Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/cd0b2c-29e2-4737-9eb7-8cd55b03d22d/1/TISCm0zY32roSyYEyRrHIa9VHFw.roa
File:                     TISCm0zY32roSyYEyRrHIa9VHFw.roa (raw, json)
Hash identifier:          gDHx0Djs9BnG/qOiN9rQ9AED8r5gC5ywYKWBl9T4DA8=
Subject key identifier:   4C:84:82:9B:4C:D8:DF:6A:E8:4B:26:04:C9:1A:C7:21:AF:55:1C:5C
Certificate issuer:       /CN=cfc7ef2b766594892d78928cbe781779fdce67d0
Certificate serial:       01856F5DF42ED8674EC0071892DE10E19ECF
Authority key identifier: CF:C7:EF:2B:76:65:94:89:2D:78:92:8C:BE:78:17:79:FD:CE:67:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z8fvK3ZllIkteJKMvngXef3OZ9A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/cd0b2c-29e2-4737-9eb7-8cd55b03d22d/1/TISCm0zY32roSyYEyRrHIa9VHFw.roa
Signing time:             Sun 01 Jan 2023 22:05:06 +0000
ROA not before:           Sun 01 Jan 2023 22:05:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     4410
IP address blocks:        2a02:6a0:4ffe::/48 maxlen: 48
                          2a02:6a0:4fff::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:5d:f4:2e:d8:67:4e:c0:07:18:92:de:10:e1:9e:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cfc7ef2b766594892d78928cbe781779fdce67d0
        Validity
            Not Before: Jan  1 22:05:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4c84829b4cd8df6ae84b2604c91ac721af551c5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:5f:9b:47:01:a7:2e:05:dc:93:c0:ed:b0:4d:
                    fd:92:ad:53:5a:7f:9d:47:2a:b9:82:3c:7f:9f:e7:
                    91:06:e7:96:1f:73:88:c3:c2:1e:d7:d4:26:0e:88:
                    43:f8:80:be:6a:32:95:90:f2:11:27:3b:b7:d9:c8:
                    19:f6:cd:ac:b0:5b:7a:33:f0:1e:5b:41:a6:2c:e0:
                    23:32:f9:53:39:f5:c6:ee:4e:5f:f3:42:58:d1:45:
                    70:13:f0:44:f5:fe:da:4e:3e:d3:ae:45:de:f4:02:
                    ba:e7:03:32:6c:ca:0f:0b:73:53:8e:75:08:9d:b0:
                    a4:ff:06:f2:dd:d3:9c:09:bc:03:ee:6b:de:48:b3:
                    e8:e7:8c:b9:f5:30:9e:10:bd:c2:96:35:d4:ca:cf:
                    cc:5d:15:83:67:c6:8a:95:0b:72:18:02:c9:f4:7c:
                    4d:d7:5a:e8:31:ae:04:63:48:35:4b:f9:eb:e0:db:
                    86:38:45:dd:4d:bb:52:b7:32:6f:1e:c9:a4:54:80:
                    b2:1c:b0:29:5c:68:76:b4:e1:ea:0a:d7:0c:54:1c:
                    ef:47:f6:4b:52:ce:91:53:9f:c2:35:06:39:9c:13:
                    26:f0:26:3b:53:8a:5a:87:bb:14:2e:b9:b4:0a:cf:
                    36:67:dc:98:b0:1e:94:df:75:46:4e:9e:70:cd:9c:
                    15:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:84:82:9B:4C:D8:DF:6A:E8:4B:26:04:C9:1A:C7:21:AF:55:1C:5C
            X509v3 Authority Key Identifier:
