Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/ff0bfc-26fe-4412-a232-31999f3add36/1/1MHDHh9nhYycyB2Uon9PLDIaa2k.roa
File:                     1MHDHh9nhYycyB2Uon9PLDIaa2k.roa (raw, json)
Hash identifier:          3dUMdXQsYZ69j4owN00eZEZH/1W++Ki9HBFIhx/Saec=
Subject key identifier:   D4:C1:C3:1E:1F:67:85:8C:9C:C8:1D:94:A2:7F:4F:2C:32:1A:6B:69
Certificate issuer:       /CN=7a938a935f8baf9cd933906416590d782e7287c7
Certificate serial:       01857246E7ED968C8564826B88B16ED14488
Authority key identifier: 7A:93:8A:93:5F:8B:AF:9C:D9:33:90:64:16:59:0D:78:2E:72:87:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/epOKk1-Lr5zZM5BkFlkNeC5yh8c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/ff0bfc-26fe-4412-a232-31999f3add36/1/1MHDHh9nhYycyB2Uon9PLDIaa2k.roa
Signing time:             Mon 02 Jan 2023 11:38:47 +0000
ROA not before:           Mon 02 Jan 2023 11:38:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8792
IP address blocks:        2001:67c:1170::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:34:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:46:e7:ed:96:8c:85:64:82:6b:88:b1:6e:d1:44:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a938a935f8baf9cd933906416590d782e7287c7
        Validity
            Not Before: Jan  2 11:38:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d4c1c31e1f67858c9cc81d94a27f4f2c321a6b69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:02:80:d9:b9:b4:cd:88:60:d8:31:af:90:71:
                    49:d1:1e:13:59:d6:fa:b9:ea:5e:2f:eb:7f:ad:ba:
                    2b:45:b7:5c:0f:57:02:11:03:75:b2:cb:f4:da:97:
                    fa:64:c8:d8:2f:0b:df:fa:3b:b1:e9:36:e9:17:55:
                    7e:56:ce:32:9d:fa:17:27:d6:0f:be:74:e6:55:0f:
                    dc:3f:4b:7b:b9:e2:0b:fb:b3:3e:ed:2e:29:1c:fd:
                    6a:cc:e3:e5:ad:4b:c6:4a:e2:f7:54:1f:25:57:d4:
                    84:66:f3:c5:da:8a:61:f3:8d:ae:91:ac:b9:4a:06:
                    0c:63:17:2d:3b:ed:64:9f:61:22:8d:a5:95:04:0b:
                    cd:18:c7:15:2c:1b:b0:12:36:7d:0d:d3:6b:e9:19:
                    12:56:42:56:16:3e:bc:fd:97:3c:66:7c:4f:7f:01:
                    ca:af:e3:ca:83:44:ad:61:66:ce:ca:7d:07:e3:91:
                    75:3c:63:17:07:89:c0:1e:c2:39:dd:7f:ce:64:56:
                    20:e4:99:9e:ac:50:d4:1b:1e:9d:dc:91:c8:a3:75:
                    9f:bb:86:c7:f4:87:ba:dc:3e:d9:62:4f:d4:73:14:
                    74:01:cc:65:d1:0a:e2:6d:10:6e:eb:56:46:01:14:
                    18:ec:0f:1c:60:16:8d:8a:16:28:62:8b:38:c8:bd:
                    7c:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:C1:C3:1E:1F:67:85:8C:9C:C8:1D:94:A2:7F:4F:2C:32:1A:6B:69
            X509v3 Authority Key Identifier:
