Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/TyQO8LnZuZ1ElojxKiX2B8BCEUw.roa
File:                     TyQO8LnZuZ1ElojxKiX2B8BCEUw.roa (raw, json)
Hash identifier:          vUL0biXu+sN/jLSRXunTNn4a8OnLlFHVbUpEMPcx1gw=
Subject key identifier:   4F:24:0E:F0:B9:D9:B9:9D:44:96:88:F1:2A:25:F6:07:C0:42:11:4C
Certificate issuer:       /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial:       01856BEEBA2BD61D44EF0EF4B7C716BF76F5
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/TyQO8LnZuZ1ElojxKiX2B8BCEUw.roa
Signing time:             Sun 01 Jan 2023 06:04:45 +0000
ROA not before:           Sun 01 Jan 2023 06:04:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48625
IP address blocks:        2001:7f8:82::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:ee:ba:2b:d6:1d:44:ef:0e:f4:b7:c7:16:bf:76:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
        Validity
            Not Before: Jan  1 06:04:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4f240ef0b9d9b99d449688f12a25f607c042114c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:12:9f:bf:16:ad:01:d5:47:31:34:52:c3:1a:
                    b7:84:e0:72:2d:1b:c0:f8:ef:97:c0:8f:83:11:c2:
                    36:20:10:e1:0d:36:07:8a:de:45:e9:38:a0:16:e2:
                    13:42:f0:66:6e:26:8a:bf:d8:fb:57:5a:b3:ed:68:
                    39:50:ba:97:3a:cd:4c:d9:b4:c8:8d:0e:da:a8:48:
                    c3:dd:fb:38:ab:f3:a3:7c:c3:d2:fa:83:2c:fa:a9:
                    d2:3d:ca:3a:54:5a:e9:09:03:7a:e2:f3:02:36:74:
                    60:99:82:38:df:28:62:da:06:f9:c8:73:f6:2f:01:
                    4d:f4:f8:fe:47:09:b0:d2:c7:a7:c0:62:4c:0c:b4:
                    66:8e:b5:63:fe:54:8f:0c:81:08:f3:f4:2d:84:ac:
                    7f:87:3e:4b:7f:12:a4:51:83:ee:b4:3f:58:3d:e8:
                    01:dc:31:69:5f:35:d7:5d:76:d2:9a:73:f5:c1:9f:
                    8a:93:5f:78:56:21:8d:28:bd:33:5b:17:18:f1:5e:
                    89:a6:5c:77:1e:06:87:7e:cb:95:9b:50:8e:9a:ef:
                    49:40:ce:b1:8f:eb:22:12:77:fb:8a:de:11:94:09:
                    8b:03:02:e6:4f:1e:c5:ad:ee:3f:49:0c:ad:d1:01:
                    85:ec:12:d5:58:9c:ef:ca:da:4a:fd:fd:1e:8d:67:
                    a9:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:24:0E:F0:B9:D9:B9:9D:44:96:88:F1:2A:25:F6:07:C0:42:11:4C
            X509v3 Authority Key Identifier:
                keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/TyQO8LnZuZ1ElojxKiX2B8BCEUw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:7f8:82::/48

    Signature Algorithm: sha256WithRSAEncryption
         43:32:32:ec:43:ae:db:52:11:c9:4b:fc:8b:32:ee:03:bd:db:
         f2:c3:12:92:04:75:f1:0b:dd:28:c4:15:df:9f:ee:83:11:0b:
         35:e0:a5:1f:49:53:b6:87:f2:4b:79:a1:c7:83:f0:cc:33:d6:
         9e:23:b6:15:f2:da:2f:06:b7:86:86:f1:ce:9b:6d:09:f1:0c:
         45:5e:25:d5:62:70:52:07:49:37:97:77:05:2d:95:d8:99:40:
         06:e5:77:0d:10:a8:1a:f9:91:10:29:80:e3:7f:05:a8:b2:e2:
         a4:b6:d8:a2:08:ed:64:c1:d5:83:dc:9b:4d:8f:79:0d:e7:e2:
         19:21:7c:a9:0b:36:53:d3:8a:9d:ad:d1:df:49:18:e5:40:00:
         c5:f9:31:80:92:fc:8c:72:9e:0c:4d:75:92:bd:49:50:90:91:
         5d:e7:fb:82:99:37:a8:0f:ea:68:fa:c9:2e:fb:8d:43:e5:2c:
         b7:be:6e:78:92:de:e6:d4:4a:3d:e2:08:c6:c1:c3:e5:b2:9e:
         17:8b:0a:73:e7:da:96:cb:86:7f:72:e6:4f:27:4c:cf:38:21:
         35:06:0e:f6:f1:5a:68:2a:38:20:31:ec:22:9a:2b:80:b5:f8:
         1c:76:5d:b0:68:eb:bb:b4:f9:9a:c3:03:47:09:06:a4:1e:63:
         6e:2a:55:00
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVr7ror1h1E7w70t8cWv3b1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjMwMTAxMDYwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjI0MGVmMGI5ZDliOTlkNDQ5Njg4ZjEyYTI1ZjYwN2MwNDIxMTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RKfvxatAdVHMTRSwxq3hOByLRvA
+O+XwI+DEcI2IBDhDTYHit5F6TigFuITQvBmbiaKv9j7V1qz7Wg5ULqXOs1M2bTI
jQ7aqEjD3fs4q/OjfMPS+oMs+qnSPco6VFrpCQN64vMCNnRgmYI43yhi2gb5yHP2
LwFN9Pj+Rwmw0senwGJMDLRmjrVj/lSPDIEI8/QthKx/hz5LfxKkUYPutD9YPegB
3DFpXzXXXXbSmnP1wZ+Kk194ViGNKL0zWxcY8V6Jplx3HgaHfsuVm1COmu9JQM6x
j+siEnf7it4RlAmLAwLmTx7Fre4/SQyt0QGF7BLVWJzvytpK/f0ejWepOwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE8kDvC52bmdRJaI8Sol9gfAQhFMMB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvVHlRTzhMblp1WjFFbG9qeEtpWDJCOEJDRVV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEH+ACC
MA0GCSqGSIb3DQEBCwUAA4IBAQBDMjLsQ67bUhHJS/yLMu4DvdvywxKSBHXxC90o
xBXfn+6DEQs14KUfSVO2h/JLeaHHg/DMM9aeI7YV8tovBreGhvHOm20J8QxFXiXV
YnBSB0k3l3cFLZXYmUAG5XcNEKga+ZEQKYDjfwWosuKkttiiCO1kwdWD3JtNj3kN
5+IZIXypCzZT04qdrdHfSRjlQADF+TGAkvyMcp4MTXWSvUlQkJFd5/uCmTeoD+po
+sku+41D5Sy3vm54kt7m1Eo94gjGwcPlsp4Xiwpz59qWy4Z/cuZPJ0zPOCE1Bg72
8VpoKjggMewimiuAtfgcdl2waOu7tPmawwNHCQakHmNuKlUA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:02 2024 by rpki-client on console-fra.rpki-client.org