Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/05f238-bb62-455d-9921-3a2722507ee5/1/lRK86VzmQsu5gkf9oUtjCjjq79s.roa
File:                     lRK86VzmQsu5gkf9oUtjCjjq79s.roa (raw, json)
Hash identifier:          SdQJXIkNCSE+xeFSa9FdQYYhfoVGpiGKEoe8fhzHjWE=
Subject key identifier:   95:12:BC:E9:5C:E6:42:CB:B9:82:47:FD:A1:4B:63:0A:38:EA:EF:DB
Certificate issuer:       /CN=ea5187cbf738c0e9d7a3ed9bfcb2c4a677226483
Certificate serial:       0185723A2F5089E0AE678E15D12358D78033
Authority key identifier: EA:51:87:CB:F7:38:C0:E9:D7:A3:ED:9B:FC:B2:C4:A6:77:22:64:83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6lGHy_c4wOnXo-2b_LLEpnciZIM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/05f238-bb62-455d-9921-3a2722507ee5/1/lRK86VzmQsu5gkf9oUtjCjjq79s.roa
Signing time:             Mon 02 Jan 2023 11:24:53 +0000
ROA not before:           Mon 02 Jan 2023 11:24:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200306
IP address blocks:        2001:678:7e0::/48 maxlen: 48
                          2001:67c:2c40::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:3a:2f:50:89:e0:ae:67:8e:15:d1:23:58:d7:80:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ea5187cbf738c0e9d7a3ed9bfcb2c4a677226483
        Validity
            Not Before: Jan  2 11:24:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9512bce95ce642cbb98247fda14b630a38eaefdb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:63:e8:0f:4b:58:61:db:ed:ef:25:31:28:f1:
                    ee:09:c3:4a:4b:36:31:44:2b:69:de:97:a7:30:54:
                    9f:9e:64:08:32:de:8f:16:a0:dc:45:c2:a9:2a:a4:
                    dd:08:41:4b:74:f2:5b:19:ea:aa:3b:47:38:29:ac:
                    1f:27:4b:d7:29:b1:de:c1:cf:ff:45:ba:19:ba:27:
                    13:0f:ad:fd:c8:8d:8b:35:3a:1a:0b:9b:71:b4:1d:
                    cc:8e:6e:b5:0f:a2:7b:24:3a:0f:e2:b3:b2:04:6d:
                    27:27:fb:94:b6:a1:13:27:a9:1e:55:d6:a5:07:34:
                    1a:3c:f3:25:63:7c:49:9a:bf:57:f4:b4:75:10:2c:
                    07:1b:9c:12:05:8a:89:84:91:06:38:d8:d0:d2:79:
                    d8:56:9c:cf:31:ac:05:79:28:2a:f1:07:7f:6b:7a:
                    21:64:69:f5:ca:bc:1f:fd:20:f8:f8:6b:87:c8:00:
                    22:fb:39:1b:f3:cd:4c:b5:fd:9c:77:df:f0:8a:12:
                    f3:a6:ae:bc:8c:ed:ff:96:b5:cf:d6:14:77:74:12:
                    e4:73:29:f2:ba:08:de:b8:b1:81:54:a2:80:87:36:
                    a2:52:1c:30:e7:49:e0:4e:5f:86:c6:08:c3:5b:89:
                    11:0e:54:01:15:02:eb:3e:1d:40:e0:a4:4d:67:24:
                    1a:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:12:BC:E9:5C:E6:42:CB:B9:82:47:FD:A1:4B:63:0A:38:EA:EF:DB
            X509v3 Authority Key Identifier:
                keyid:EA:51:87:CB:F7:38:C0:E9:D7:A3:ED:9B:FC:B2:C4:A6:77:22:64:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6lGHy_c4wOnXo-2b_LLEpnciZIM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/05f238-bb62-455d-9921-3a2722507ee5/1/lRK86VzmQsu5gkf9oUtjCjjq79s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/05f238-bb62-455d-9921-3a2722507ee5/1/6lGHy_c4wOnXo-2b_LLEpnciZIM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:7e0::/48
