Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/a00090-6663-46a1-a5fb-661e8fe3c1e9/1/I8vxrmVimNM01B7By7zGKEGvb-0.roa
File:                     I8vxrmVimNM01B7By7zGKEGvb-0.roa (raw, json)
Hash identifier:          TsaUc1JiP/ev83z6wlTvrRQp5oS2YbKRnznHG7E9/kg=
Subject key identifier:   23:CB:F1:AE:65:62:98:D3:34:D4:1E:C1:CB:BC:C6:28:41:AF:6F:ED
Certificate issuer:       /CN=2682c816f72686ff7aede53538618cc2e8861039
Certificate serial:       018BED1077FFF1BB5954A7F11235040610D2
Authority key identifier: 26:82:C8:16:F7:26:86:FF:7A:ED:E5:35:38:61:8C:C2:E8:86:10:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JoLIFvcmhv967eU1OGGMwuiGEDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/a00090-6663-46a1-a5fb-661e8fe3c1e9/1/I8vxrmVimNM01B7By7zGKEGvb-0.roa
Signing time:             Mon 20 Nov 2023 14:09:21 +0000
ROA not before:           Mon 20 Nov 2023 14:09:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47147
IP address blocks:        2001:67c:2850::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:ed:10:77:ff:f1:bb:59:54:a7:f1:12:35:04:06:10:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2682c816f72686ff7aede53538618cc2e8861039
        Validity
            Not Before: Nov 20 14:09:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=23cbf1ae656298d334d41ec1cbbcc62841af6fed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:d9:1f:2f:1f:61:c1:27:e7:18:b4:68:87:9d:
                    87:19:5e:3b:11:39:89:77:32:e2:18:36:a0:ac:81:
                    06:8c:a5:b6:0c:da:63:36:a6:65:c4:af:a9:ac:85:
                    be:ac:d6:e2:2b:f8:ec:ce:8a:9d:e4:dd:5c:b0:e7:
                    8b:bb:50:50:d8:7b:64:2d:74:00:92:60:06:f7:36:
                    20:a6:b7:b9:ba:8e:a8:b5:2a:30:de:a2:08:9f:54:
                    e8:aa:a6:0c:84:20:6a:0c:d0:60:2e:e7:80:89:66:
                    77:97:a9:d6:90:e8:af:31:e1:9b:73:b4:03:59:14:
                    f9:50:f2:62:79:4c:3d:aa:d9:bd:56:1b:fa:45:c2:
                    3e:c0:f5:24:e6:9c:2e:9a:6f:1e:c8:12:32:ed:21:
                    18:f8:30:04:5c:a1:41:ad:98:14:7f:62:19:f4:93:
                    d4:6c:8e:ee:db:02:cf:0e:d8:d0:19:27:ea:d4:83:
                    6c:c7:27:f0:76:bf:87:7c:72:ed:50:85:02:c2:c2:
                    6f:e2:94:0d:3b:31:01:86:18:c9:a8:a6:63:fb:ff:
                    2f:a5:11:dd:fc:86:56:22:12:60:7d:b2:3f:e6:25:
                    4c:bf:2b:c2:9b:c8:53:a7:e4:3d:79:49:4d:6b:06:
                    5a:ba:ef:66:1e:d8:94:6f:2d:ab:97:7b:ca:0b:a1:
                    ce:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:CB:F1:AE:65:62:98:D3:34:D4:1E:C1:CB:BC:C6:28:41:AF:6F:ED
            X509v3 Authority Key Identifier:
                keyid:26:82:C8:16:F7:26:86:FF:7A:ED:E5:35:38:61:8C:C2:E8:86:10:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JoLIFvcmhv967eU1OGGMwuiGEDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a00090-6663-46a1-a5fb-661e8fe3c1e9/1/I8vxrmVimNM01B7By7zGKEGvb-0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a00090-6663-46a1-a5fb-661e8fe3c1e9/1/JoLIFvcmhv967eU1OGGMwuiGEDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:2850::/48

