Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/be9311-66d8-4c19-8267-3c529bf62e54/1/1-GXlQdXNtgQchE1M7LlbU6IC8j8.roa
File:                     1-GXlQdXNtgQchE1M7LlbU6IC8j8.roa (raw, json)
Hash identifier:          SExVFuGVN5SbvGUmHUq2xKOJ+KPOStt7mT9YxUVC/fs=
Subject key identifier:   F8:65:E5:41:D5:CD:B6:04:1C:84:4D:4C:EC:B9:5B:53:A2:02:F2:3F
Certificate issuer:       /CN=c07750b83111d4171bbf55ca02322c1a0dc0ac32
Certificate serial:       018570398848F0ECFF5F703F3A97EF196FAC
Authority key identifier: C0:77:50:B8:31:11:D4:17:1B:BF:55:CA:02:32:2C:1A:0D:C0:AC:32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wHdQuDER1Bcbv1XKAjIsGg3ArDI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/be9311-66d8-4c19-8267-3c529bf62e54/1/1-GXlQdXNtgQchE1M7LlbU6IC8j8.roa
Signing time:             Mon 02 Jan 2023 02:04:56 +0000
ROA not before:           Mon 02 Jan 2023 02:04:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207575
IP address blocks:        2001:67c:2d30::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:39:88:48:f0:ec:ff:5f:70:3f:3a:97:ef:19:6f:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c07750b83111d4171bbf55ca02322c1a0dc0ac32
        Validity
            Not Before: Jan  2 02:04:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f865e541d5cdb6041c844d4cecb95b53a202f23f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:1a:9f:36:b9:e8:46:e9:a2:25:89:8d:54:a6:
                    c6:c9:f6:83:c3:85:61:13:2a:3b:1e:4e:d4:77:8d:
                    ad:4a:0a:b9:10:d0:15:f8:2a:5b:12:4f:59:90:31:
                    89:f7:4a:41:48:c4:18:46:4c:e6:51:b5:e0:99:6a:
                    36:e1:87:07:ff:2b:3e:a2:11:73:57:a6:ab:dd:0e:
                    61:70:ab:30:cc:99:d1:9a:eb:6e:c1:9e:88:c3:33:
                    f6:76:de:e7:9a:c3:3d:e0:f8:64:dc:d0:73:7e:6b:
                    e1:58:3b:32:99:2c:f7:a0:75:69:74:61:1f:1c:e8:
                    72:45:cd:e2:9f:09:a9:d3:0b:a0:bc:29:b3:22:db:
                    f0:3e:d6:50:f0:ce:68:b6:ee:9a:c5:87:d2:78:94:
                    82:d9:ab:b1:a4:46:14:30:24:1c:38:07:4d:f5:0b:
                    ed:4f:24:a0:5c:b6:74:e6:35:0d:53:d1:20:86:93:
                    df:a8:52:fb:32:b6:b0:f9:e0:37:cb:f7:53:00:9a:
                    92:db:68:0f:80:cf:49:b7:c9:66:8b:cd:0d:ee:5d:
                    e6:78:7c:d2:da:d1:3f:16:8f:ab:b5:a4:72:78:a3:
                    29:91:78:4a:e8:60:78:38:31:57:2c:e9:1b:e2:29:
                    89:df:d7:61:71:74:34:47:9e:2d:aa:5e:06:51:9f:
                    9b:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:65:E5:41:D5:CD:B6:04:1C:84:4D:4C:EC:B9:5B:53:A2:02:F2:3F
            X509v3 Authority Key Identifier:
                keyid:C0:77:50:B8:31:11:D4:17:1B:BF:55:CA:02:32:2C:1A:0D:C0:AC:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wHdQuDER1Bcbv1XKAjIsGg3ArDI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/be9311-66d8-4c19-8267-3c529bf62e54/1/1-GXlQdXNtgQchE1M7LlbU6IC8j8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/be9311-66d8-4c19-8267-3c529bf62e54/1/wHdQuDER1Bcbv1XKAjIsGg3ArDI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:2d30::/48