                  2001:67c:2c40::/48

    Signature Algorithm: sha256WithRSAEncryption
         05:d4:b3:cc:75:c9:9c:da:f0:aa:c8:c0:5c:e8:03:95:5e:4c:
         67:cf:af:99:54:c7:1f:1d:20:58:26:f9:97:a4:2a:cf:f0:de:
         1f:ad:a8:c0:fa:70:a4:0c:04:54:3d:60:e0:5f:b5:7e:6e:40:
         2d:ba:c7:44:6d:2b:2b:a3:6a:8d:74:56:92:b1:dd:e9:92:d8:
         43:58:a3:f9:8b:ab:94:17:99:b5:e1:64:92:84:6b:9e:a1:85:
         43:2f:a9:48:d2:c0:b3:50:dd:05:6f:60:b2:9b:a3:c7:1e:97:
         f5:20:0e:ee:18:bd:7b:72:6d:74:0c:75:8a:a6:76:6a:da:e3:
         79:ac:06:24:d6:44:8a:74:cd:2b:a2:4e:19:79:f4:e6:4f:6c:
         c5:80:19:24:a3:f7:26:3e:94:a8:0c:f7:17:fd:fa:2b:bc:fb:
         b3:79:68:7f:df:ea:aa:c5:30:24:58:18:b7:e0:b2:7a:d5:50:
         39:11:a6:f8:0c:57:17:05:56:03:d1:66:8f:f5:bc:b2:fd:4f:
         6d:15:9e:f5:2e:b2:0e:4a:59:bd:7a:d7:dd:14:42:db:8f:04:
         ef:25:9f:03:cd:03:fc:7b:c2:30:2b:9e:ed:a2:99:c4:ba:55:
         d2:44:ac:02:75:d3:f7:01:8c:ac:0d:59:4a:8c:d4:05:1f:4b:
         00:8d:49:c8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyOi9QieCuZ44V0SNY14AzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhNTE4N2NiZjczOGMwZTlkN2EzZWQ5YmZjYjJjNGE2Nzcy
MjY0ODMwHhcNMjMwMTAyMTEyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTEyYmNlOTVjZTY0MmNiYjk4MjQ3ZmRhMTRiNjMwYTM4ZWFlZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmPoD0tYYdvt7yUxKPHuCcNKSzYx
RCtp3penMFSfnmQIMt6PFqDcRcKpKqTdCEFLdPJbGeqqO0c4KawfJ0vXKbHewc//
RboZuicTD639yI2LNToaC5txtB3Mjm61D6J7JDoP4rOyBG0nJ/uUtqETJ6keVdal
BzQaPPMlY3xJmr9X9LR1ECwHG5wSBYqJhJEGONjQ0nnYVpzPMawFeSgq8Qd/a3oh
ZGn1yrwf/SD4+GuHyAAi+zkb881Mtf2cd9/wihLzpq68jO3/lrXP1hR3dBLkcyny
ugjeuLGBVKKAhzaiUhww50ngTl+GxgjDW4kRDlQBFQLrPh1A4KRNZyQaoQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJUSvOlc5kLLuYJH/aFLYwo46u/bMB8GA1UdIwQY
MBaAFOpRh8v3OMDp16Ptm/yyxKZ3ImSDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmxHSHlfYzR3T25Yby0yYl9MTEVwbmNpWklNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8wNWYyMzgtYmI2Mi00NTVkLTk5MjEt
M2EyNzIyNTA3ZWU1LzEvbFJLODZWem1Rc3U1Z2tmOW9VdGpDampxNzlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8wNWYyMzgtYmI2Mi00NTVkLTk5MjEtM2EyNzIyNTA3ZWU1
LzEvNmxHSHlfYzR3T25Yby0yYl9MTEVwbmNpWklNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGeAfg
AwcAIAEGfCxAMA0GCSqGSIb3DQEBCwUAA4IBAQAF1LPMdcmc2vCqyMBc6AOVXkxn
z6+ZVMcfHSBYJvmXpCrP8N4frajA+nCkDARUPWDgX7V+bkAtusdEbSsro2qNdFaS
sd3pkthDWKP5i6uUF5m14WSShGueoYVDL6lI0sCzUN0Fb2Cym6PHHpf1IA7uGL17
cm10DHWKpnZq2uN5rAYk1kSKdM0rok4ZefTmT2zFgBkko/cmPpSoDPcX/forvPuz
eWh/3+qqxTAkWBi34LJ61VA5Eab4DFcXBVYD0WaP9byy/U9tFZ71LrIOSlm9etfd
FELbjwTvJZ8DzQP8e8IwK57topnEulXSRKwCddP3AYysDVlKjNQFH0sAjUnI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:24 2024 by rpki-client on console-ams.rpki-client.org