Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/32491b-4fc6-4033-9bda-2510ad32c2b4/1/KiTtr1s3gGD07JlEjR1--9_kLSs.roa
File:                     KiTtr1s3gGD07JlEjR1--9_kLSs.roa (raw, json)
Hash identifier:          1RcbyEjgPN90Cf84J3NlGD6gRzlrtukzy7GE99Gf1k0=
Subject key identifier:   2A:24:ED:AF:5B:37:80:60:F4:EC:99:44:8D:1D:7E:FB:DF:E4:2D:2B
Certificate issuer:       /CN=81413f5afc6443e8d2343518ac0b19fd30ba3c12
Certificate serial:       01856F795A57740CF0E96E3B5FF686DCF7A0
Authority key identifier: 81:41:3F:5A:FC:64:43:E8:D2:34:35:18:AC:0B:19:FD:30:BA:3C:12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gUE_WvxkQ-jSNDUYrAsZ_TC6PBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/32491b-4fc6-4033-9bda-2510ad32c2b4/1/KiTtr1s3gGD07JlEjR1--9_kLSs.roa
Signing time:             Sun 01 Jan 2023 22:35:02 +0000
ROA not before:           Sun 01 Jan 2023 22:35:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213279
IP address blocks:        2001:678:d44::/48 maxlen: 48
                          2001:678:d44:1::/64 maxlen: 64

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:79:5a:57:74:0c:f0:e9:6e:3b:5f:f6:86:dc:f7:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81413f5afc6443e8d2343518ac0b19fd30ba3c12
        Validity
            Not Before: Jan  1 22:35:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2a24edaf5b378060f4ec99448d1d7efbdfe42d2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:53:1d:d9:c9:b9:f5:a1:a5:cb:39:0d:c4:7b:
                    d0:7a:6e:cc:d0:cf:3a:0f:c7:f8:0c:01:66:59:e8:
                    b7:8a:20:6f:88:63:f4:95:4c:99:ef:6f:58:3a:cc:
                    fe:66:05:a0:00:c1:02:b0:50:fd:da:64:39:88:9f:
                    d9:55:40:95:30:47:bf:cf:a8:fb:49:4e:c2:d7:cd:
                    d6:b0:9c:ca:cc:c5:02:9f:f7:fb:eb:ec:4c:9c:46:
                    9e:dd:1e:9f:68:d2:f8:c4:12:c0:1c:62:d7:81:2c:
                    7d:35:d9:cc:79:aa:4e:8f:49:4e:85:10:fa:f9:b6:
                    cb:02:a9:f6:bf:c6:1e:0b:35:e5:65:93:98:de:9c:
                    66:a5:dc:8a:e5:48:24:fb:05:0e:4e:d0:ce:aa:d6:
                    ac:ea:70:c0:5f:89:a9:7a:e1:3e:8f:45:db:e2:13:
                    79:1a:2e:05:4f:fc:66:73:62:18:2d:61:88:3c:0a:
                    30:15:b4:5a:16:40:c6:b0:bd:23:87:b3:03:02:2a:
                    17:e9:e8:ad:e2:aa:b4:3e:84:2a:5f:b1:41:b5:65:
                    64:72:04:3f:93:f4:cb:04:eb:3f:f5:4e:57:19:79:
                    71:65:29:3a:09:13:67:74:dd:2f:29:1e:c8:1f:7c:
                    31:d7:dd:b3:3d:f7:59:9a:ed:54:ae:cc:fa:ec:18:
                    df:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:24:ED:AF:5B:37:80:60:F4:EC:99:44:8D:1D:7E:FB:DF:E4:2D:2B
            X509v3 Authority Key Identifier:
