Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9337ec-b4de-449a-b607-ea9cb527ae71/1/hIEtVZnoz22xIFJgaf17qtghbeA.roa
File:                     hIEtVZnoz22xIFJgaf17qtghbeA.roa (raw, json)
Hash identifier:          cQ0P1N2EP6zs18Zh5am9gfSHJHqHkHh+E2e5ZcMN5NY=
Subject key identifier:   84:81:2D:55:99:E8:CF:6D:B1:20:52:60:69:FD:7B:AA:D8:21:6D:E0
Certificate issuer:       /CN=8dd09817dfea4c66c9418f9f3906f1d0e07cc9d4
Certificate serial:       01856BE587DA5A7AE6389616536B97BC5C48
Authority key identifier: 8D:D0:98:17:DF:EA:4C:66:C9:41:8F:9F:39:06:F1:D0:E0:7C:C9:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jdCYF9_qTGbJQY-fOQbx0OB8ydQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/9337ec-b4de-449a-b607-ea9cb527ae71/1/hIEtVZnoz22xIFJgaf17qtghbeA.roa
Signing time:             Sun 01 Jan 2023 05:54:42 +0000
ROA not before:           Sun 01 Jan 2023 05:54:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212464
IP address blocks:        2001:67c:2be0::/48 maxlen: 64

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:e5:87:da:5a:7a:e6:38:96:16:53:6b:97:bc:5c:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8dd09817dfea4c66c9418f9f3906f1d0e07cc9d4
        Validity
            Not Before: Jan  1 05:54:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=84812d5599e8cf6db120526069fd7baad8216de0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:bc:68:08:24:55:60:fd:f9:78:8d:dd:f4:51:
                    5b:13:bb:71:b4:e0:43:91:b9:f4:3c:53:b1:b5:67:
                    bc:14:f3:aa:98:7a:63:2d:72:8d:0c:a2:06:fa:69:
                    88:78:c5:86:34:81:a9:87:16:bc:65:0d:1a:92:4d:
                    43:aa:f1:15:52:bb:3f:50:7a:72:c4:9e:80:8e:06:
                    3e:da:6a:ce:f1:7b:7b:7c:58:50:d2:ad:96:99:37:
                    72:7a:a3:b8:5b:60:7c:3d:72:0c:3e:5b:a6:d3:b4:
                    fa:4b:18:f1:2e:87:5c:ec:6d:c7:a7:8e:37:2b:82:
                    b3:2d:d2:63:a3:69:1a:f5:8a:05:1a:10:b6:72:6e:
                    a0:c4:fa:bc:d3:33:2e:9d:56:1b:d4:2f:24:63:fc:
                    4f:25:d9:97:e1:49:d6:54:f5:89:73:34:e1:2c:f2:
                    10:eb:b5:49:d3:c2:df:9d:cb:7f:6f:21:9b:1d:17:
                    c3:d6:fd:a4:77:2e:ac:78:7d:50:15:f4:b7:26:29:
                    f5:ce:16:c0:b8:f3:2e:4a:a8:d2:9e:e7:35:8f:9a:
                    53:5a:b8:00:9f:5a:82:96:d1:b1:02:bd:c1:25:e5:
                    e9:db:41:fb:f5:df:b7:c5:bc:ad:8e:6b:8c:fe:43:
                    55:58:13:4c:ad:48:fb:1d:7c:00:3f:00:24:9e:22:
                    db:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:81:2D:55:99:E8:CF:6D:B1:20:52:60:69:FD:7B:AA:D8:21:6D:E0
            X509v3 Authority Key Identifier:
                keyid:8D:D0:98:17:DF:EA:4C:66:C9:41:8F:9F:39:06:F1:D0:E0:7C:C9:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jdCYF9_qTGbJQY-fOQbx0OB8ydQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9337ec-b4de-449a-b607-ea9cb527ae71/1/hIEtVZnoz22xIFJgaf17qtghbeA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9337ec-b4de-449a-b607-ea9cb527ae71/1/jdCYF9_qTGbJQY-fOQbx0OB8ydQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:2be0::/48

