Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/50bdd4-e2a9-46c9-836e-68c1b7dfb190/1/EPuRx-IYdsPBXNxstyIIZ3wevGY.roa
File:                     EPuRx-IYdsPBXNxstyIIZ3wevGY.roa (raw, json)
Hash identifier:          Px3DEJ5Oiax9bcdFzi+sDWUbdMlcHEer0uAAQ6aAk08=
Subject key identifier:   10:FB:91:C7:E2:18:76:C3:C1:5C:DC:6C:B7:22:08:67:7C:1E:BC:66
Certificate issuer:       /CN=0e69a67d4b215a3f31fc462f0ea534ef83f8ef57
Certificate serial:       0188DCCDA4D37F03CDCC8838D01F7E0766CD
Authority key identifier: 0E:69:A6:7D:4B:21:5A:3F:31:FC:46:2F:0E:A5:34:EF:83:F8:EF:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DmmmfUshWj8x_EYvDqU074P471c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/50bdd4-e2a9-46c9-836e-68c1b7dfb190/1/EPuRx-IYdsPBXNxstyIIZ3wevGY.roa
Signing time:             Wed 21 Jun 2023 07:14:04 +0000
ROA not before:           Wed 21 Jun 2023 07:14:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        2001:67c:2064::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:dc:cd:a4:d3:7f:03:cd:cc:88:38:d0:1f:7e:07:66:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e69a67d4b215a3f31fc462f0ea534ef83f8ef57
        Validity
            Not Before: Jun 21 07:14:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=10fb91c7e21876c3c15cdc6cb72208677c1ebc66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:cb:38:da:b7:1c:87:6a:16:9b:02:ee:91:bb:
                    78:2a:a8:35:fe:16:4e:13:47:7b:4f:39:74:1d:53:
                    c4:c3:e9:58:a5:b2:f8:75:cb:67:03:2b:ab:4b:28:
                    b5:41:1e:30:a0:26:de:93:75:29:10:83:05:2c:86:
                    87:5d:6c:98:6f:db:b5:0c:2f:dd:ea:bf:d8:81:d1:
                    45:ff:87:84:cc:ea:3f:4b:49:48:de:01:87:7b:ab:
                    89:35:2a:d7:3c:f3:72:26:23:61:8e:ae:44:d0:65:
                    2c:d0:d8:93:26:33:56:8d:22:9a:29:94:24:03:eb:
                    d0:1b:8e:49:39:3b:ed:36:69:1e:e4:06:aa:01:c8:
                    95:5e:bd:b4:92:a2:ed:d5:18:70:15:a0:ae:7e:9f:
                    f6:de:16:20:06:3f:c4:5d:1e:af:3c:e0:e1:72:c8:
                    96:75:13:5e:92:e5:cb:dc:b1:e1:45:b5:a1:9e:dd:
                    93:ec:8f:ff:8d:09:eb:6c:d6:a1:2c:60:47:29:f0:
                    00:e6:c7:83:34:da:c3:8a:72:c4:dc:0a:97:64:41:
                    02:cc:82:37:e8:ee:df:78:0e:ac:fd:43:91:50:0f:
                    20:da:53:b1:d8:7c:cf:f6:58:13:a7:19:d0:fa:5c:
                    ed:37:55:f3:d9:e6:e3:3d:ff:d2:4f:9a:dd:1d:2a:
                    6f:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:FB:91:C7:E2:18:76:C3:C1:5C:DC:6C:B7:22:08:67:7C:1E:BC:66
            X509v3 Authority Key Identifier:
                keyid:0E:69:A6:7D:4B:21:5A:3F:31:FC:46:2F:0E:A5:34:EF:83:F8:EF:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DmmmfUshWj8x_EYvDqU074P471c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/50bdd4-e2a9-46c9-836e-68c1b7dfb190/1/EPuRx-IYdsPBXNxstyIIZ3wevGY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/50bdd4-e2a9-46c9-836e-68c1b7dfb190/1/DmmmfUshWj8x_EYvDqU074P471c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:2064::/48

