48f2-b9f1-801cab720edb/1/juzTBcfiziS7yaK24BaUjeRY17U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/066da9-995e-48f2-b9f1-801cab720edb/1/76R3JGPNvhK3OxatDSUW8H1jgw0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:2ea0::/48

    Signature Algorithm: sha256WithRSAEncryption
         09:e9:32:82:ec:14:15:cc:e8:5d:d2:05:5e:28:69:1c:e1:f9:
         3b:41:17:80:94:8e:8f:1b:12:7f:00:9c:b4:81:57:d9:7d:fb:
         ba:dc:77:94:2c:e1:74:57:af:88:64:4b:14:21:a4:90:57:8a:
         61:87:f3:b7:a1:83:3d:c2:f4:d4:e1:26:b6:38:89:b6:cc:62:
         8e:4b:54:8b:29:e2:a4:d9:da:d7:19:6f:be:25:96:84:91:d5:
         fe:ae:08:0e:11:d5:27:f6:99:bd:5b:2a:aa:60:79:be:ef:3a:
         7a:b3:51:7c:77:d5:a5:e4:91:c3:95:66:5f:71:da:f4:f6:db:
         90:4d:0e:42:3f:95:74:e8:ba:4e:21:34:81:d5:ca:a7:94:79:
         fe:cf:dc:37:66:3b:d8:ef:94:39:96:4c:96:b3:05:24:7e:38:
         4c:77:9a:87:0a:72:3d:6d:98:58:2a:5c:54:c3:bc:bf:e4:ba:
         16:fb:3c:f6:7a:24:a0:67:4b:e9:f3:af:2c:dd:2f:93:fb:fb:
         d4:ce:f5:9c:55:44:76:93:99:e7:a9:41:6f:1c:91:c2:7a:c9:
         a4:83:cc:9b:21:aa:ac:85:58:d2:0e:0e:ed:a6:f1:55:93:82:
         62:5c:a0:da:1f:27:44:03:6c:ac:bb:5f:2d:f4:06:13:1a:9c:
         b3:da:d1:55
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVr7tOgtlgMUVcUvoYIeGWlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYTQ3NzI0NjNjZGJlMTJiNzNiMTZhZDBkMjUxNmYwN2Q2
MzgzMGQwHhcNMjMwMTAxMDYwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWVjZDMwNWM3ZTJjZTI0YmJjOWEyYjZlMDE2OTQ4ZGU0NThkN2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldyKpKnW2kJ8sA9/OyzF1sX5Ea07
Ml7veYWcWIH0t0KZxYZiMEK1ueUW1to6Js0iMlT/K2uP5UPzQZpq2hu1nBL9485Z
hfki3iaGxqF2izY+1PMyif7WcJN4Vh82XY6/GmSvpJ7x4l0PJMwc4rmorP3BOq2d
fDWaU7sORM9FpAuVKxkByfAewnfapviSNKcDylHHyY7gjRD/qGvcGvaIIVyZjHLz
lgXJa1r1D7pviOKzaO4jk/Tt+gSBEfG+/Hg2/MTQ8RVcoTAOeHSYXf6vhsZTMGhO
srI4LrI+NBL3h6bQK8u+dhJ2zdGD21N1ErNjefMro1tJa9XuSA9oPnBo0wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFI7s0wXH4s4ku8mituAWlI3kWNe1MB8GA1UdIwQY
MBaAFO+kdyRjzb4StzsWrQ0lFvB9Y4MNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZSM0pHUE52aEszT3hhdERTVVc4SDFqZ3cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wNjZkYTktOTk1ZS00OGYyLWI5ZjEt
ODAxY2FiNzIwZWRiLzEvanV6VEJjZml6aVM3eWFLMjRCYVVqZVJZMTdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wNjZkYTktOTk1ZS00OGYyLWI5ZjEtODAxY2FiNzIwZWRi
LzEvNzZSM0pHUE52aEszT3hhdERTVVc4SDFqZ3cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC6g
MA0GCSqGSIb3DQEBCwUAA4IBAQAJ6TKC7BQVzOhd0gVeKGkc4fk7QReAlI6PGxJ/
AJy0gVfZffu63HeULOF0V6+IZEsUIaSQV4phh/O3oYM9wvTU4Sa2OIm2zGKOS1SL
KeKk2drXGW++JZaEkdX+rggOEdUn9pm9WyqqYHm+7zp6s1F8d9Wl5JHDlWZfcdr0
9tuQTQ5CP5V06LpOITSB1cqnlHn+z9w3ZjvY75Q5lkyWswUkfjhMd5qHCnI9bZhY
KlxUw7y/5LoW+zz2eiSgZ0vp868s3S+T+/vUzvWcVUR2k5nnqUFvHJHCesmkg8yb
IaqshVjSDg7tpvFVk4JiXKDaHydEA2ysu18t9AYTGpyz2tFV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:40 2024 by rpki-client on console-ams.rpki-client.org