                keyid:CF:C7:EF:2B:76:65:94:89:2D:78:92:8C:BE:78:17:79:FD:CE:67:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z8fvK3ZllIkteJKMvngXef3OZ9A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/cd0b2c-29e2-4737-9eb7-8cd55b03d22d/1/TISCm0zY32roSyYEyRrHIa9VHFw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/cd0b2c-29e2-4737-9eb7-8cd55b03d22d/1/z8fvK3ZllIkteJKMvngXef3OZ9A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a02:6a0:4ffe::/47

    Signature Algorithm: sha256WithRSAEncryption
         74:d0:0e:d1:ca:23:f0:31:5e:9c:0a:ba:70:17:ca:e1:15:a1:
         b1:71:fe:18:23:3c:7e:65:39:de:99:9e:73:53:ae:53:54:71:
         05:79:5f:cb:62:fb:10:a3:42:b0:cc:47:00:62:55:37:f8:db:
         58:87:7b:1a:b0:a4:4f:b0:87:a7:7c:03:37:5c:9c:41:ca:2e:
         27:a4:36:40:a0:6d:72:e4:29:20:39:6e:5e:3a:b4:01:00:c2:
         a7:7d:26:e9:a3:a4:7e:66:08:a1:62:e1:70:e3:d0:3c:60:f6:
         41:31:7b:2c:c0:ae:8b:5d:bc:15:95:d6:ce:b0:ee:17:83:51:
         e5:91:0f:67:f9:e7:b4:30:3e:5b:f0:31:e6:21:6e:9c:59:6a:
         7a:8e:0d:b5:4b:75:e9:93:b9:72:73:77:11:c5:49:49:c1:38:
         9c:c3:a9:76:2c:e0:44:ee:32:a0:ab:27:26:33:f1:b0:72:77:
         8c:9e:bd:11:1a:8c:c8:8f:2b:0a:0d:43:ee:63:7e:16:0c:53:
         ff:ea:78:73:02:5d:b7:6b:0a:0b:4c:c5:1b:b9:ea:1b:b6:94:
         7e:5a:a5:b3:9e:8e:f4:07:73:da:76:62:80:14:ce:9f:af:60:
         2c:71:93:7e:75:b0:3d:64:38:0a:3a:68:89:65:53:ef:a6:5b:
         30:c5:31:52
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvXfQu2GdOwAcYkt4Q4Z7PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYzdlZjJiNzY2NTk0ODkyZDc4OTI4Y2JlNzgxNzc5ZmRj
ZTY3ZDAwHhcNMjMwMTAxMjIwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yzg0ODI5YjRjZDhkZjZhZTg0YjI2MDRjOTFhYzcyMWFmNTUxYzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqV+bRwGnLgXck8DtsE39kq1TWn+d
Ryq5gjx/n+eRBueWH3OIw8Ie19QmDohD+IC+ajKVkPIRJzu32cgZ9s2ssFt6M/Ae
W0GmLOAjMvlTOfXG7k5f80JY0UVwE/BE9f7aTj7TrkXe9AK65wMybMoPC3NTjnUI
nbCk/wby3dOcCbwD7mveSLPo54y59TCeEL3CljXUys/MXRWDZ8aKlQtyGALJ9HxN
11roMa4EY0g1S/nr4NuGOEXdTbtStzJvHsmkVICyHLApXGh2tOHqCtcMVBzvR/ZL
Us6RU5/CNQY5nBMm8CY7U4pah7sULrm0Cs82Z9yYsB6U33VGTp5wzZwVNwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEyEgptM2N9q6EsmBMkaxyGvVRxcMB8GA1UdIwQY
MBaAFM/H7yt2ZZSJLXiSjL54F3n9zmfQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejhmdkszWmxsSWt0ZUpLTXZuZ1hlZjNPWjlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9jZDBiMmMtMjllMi00NzM3LTllYjct
OGNkNTViMDNkMjJkLzEvVElTQ20welkzMnJvU3lZRXlSckhJYTlWSEZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9jZDBiMmMtMjllMi00NzM3LTllYjctOGNkNTViMDNkMjJk
LzEvejhmdkszWmxsSWt0ZUpLTXZuZ1hlZjNPWjlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKgIGoE/+
MA0GCSqGSIb3DQEBCwUAA4IBAQB00A7RyiPwMV6cCrpwF8rhFaGxcf4YIzx+ZTne
mZ5zU65TVHEFeV/LYvsQo0KwzEcAYlU3+NtYh3sasKRPsIenfAM3XJxByi4npDZA
oG1y5CkgOW5eOrQBAMKnfSbpo6R+ZgihYuFw49A8YPZBMXsswK6LXbwVldbOsO4X
g1HlkQ9n+ee0MD5b8DHmIW6cWWp6jg21S3Xpk7lyc3cRxUlJwTicw6l2LOBE7jKg
qycmM/GwcneMnr0RGozIjysKDUPuY34WDFP/6nhzAl23awoLTMUbueobtpR+WqWz
no70B3PadmKAFM6fr2AscZN+dbA9ZDgKOmiJZVPvplswxTFS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:33 2024 by rpki-client on console-ams.rpki-client.org