Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f405a2-4e3e-4621-971d-bf8f3d43884f/1/i_6mkZJhYHo73lT3FIhCvTFd4PM.roa
File:                     i_6mkZJhYHo73lT3FIhCvTFd4PM.roa (raw, json)
Hash identifier:          t7u/svqubkuktnkcdP6pV3YsRXsncjnKjn9c28OnRHg=
Subject key identifier:   8B:FE:A6:91:92:61:60:7A:3B:DE:54:F7:14:88:42:BD:31:5D:E0:F3
Certificate issuer:       /CN=acc19a8c7f17411449c7d48ff9308d24832e952b
Certificate serial:       01856F4B83F038EE86E0E9C60A8EE9CACA22
Authority key identifier: AC:C1:9A:8C:7F:17:41:14:49:C7:D4:8F:F9:30:8D:24:83:2E:95:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rMGajH8XQRRJx9SP-TCNJIMulSs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/f405a2-4e3e-4621-971d-bf8f3d43884f/1/i_6mkZJhYHo73lT3FIhCvTFd4PM.roa
Signing time:             Sun 01 Jan 2023 21:44:57 +0000
ROA not before:           Sun 01 Jan 2023 21:44:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21221
IP address blocks:        2001:67c:7f8::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:4b:83:f0:38:ee:86:e0:e9:c6:0a:8e:e9:ca:ca:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=acc19a8c7f17411449c7d48ff9308d24832e952b
        Validity
            Not Before: Jan  1 21:44:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8bfea6919261607a3bde54f7148842bd315de0f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:af:63:8c:ec:9f:7f:ba:b2:a2:c0:5e:84:cd:
                    3a:bc:fc:21:3a:a4:69:13:02:2a:9c:1b:95:6b:8a:
                    32:c3:ab:f7:d8:69:03:3d:63:71:a2:85:8b:bd:4a:
                    86:09:64:03:43:7b:8a:62:3c:4b:2b:81:c4:4d:50:
                    fb:3f:c9:6d:6c:28:11:1e:68:6f:68:11:9b:cd:f4:
                    97:b0:6c:a0:14:c3:7f:42:3e:10:1b:b7:79:ea:fb:
                    fe:25:4a:9a:4a:60:da:ea:ed:4d:05:38:9e:93:27:
                    fe:58:1d:ff:44:45:18:59:39:c2:67:75:ed:e3:31:
                    77:6f:28:94:c9:8c:27:7f:95:a5:67:80:c2:6d:34:
                    30:e4:68:82:ed:9b:93:3a:e1:3d:24:b1:40:dd:84:
                    70:81:b6:23:07:c6:c6:f6:37:0b:89:bd:cf:f8:cf:
                    1f:0a:77:52:08:d9:48:a2:89:0f:c6:d6:aa:bd:0b:
                    47:f9:0a:89:2f:de:b0:8b:ad:8a:f8:2d:f7:cf:ad:
                    5a:5f:54:65:e2:3f:6e:46:c1:c7:24:62:0f:7f:6b:
                    6e:28:49:2b:15:14:9e:ee:c4:e7:eb:bd:fe:6f:f4:
                    e5:76:25:ea:da:a4:08:c8:2e:7a:43:1c:41:eb:59:
                    49:74:94:b0:64:5a:a0:bc:9d:4b:2b:84:ae:33:ee:
                    76:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:FE:A6:91:92:61:60:7A:3B:DE:54:F7:14:88:42:BD:31:5D:E0:F3
            X509v3 Authority Key Identifier:
                keyid:AC:C1:9A:8C:7F:17:41:14:49:C7:D4:8F:F9:30:8D:24:83:2E:95:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rMGajH8XQRRJx9SP-TCNJIMulSs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f405a2-4e3e-4621-971d-bf8f3d43884f/1/i_6mkZJhYHo73lT3FIhCvTFd4PM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f405a2-4e3e-4621-971d-bf8f3d43884f/1/rMGajH8XQRRJx9SP-TCNJIMulSs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:7f8::/48

