Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/mVwjOqKaBW8KAcajoEu5fE-V4jg.roa
File:                     mVwjOqKaBW8KAcajoEu5fE-V4jg.roa (raw, json)
Hash identifier:          d6LUV/tE8hBiq3+0t6n9fvSUMTvwO8quEk2H5UDtFQM=
Subject key identifier:   99:5C:23:3A:A2:9A:05:6F:0A:01:C6:A3:A0:4B:B9:7C:4F:95:E2:38
Certificate issuer:       /CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733
Certificate serial:       01856DC1AFD0D06F0BFFB83DBCE0CB58CA49
Authority key identifier: C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/mVwjOqKaBW8KAcajoEu5fE-V4jg.roa
Signing time:             Sun 01 Jan 2023 14:34:48 +0000
ROA not before:           Sun 01 Jan 2023 14:34:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210825
IP address blocks:        2001:67c:80c::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:c1:af:d0:d0:6f:0b:ff:b8:3d:bc:e0:cb:58:ca:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733
        Validity
            Not Before: Jan  1 14:34:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=995c233aa29a056f0a01c6a3a04bb97c4f95e238
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:10:e4:e8:54:05:14:d9:d5:9a:73:30:10:ad:
                    73:0a:6b:2b:c4:f5:69:66:c2:f6:81:5b:e7:c8:c6:
                    05:d1:f2:34:81:dc:86:cb:48:23:ae:48:c8:95:0d:
                    6c:87:97:8a:60:ff:2e:48:f2:39:0f:14:13:52:fe:
                    71:77:a1:6a:ab:54:2a:04:af:65:02:81:d7:87:5f:
                    86:5a:0f:37:dd:7a:d4:7f:a8:d6:74:45:c6:b0:88:
                    b7:1e:fb:96:ea:85:0d:eb:17:49:18:86:12:55:79:
                    22:14:69:88:3a:1b:62:cd:3c:19:0c:9a:f3:9e:07:
                    98:19:b7:6e:2d:4c:7a:28:34:e3:03:a7:5c:46:87:
                    33:8c:28:2b:1a:8f:b3:07:fb:e0:c1:9f:fa:f8:ce:
                    66:23:6b:82:9f:e3:74:ae:a3:d3:53:6f:6b:20:11:
                    29:8e:00:ee:cd:b2:38:93:09:5d:dd:03:26:7f:82:
                    cb:7c:8b:dd:ff:db:4b:86:27:bb:30:5a:ba:7b:92:
                    35:86:c4:d4:a7:3a:d5:77:df:9c:fd:79:9f:3f:f8:
                    81:fc:23:f2:22:d2:68:1a:dd:2b:29:ce:7d:9f:b6:
                    ee:24:62:24:53:1c:18:fc:52:7f:f4:22:df:16:09:
                    c9:36:a0:b8:3c:11:09:6f:5c:0e:48:ec:3b:37:ea:
                    92:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:5C:23:3A:A2:9A:05:6F:0A:01:C6:A3:A0:4B:B9:7C:4F:95:E2:38
            X509v3 Authority Key Identifier:
                keyid:C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/mVwjOqKaBW8KAcajoEu5fE-V4jg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:80c::/48

    Signature Algorithm: sha256WithRSAEncryption
         47:29:c9:94:cf:e1:48:5b:d1:eb:85:19:eb:d5:c0:6d:6f:5c:
         3b:44:1f:38:69:20:cb:9c:33:13:3a:1a:38:7d:80:79:2e:ee:
         08:ae:f0:59:31:52:d4:b8:5c:6e:6d:ea:fa:a6:f7:97:bf:f1:
         1a:06:6e:af:20:98:5d:7c:85:4a:bc:65:a1:c7:30:ad:b2:49:
         fa:30:f9:27:ad:2a:f0:5a:87:17:4c:9e:25:5c:2c:4b:cd:ff:
         e8:e1:bd:94:eb:9f:c0:ea:d4:22:53:02:3b:45:56:2e:99:78:
         21:a2:b3:86:74:c5:ea:f6:cc:bf:e6:99:f8:37:eb:54:bb:05:
         5b:c9:62:82:b5:d8:ee:bb:10:47:1b:0f:d4:27:a5:db:c9:b9:
         54:ab:f8:14:bf:d2:d1:36:b4:55:91:6f:55:80:e8:05:1e:ef:
         e5:02:08:96:75:b7:63:6c:af:f2:5b:03:da:b4:aa:5f:b0:e9:
         98:2c:18:b0:8a:98:73:55:b3:67:f7:59:84:75:39:9b:d1:c3:
         f9:4f:f4:1b:85:50:1b:83:5f:3d:c5:8a:e9:68:98:f4:8c:a8:
         c2:44:75:dc:aa:0e:d4:c4:71:68:80:03:e4:d6:fc:a4:ab:ec:
         b7:79:a3:68:39:93:91:0a:1d:1d:76:6f:f8:79:0a:0a:0c:04:
         77:cc:ef:0c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtwa/Q0G8L/7g9vODLWMpJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MzFiNjNkMTFhNmNjMmQxY2U2OWUxMzExYzg3YWMxYTZh
NzA3MzMwHhcNMjMwMTAxMTQzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTVjMjMzYWEyOWEwNTZmMGEwMWM2YTNhMDRiYjk3YzRmOTVlMjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RDk6FQFFNnVmnMwEK1zCmsrxPVp
ZsL2gVvnyMYF0fI0gdyGy0gjrkjIlQ1sh5eKYP8uSPI5DxQTUv5xd6Fqq1QqBK9l
AoHXh1+GWg833XrUf6jWdEXGsIi3HvuW6oUN6xdJGIYSVXkiFGmIOhtizTwZDJrz
ngeYGbduLUx6KDTjA6dcRoczjCgrGo+zB/vgwZ/6+M5mI2uCn+N0rqPTU29rIBEp
jgDuzbI4kwld3QMmf4LLfIvd/9tLhie7MFq6e5I1hsTUpzrVd9+c/XmfP/iB/CPy
ItJoGt0rKc59n7buJGIkUxwY/FJ/9CLfFgnJNqC4PBEJb1wOSOw7N+qS/wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJlcIzqimgVvCgHGo6BLuXxPleI4MB8GA1UdIwQY
MBaAFMUxtj0RpswtHOaeExHIesGmpwczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEt
ZGI4Y2FiY2VlMjFlLzEvbVZ3ak9xS2FCVzhLQWNham9FdTVmRS1WNGpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEtZGI4Y2FiY2VlMjFl
LzEveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAgM
MA0GCSqGSIb3DQEBCwUAA4IBAQBHKcmUz+FIW9HrhRnr1cBtb1w7RB84aSDLnDMT
Oho4fYB5Lu4IrvBZMVLUuFxuber6pveXv/EaBm6vIJhdfIVKvGWhxzCtskn6MPkn
rSrwWocXTJ4lXCxLzf/o4b2U65/A6tQiUwI7RVYumXghorOGdMXq9sy/5pn4N+tU
uwVbyWKCtdjuuxBHGw/UJ6XbyblUq/gUv9LRNrRVkW9VgOgFHu/lAgiWdbdjbK/y
WwPatKpfsOmYLBiwiphzVbNn91mEdTmb0cP5T/QbhVAbg189xYrpaJj0jKjCRHXc
qg7UxHFogAPk1vykq+y3eaNoOZORCh0ddm/4eQoKDAR3zO8M
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:49 2024 by rpki-client on console-ams.rpki-client.org