Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/8e4bdc-e6eb-4208-9b13-a2efae3f9cab/1/CIJXNNGxzfHTzRynyMHGgsIfoyo.roa
File:                     CIJXNNGxzfHTzRynyMHGgsIfoyo.roa (raw, json)
Hash identifier:          IzLOaD6PH2fdbUQL54bJU1vYfCzhViqFxUOHz8x0UqM=
Subject key identifier:   08:82:57:34:D1:B1:CD:F1:D3:CD:1C:A7:C8:C1:C6:82:C2:1F:A3:2A
Certificate issuer:       /CN=971a799c6a663439d74450dfb38993571f98e15d
Certificate serial:       01856E01D805B41ED00A402FDCE714F278BD
Authority key identifier: 97:1A:79:9C:6A:66:34:39:D7:44:50:DF:B3:89:93:57:1F:98:E1:5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lxp5nGpmNDnXRFDfs4mTVx-Y4V0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/8e4bdc-e6eb-4208-9b13-a2efae3f9cab/1/CIJXNNGxzfHTzRynyMHGgsIfoyo.roa
Signing time:             Sun 01 Jan 2023 15:44:52 +0000
ROA not before:           Sun 01 Jan 2023 15:44:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12816
IP address blocks:        2001:4ca0::/29 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:01:d8:05:b4:1e:d0:0a:40:2f:dc:e7:14:f2:78:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=971a799c6a663439d74450dfb38993571f98e15d
        Validity
            Not Before: Jan  1 15:44:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=08825734d1b1cdf1d3cd1ca7c8c1c682c21fa32a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:63:51:7b:a2:95:31:a6:57:6b:5f:71:e1:7e:
                    1b:d2:a5:0c:8e:b7:66:5e:eb:5b:2f:ad:62:09:3d:
                    cf:b0:a1:ef:6c:eb:ca:31:91:be:fb:11:b7:35:3d:
                    a8:30:6f:85:ae:02:eb:1d:27:1c:32:4c:37:df:31:
                    44:d4:4d:e5:14:2e:eb:3c:0f:b0:c9:9f:ce:b3:10:
                    7f:0a:ca:5e:f9:ad:c8:64:a4:98:41:74:d2:ec:4a:
                    5e:9c:ea:04:eb:93:24:d8:ca:c1:cd:08:89:2f:84:
                    f9:4e:85:82:84:43:35:20:e7:a4:c0:b8:3b:05:2c:
                    46:17:a5:66:30:f7:6c:87:be:7a:3e:4c:73:64:63:
                    94:21:0b:c1:7e:cc:1f:b2:57:1c:98:d9:ca:4c:03:
                    8c:b0:a1:0e:aa:28:16:83:65:43:36:cb:04:28:a8:
                    41:a5:91:6e:85:48:52:a3:e8:01:48:32:70:fe:92:
                    db:7b:40:7f:ab:8a:9e:23:bf:c2:80:52:05:90:dd:
                    57:c4:70:38:d2:71:51:40:32:e8:e6:28:24:93:9a:
                    89:87:92:3a:a8:04:77:0e:ca:0a:1f:0e:75:11:73:
                    1c:a1:58:6a:92:a1:93:79:41:c9:7a:83:0c:de:ae:
                    0a:a0:d1:15:3e:f6:9a:b2:ef:85:a6:d3:ba:8a:87:
                    66:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:82:57:34:D1:B1:CD:F1:D3:CD:1C:A7:C8:C1:C6:82:C2:1F:A3:2A
            X509v3 Authority Key Identifier:
                keyid:97:1A:79:9C:6A:66:34:39:D7:44:50:DF:B3:89:93:57:1F:98:E1:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lxp5nGpmNDnXRFDfs4mTVx-Y4V0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/8e4bdc-e6eb-4208-9b13-a2efae3f9cab/1/CIJXNNGxzfHTzRynyMHGgsIfoyo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/8e4bdc-e6eb-4208-9b13-a2efae3f9cab/1/lxp5nGpmNDnXRFDfs4mTVx-Y4V0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:4ca0::/29

