Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/f37203-f172-459f-8315-82f25ac6887f/1/5IhI5p1V49J__wXLIyQL0noE_qo.roa
File:                     5IhI5p1V49J__wXLIyQL0noE_qo.roa (raw, json)
Hash identifier:          LBvABDY94f/o0WZUygdeiJw/smV0UKAjr+lbRRGkePs=
Subject key identifier:   E4:88:48:E6:9D:55:E3:D2:7F:FF:05:CB:23:24:0B:D2:7A:04:FE:AA
Certificate issuer:       /CN=e623299ee47b4f612db90a14f95e40767ae06657
Certificate serial:       01856EA69922B30B810A84AB3F16D648F954
Authority key identifier: E6:23:29:9E:E4:7B:4F:61:2D:B9:0A:14:F9:5E:40:76:7A:E0:66:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5iMpnuR7T2EtuQoU-V5AdnrgZlc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/f37203-f172-459f-8315-82f25ac6887f/1/5IhI5p1V49J__wXLIyQL0noE_qo.roa
Signing time:             Sun 01 Jan 2023 18:44:49 +0000
ROA not before:           Sun 01 Jan 2023 18:44:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35044
IP address blocks:        2001:67c:484::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:a6:99:22:b3:0b:81:0a:84:ab:3f:16:d6:48:f9:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e623299ee47b4f612db90a14f95e40767ae06657
        Validity
            Not Before: Jan  1 18:44:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e48848e69d55e3d27fff05cb23240bd27a04feaa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:56:8d:e1:b9:37:7e:55:89:69:d6:2c:5a:1e:
                    26:d6:1f:9b:7a:7c:01:61:3d:58:df:c0:3d:b9:a8:
                    65:d3:b7:66:17:34:74:7d:4f:38:f8:ce:4c:d4:8c:
                    42:ac:49:28:96:4c:b1:c0:1a:05:c6:e2:15:57:2f:
                    19:6d:8a:db:49:b1:ec:c9:ea:e6:bb:ad:d4:2e:21:
                    b0:f2:0c:8f:b0:0a:66:ba:ee:cb:79:f4:73:47:9a:
                    fb:9c:16:30:fb:d8:08:e3:2f:40:95:8b:df:14:e4:
                    05:7e:85:4f:81:1e:86:65:c2:0e:86:0e:dc:ed:58:
                    6b:3d:7b:54:98:c3:a3:73:6d:07:a1:1d:64:bd:43:
                    0b:14:57:6f:20:3b:25:2f:ab:fc:29:32:31:ca:c0:
                    a1:ed:a9:c3:40:f4:b0:43:dd:0d:0f:a0:d2:47:2f:
                    ec:e9:b4:05:aa:dd:48:42:e2:ff:19:e3:79:dd:f2:
                    05:61:0d:11:e1:7c:f7:31:95:f5:a2:ef:03:11:cc:
                    bf:e5:22:05:d9:32:0f:1d:b1:60:68:b1:ff:60:63:
                    8a:0c:46:ab:65:1c:36:d7:50:67:a8:cb:5f:28:b1:
                    ed:b4:f8:c7:12:2b:ef:6f:66:f4:18:56:46:78:a4:
                    a1:46:d5:82:cf:89:83:fb:1a:95:ad:51:b7:44:67:
                    54:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:88:48:E6:9D:55:E3:D2:7F:FF:05:CB:23:24:0B:D2:7A:04:FE:AA
            X509v3 Authority Key Identifier:
                keyid:E6:23:29:9E:E4:7B:4F:61:2D:B9:0A:14:F9:5E:40:76:7A:E0:66:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5iMpnuR7T2EtuQoU-V5AdnrgZlc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/f37203-f172-459f-8315-82f25ac6887f/1/5IhI5p1V49J__wXLIyQL0noE_qo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/f37203-f172-459f-8315-82f25ac6887f/1/5iMpnuR7T2EtuQoU-V5AdnrgZlc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:484::/48

