Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/0dc489-e028-4f37-a972-509f44e92022/1/5shfVie94qhpxtyTrIXXJW569Nc.roa
File:                     5shfVie94qhpxtyTrIXXJW569Nc.roa (raw, json)
Hash identifier:          /e5xC3TgelBCQJa45OUSWLSOG2g0z7mpS62xM3a3IhU=
Subject key identifier:   E6:C8:5F:56:27:BD:E2:A8:69:C6:DC:93:AC:85:D7:25:6E:7A:F4:D7
Certificate issuer:       /CN=fb480c73354305cc40f8faba9e5402ef37de2eaa
Certificate serial:       01856CCACAC90F63E2E1EAC849560E61AAA9
Authority key identifier: FB:48:0C:73:35:43:05:CC:40:F8:FA:BA:9E:54:02:EF:37:DE:2E:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-0gMczVDBcxA-Pq6nlQC7zfeLqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/0dc489-e028-4f37-a972-509f44e92022/1/5shfVie94qhpxtyTrIXXJW569Nc.roa
Signing time:             Sun 01 Jan 2023 10:05:07 +0000
ROA not before:           Sun 01 Jan 2023 10:05:07 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208391
IP address blocks:        2001:678:aec::/48 maxlen: 128

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:ca:ca:c9:0f:63:e2:e1:ea:c8:49:56:0e:61:aa:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fb480c73354305cc40f8faba9e5402ef37de2eaa
        Validity
            Not Before: Jan  1 10:05:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e6c85f5627bde2a869c6dc93ac85d7256e7af4d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:9f:9f:59:94:94:5f:a3:84:79:17:e4:87:68:
                    69:41:97:18:37:ec:41:c8:29:97:d4:b1:5d:27:1d:
                    08:d2:f0:1d:47:08:ec:b0:06:bd:23:ba:3a:6b:92:
                    ac:bd:37:8b:1f:2d:e8:57:fa:b9:6c:75:15:1e:73:
                    63:95:1d:08:9c:57:25:90:e5:39:6d:ce:38:11:31:
                    ca:b7:9b:41:4f:7d:dd:28:be:34:01:58:b2:dc:ac:
                    54:4a:0d:17:42:76:44:d4:f0:6b:5b:45:ec:aa:9f:
                    db:e4:5a:46:85:2d:63:e9:96:c0:df:5c:30:4b:dc:
                    5d:2c:8d:f5:8c:63:69:7c:bc:b8:54:26:c7:f8:e2:
                    a3:53:7b:65:89:bd:c1:37:a3:f4:04:d2:06:f6:b4:
                    20:26:76:f0:a3:91:95:10:97:ec:22:c6:98:87:db:
                    5c:d2:b7:20:1a:29:68:e0:d5:83:02:1e:89:92:1d:
                    f6:6b:98:bc:80:2f:a0:a2:e2:e9:aa:ae:68:05:e3:
                    71:e6:a8:a0:49:0b:c7:12:d1:8c:53:e5:fb:0b:0e:
                    c1:8f:df:a6:16:bc:d3:7b:ce:a6:9e:f8:a2:12:f2:
                    d4:0c:a1:79:a1:9c:9b:d7:36:a2:1e:11:fb:60:ba:
                    74:b3:1d:d0:da:b8:28:75:61:ce:1d:f0:2b:b9:06:
                    e7:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:C8:5F:56:27:BD:E2:A8:69:C6:DC:93:AC:85:D7:25:6E:7A:F4:D7
            X509v3 Authority Key Identifier:
                keyid:FB:48:0C:73:35:43:05:CC:40:F8:FA:BA:9E:54:02:EF:37:DE:2E:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-0gMczVDBcxA-Pq6nlQC7zfeLqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0dc489-e028-4f37-a972-509f44e92022/1/5shfVie94qhpxtyTrIXXJW569Nc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0dc489-e028-4f37-a972-509f44e92022/1/1-0gMczVDBcxA-Pq6nlQC7zfeLqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:aec::/48