    Signature Algorithm: sha256WithRSAEncryption
         0f:0f:49:58:a4:44:fa:a2:fb:1f:52:01:bb:0b:1f:3f:f6:c2:
         45:13:c8:57:a7:ca:91:1d:51:b0:bd:67:64:44:43:91:48:01:
         a6:c1:e4:b6:c3:0f:56:53:6f:9b:4c:d6:ad:19:97:5e:c5:40:
         48:56:3b:48:5a:08:01:fa:6d:48:28:ff:3d:41:bf:01:cd:04:
         12:48:f8:0a:17:a9:ab:12:77:72:67:cc:27:a8:f4:6a:75:6d:
         53:df:1c:21:f5:7c:46:5e:11:1b:9f:57:da:f7:31:5e:1d:b4:
         9a:cf:4e:0b:d5:56:de:cd:4f:27:54:ee:a9:1c:69:1b:c6:2d:
         82:77:8d:f5:b6:9d:4d:6b:86:d4:c6:0d:0e:4d:ab:84:86:b5:
         3b:ab:53:e6:12:f6:1a:05:7b:d9:8c:31:5f:eb:3c:14:ea:c2:
         a3:c6:5d:cd:ae:71:20:93:93:c8:ac:9b:08:a3:c2:b0:fa:ca:
         5d:d8:b5:bb:e8:94:ec:d8:3a:59:75:42:95:7e:a9:75:3d:1b:
         83:b4:4d:95:2f:4f:04:8c:d3:68:7d:25:cd:b4:b7:9b:a2:7a:
         71:4e:ab:3b:ab:49:44:f7:4d:9b:6c:f0:f0:c0:29:a9:c8:b3:
         5b:5a:fd:92:f8:2f:dd:67:78:3d:da:33:c8:ba:2b:67:5b:0f:
         ce:5a:4a:8a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvS4PwOO6G4OnGCo7pysoiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYzE5YThjN2YxNzQxMTQ0OWM3ZDQ4ZmY5MzA4ZDI0ODMy
ZTk1MmIwHhcNMjMwMTAxMjE0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmZlYTY5MTkyNjE2MDdhM2JkZTU0ZjcxNDg4NDJiZDMxNWRlMGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqq9jjOyff7qyosBehM06vPwhOqRp
EwIqnBuVa4oyw6v32GkDPWNxooWLvUqGCWQDQ3uKYjxLK4HETVD7P8ltbCgRHmhv
aBGbzfSXsGygFMN/Qj4QG7d56vv+JUqaSmDa6u1NBTiekyf+WB3/REUYWTnCZ3Xt
4zF3byiUyYwnf5WlZ4DCbTQw5GiC7ZuTOuE9JLFA3YRwgbYjB8bG9jcLib3P+M8f
CndSCNlIookPxtaqvQtH+QqJL96wi62K+C33z61aX1Rl4j9uRsHHJGIPf2tuKEkr
FRSe7sTn673+b/TldiXq2qQIyC56QxxB61lJdJSwZFqgvJ1LK4SuM+52TwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIv+ppGSYWB6O95U9xSIQr0xXeDzMB8GA1UdIwQY
MBaAFKzBmox/F0EUScfUj/kwjSSDLpUrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvck1HYWpIOFhRUlJKeDlTUC1UQ05KSU11bFNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mNDA1YTItNGUzZS00NjIxLTk3MWQt
YmY4ZjNkNDM4ODRmLzEvaV82bWtaSmhZSG83M2xUM0ZJaEN2VEZkNFBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9mNDA1YTItNGUzZS00NjIxLTk3MWQtYmY4ZjNkNDM4ODRm
LzEvck1HYWpIOFhRUlJKeDlTUC1UQ05KSU11bFNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAf4
MA0GCSqGSIb3DQEBCwUAA4IBAQAPD0lYpET6ovsfUgG7Cx8/9sJFE8hXp8qRHVGw
vWdkREORSAGmweS2ww9WU2+bTNatGZdexUBIVjtIWggB+m1IKP89Qb8BzQQSSPgK
F6mrEndyZ8wnqPRqdW1T3xwh9XxGXhEbn1fa9zFeHbSaz04L1VbezU8nVO6pHGkb
xi2Cd431tp1Na4bUxg0OTauEhrU7q1PmEvYaBXvZjDFf6zwU6sKjxl3NrnEgk5PI
rJsIo8Kw+spd2LW76JTs2DpZdUKVfql1PRuDtE2VL08EjNNofSXNtLebonpxTqs7
q0lE902bbPDwwCmpyLNbWv2S+C/dZ3g92jPIuitnWw/OWkqK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:00 2024 by rpki-client on console-fra.rpki-client.org