    Signature Algorithm: sha256WithRSAEncryption
         36:34:0c:63:5d:eb:ff:47:53:4c:77:b7:a3:ff:3c:21:8d:27:
         59:c0:80:df:cd:bc:c6:fe:3b:5d:26:52:48:94:cd:33:a6:3f:
         81:e7:52:c1:74:d1:92:aa:f1:c2:2f:a8:95:11:f0:1b:5d:da:
         cf:61:9d:d8:e3:38:74:ed:b5:6b:3b:bf:17:2d:d8:47:96:54:
         a5:91:24:3f:bb:98:01:b5:03:bc:0f:fe:d9:a5:63:e7:95:d6:
         fc:76:0d:29:78:0b:b8:a0:e1:48:fc:04:3e:91:b1:ae:aa:86:
         4a:80:90:b4:50:55:f0:df:83:80:30:fe:21:b6:2f:45:83:e2:
         2a:27:96:97:4a:08:91:d3:f1:50:a4:70:f4:a2:12:04:d3:72:
         04:45:54:4a:40:2e:3a:f0:67:2e:8a:ce:e8:5f:73:b9:e1:b4:
         98:bc:60:5d:20:5b:e5:55:46:69:7c:dd:05:b7:72:92:bc:86:
         32:e5:4c:81:16:26:92:df:70:bd:9c:bd:f1:51:02:37:ba:da:
         56:fb:7c:07:89:53:e7:ed:2c:c9:88:0d:af:ef:7c:44:c4:ea:
         85:1a:2a:7f:a1:27:f2:86:79:e7:f6:c7:3f:16:e4:33:c8:26:
         09:60:22:d3:32:1a:7a:08:08:e4:eb:54:cd:a0:e3:71:cf:15:
         35:d3:7f:60
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVuAdgFtB7QCkAv3OcU8ni9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MWE3OTljNmE2NjM0MzlkNzQ0NTBkZmIzODk5MzU3MWY5
OGUxNWQwHhcNMjMwMTAxMTU0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODgyNTczNGQxYjFjZGYxZDNjZDFjYTdjOGMxYzY4MmMyMWZhMzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmNRe6KVMaZXa19x4X4b0qUMjrdm
XutbL61iCT3PsKHvbOvKMZG++xG3NT2oMG+FrgLrHSccMkw33zFE1E3lFC7rPA+w
yZ/OsxB/Cspe+a3IZKSYQXTS7EpenOoE65Mk2MrBzQiJL4T5ToWChEM1IOekwLg7
BSxGF6VmMPdsh756PkxzZGOUIQvBfswfslccmNnKTAOMsKEOqigWg2VDNssEKKhB
pZFuhUhSo+gBSDJw/pLbe0B/q4qeI7/CgFIFkN1XxHA40nFRQDLo5igkk5qJh5I6
qAR3DsoKHw51EXMcoVhqkqGTeUHJeoMM3q4KoNEVPvaasu+FptO6iodmeQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAiCVzTRsc3x080cp8jBxoLCH6MqMB8GA1UdIwQY
MBaAFJcaeZxqZjQ510RQ37OJk1cfmOFdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHhwNW5HcG1ORG5YUkZEZnM0bVRWeC1ZNFYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS84ZTRiZGMtZTZlYi00MjA4LTliMTMt
YTJlZmFlM2Y5Y2FiLzEvQ0lKWE5OR3h6ZkhUelJ5bnlNSEdnc0lmb3lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS84ZTRiZGMtZTZlYi00MjA4LTliMTMtYTJlZmFlM2Y5Y2Fi
LzEvbHhwNW5HcG1ORG5YUkZEZnM0bVRWeC1ZNFYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDIAFMoDAN
BgkqhkiG9w0BAQsFAAOCAQEANjQMY13r/0dTTHe3o/88IY0nWcCA3828xv47XSZS
SJTNM6Y/gedSwXTRkqrxwi+olRHwG13az2Gd2OM4dO21azu/Fy3YR5ZUpZEkP7uY
AbUDvA/+2aVj55XW/HYNKXgLuKDhSPwEPpGxrqqGSoCQtFBV8N+DgDD+IbYvRYPi
KieWl0oIkdPxUKRw9KISBNNyBEVUSkAuOvBnLorO6F9zueG0mLxgXSBb5VVGaXzd
BbdykryGMuVMgRYmkt9wvZy98VECN7raVvt8B4lT5+0syYgNr+98RMTqhRoqf6En
8oZ55/bHPxbkM8gmCWAi0zIaeggI5OtUzaDjcc8VNdN/YA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:49 2024 by rpki-client on console-fra.rpki-client.org