Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/58d14d-6d62-43e1-b6bb-7cb26bc1d4d0/1/kEy1491UWfgG1NAEL-hsGAN7rqA.roa
File:                     kEy1491UWfgG1NAEL-hsGAN7rqA.roa (raw, json)
Hash identifier:          cyOU8ftNFgATp0bahm5Xb3twIU8W1tN7Ixeg9X6pnUk=
Subject key identifier:   90:4C:B5:E3:DD:54:59:F8:06:D4:D0:04:2F:E8:6C:18:03:7B:AE:A0
Certificate issuer:       /CN=a523418539735cbd9b0ba3c279ec3557d726265a
Certificate serial:       0185700273098CDAC42B38D0B8101E3AB500
Authority key identifier: A5:23:41:85:39:73:5C:BD:9B:0B:A3:C2:79:EC:35:57:D7:26:26:5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pSNBhTlzXL2bC6PCeew1V9cmJlo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/58d14d-6d62-43e1-b6bb-7cb26bc1d4d0/1/kEy1491UWfgG1NAEL-hsGAN7rqA.roa
Signing time:             Mon 02 Jan 2023 01:04:46 +0000
ROA not before:           Mon 02 Jan 2023 01:04:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44471
IP address blocks:        2001:678:e00::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:02:73:09:8c:da:c4:2b:38:d0:b8:10:1e:3a:b5:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a523418539735cbd9b0ba3c279ec3557d726265a
        Validity
            Not Before: Jan  2 01:04:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=904cb5e3dd5459f806d4d0042fe86c18037baea0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:ed:bb:ce:34:dd:1b:b4:9f:19:df:e8:7c:96:
                    56:7c:08:cf:0a:c6:9d:88:05:2b:8a:58:e1:58:78:
                    e3:7e:62:b5:1a:ad:dd:94:54:e4:a6:70:5f:07:78:
                    1a:20:9c:90:14:6f:5a:ec:f7:30:2f:a2:3b:d4:3f:
                    4e:ef:6d:5a:0f:c2:b6:c3:3c:cc:d8:0d:6d:99:12:
                    6b:a8:84:8a:00:1c:9b:af:2e:e9:44:11:83:79:9b:
                    64:d8:16:ac:7d:cb:bf:09:7e:e4:b2:31:eb:70:cf:
                    66:ff:96:c7:7c:49:b8:96:fe:67:77:94:35:90:16:
                    90:68:49:87:f9:2c:8d:93:4e:36:ae:83:dc:00:70:
                    5b:48:5c:20:c2:d0:07:a5:ac:50:f0:6b:5f:f7:6f:
                    63:12:83:ff:4a:9a:19:43:f2:0b:21:96:e3:22:12:
                    f8:a3:29:19:89:3e:9a:a6:e6:8c:66:56:d4:75:11:
                    22:6e:57:ac:a6:6e:96:83:6f:da:ff:8b:4f:4a:10:
                    c4:30:05:56:90:23:bb:90:b2:25:de:c2:71:80:e0:
                    8b:b5:5e:d4:7d:bc:79:eb:57:ac:6e:a3:12:96:58:
                    bc:93:4c:3f:82:94:f7:f5:2b:6b:2b:6b:5e:41:ad:
                    8f:da:cb:bf:98:6d:b1:4d:e3:39:bc:ab:12:18:7f:
                    65:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:4C:B5:E3:DD:54:59:F8:06:D4:D0:04:2F:E8:6C:18:03:7B:AE:A0
            X509v3 Authority Key Identifier:
                keyid:A5:23:41:85:39:73:5C:BD:9B:0B:A3:C2:79:EC:35:57:D7:26:26:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pSNBhTlzXL2bC6PCeew1V9cmJlo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/58d14d-6d62-43e1-b6bb-7cb26bc1d4d0/1/kEy1491UWfgG1NAEL-hsGAN7rqA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/58d14d-6d62-43e1-b6bb-7cb26bc1d4d0/1/pSNBhTlzXL2bC6PCeew1V9cmJlo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:e00::/48

