Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/r5RZ9BRPzc9JEpHm-7Y23fSH1ek.roa
File:                     r5RZ9BRPzc9JEpHm-7Y23fSH1ek.roa (raw, json)
Hash identifier:          hO5Qye8A25us2Goz7OOYE35GTHwExtQa3IuTzfMFaaI=
Subject key identifier:   AF:94:59:F4:14:4F:CD:CF:49:12:91:E6:FB:B6:36:DD:F4:87:D5:E9
Certificate issuer:       /CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Certificate serial:       01856C6EFB3D3491EEED39CFBF7195936274
Authority key identifier: FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/r5RZ9BRPzc9JEpHm-7Y23fSH1ek.roa
Signing time:             Sun 01 Jan 2023 08:24:50 +0000
ROA not before:           Sun 01 Jan 2023 08:24:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208942
IP address blocks:        2001:bf7:fc00::/44 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:6e:fb:3d:34:91:ee:ed:39:cf:bf:71:95:93:62:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
        Validity
            Not Before: Jan  1 08:24:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=af9459f4144fcdcf491291e6fbb636ddf487d5e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:7b:1a:f3:48:74:6c:84:15:15:5d:bd:0b:bd:
                    9b:95:fe:09:a2:d1:b5:f6:ac:1a:e5:80:ff:f0:f8:
                    38:db:4c:4c:34:5f:f8:1c:45:62:a4:33:11:c2:e4:
                    2d:ac:0a:1b:02:f1:19:11:1c:1c:98:3b:0a:12:57:
                    d7:7e:86:30:b0:32:d8:0e:84:f7:23:e8:2a:fc:b8:
                    e8:61:a0:fa:8c:4c:3e:95:f1:84:e3:a7:f8:c2:66:
                    22:46:65:75:c9:c7:eb:f5:5b:1a:29:db:08:b9:14:
                    74:05:31:85:f4:a9:db:22:a4:27:51:78:98:bf:aa:
                    48:f1:f2:b0:09:8c:aa:12:bc:37:34:b3:4b:c7:9c:
                    dc:bc:b2:af:52:a1:71:05:29:31:1a:49:85:9d:fd:
                    b8:b1:ba:4d:d1:48:df:35:f3:c4:0c:c5:c9:e3:c7:
                    c0:95:4e:d1:76:70:e3:b6:2b:0c:99:b7:ee:36:81:
                    8e:d2:5b:3f:5d:6d:06:32:84:fb:0b:bf:9c:df:4d:
                    60:fd:8e:0f:ba:36:30:70:e9:0b:17:b5:ab:5e:52:
                    83:79:6f:76:c3:c1:58:3f:8a:74:16:70:06:05:77:
                    9f:82:4a:71:12:db:21:86:fa:27:fa:47:de:dc:94:
                    f4:56:99:3a:01:7e:16:60:8c:61:38:b5:22:f9:8f:
                    ce:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:94:59:F4:14:4F:CD:CF:49:12:91:E6:FB:B6:36:DD:F4:87:D5:E9
            X509v3 Authority Key Identifier:
                keyid:FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/r5RZ9BRPzc9JEpHm-7Y23fSH1ek.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:bf7:fc00::/44

    Signature Algorithm: sha256WithRSAEncryption
         a5:6b:98:dc:40:0e:6a:ab:6e:2f:7e:3f:45:00:e8:86:8b:e8:
         b7:dc:b6:9a:70:39:3c:b3:3f:69:2b:4e:8d:63:d1:be:69:d0:
         03:4a:6f:91:df:a2:a1:ec:ec:6d:c1:e4:a0:16:7d:ea:6a:6e:
         ed:70:e0:93:4c:c6:67:65:a2:c4:41:e4:65:63:2e:b0:80:93:
         25:58:a0:f5:83:f3:2f:f9:63:b2:0a:da:22:b3:c1:5f:a3:4a:
         52:3d:bc:8b:e1:35:25:3b:18:ae:e1:80:6c:42:94:a6:10:be:
         0f:74:82:e3:e9:30:4f:b8:9a:50:39:f2:af:8d:8f:5f:d4:ed:
         2d:6e:ee:7b:19:c8:ce:72:3c:8e:69:e2:8e:6b:13:f8:a8:2f:
         49:40:4b:b7:ff:32:c2:8e:75:61:45:e6:5c:4a:fa:11:9a:41:
         a5:1e:de:63:32:5c:e6:04:cf:40:58:09:70:f9:64:73:62:d2:
         b4:4d:4e:cd:a7:fc:05:e3:15:06:70:3e:4b:60:f3:ec:fc:bb:
         95:8f:0b:00:d7:d6:ee:73:e8:a5:06:2b:c0:0a:63:cb:66:15:
         09:35:ac:fd:44:39:70:59:e0:f7:f3:3d:bc:27:0d:7b:29:2c:
         8a:2d:02:cd:48:d2:ae:2a:ab:5a:64:86:ed:14:8d:ff:05:5d:
         bc:f9:c1:57
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsbvs9NJHu7TnPv3GVk2J0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMzE0OTI0NzNhNzhjNmZlOWY1MzlmOWZhN2QyMjUyNTYw
YTJiN2UwHhcNMjMwMTAxMDgyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjk0NTlmNDE0NGZjZGNmNDkxMjkxZTZmYmI2MzZkZGY0ODdkNWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnsa80h0bIQVFV29C72blf4JotG1
9qwa5YD/8Pg420xMNF/4HEVipDMRwuQtrAobAvEZERwcmDsKElfXfoYwsDLYDoT3
I+gq/LjoYaD6jEw+lfGE46f4wmYiRmV1ycfr9VsaKdsIuRR0BTGF9KnbIqQnUXiY
v6pI8fKwCYyqErw3NLNLx5zcvLKvUqFxBSkxGkmFnf24sbpN0UjfNfPEDMXJ48fA
lU7RdnDjtisMmbfuNoGO0ls/XW0GMoT7C7+c301g/Y4PujYwcOkLF7WrXlKDeW92
w8FYP4p0FnAGBXefgkpxEtshhvon+kfe3JT0Vpk6AX4WYIxhOLUi+Y/O6wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFK+UWfQUT83PSRKR5vu2Nt30h9XpMB8GA1UdIwQY
MBaAFP8xSSRzp4xv6fU5+fp9IlJWCit+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDct
NzNmZDNiYzE5YWE3LzEvcjVSWjlCUlB6YzlKRXBIbS03WTIzZlNIMWVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDctNzNmZDNiYzE5YWE3
LzEvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEIAEL9/wA
MA0GCSqGSIb3DQEBCwUAA4IBAQCla5jcQA5qq24vfj9FAOiGi+i33LaacDk8sz9p
K06NY9G+adADSm+R36Kh7OxtweSgFn3qam7tcOCTTMZnZaLEQeRlYy6wgJMlWKD1
g/Mv+WOyCtois8Ffo0pSPbyL4TUlOxiu4YBsQpSmEL4PdILj6TBPuJpQOfKvjY9f
1O0tbu57GcjOcjyOaeKOaxP4qC9JQEu3/zLCjnVhReZcSvoRmkGlHt5jMlzmBM9A
WAlw+WRzYtK0TU7Np/wF4xUGcD5LYPPs/LuVjwsA19buc+ilBivACmPLZhUJNaz9
RDlwWeD38z28Jw17KSyKLQLNSNKuKqtaZIbtFI3/BV28+cFX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:40 2024 by rpki-client on console-ams.rpki-client.org