    Signature Algorithm: sha256WithRSAEncryption
         0e:9d:4f:6b:be:da:4c:77:56:0c:0b:5e:ff:ad:6c:da:c2:5a:
         8b:1a:72:fd:65:f9:d6:2b:d3:fb:80:ba:8a:a6:87:8c:a0:a4:
         41:dc:06:29:72:5d:84:f6:17:68:7f:cd:34:88:73:94:3e:a9:
         7d:24:fb:23:8c:b0:34:fc:3b:e3:f7:87:15:84:3f:d0:b3:04:
         0e:0c:18:21:d4:68:e6:63:8e:58:dc:f9:1c:8a:1f:21:86:06:
         2e:e3:f2:5e:d6:01:22:f6:15:12:0a:7c:d0:58:99:6e:91:59:
         ae:39:a3:6f:ea:38:80:bb:0d:75:8f:5f:8f:23:0d:b7:09:a7:
         07:d9:9c:20:37:ed:ea:15:c8:b5:41:28:0a:a7:1e:0a:f4:df:
         fd:6c:c2:fc:0b:bc:80:7c:47:6c:0a:64:6f:61:03:48:a1:22:
         9a:4e:d4:a9:d1:d0:49:5e:ac:89:12:95:41:bf:ae:c1:ad:93:
         ad:39:52:4b:9c:ce:98:c1:7d:07:b4:62:a3:69:a7:b7:d4:15:
         af:97:04:16:50:fa:e7:53:fc:18:bf:cc:30:82:7d:89:59:c9:
         94:14:0e:b1:e0:33:ee:7f:56:62:81:bb:98:6c:07:36:08:7e:
         a4:ac:8b:9c:a9:a6:55:a2:87:2d:30:7e:5a:52:29:87:15:2e:
         8f:c5:09:cc
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYVwOYhI8Oz/X3A/OpfvGW+sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNzc1MGI4MzExMWQ0MTcxYmJmNTVjYTAyMzIyYzFhMGRj
MGFjMzIwHhcNMjMwMTAyMDIwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODY1ZTU0MWQ1Y2RiNjA0MWM4NDRkNGNlY2I5NWI1M2EyMDJmMjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihqfNrnoRumiJYmNVKbGyfaDw4Vh
Eyo7Hk7Ud42tSgq5ENAV+CpbEk9ZkDGJ90pBSMQYRkzmUbXgmWo24YcH/ys+ohFz
V6ar3Q5hcKswzJnRmutuwZ6IwzP2dt7nmsM94Phk3NBzfmvhWDsymSz3oHVpdGEf
HOhyRc3inwmp0wugvCmzItvwPtZQ8M5otu6axYfSeJSC2auxpEYUMCQcOAdN9Qvt
TySgXLZ05jUNU9EghpPfqFL7Mraw+eA3y/dTAJqS22gPgM9Jt8lmi80N7l3meHzS
2tE/Fo+rtaRyeKMpkXhK6GB4ODFXLOkb4imJ39dhcXQ0R54tql4GUZ+btQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPhl5UHVzbYEHIRNTOy5W1OiAvI/MB8GA1UdIwQY
MBaAFMB3ULgxEdQXG79VygIyLBoNwKwyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0hkUXVERVIxQmNidjFYS0FqSXNHZzNBckRJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iZTkzMTEtNjZkOC00YzE5LTgyNjct
M2M1MjliZjYyZTU0LzEvMS1HWGxRZFhOdGdRY2hFMU03TGxiVTZJQzhqOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTUvYmU5MzExLTY2ZDgtNGMxOS04MjY3LTNjNTI5YmY2MmU1
NC8xL3dIZFF1REVSMUJjYnYxWEtBaklzR2czQXJESS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwt
MDANBgkqhkiG9w0BAQsFAAOCAQEADp1Pa77aTHdWDAte/61s2sJaixpy/WX51ivT
+4C6iqaHjKCkQdwGKXJdhPYXaH/NNIhzlD6pfST7I4ywNPw74/eHFYQ/0LMEDgwY
IdRo5mOOWNz5HIofIYYGLuPyXtYBIvYVEgp80FiZbpFZrjmjb+o4gLsNdY9fjyMN
twmnB9mcIDft6hXItUEoCqceCvTf/WzC/Au8gHxHbApkb2EDSKEimk7UqdHQSV6s
iRKVQb+uwa2TrTlSS5zOmMF9B7Rio2mnt9QVr5cEFlD651P8GL/MMIJ9iVnJlBQO
seAz7n9WYoG7mGwHNgh+pKyLnKmmVaKHLTB+WlIphxUuj8UJzA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:41 2024 by rpki-client on console-ams.rpki-client.org