    Signature Algorithm: sha256WithRSAEncryption
         7d:c4:4b:bf:5b:d7:7c:71:04:c2:22:cf:af:dd:df:e9:32:70:
         f1:80:7b:1e:d9:4a:65:33:85:fc:70:d6:f0:d0:7f:d4:42:e4:
         58:08:76:f8:77:18:25:cd:d6:52:e0:e2:96:f2:29:96:70:0f:
         93:00:a7:9d:a7:b6:09:2c:7f:3c:dd:a0:83:6a:9a:c1:fa:b0:
         de:9c:a8:c8:8c:f1:70:7d:7b:12:e2:66:03:2b:43:18:f0:b1:
         3d:8f:b5:6f:00:60:34:01:6d:c9:49:4d:c1:4e:84:64:65:ef:
         fc:f6:54:90:ed:8c:cb:8e:90:33:8c:cc:6d:b9:a2:3b:dd:3a:
         4a:ed:6b:d3:82:f0:32:14:5d:10:00:c0:7a:69:f0:b8:1f:5d:
         5e:68:66:00:aa:a6:12:b0:bc:87:4f:af:d5:b7:19:52:4f:80:
         0a:5b:05:49:62:74:93:27:c6:b6:63:ca:d4:13:41:05:05:e5:
         b3:b3:61:91:d9:55:e9:04:cd:d0:b3:53:31:95:0d:fe:e2:88:
         b9:8b:5e:51:d9:54:0f:fe:99:32:ec:a3:0e:a1:50:b0:7e:a0:
         87:c6:6e:f1:6f:65:d6:f0:25:01:90:5f:13:73:ec:2d:c9:ba:
         e8:b5:dc:69:61:7a:b4:f5:bc:94:ae:1d:6f:e7:71:32:0a:9d:
         b3:66:51:9a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuppkiswuBCoSrPxbWSPlUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MjMyOTllZTQ3YjRmNjEyZGI5MGExNGY5NWU0MDc2N2Fl
MDY2NTcwHhcNMjMwMTAxMTg0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDg4NDhlNjlkNTVlM2QyN2ZmZjA1Y2IyMzI0MGJkMjdhMDRmZWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFaN4bk3flWJadYsWh4m1h+benwB
YT1Y38A9uahl07dmFzR0fU84+M5M1IxCrEkolkyxwBoFxuIVVy8ZbYrbSbHsyerm
u63ULiGw8gyPsApmuu7LefRzR5r7nBYw+9gI4y9AlYvfFOQFfoVPgR6GZcIOhg7c
7VhrPXtUmMOjc20HoR1kvUMLFFdvIDslL6v8KTIxysCh7anDQPSwQ90ND6DSRy/s
6bQFqt1IQuL/GeN53fIFYQ0R4Xz3MZX1ou8DEcy/5SIF2TIPHbFgaLH/YGOKDEar
ZRw211BnqMtfKLHttPjHEivvb2b0GFZGeKShRtWCz4mD+xqVrVG3RGdUqwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOSISOadVePSf/8FyyMkC9J6BP6qMB8GA1UdIwQY
MBaAFOYjKZ7ke09hLbkKFPleQHZ64GZXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWlNcG51UjdUMkV0dVFvVS1WNUFkbnJnWmxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9mMzcyMDMtZjE3Mi00NTlmLTgzMTUt
ODJmMjVhYzY4ODdmLzEvNUloSTVwMVY0OUpfX3dYTEl5UUwwbm9FX3FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9mMzcyMDMtZjE3Mi00NTlmLTgzMTUtODJmMjVhYzY4ODdm
LzEvNWlNcG51UjdUMkV0dVFvVS1WNUFkbnJnWmxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfASE
MA0GCSqGSIb3DQEBCwUAA4IBAQB9xEu/W9d8cQTCIs+v3d/pMnDxgHse2UplM4X8
cNbw0H/UQuRYCHb4dxglzdZS4OKW8imWcA+TAKedp7YJLH883aCDaprB+rDenKjI
jPFwfXsS4mYDK0MY8LE9j7VvAGA0AW3JSU3BToRkZe/89lSQ7YzLjpAzjMxtuaI7
3TpK7WvTgvAyFF0QAMB6afC4H11eaGYAqqYSsLyHT6/VtxlST4AKWwVJYnSTJ8a2
Y8rUE0EFBeWzs2GR2VXpBM3Qs1MxlQ3+4oi5i15R2VQP/pky7KMOoVCwfqCHxm7x
b2XW8CUBkF8Tc+wtybrotdxpYXq09byUrh1v53EyCp2zZlGa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:38 2024 by rpki-client on console-fra.rpki-client.org