                keyid:7A:93:8A:93:5F:8B:AF:9C:D9:33:90:64:16:59:0D:78:2E:72:87:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/epOKk1-Lr5zZM5BkFlkNeC5yh8c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ff0bfc-26fe-4412-a232-31999f3add36/1/1MHDHh9nhYycyB2Uon9PLDIaa2k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ff0bfc-26fe-4412-a232-31999f3add36/1/epOKk1-Lr5zZM5BkFlkNeC5yh8c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:1170::/48

    Signature Algorithm: sha256WithRSAEncryption
         89:3f:48:b2:5b:fd:d7:08:3e:14:33:0f:99:7d:b5:7c:5f:22:
         ff:37:ce:67:dd:8a:83:2c:82:4d:68:0b:0a:f8:b5:df:97:92:
         11:66:91:29:68:93:90:fd:8d:5a:d9:64:9a:81:02:e3:2d:2d:
         4c:6a:c0:c4:9e:8e:60:7b:00:d6:47:44:ee:cc:a8:46:3b:0b:
         53:c5:ef:f2:ab:98:2f:d9:63:d6:09:e7:fa:b0:93:db:fc:6d:
         a7:49:fc:c8:36:23:4d:be:fe:84:90:16:28:fe:3f:6d:1a:3e:
         71:12:d2:f1:b6:30:ad:41:48:19:6e:6c:f2:eb:3a:25:0f:ed:
         f5:11:e8:16:f3:58:44:aa:0a:20:b5:95:37:6b:b1:79:8e:e1:
         cd:bd:65:db:d7:f4:1a:92:46:ac:14:b9:47:ef:c8:f3:c4:d9:
         ac:0d:54:f6:5f:a1:7c:b3:e8:7b:fa:27:ea:2b:14:f9:82:36:
         d0:a9:78:5e:90:4f:68:85:95:b2:55:7d:5b:00:de:40:08:24:
         3a:85:b7:0f:a7:5f:28:7d:13:46:ff:1e:09:6a:01:89:2e:a6:
         37:b6:05:15:9d:21:e8:90:07:c1:49:76:81:06:65:23:93:34:
         59:75:0c:8f:6f:00:cb:68:c2:de:9a:36:93:0e:2d:b2:de:f7:
         fb:fc:9c:1b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyRuftloyFZIJriLFu0USIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhOTM4YTkzNWY4YmFmOWNkOTMzOTA2NDE2NTkwZDc4MmU3
Mjg3YzcwHhcNMjMwMTAyMTEzODQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGMxYzMxZTFmNjc4NThjOWNjODFkOTRhMjdmNGYyYzMyMWE2YjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAKA2bm0zYhg2DGvkHFJ0R4TWdb6
uepeL+t/rborRbdcD1cCEQN1ssv02pf6ZMjYLwvf+jux6TbpF1V+Vs4ynfoXJ9YP
vnTmVQ/cP0t7ueIL+7M+7S4pHP1qzOPlrUvGSuL3VB8lV9SEZvPF2oph842ukay5
SgYMYxctO+1kn2EijaWVBAvNGMcVLBuwEjZ9DdNr6RkSVkJWFj68/Zc8ZnxPfwHK
r+PKg0StYWbOyn0H45F1PGMXB4nAHsI53X/OZFYg5JmerFDUGx6d3JHIo3Wfu4bH
9Ie63D7ZYk/UcxR0Acxl0QribRBu61ZGARQY7A8cYBaNihYoYos4yL18WwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNTBwx4fZ4WMnMgdlKJ/TywyGmtpMB8GA1UdIwQY
MBaAFHqTipNfi6+c2TOQZBZZDXgucofHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXBPS2sxLUxyNXpaTTVCa0Zsa05lQzV5aDhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9mZjBiZmMtMjZmZS00NDEyLWEyMzIt
MzE5OTlmM2FkZDM2LzEvMU1IREhoOW5oWXljeUIyVW9uOVBMRElhYTJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9mZjBiZmMtMjZmZS00NDEyLWEyMzItMzE5OTlmM2FkZDM2
LzEvZXBPS2sxLUxyNXpaTTVCa0Zsa05lQzV5aDhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBFw
MA0GCSqGSIb3DQEBCwUAA4IBAQCJP0iyW/3XCD4UMw+ZfbV8XyL/N85n3YqDLIJN
aAsK+LXfl5IRZpEpaJOQ/Y1a2WSagQLjLS1MasDEno5gewDWR0TuzKhGOwtTxe/y
q5gv2WPWCef6sJPb/G2nSfzINiNNvv6EkBYo/j9tGj5xEtLxtjCtQUgZbmzy6zol
D+31EegW81hEqgogtZU3a7F5juHNvWXb1/QakkasFLlH78jzxNmsDVT2X6F8s+h7
+ifqKxT5gjbQqXhekE9ohZWyVX1bAN5ACCQ6hbcPp18ofRNG/x4JagGJLqY3tgUV
nSHokAfBSXaBBmUjkzRZdQyPbwDLaMLemjaTDi2y3vf7/Jwb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:44 2024 by rpki-client on console-ams.rpki-client.org