    Signature Algorithm: sha256WithRSAEncryption
         28:90:62:dd:5f:15:89:08:7d:aa:e6:19:0c:e7:06:7d:f4:22:
         65:f6:cc:28:d2:29:5b:fd:8b:ba:23:94:d3:79:35:0a:bc:f3:
         5c:3d:ea:ef:b9:05:f0:94:bb:6f:9b:5d:30:ad:8b:be:10:5a:
         b0:0d:5c:d5:69:59:64:5c:08:f7:fc:b2:3b:68:97:c7:79:ae:
         ab:ed:6e:c7:93:65:bc:3e:68:59:bc:27:e2:12:c8:7b:69:9a:
         e9:8b:54:4c:15:07:d3:02:18:d1:3c:ac:ab:7a:e7:1f:78:4d:
         aa:03:87:0b:f7:73:bf:97:4d:50:26:bc:21:89:c4:98:f6:9a:
         df:f6:3d:c9:e9:55:66:f8:dd:09:b0:f7:4d:12:8d:74:20:60:
         26:12:f6:e8:bf:3a:6d:99:ee:5b:ea:e9:9a:8f:38:4e:3d:ee:
         17:fa:94:14:4e:a8:46:47:83:c5:6f:d6:1d:7c:4a:7f:52:6b:
         e3:df:7b:25:0f:18:56:3d:a4:d4:a3:02:69:65:67:d1:65:a2:
         d7:b5:b6:05:34:32:28:98:5a:e4:81:f3:ee:98:a4:52:50:9d:
         a7:af:60:4c:0d:8c:51:33:8e:ba:92:df:10:85:d6:bf:f5:04:
         98:6a:d9:95:9d:47:1d:3e:bb:a7:f7:a3:da:12:86:40:c0:e2:
         cd:c1:31:53
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwAnMJjNrEKzjQuBAeOrUAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MjM0MTg1Mzk3MzVjYmQ5YjBiYTNjMjc5ZWMzNTU3ZDcy
NjI2NWEwHhcNMjMwMTAyMDEwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDRjYjVlM2RkNTQ1OWY4MDZkNGQwMDQyZmU4NmMxODAzN2JhZWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiO27zjTdG7SfGd/ofJZWfAjPCsad
iAUriljhWHjjfmK1Gq3dlFTkpnBfB3gaIJyQFG9a7PcwL6I71D9O721aD8K2wzzM
2A1tmRJrqISKABybry7pRBGDeZtk2Basfcu/CX7ksjHrcM9m/5bHfEm4lv5nd5Q1
kBaQaEmH+SyNk042roPcAHBbSFwgwtAHpaxQ8Gtf929jEoP/SpoZQ/ILIZbjIhL4
oykZiT6apuaMZlbUdREiblespm6Wg2/a/4tPShDEMAVWkCO7kLIl3sJxgOCLtV7U
fbx561esbqMSlli8k0w/gpT39StrK2teQa2P2su/mG2xTeM5vKsSGH9lkwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJBMtePdVFn4BtTQBC/obBgDe66gMB8GA1UdIwQY
MBaAFKUjQYU5c1y9mwujwnnsNVfXJiZaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFNOQmhUbHpYTDJiQzZQQ2VldzFWOWNtSmxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS81OGQxNGQtNmQ2Mi00M2UxLWI2YmIt
N2NiMjZiYzFkNGQwLzEva0V5MTQ5MVVXZmdHMU5BRUwtaHNHQU43cnFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS81OGQxNGQtNmQ2Mi00M2UxLWI2YmItN2NiMjZiYzFkNGQw
LzEvcFNOQmhUbHpYTDJiQzZQQ2VldzFWOWNtSmxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA4A
MA0GCSqGSIb3DQEBCwUAA4IBAQAokGLdXxWJCH2q5hkM5wZ99CJl9swo0ilb/Yu6
I5TTeTUKvPNcPervuQXwlLtvm10wrYu+EFqwDVzVaVlkXAj3/LI7aJfHea6r7W7H
k2W8PmhZvCfiEsh7aZrpi1RMFQfTAhjRPKyreucfeE2qA4cL93O/l01QJrwhicSY
9prf9j3J6VVm+N0JsPdNEo10IGAmEvbovzptme5b6umajzhOPe4X+pQUTqhGR4PF
b9YdfEp/Umvj33slDxhWPaTUowJpZWfRZaLXtbYFNDIomFrkgfPumKRSUJ2nr2BM
DYxRM466kt8Qhda/9QSYatmVnUcdPrun96PaEoZAwOLNwTFT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:03 2024 by rpki-client on console-fra.rpki-client.org