Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/yXtNAp3s9ERuX_tNiatgPa-F_6Y.roa
File:                     yXtNAp3s9ERuX_tNiatgPa-F_6Y.roa (raw, json)
Hash identifier:          QIOTpIrzeb6LqaRym4i0eT1Opde6WFAy00gBRct3VQ8=
Subject key identifier:   C9:7B:4D:02:9D:EC:F4:44:6E:5F:FB:4D:89:AB:60:3D:AF:85:FF:A6
Certificate issuer:       /CN=0bac82804700ad36538bf86f34c073e971430da5
Certificate serial:       018573718522E865080646501EF0EC56E666
Authority key identifier: 0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/yXtNAp3s9ERuX_tNiatgPa-F_6Y.roa
Signing time:             Mon 02 Jan 2023 17:04:57 +0000
ROA not before:           Mon 02 Jan 2023 17:04:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39871
IP address blocks:        2001:67c:254c::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:71:85:22:e8:65:08:06:46:50:1e:f0:ec:56:e6:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0bac82804700ad36538bf86f34c073e971430da5
        Validity
            Not Before: Jan  2 17:04:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c97b4d029decf4446e5ffb4d89ab603daf85ffa6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:61:18:84:61:c2:46:b9:d2:5d:49:db:83:7c:
                    16:50:ab:c1:1a:b6:7a:df:37:a4:f3:b6:18:a3:f1:
                    04:04:cc:a3:fb:52:99:6f:88:1a:f2:b1:9d:8a:11:
                    e2:ba:db:e9:cf:1c:3b:1b:62:e5:52:a6:ba:a2:ec:
                    30:93:37:91:18:b5:96:9f:8a:a0:db:68:3a:af:47:
                    61:53:7d:6d:70:4c:5d:67:b4:bd:54:a6:49:7a:f6:
                    52:1b:29:81:57:8c:90:ce:ab:40:06:d1:cf:45:e0:
                    dc:a2:3f:58:2c:d3:2b:fd:8a:99:0f:a8:a6:dc:7b:
                    74:d3:df:9c:3a:80:52:92:3c:b9:6d:b2:3e:e4:b9:
                    ae:58:72:83:3d:49:8f:df:0f:f5:bb:20:0f:34:07:
                    b6:88:ab:47:5b:c9:be:ab:4a:54:8b:ac:e1:89:fc:
                    87:0b:c6:e1:dc:e1:51:55:fb:59:65:79:b0:de:82:
                    36:30:e6:28:e9:04:ad:19:9c:ea:77:b6:09:ec:d3:
                    97:ea:5c:fe:17:48:30:23:4d:f9:87:be:86:0a:fa:
                    ff:15:cb:ba:65:b1:b3:82:f2:83:1c:72:21:0f:b8:
                    e1:da:a6:70:26:db:d9:26:0d:1e:cf:70:a4:80:1e:
                    c9:5d:26:10:15:5e:9c:35:f0:ad:7d:c0:95:f9:c6:
                    51:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:7B:4D:02:9D:EC:F4:44:6E:5F:FB:4D:89:AB:60:3D:AF:85:FF:A6
            X509v3 Authority Key Identifier:
                keyid:0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/yXtNAp3s9ERuX_tNiatgPa-F_6Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/C6yCgEcArTZTi_hvNMBz6XFDDaU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:254c::/48

    Signature Algorithm: sha256WithRSAEncryption
         67:c4:7e:90:5a:a9:4f:78:4e:7e:c3:f4:4f:22:06:b2:2a:f0:
         50:6f:0c:de:0d:fc:31:d7:43:45:fc:23:e9:9c:59:8b:20:4e:
         89:e8:f7:ba:43:4e:23:f0:20:d6:60:18:b9:12:a8:21:95:e6:
         56:9a:e5:49:32:c3:75:3d:5c:23:6f:5c:2a:5a:e6:a7:bc:57:
         0f:58:15:d7:76:01:95:5f:39:cd:63:98:d0:a7:53:62:80:41:
         3e:28:41:b7:16:cd:5a:d5:8d:97:5f:39:2f:92:61:f0:d6:75:
         5b:7b:fd:b6:40:f3:54:77:15:cc:7c:7f:76:7d:7e:ad:f9:0c:
         74:99:3b:d7:eb:18:1a:a9:c5:96:9a:ae:67:3f:34:fe:f1:c2:
         1a:40:ca:22:79:26:44:a7:79:b1:ae:ac:b9:71:08:37:1a:87:
         59:d2:33:10:52:0e:68:7f:10:5c:a6:67:a8:d4:32:2b:a3:ab:
         bc:45:b7:96:88:82:2e:98:32:e3:ab:64:ea:4b:74:6d:99:ad:
         c1:a8:0a:57:e7:3b:25:9b:94:0a:88:2e:a9:b9:c2:c4:c7:bd:
         bc:0e:e3:c4:93:72:99:a3:24:00:04:55:18:2f:6d:30:e4:cb:
         8a:7d:9f:9b:a6:85:4e:27:34:a7:13:5c:1f:0e:24:d7:2d:f1:
         18:66:99:06
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzcYUi6GUIBkZQHvDsVuZmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYWM4MjgwNDcwMGFkMzY1MzhiZjg2ZjM0YzA3M2U5NzE0
MzBkYTUwHhcNMjMwMTAyMTcwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTdiNGQwMjlkZWNmNDQ0NmU1ZmZiNGQ4OWFiNjAzZGFmODVmZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2EYhGHCRrnSXUnbg3wWUKvBGrZ6
3zek87YYo/EEBMyj+1KZb4ga8rGdihHiutvpzxw7G2LlUqa6ouwwkzeRGLWWn4qg
22g6r0dhU31tcExdZ7S9VKZJevZSGymBV4yQzqtABtHPReDcoj9YLNMr/YqZD6im
3Ht009+cOoBSkjy5bbI+5LmuWHKDPUmP3w/1uyAPNAe2iKtHW8m+q0pUi6zhifyH
C8bh3OFRVftZZXmw3oI2MOYo6QStGZzqd7YJ7NOX6lz+F0gwI035h76GCvr/Fcu6
ZbGzgvKDHHIhD7jh2qZwJtvZJg0ez3CkgB7JXSYQFV6cNfCtfcCV+cZRKwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMl7TQKd7PREbl/7TYmrYD2vhf+mMB8GA1UdIwQY
MBaAFAusgoBHAK02U4v4bzTAc+lxQw2lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEt
NDNmNjRiY2VhOTlkLzEveVh0TkFwM3M5RVJ1WF90TmlhdGdQYS1GXzZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEtNDNmNjRiY2VhOTlk
LzEvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCVM
MA0GCSqGSIb3DQEBCwUAA4IBAQBnxH6QWqlPeE5+w/RPIgayKvBQbwzeDfwx10NF
/CPpnFmLIE6J6Pe6Q04j8CDWYBi5EqghleZWmuVJMsN1PVwjb1wqWuanvFcPWBXX
dgGVXznNY5jQp1NigEE+KEG3Fs1a1Y2XXzkvkmHw1nVbe/22QPNUdxXMfH92fX6t
+Qx0mTvX6xgaqcWWmq5nPzT+8cIaQMoieSZEp3mxrqy5cQg3GodZ0jMQUg5ofxBc
pmeo1DIro6u8RbeWiIIumDLjq2TqS3Rtma3BqApX5zslm5QKiC6pucLEx728DuPE
k3KZoyQABFUYL20w5MuKfZ+bpoVOJzSnE1wfDiTXLfEYZpkG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:34 2024 by rpki-client on console-fra.rpki-client.org