    Signature Algorithm: sha256WithRSAEncryption
         bc:24:43:31:04:f8:0a:bb:d2:e0:b8:f1:3b:8a:1a:f4:77:7b:
         1c:82:52:6a:fb:88:82:dd:61:39:dd:7c:d4:1d:77:31:44:a8:
         c3:45:12:03:32:40:63:10:ff:b9:29:9d:75:80:45:5c:e9:0f:
         01:95:83:69:a7:be:81:f4:20:73:fc:46:bb:98:a1:b5:eb:f3:
         62:e9:09:d8:91:41:e0:19:61:3d:e4:80:d3:b2:77:a0:13:3e:
         0a:2e:5b:7d:d7:3c:32:44:48:7b:55:7d:33:89:78:97:6a:86:
         73:05:5a:46:65:0b:5b:3f:62:8e:49:d7:36:4e:84:72:b5:81:
         35:19:f7:ac:4e:da:52:88:cd:7f:7e:e2:ba:15:00:51:0b:f8:
         40:4d:8f:9c:f0:9c:57:96:c0:4b:38:9f:95:32:96:cd:12:3c:
         22:a6:da:11:e7:8d:6d:6b:e8:c5:ac:d6:11:a0:b1:cb:aa:89:
         f3:cb:8e:b9:0f:e9:97:a9:7f:c0:0f:06:8c:bd:ba:8d:5f:2f:
         73:0c:bd:7c:30:93:d9:14:38:bb:2f:4f:91:b0:97:5f:ac:7c:
         0b:2b:99:d9:c0:c7:6a:7f:70:b5:f4:31:af:be:61:4b:dc:a6:
         23:03:c2:30:eb:67:91:e3:80:70:2b:8e:8e:a6:e3:69:41:ff:
         c0:eb:82:3f
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYVsysrJD2Pi4erISVYOYaqpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNDgwYzczMzU0MzA1Y2M0MGY4ZmFiYTllNTQwMmVmMzdk
ZTJlYWEwHhcNMjMwMTAxMTAwNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmM4NWY1NjI3YmRlMmE4NjljNmRjOTNhYzg1ZDcyNTZlN2FmNGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZ+fWZSUX6OEeRfkh2hpQZcYN+xB
yCmX1LFdJx0I0vAdRwjssAa9I7o6a5KsvTeLHy3oV/q5bHUVHnNjlR0InFclkOU5
bc44ETHKt5tBT33dKL40AViy3KxUSg0XQnZE1PBrW0Xsqp/b5FpGhS1j6ZbA31ww
S9xdLI31jGNpfLy4VCbH+OKjU3tlib3BN6P0BNIG9rQgJnbwo5GVEJfsIsaYh9tc
0rcgGilo4NWDAh6Jkh32a5i8gC+gouLpqq5oBeNx5qigSQvHEtGMU+X7Cw7Bj9+m
FrzTe86mnviiEvLUDKF5oZyb1zaiHhH7YLp0sx3Q2rgodWHOHfAruQbnRQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFObIX1YnveKoacbck6yF1yVuevTXMB8GA1UdIwQY
MBaAFPtIDHM1QwXMQPj6up5UAu833i6qMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0wZ01jelZEQmN4QS1QcTZubFFDN3pmZUxxby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUvMGRjNDg5LWUwMjgtNGYzNy1hOTcy
LTUwOWY0NGU5MjAyMi8xLzVzaGZWaWU5NHFocHh0eVRySVhYSlc1NjlOYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzUvMGRjNDg5LWUwMjgtNGYzNy1hOTcyLTUwOWY0NGU5MjAy
Mi8xLzEtMGdNY3pWREJjeEEtUHE2bmxRQzd6ZmVMcW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAQZ4
CuwwDQYJKoZIhvcNAQELBQADggEBALwkQzEE+Aq70uC48TuKGvR3exyCUmr7iILd
YTndfNQddzFEqMNFEgMyQGMQ/7kpnXWARVzpDwGVg2mnvoH0IHP8RruYobXr82Lp
CdiRQeAZYT3kgNOyd6ATPgouW33XPDJESHtVfTOJeJdqhnMFWkZlC1s/Yo5J1zZO
hHK1gTUZ96xO2lKIzX9+4roVAFEL+EBNj5zwnFeWwEs4n5Uyls0SPCKm2hHnjW1r
6MWs1hGgscuqifPLjrkP6Zepf8APBoy9uo1fL3MMvXwwk9kUOLsvT5Gwl1+sfAsr
mdnAx2p/cLX0Ma++YUvcpiMDwjDrZ5HjgHArjo6m42lB/8Drgj8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:02 2024 by rpki-client on console-ams.rpki-client.org