    Signature Algorithm: sha256WithRSAEncryption
         a5:69:80:9a:99:37:35:25:95:bd:a4:4e:f4:a4:48:d0:b6:71:
         8a:2d:7b:b3:88:8b:d7:57:84:70:88:34:b7:f7:5b:4b:77:5c:
         66:4b:39:45:ea:8e:45:70:5d:47:41:03:7d:d2:96:07:40:e7:
         2b:b8:3a:4d:c6:43:5b:ad:32:b4:6c:6f:a0:ca:7a:49:43:ab:
         a2:e8:2d:1c:49:09:6a:0b:ab:8c:78:9c:d2:de:b9:fa:6b:9c:
         a9:56:ef:0f:0c:bf:af:81:54:aa:00:33:ce:e5:f3:9d:41:f5:
         a7:ad:d2:2e:5a:24:ac:63:7d:ec:ff:71:6e:a5:ea:1d:c2:3e:
         39:4f:1c:39:9c:ef:b0:ba:e7:22:ab:86:e7:fd:47:b4:32:fe:
         39:b4:28:38:cc:3c:b5:a1:6d:9c:6b:db:e5:21:a1:79:81:d5:
         11:e7:67:78:0c:fb:96:c1:01:a3:01:86:69:82:cd:13:0d:f0:
         55:22:64:6e:7c:ae:a0:a6:0f:bd:4b:f1:7a:fc:30:2e:f5:3c:
         2e:0e:d8:7e:37:50:2b:5e:06:b3:9b:59:96:f2:d2:33:9c:98:
         50:96:46:09:11:b7:bf:fc:e2:d6:2a:a1:91:25:22:4f:8b:5d:
         1f:06:4f:ce:f3:41:1a:1f:62:7f:1e:5a:8d:df:57:0d:76:33:
         b5:ff:b5:9a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYvtEHf/8btZVKfxEjUEBhDSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2ODJjODE2ZjcyNjg2ZmY3YWVkZTUzNTM4NjE4Y2MyZTg4
NjEwMzkwHhcNMjMxMTIwMTQwOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2NiZjFhZTY1NjI5OGQzMzRkNDFlYzFjYmJjYzYyODQxYWY2ZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdkfLx9hwSfnGLRoh52HGV47ETmJ
dzLiGDagrIEGjKW2DNpjNqZlxK+prIW+rNbiK/jszoqd5N1csOeLu1BQ2HtkLXQA
kmAG9zYgpre5uo6otSow3qIIn1ToqqYMhCBqDNBgLueAiWZ3l6nWkOivMeGbc7QD
WRT5UPJieUw9qtm9Vhv6RcI+wPUk5pwumm8eyBIy7SEY+DAEXKFBrZgUf2IZ9JPU
bI7u2wLPDtjQGSfq1INsxyfwdr+HfHLtUIUCwsJv4pQNOzEBhhjJqKZj+/8vpRHd
/IZWIhJgfbI/5iVMvyvCm8hTp+Q9eUlNawZauu9mHtiUby2rl3vKC6HOPwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCPL8a5lYpjTNNQewcu8xihBr2/tMB8GA1UdIwQY
MBaAFCaCyBb3Job/eu3lNThhjMLohhA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm9MSUZ2Y21odjk2N2VVMU9HR013dWlHRURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9hMDAwOTAtNjY2My00NmExLWE1ZmIt
NjYxZThmZTNjMWU5LzEvSTh2eHJtVmltTk0wMUI3Qnk3ekdLRUd2Yi0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9hMDAwOTAtNjY2My00NmExLWE1ZmItNjYxZThmZTNjMWU5
LzEvSm9MSUZ2Y21odjk2N2VVMU9HR013dWlHRURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfChQ
MA0GCSqGSIb3DQEBCwUAA4IBAQClaYCamTc1JZW9pE70pEjQtnGKLXuziIvXV4Rw
iDS391tLd1xmSzlF6o5FcF1HQQN90pYHQOcruDpNxkNbrTK0bG+gynpJQ6ui6C0c
SQlqC6uMeJzS3rn6a5ypVu8PDL+vgVSqADPO5fOdQfWnrdIuWiSsY33s/3Fupeod
wj45Txw5nO+wuuciq4bn/Ue0Mv45tCg4zDy1oW2ca9vlIaF5gdUR52d4DPuWwQGj
AYZpgs0TDfBVImRufK6gpg+9S/F6/DAu9TwuDth+N1ArXgazm1mW8tIznJhQlkYJ
Ebe//OLWKqGRJSJPi10fBk/O80EaH2J/HlqN31cNdjO1/7Wa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:23 2024 by rpki-client on console-ams.rpki-client.org