    Signature Algorithm: sha256WithRSAEncryption
         1f:40:5c:35:88:98:da:ff:b1:55:da:d0:47:62:25:3a:2c:6d:
         82:1b:80:2c:dc:83:2b:f5:be:8a:ef:b2:c9:0a:a5:62:6b:c3:
         23:e3:d5:ab:38:16:f5:eb:21:4d:98:cb:97:5f:dc:f5:55:01:
         70:40:bf:ac:2d:4a:de:5d:2a:2e:b8:9c:b9:d8:f5:a4:6a:c7:
         d6:b6:47:7d:19:13:bb:fa:f6:f6:5e:cc:bd:84:7d:2f:64:1e:
         23:98:9b:d5:72:51:5a:ef:15:b3:ff:f6:4e:d0:73:37:a8:ad:
         f1:4c:01:48:0f:87:70:da:ba:83:fd:49:a5:30:7e:e7:db:aa:
         71:29:86:67:4a:a4:df:b6:05:5f:c3:66:a6:3a:d4:87:74:c4:
         66:99:8a:fe:a5:50:45:2a:3c:08:c3:85:31:65:b4:54:4f:51:
         e7:03:28:52:bd:5f:91:46:fc:f7:ff:22:91:82:a7:2e:a2:0c:
         81:95:fd:43:f5:45:41:80:18:d0:c2:70:b1:be:06:e1:17:76:
         e5:df:83:25:f6:be:6d:aa:36:6e:62:60:54:22:eb:38:9f:8b:
         15:32:5d:27:dc:93:4b:22:8b:f8:c6:1a:94:dc:96:85:a3:70:
         3a:f4:06:6a:50:23:28:a8:14:24:b3:6d:a4:88:63:58:36:18:
         a7:a6:3b:40
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVr5YfaWnrmOJYWU2uXvFxIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkZDA5ODE3ZGZlYTRjNjZjOTQxOGY5ZjM5MDZmMWQwZTA3
Y2M5ZDQwHhcNMjMwMTAxMDU1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDgxMmQ1NTk5ZThjZjZkYjEyMDUyNjA2OWZkN2JhYWQ4MjE2ZGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7xoCCRVYP35eI3d9FFbE7txtOBD
kbn0PFOxtWe8FPOqmHpjLXKNDKIG+mmIeMWGNIGphxa8ZQ0akk1DqvEVUrs/UHpy
xJ6AjgY+2mrO8Xt7fFhQ0q2WmTdyeqO4W2B8PXIMPlum07T6SxjxLodc7G3Hp443
K4KzLdJjo2ka9YoFGhC2cm6gxPq80zMunVYb1C8kY/xPJdmX4UnWVPWJczThLPIQ
67VJ08Lfnct/byGbHRfD1v2kdy6seH1QFfS3Jin1zhbAuPMuSqjSnuc1j5pTWrgA
n1qCltGxAr3BJeXp20H79d+3xbytjmuM/kNVWBNMrUj7HXwAPwAkniLbWwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFISBLVWZ6M9tsSBSYGn9e6rYIW3gMB8GA1UdIwQY
MBaAFI3QmBff6kxmyUGPnzkG8dDgfMnUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamRDWUY5X3FUR2JKUVktZk9RYngwT0I4eWRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85MzM3ZWMtYjRkZS00NDlhLWI2MDct
ZWE5Y2I1MjdhZTcxLzEvaElFdFZabm96MjJ4SUZKZ2FmMTdxdGdoYmVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85MzM3ZWMtYjRkZS00NDlhLWI2MDctZWE5Y2I1MjdhZTcx
LzEvamRDWUY5X3FUR2JKUVktZk9RYngwT0I4eWRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCvg
MA0GCSqGSIb3DQEBCwUAA4IBAQAfQFw1iJja/7FV2tBHYiU6LG2CG4As3IMr9b6K
77LJCqVia8Mj49WrOBb16yFNmMuXX9z1VQFwQL+sLUreXSouuJy52PWkasfWtkd9
GRO7+vb2Xsy9hH0vZB4jmJvVclFa7xWz//ZO0HM3qK3xTAFID4dw2rqD/UmlMH7n
26pxKYZnSqTftgVfw2amOtSHdMRmmYr+pVBFKjwIw4UxZbRUT1HnAyhSvV+RRvz3
/yKRgqcuogyBlf1D9UVBgBjQwnCxvgbhF3bl34Ml9r5tqjZuYmBUIus4n4sVMl0n
3JNLIov4xhqU3JaFo3A69AZqUCMoqBQks22kiGNYNhinpjtA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:23 2024 by rpki-client on console-fra.rpki-client.org