    Signature Algorithm: sha256WithRSAEncryption
         69:b5:d9:44:a6:53:3f:92:9f:7e:06:9e:65:18:a1:47:58:fc:
         65:79:88:41:94:e5:ea:d3:42:db:3b:ff:1b:fe:f5:91:94:17:
         13:c9:74:db:8e:3b:b6:81:16:6d:87:04:57:d5:f2:0f:79:af:
         48:d2:68:14:6f:25:0c:3f:91:be:a8:d1:06:ea:83:5d:48:80:
         7e:d6:40:51:6a:40:35:82:db:23:30:05:fc:d6:c9:c6:e3:7d:
         7a:46:48:68:b2:c4:5b:5d:93:e8:b3:7d:a0:34:f0:dc:b7:9d:
         a3:a0:3b:f6:d8:75:65:e2:5f:05:ff:8e:5e:8d:f4:49:37:11:
         68:ed:ea:dd:99:52:70:83:da:29:73:fd:5d:c1:c3:0d:70:b0:
         3e:38:41:de:8f:9d:db:2b:c0:46:ca:fb:e3:f3:33:04:33:a0:
         a6:bb:31:f7:3a:fd:80:0a:47:0d:c4:b3:aa:fc:36:dc:b6:95:
         5c:c9:d4:fb:7a:17:e4:1d:5f:67:0c:c3:de:29:d6:2c:3b:35:
         3c:be:d9:01:98:73:bd:05:f7:28:a3:ba:16:28:11:06:00:7b:
         cd:4b:c2:e4:f0:73:2e:60:d8:d7:8c:c8:70:16:cf:a3:da:09:
         d8:a0:20:97:6b:c3:8e:9e:4d:db:ac:f1:2f:bb:cf:ea:59:f6:
         2e:8b:dc:20
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYjczaTTfwPNzIg40B9+B2bNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNjlhNjdkNGIyMTVhM2YzMWZjNDYyZjBlYTUzNGVmODNm
OGVmNTcwHhcNMjMwNjIxMDcxNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGZiOTFjN2UyMTg3NmMzYzE1Y2RjNmNiNzIyMDg2NzdjMWViYzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8s42rcch2oWmwLukbt4Kqg1/hZO
E0d7Tzl0HVPEw+lYpbL4dctnAyurSyi1QR4woCbek3UpEIMFLIaHXWyYb9u1DC/d
6r/YgdFF/4eEzOo/S0lI3gGHe6uJNSrXPPNyJiNhjq5E0GUs0NiTJjNWjSKaKZQk
A+vQG45JOTvtNmke5AaqAciVXr20kqLt1RhwFaCufp/23hYgBj/EXR6vPODhcsiW
dRNekuXL3LHhRbWhnt2T7I//jQnrbNahLGBHKfAA5seDNNrDinLE3AqXZEECzII3
6O7feA6s/UORUA8g2lOx2HzP9lgTpxnQ+lztN1Xz2ebjPf/ST5rdHSpv1QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBD7kcfiGHbDwVzcbLciCGd8HrxmMB8GA1UdIwQY
MBaAFA5ppn1LIVo/MfxGLw6lNO+D+O9XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG1tbWZVc2hXajh4X0VZdkRxVTA3NFA0NzFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81MGJkZDQtZTJhOS00NmM5LTgzNmUt
NjhjMWI3ZGZiMTkwLzEvRVB1UngtSVlkc1BCWE54c3R5SUlaM3dldkdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81MGJkZDQtZTJhOS00NmM5LTgzNmUtNjhjMWI3ZGZiMTkw
LzEvRG1tbWZVc2hXajh4X0VZdkRxVTA3NFA0NzFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCBk
MA0GCSqGSIb3DQEBCwUAA4IBAQBptdlEplM/kp9+Bp5lGKFHWPxleYhBlOXq00Lb
O/8b/vWRlBcTyXTbjju2gRZthwRX1fIPea9I0mgUbyUMP5G+qNEG6oNdSIB+1kBR
akA1gtsjMAX81snG4316RkhossRbXZPos32gNPDct52joDv22HVl4l8F/45ejfRJ
NxFo7erdmVJwg9opc/1dwcMNcLA+OEHej53bK8BGyvvj8zMEM6CmuzH3Ov2ACkcN
xLOq/DbctpVcydT7ehfkHV9nDMPeKdYsOzU8vtkBmHO9Bfcoo7oWKBEGAHvNS8Lk
8HMuYNjXjMhwFs+j2gnYoCCXa8OOnk3brPEvu8/qWfYui9wg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:28 2024 by rpki-client on console-ams.rpki-client.org