Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/149332-6969-4c4b-b591-7c2c08b5ee49/1/DqgKXkzX26ysgyb_WpBMdYlWKZM.roa
File:                     DqgKXkzX26ysgyb_WpBMdYlWKZM.roa (raw, json)
Hash identifier:          e6/R5Km8B7suQg86m3FIFJOFpap6741tNIL12ZwNDlw=
Subject key identifier:   0E:A8:0A:5E:4C:D7:DB:AC:AC:83:26:FF:5A:90:4C:75:89:56:29:93
Certificate issuer:       /CN=c719cad9922115bcfa7452ba0a6e43a6af4e4c24
Certificate serial:       0185704B9E8770F1E2E64E1E2C17A4EBC9D2
Authority key identifier: C7:19:CA:D9:92:21:15:BC:FA:74:52:BA:0A:6E:43:A6:AF:4E:4C:24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/149332-6969-4c4b-b591-7c2c08b5ee49/1/DqgKXkzX26ysgyb_WpBMdYlWKZM.roa
Signing time:             Mon 02 Jan 2023 02:24:42 +0000
ROA not before:           Mon 02 Jan 2023 02:24:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41046
IP address blocks:        2001:67c:2d90::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:29:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:4b:9e:87:70:f1:e2:e6:4e:1e:2c:17:a4:eb:c9:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c719cad9922115bcfa7452ba0a6e43a6af4e4c24
        Validity
            Not Before: Jan  2 02:24:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0ea80a5e4cd7dbacac8326ff5a904c7589562993
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:d4:05:fe:2d:e3:a9:c3:aa:12:b4:45:50:77:
                    38:ea:a3:13:76:7b:05:16:00:47:6e:f6:cc:a2:9f:
                    de:af:06:e9:5b:f4:28:42:06:1f:0c:74:77:21:8a:
                    c5:fc:e9:5d:0c:51:ed:4e:6e:5a:86:4a:7d:2a:50:
                    ee:e5:f4:fb:9c:6c:a8:af:28:71:2d:1a:20:f6:7c:
                    a8:55:6c:2a:6c:1d:b4:e8:1f:f1:93:7b:26:be:9e:
                    c0:49:34:43:c1:f6:f0:30:41:49:5d:28:df:9b:81:
                    88:94:5c:69:0e:c5:3d:5e:f8:b7:ba:4e:1d:4f:df:
                    e9:64:c9:2c:47:4a:d9:59:6b:32:d6:15:2c:5b:f6:
                    da:7a:0d:73:90:f7:c2:a0:a0:b6:c8:73:4b:fc:ac:
                    c8:8c:58:1a:36:3e:25:b8:28:08:05:17:d0:60:97:
                    a5:4b:69:d4:48:f3:e8:f3:a1:a3:5c:97:8a:98:ae:
                    14:ff:81:61:23:7a:c8:5b:14:2d:e9:e5:b4:99:0a:
                    52:f9:d4:7e:3a:d7:73:49:eb:7e:c1:6a:c4:cb:24:
                    dd:c8:7a:34:08:d2:9a:46:b0:85:aa:42:35:11:19:
                    c5:92:49:ab:6d:eb:34:9d:5d:2e:52:c8:2d:8b:19:
                    92:f1:64:7a:f1:4b:97:2f:8d:99:4b:07:c0:f3:94:
                    8f:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:A8:0A:5E:4C:D7:DB:AC:AC:83:26:FF:5A:90:4C:75:89:56:29:93
            X509v3 Authority Key Identifier:
                keyid:C7:19:CA:D9:92:21:15:BC:FA:74:52:BA:0A:6E:43:A6:AF:4E:4C:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/149332-6969-4c4b-b591-7c2c08b5ee49/1/DqgKXkzX26ysgyb_WpBMdYlWKZM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/149332-6969-4c4b-b591-7c2c08b5ee49/1/xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:2d90::/48

