Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/fx4WHH8H3-i1eWHISKp2hOFwbHM.roa
File:                     fx4WHH8H3-i1eWHISKp2hOFwbHM.roa (raw, json)
Hash identifier:          qvIOVOD4GsJB+Pmuq1hA3qIaClmTSNZdY5wGQu99OMQ=
Subject key identifier:   7F:1E:16:1C:7F:07:DF:E8:B5:79:61:C8:48:AA:76:84:E1:70:6C:73
Certificate issuer:       /CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Certificate serial:       01857139B50F20BEEC5B2ACE711C8FB22A7C
Authority key identifier: B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/fx4WHH8H3-i1eWHISKp2hOFwbHM.roa
Signing time:             Mon 02 Jan 2023 06:44:45 +0000
ROA not before:           Mon 02 Jan 2023 06:44:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5606
IP address blocks:        2a00:ece1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:39:b5:0f:20:be:ec:5b:2a:ce:71:1c:8f:b2:2a:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
        Validity
            Not Before: Jan  2 06:44:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7f1e161c7f07dfe8b57961c848aa7684e1706c73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:b0:68:5e:61:9a:c6:8b:9f:0e:db:c5:13:3d:
                    5c:8a:9e:27:a8:f7:ba:28:b2:eb:c0:23:38:27:e5:
                    1e:08:76:8c:2c:e2:7c:57:19:fe:0d:7b:6b:dc:e1:
                    5d:04:9e:31:9a:27:77:95:8d:33:a8:63:95:71:9d:
                    cd:12:c0:90:02:91:4a:9d:11:48:61:31:0b:ef:89:
                    c0:45:61:46:14:52:ef:e2:7a:3c:da:f6:40:03:a9:
                    fd:fb:2f:ca:95:3e:c3:73:31:1c:a3:ff:0e:29:6f:
                    65:0f:aa:55:c4:39:96:e1:d3:78:bb:ad:3a:f9:55:
                    36:76:ff:1a:b8:85:f5:aa:ed:3a:5f:78:37:7f:6e:
                    9c:8a:2c:6f:a7:ea:0c:11:86:07:4a:44:e7:c1:78:
                    1a:50:c1:37:81:42:65:04:fe:76:f0:2a:7e:08:97:
                    d9:6b:ff:d7:37:07:32:d8:5c:77:36:8b:6d:f4:4e:
                    be:ac:30:4e:06:54:3a:80:5d:ec:7f:fa:46:23:ed:
                    c6:c8:65:da:ca:70:01:df:d4:24:72:47:83:47:6e:
                    ec:43:c2:a0:b6:59:60:06:bb:eb:7f:54:82:61:f1:
                    b9:9f:a8:e7:c9:05:ca:cc:17:03:38:63:e4:e5:86:
                    75:79:a2:a1:31:68:b3:b5:81:f4:25:1e:d6:32:f6:
                    44:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:1E:16:1C:7F:07:DF:E8:B5:79:61:C8:48:AA:76:84:E1:70:6C:73
            X509v3 Authority Key Identifier:
                keyid:B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/fx4WHH8H3-i1eWHISKp2hOFwbHM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:ece1::/48

    Signature Algorithm: sha256WithRSAEncryption
         90:1c:9d:b7:53:36:14:f9:9c:5a:da:0a:4f:12:10:05:55:7d:
         f0:93:92:c0:cd:16:30:be:56:61:fa:41:71:56:48:23:62:54:
         56:5e:54:31:98:d1:94:c3:c3:68:dd:36:5d:a3:f7:8f:5e:c6:
         0d:24:51:d5:e4:66:6c:90:39:81:27:d5:04:c5:d9:71:e9:d6:
         d7:6e:d0:d3:6b:80:dd:ef:5e:f3:4f:8c:d6:b3:57:77:ee:55:
         cb:b9:d9:79:7c:0d:60:7a:ab:06:65:fc:da:f7:62:50:53:22:
         d2:af:4d:50:9a:87:8c:7e:37:0b:ee:dc:d5:79:ea:77:6c:f0:
         a6:28:c7:ea:e8:e8:73:f7:69:e8:cd:ff:24:63:a8:eb:77:01:
         6d:fe:83:12:6a:0d:a2:36:05:1d:0e:46:5e:f6:01:40:e9:82:
         56:e9:48:0e:68:8a:9d:1d:24:3c:ce:91:da:14:8b:c4:79:2f:
         fc:95:97:6f:39:87:7a:6e:30:f9:dc:e6:22:81:ab:ef:fb:82:
         55:b9:07:70:d9:4a:54:3b:92:62:f4:a9:e8:64:38:b4:61:4b:
         7f:db:33:97:d0:41:e6:67:5f:3d:27:06:8a:46:3d:ad:e4:28:
         c6:d7:77:8e:89:1b:f9:fc:6e:9a:bd:a7:a9:2d:62:1d:1d:d9:
         ee:57:ac:51
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxObUPIL7sWyrOcRyPsip8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYzIwYWUxZGFjY2EzMTgxNWIyNzQ3MDI5MjdjMWE1YTlk
YmM3YjMwHhcNMjMwMTAyMDY0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjFlMTYxYzdmMDdkZmU4YjU3OTYxYzg0OGFhNzY4NGUxNzA2YzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbBoXmGaxoufDtvFEz1cip4nqPe6
KLLrwCM4J+UeCHaMLOJ8Vxn+DXtr3OFdBJ4xmid3lY0zqGOVcZ3NEsCQApFKnRFI
YTEL74nARWFGFFLv4no82vZAA6n9+y/KlT7DczEco/8OKW9lD6pVxDmW4dN4u606
+VU2dv8auIX1qu06X3g3f26ciixvp+oMEYYHSkTnwXgaUME3gUJlBP528Cp+CJfZ
a//XNwcy2Fx3Nott9E6+rDBOBlQ6gF3sf/pGI+3GyGXaynAB39QkckeDR27sQ8Kg
tllgBrvrf1SCYfG5n6jnyQXKzBcDOGPk5YZ1eaKhMWiztYH0JR7WMvZESQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFH8eFhx/B9/otXlhyEiqdoThcGxzMB8GA1UdIwQY
MBaAFLDCCuHazKMYFbJ0cCknwaWp28ezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYt
NTQ4NDQwMmNlYjdhLzEvZng0V0hIOEgzLWkxZVdISVNLcDJoT0Z3YkhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYtNTQ4NDQwMmNlYjdh
LzEvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgDs4QAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCQHJ23UzYU+Zxa2gpPEhAFVX3wk5LAzRYwvlZh
+kFxVkgjYlRWXlQxmNGUw8No3TZdo/ePXsYNJFHV5GZskDmBJ9UExdlx6dbXbtDT
a4Dd717zT4zWs1d37lXLudl5fA1geqsGZfza92JQUyLSr01QmoeMfjcL7tzVeep3
bPCmKMfq6Ohz92nozf8kY6jrdwFt/oMSag2iNgUdDkZe9gFA6YJW6UgOaIqdHSQ8
zpHaFIvEeS/8lZdvOYd6bjD53OYigavv+4JVuQdw2UpUO5Ji9KnoZDi0YUt/2zOX
0EHmZ189JwaKRj2t5CjG13eOiRv5/G6avaepLWIdHdnuV6xR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:08 2024 by rpki-client on console-ams.rpki-client.org