Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/37205b-fc57-464c-a1c1-6c62b9366705/1/aPRYGJjruQWXDfNnQfC2fmFM9W0.roa
File:                     aPRYGJjruQWXDfNnQfC2fmFM9W0.roa (raw, json)
Hash identifier:          iOxC++ENhOlMiXYRclyxsD60prl9FhsovrUhg3E+VG4=
Subject key identifier:   68:F4:58:18:98:EB:B9:05:97:0D:F3:67:41:F0:B6:7E:61:4C:F5:6D
Certificate issuer:       /CN=5cb813e09c9955e0bda7041f8373a8fc5dae6b9d
Certificate serial:       01856C781D7F719F8FD39BFF91FE751A7FDA
Authority key identifier: 5C:B8:13:E0:9C:99:55:E0:BD:A7:04:1F:83:73:A8:FC:5D:AE:6B:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XLgT4JyZVeC9pwQfg3Oo_F2ua50.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/37205b-fc57-464c-a1c1-6c62b9366705/1/aPRYGJjruQWXDfNnQfC2fmFM9W0.roa
Signing time:             Sun 01 Jan 2023 08:34:49 +0000
ROA not before:           Sun 01 Jan 2023 08:34:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50345
IP address blocks:        2001:67c:1058::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:78:1d:7f:71:9f:8f:d3:9b:ff:91:fe:75:1a:7f:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5cb813e09c9955e0bda7041f8373a8fc5dae6b9d
        Validity
            Not Before: Jan  1 08:34:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=68f4581898ebb905970df36741f0b67e614cf56d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:00:33:1c:e8:0e:c8:74:85:ea:b3:a2:0c:3e:
                    ac:7c:f1:11:58:82:51:80:eb:25:5f:89:e2:5c:93:
                    c3:f3:6d:c0:ca:59:43:21:66:cf:be:39:3f:3a:74:
                    ab:5d:91:d6:1a:36:27:9d:b1:cc:5b:c8:1b:3b:3b:
                    29:95:80:2d:55:0b:c1:dc:5f:39:96:88:df:de:8d:
                    74:5e:8c:85:81:09:58:e1:8b:ce:3f:59:4d:24:71:
                    8c:af:94:ea:95:5d:6a:57:1b:55:b1:27:19:5e:48:
                    0f:b9:1d:aa:cc:aa:d1:7c:2f:bf:0b:a5:21:0b:22:
                    ae:b9:7c:9a:f4:12:bc:ba:19:8e:ba:a5:81:62:dc:
                    62:21:c8:76:e7:ab:d3:6a:c7:7a:2d:6f:38:e2:e4:
                    4f:42:2e:16:42:03:11:d3:87:1d:b0:c2:f9:c2:50:
                    23:ac:3c:74:71:c8:7d:c2:6b:6a:ad:aa:42:ee:70:
                    b8:1a:d0:dc:fc:3e:00:5a:5b:c5:7e:29:a7:1c:0c:
                    23:d9:2a:42:eb:b9:d6:e8:66:0a:30:8d:32:d3:b6:
                    68:41:b5:38:63:6c:25:29:c2:dc:35:4d:7b:63:18:
                    aa:ed:4c:2c:06:8c:22:b4:a5:3d:68:0d:18:68:f5:
                    f1:4c:de:45:0e:5f:2d:e3:31:21:3c:23:cf:2d:04:
                    d0:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:F4:58:18:98:EB:B9:05:97:0D:F3:67:41:F0:B6:7E:61:4C:F5:6D
            X509v3 Authority Key Identifier:
                keyid:5C:B8:13:E0:9C:99:55:E0:BD:A7:04:1F:83:73:A8:FC:5D:AE:6B:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XLgT4JyZVeC9pwQfg3Oo_F2ua50.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/37205b-fc57-464c-a1c1-6c62b9366705/1/aPRYGJjruQWXDfNnQfC2fmFM9W0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/37205b-fc57-464c-a1c1-6c62b9366705/1/XLgT4JyZVeC9pwQfg3Oo_F2ua50.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:1058::/48