                keyid:81:41:3F:5A:FC:64:43:E8:D2:34:35:18:AC:0B:19:FD:30:BA:3C:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gUE_WvxkQ-jSNDUYrAsZ_TC6PBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/32491b-4fc6-4033-9bda-2510ad32c2b4/1/KiTtr1s3gGD07JlEjR1--9_kLSs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/32491b-4fc6-4033-9bda-2510ad32c2b4/1/gUE_WvxkQ-jSNDUYrAsZ_TC6PBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:d44::/48

    Signature Algorithm: sha256WithRSAEncryption
         60:4b:e2:3c:8f:42:21:a4:aa:08:b3:70:06:4a:c4:ac:bb:a4:
         6f:21:2a:ea:a4:9d:fa:d5:c2:b5:f3:5f:ad:55:71:96:76:1e:
         65:12:b0:5d:52:35:54:cb:30:78:fe:69:38:89:7a:36:06:8d:
         e3:dc:6b:96:69:e6:e6:4b:da:7d:60:29:84:b7:bc:a7:e3:47:
         9b:73:85:fc:4d:5f:3e:5c:b6:a2:29:0b:ea:2c:9f:99:52:b1:
         89:c7:a0:11:e3:00:ec:30:4d:81:b2:71:20:d9:b1:db:b5:0d:
         aa:ff:ba:7d:bc:2c:b3:b1:47:7b:22:8d:0b:bb:0b:f0:5b:45:
         5b:4e:de:31:a1:2a:38:26:19:96:21:d6:00:27:d0:aa:cb:17:
         68:cd:f3:81:61:63:ca:3e:20:09:9f:4a:e7:64:de:6a:7c:75:
         3c:3d:4e:49:53:50:01:31:e7:6c:b8:20:56:1e:ff:ae:04:b4:
         11:9e:51:5d:0e:8c:31:b7:8c:73:0c:94:7c:4d:c8:e8:b7:59:
         f5:cc:d9:76:60:bf:32:8d:b9:b2:56:da:2f:d7:df:0f:40:02:
         f8:33:dd:c0:12:c8:e3:59:2f:63:f7:30:cf:73:85:07:a8:a0:
         bd:02:dc:ac:c1:ea:0f:46:01:11:31:36:7c:78:bb:f9:ad:04:
         16:6a:cf:71
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVveVpXdAzw6W47X/aG3PegMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNDEzZjVhZmM2NDQzZThkMjM0MzUxOGFjMGIxOWZkMzBi
YTNjMTIwHhcNMjMwMTAxMjIzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTI0ZWRhZjViMzc4MDYwZjRlYzk5NDQ4ZDFkN2VmYmRmZTQyZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1Md2cm59aGlyzkNxHvQem7M0M86
D8f4DAFmWei3iiBviGP0lUyZ729YOsz+ZgWgAMECsFD92mQ5iJ/ZVUCVMEe/z6j7
SU7C183WsJzKzMUCn/f76+xMnEae3R6faNL4xBLAHGLXgSx9NdnMeapOj0lOhRD6
+bbLAqn2v8YeCzXlZZOY3pxmpdyK5Ugk+wUOTtDOqtas6nDAX4mpeuE+j0Xb4hN5
Gi4FT/xmc2IYLWGIPAowFbRaFkDGsL0jh7MDAioX6eit4qq0PoQqX7FBtWVkcgQ/
k/TLBOs/9U5XGXlxZSk6CRNndN0vKR7IH3wx192zPfdZmu1Ursz67BjfRwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCok7a9bN4Bg9OyZRI0dfvvf5C0rMB8GA1UdIwQY
MBaAFIFBP1r8ZEPo0jQ1GKwLGf0wujwSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1VFX1d2eGtRLWpTTkRVWXJBc1pfVEM2UEJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8zMjQ5MWItNGZjNi00MDMzLTliZGEt
MjUxMGFkMzJjMmI0LzEvS2lUdHIxczNnR0QwN0psRWpSMS0tOV9rTFNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8zMjQ5MWItNGZjNi00MDMzLTliZGEtMjUxMGFkMzJjMmI0
LzEvZ1VFX1d2eGtRLWpTTkRVWXJBc1pfVEM2UEJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA1E
MA0GCSqGSIb3DQEBCwUAA4IBAQBgS+I8j0IhpKoIs3AGSsSsu6RvISrqpJ361cK1
81+tVXGWdh5lErBdUjVUyzB4/mk4iXo2Bo3j3GuWaebmS9p9YCmEt7yn40ebc4X8
TV8+XLaiKQvqLJ+ZUrGJx6AR4wDsME2BsnEg2bHbtQ2q/7p9vCyzsUd7Io0Luwvw
W0VbTt4xoSo4JhmWIdYAJ9CqyxdozfOBYWPKPiAJn0rnZN5qfHU8PU5JU1ABMeds
uCBWHv+uBLQRnlFdDowxt4xzDJR8Tcjot1n1zNl2YL8yjbmyVtov198PQAL4M93A
EsjjWS9j9zDPc4UHqKC9AtysweoPRgERMTZ8eLv5rQQWas9x
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:40:12 2024 by rpki-client on console-fra.rpki-client.org