    Signature Algorithm: sha256WithRSAEncryption
         52:3d:34:34:91:49:bf:01:17:2f:60:67:e0:ee:72:17:28:84:
         95:1c:21:36:64:f4:5a:19:f5:ee:2a:cf:79:32:af:ba:89:63:
         3a:77:26:67:fe:fe:65:48:e1:4c:9d:ab:f2:22:c0:0e:b6:ff:
         9d:10:37:8d:85:b1:18:12:42:89:2f:21:d1:50:5a:97:02:1d:
         5e:3b:2c:d1:b5:51:58:1e:c0:2a:5d:2b:5e:83:cf:0a:e2:68:
         62:be:bf:55:cf:5e:17:0e:da:50:54:39:e0:11:52:7e:6e:29:
         7f:e0:cf:9b:83:4e:6d:28:f6:d6:91:6b:25:32:2f:cf:b4:41:
         69:7d:20:a7:20:d0:0d:05:92:30:79:c5:46:cc:b1:d5:2b:4d:
         75:08:61:30:9a:90:83:4a:57:df:77:34:d3:0b:09:2c:ea:1e:
         07:8f:6e:11:a3:2d:cf:f0:36:4d:0b:52:2c:db:04:c1:cd:19:
         e5:b2:50:36:1a:9f:70:2c:99:d1:e3:36:69:dc:16:85:20:dd:
         c5:74:36:63:ed:15:e4:aa:19:2a:6d:1e:16:c9:72:04:3a:ce:
         58:fa:8b:60:ef:7e:ef:7d:a4:5b:a6:82:cd:64:1d:0d:d3:3e:
         79:b5:0a:a9:57:a3:17:9f:e6:3b:da:59:5e:16:c3:b7:22:e4:
         2b:0b:30:a7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwS56HcPHi5k4eLBek68nSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MTljYWQ5OTIyMTE1YmNmYTc0NTJiYTBhNmU0M2E2YWY0
ZTRjMjQwHhcNMjMwMTAyMDIyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWE4MGE1ZTRjZDdkYmFjYWM4MzI2ZmY1YTkwNGM3NTg5NTYyOTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9QF/i3jqcOqErRFUHc46qMTdnsF
FgBHbvbMop/erwbpW/QoQgYfDHR3IYrF/OldDFHtTm5ahkp9KlDu5fT7nGyoryhx
LRog9nyoVWwqbB206B/xk3smvp7ASTRDwfbwMEFJXSjfm4GIlFxpDsU9Xvi3uk4d
T9/pZMksR0rZWWsy1hUsW/baeg1zkPfCoKC2yHNL/KzIjFgaNj4luCgIBRfQYJel
S2nUSPPo86GjXJeKmK4U/4FhI3rIWxQt6eW0mQpS+dR+OtdzSet+wWrEyyTdyHo0
CNKaRrCFqkI1ERnFkkmrbes0nV0uUsgtixmS8WR68UuXL42ZSwfA85SPeQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFA6oCl5M19usrIMm/1qQTHWJVimTMB8GA1UdIwQY
MBaAFMcZytmSIRW8+nRSugpuQ6avTkwkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHhuSzJaSWhGYno2ZEZLNkNtNURwcTlPVENRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8xNDkzMzItNjk2OS00YzRiLWI1OTEt
N2MyYzA4YjVlZTQ5LzEvRHFnS1hrelgyNnlzZ3liX1dwQk1kWWxXS1pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8xNDkzMzItNjk2OS00YzRiLWI1OTEtN2MyYzA4YjVlZTQ5
LzEveHhuSzJaSWhGYno2ZEZLNkNtNURwcTlPVENRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC2Q
MA0GCSqGSIb3DQEBCwUAA4IBAQBSPTQ0kUm/ARcvYGfg7nIXKISVHCE2ZPRaGfXu
Ks95Mq+6iWM6dyZn/v5lSOFMnavyIsAOtv+dEDeNhbEYEkKJLyHRUFqXAh1eOyzR
tVFYHsAqXSteg88K4mhivr9Vz14XDtpQVDngEVJ+bil/4M+bg05tKPbWkWslMi/P
tEFpfSCnINANBZIwecVGzLHVK011CGEwmpCDSlffdzTTCwks6h4Hj24Roy3P8DZN
C1Is2wTBzRnlslA2Gp9wLJnR4zZp3BaFIN3FdDZj7RXkqhkqbR4WyXIEOs5Y+otg
737vfaRbpoLNZB0N0z55tQqpV6MXn+Y72lleFsO3IuQrCzCn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:55 2024 by rpki-client on console-ams.rpki-client.org