    Signature Algorithm: sha256WithRSAEncryption
         26:1d:3f:ec:0b:47:19:2b:7c:71:5f:90:b8:f1:c4:7b:82:31:
         2f:69:ed:07:87:1c:5b:62:2d:b5:4b:61:97:ad:a6:5e:54:78:
         7f:f4:4f:fa:e8:7d:4b:77:9d:78:f5:ee:74:af:8a:d9:be:1e:
         1d:e0:78:2d:f5:a6:7f:b5:b9:ec:3b:92:5d:7c:ae:19:44:e8:
         71:36:77:69:5c:08:3c:d3:79:23:a7:bb:a9:66:a6:c6:23:1b:
         31:34:b4:ab:7c:98:60:9b:28:79:3e:a9:11:bb:d6:5b:8b:0f:
         61:8d:4d:1b:72:7c:c3:9d:22:53:c5:e1:78:e8:b2:18:b5:9d:
         ba:16:ac:9f:01:7b:42:60:f1:2f:45:7e:1d:d7:9a:9c:0f:7f:
         c3:c0:3a:bc:b8:5a:4a:a3:7f:c9:ff:f4:7c:33:ee:7f:72:f6:
         c4:01:0a:40:97:c8:cc:83:ec:29:50:d6:28:36:43:d0:57:63:
         1b:e4:13:15:76:d6:60:c8:b1:8b:2f:02:c1:70:7d:af:9d:40:
         33:31:36:a4:b4:45:3e:4d:b6:e0:22:0b:ed:c5:ce:a8:4b:a6:
         04:57:13:dc:57:10:ff:3b:ff:fb:14:0e:43:97:e4:2a:57:2b:
         17:22:bb:5e:39:17:6a:28:99:08:3f:19:be:96:4e:35:95:ed:
         8a:f3:8b:bc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVseB1/cZ+P05v/kf51Gn/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYjgxM2UwOWM5OTU1ZTBiZGE3MDQxZjgzNzNhOGZjNWRh
ZTZiOWQwHhcNMjMwMTAxMDgzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGY0NTgxODk4ZWJiOTA1OTcwZGYzNjc0MWYwYjY3ZTYxNGNmNTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAAzHOgOyHSF6rOiDD6sfPERWIJR
gOslX4niXJPD823AyllDIWbPvjk/OnSrXZHWGjYnnbHMW8gbOzsplYAtVQvB3F85
lojf3o10XoyFgQlY4YvOP1lNJHGMr5TqlV1qVxtVsScZXkgPuR2qzKrRfC+/C6Uh
CyKuuXya9BK8uhmOuqWBYtxiIch256vTasd6LW844uRPQi4WQgMR04cdsML5wlAj
rDx0cch9wmtqrapC7nC4GtDc/D4AWlvFfimnHAwj2SpC67nW6GYKMI0y07ZoQbU4
Y2wlKcLcNU17Yxiq7UwsBowitKU9aA0YaPXxTN5FDl8t4zEhPCPPLQTQJQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGj0WBiY67kFlw3zZ0Hwtn5hTPVtMB8GA1UdIwQY
MBaAFFy4E+CcmVXgvacEH4NzqPxdrmudMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWExnVDRKeVpWZUM5cHdRZmczT29fRjJ1YTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8zNzIwNWItZmM1Ny00NjRjLWExYzEt
NmM2MmI5MzY2NzA1LzEvYVBSWUdKanJ1UVdYRGZOblFmQzJmbUZNOVcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8zNzIwNWItZmM1Ny00NjRjLWExYzEtNmM2MmI5MzY2NzA1
LzEvWExnVDRKeVpWZUM5cHdRZmczT29fRjJ1YTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBBY
MA0GCSqGSIb3DQEBCwUAA4IBAQAmHT/sC0cZK3xxX5C48cR7gjEvae0HhxxbYi21
S2GXraZeVHh/9E/66H1Ld5149e50r4rZvh4d4Hgt9aZ/tbnsO5JdfK4ZROhxNndp
XAg803kjp7upZqbGIxsxNLSrfJhgmyh5PqkRu9Zbiw9hjU0bcnzDnSJTxeF46LIY
tZ26FqyfAXtCYPEvRX4d15qcD3/DwDq8uFpKo3/J//R8M+5/cvbEAQpAl8jMg+wp
UNYoNkPQV2Mb5BMVdtZgyLGLLwLBcH2vnUAzMTaktEU+TbbgIgvtxc6oS6YEVxPc
VxD/O//7FA5Dl+QqVysXIrteORdqKJkIPxm+lk41le2K84u8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:38 2024 by rpki-client on console-ams.rpki-client.org