Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/Qv1IzeqBOPCdlbPBjwRgiRWgCZo.roa
File:                     Qv1IzeqBOPCdlbPBjwRgiRWgCZo.roa (raw, json)
Hash identifier:          5szEro4s+0AsOf9v2gOZEfZWi0bbBxYOzyW823KZGOk=
Subject key identifier:   42:FD:48:CD:EA:81:38:F0:9D:95:B3:C1:8F:04:60:89:15:A0:09:9A
Certificate issuer:       /CN=18f4ee88584d6dfd9e3aa9bc201c50f44e353d9c
Certificate serial:       01856EC2234B7281B68FD0A10F0338975E40
Authority key identifier: 18:F4:EE:88:58:4D:6D:FD:9E:3A:A9:BC:20:1C:50:F4:4E:35:3D:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GPTuiFhNbf2eOqm8IBxQ9E41PZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/Qv1IzeqBOPCdlbPBjwRgiRWgCZo.roa
Signing time:             Sun 01 Jan 2023 19:14:54 +0000
ROA not before:           Sun 01 Jan 2023 19:14:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        2001:678:a90::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:c2:23:4b:72:81:b6:8f:d0:a1:0f:03:38:97:5e:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18f4ee88584d6dfd9e3aa9bc201c50f44e353d9c
        Validity
            Not Before: Jan  1 19:14:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=42fd48cdea8138f09d95b3c18f04608915a0099a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:68:9b:ba:be:e7:49:a5:68:3d:f2:46:ec:bd:
                    0e:ef:9c:83:da:0f:ba:4b:4a:ff:1a:51:01:4c:77:
                    1a:dd:80:b7:8a:dc:01:96:e0:00:46:fd:6a:07:0a:
                    5b:6e:30:5a:eb:e6:92:3c:f3:98:52:ef:2d:63:53:
                    70:26:9a:4c:35:1f:cb:db:a5:dc:c4:f7:13:89:66:
                    a9:3b:80:a9:6a:97:4e:61:58:25:33:5f:4c:a3:33:
                    db:a5:13:44:9c:54:38:4f:28:4a:a9:79:94:d4:53:
                    90:9e:f1:fd:39:5a:e3:80:37:e7:7b:a7:5a:ee:ba:
                    da:d5:4d:94:c7:f5:5a:76:d2:11:bf:1e:f6:00:f5:
                    8b:37:20:58:27:2b:50:9d:c0:81:45:aa:af:c5:4a:
                    ce:75:28:6a:dd:78:6d:cf:60:c5:74:2f:2a:35:11:
                    c8:b5:2e:04:53:76:6b:e2:51:d3:dc:12:ca:c0:b3:
                    24:0a:a4:d3:81:5c:fa:92:99:d7:6d:39:a4:30:fd:
                    28:48:28:6c:81:af:f4:92:1b:af:d4:3e:c9:17:a3:
                    55:b2:c1:7a:77:47:03:22:dc:31:26:05:f2:e1:24:
                    5d:58:93:d6:55:f6:8e:ff:b3:5d:11:15:f6:8c:b1:
                    58:b4:10:87:14:e4:18:c8:07:5c:ea:56:24:52:40:
                    8c:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:FD:48:CD:EA:81:38:F0:9D:95:B3:C1:8F:04:60:89:15:A0:09:9A
            X509v3 Authority Key Identifier:
                keyid:18:F4:EE:88:58:4D:6D:FD:9E:3A:A9:BC:20:1C:50:F4:4E:35:3D:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GPTuiFhNbf2eOqm8IBxQ9E41PZw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/Qv1IzeqBOPCdlbPBjwRgiRWgCZo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/GPTuiFhNbf2eOqm8IBxQ9E41PZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:a90::/48

    Signature Algorithm: sha256WithRSAEncryption
         59:16:6b:9c:d2:d0:d7:fb:e6:b3:5f:98:df:ab:d2:5b:f4:1a:
         70:82:7c:04:78:2b:d8:26:a8:65:4d:90:33:c6:79:bd:6c:f8:
         a4:c0:33:04:e2:74:53:3d:66:ca:5a:a5:0c:ca:ef:c3:8f:2c:
         4b:ad:bb:3d:4b:e1:44:b1:a0:b6:1e:81:4a:15:a3:b5:e5:e6:
         33:87:a0:b3:35:bb:49:e6:ca:f7:80:10:7d:6b:b7:e4:fe:28:
         8f:ce:df:eb:9d:55:10:d3:d8:2b:1c:02:ec:47:48:4e:66:a8:
         07:1a:ef:3e:a6:41:0e:4d:f4:6c:27:59:27:8c:26:81:bb:41:
         5a:f2:00:57:a5:06:14:b5:fa:5f:3a:6e:ae:6c:e9:4f:d1:42:
         cc:7f:5c:cd:6f:9b:18:0a:0f:9f:93:37:44:dc:51:26:d7:0d:
         4a:b4:9e:76:f3:db:e6:e8:bc:a2:18:f6:9e:82:bf:d4:90:c3:
         f1:09:d4:c6:bf:aa:97:96:69:7b:d3:0d:da:5e:f1:0e:f7:95:
         1e:54:92:cb:82:a5:7e:fd:4c:59:2d:3e:3f:93:f2:4a:3e:ac:
         9b:32:c8:24:d9:6a:c1:c1:ab:47:97:9d:a3:29:5b:02:72:c3:
         0e:c4:96:33:aa:73:9b:fe:05:2f:30:80:bb:b6:77:50:6e:81:
         84:f5:49:68
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuwiNLcoG2j9ChDwM4l15AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZjRlZTg4NTg0ZDZkZmQ5ZTNhYTliYzIwMWM1MGY0NGUz
NTNkOWMwHhcNMjMwMTAxMTkxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmZkNDhjZGVhODEzOGYwOWQ5NWIzYzE4ZjA0NjA4OTE1YTAwOTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmibur7nSaVoPfJG7L0O75yD2g+6
S0r/GlEBTHca3YC3itwBluAARv1qBwpbbjBa6+aSPPOYUu8tY1NwJppMNR/L26Xc
xPcTiWapO4CpapdOYVglM19MozPbpRNEnFQ4TyhKqXmU1FOQnvH9OVrjgDfne6da
7rra1U2Ux/VadtIRvx72APWLNyBYJytQncCBRaqvxUrOdShq3Xhtz2DFdC8qNRHI
tS4EU3Zr4lHT3BLKwLMkCqTTgVz6kpnXbTmkMP0oSChsga/0khuv1D7JF6NVssF6
d0cDItwxJgXy4SRdWJPWVfaO/7NdERX2jLFYtBCHFOQYyAdc6lYkUkCMhwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEL9SM3qgTjwnZWzwY8EYIkVoAmaMB8GA1UdIwQY
MBaAFBj07ohYTW39njqpvCAcUPRONT2cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1BUdWlGaE5iZjJlT3FtOElCeFE5RTQxUFp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC85ZjhmYmUtYjJlOC00NzJkLTllYmMt
MGI5ODg1ODYzZWJmLzEvUXYxSXplcUJPUENkbGJQQmp3UmdpUldnQ1pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC85ZjhmYmUtYjJlOC00NzJkLTllYmMtMGI5ODg1ODYzZWJm
LzEvR1BUdWlGaE5iZjJlT3FtOElCeFE5RTQxUFp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAqQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBZFmuc0tDX++azX5jfq9Jb9BpwgnwEeCvYJqhl
TZAzxnm9bPikwDME4nRTPWbKWqUMyu/DjyxLrbs9S+FEsaC2HoFKFaO15eYzh6Cz
NbtJ5sr3gBB9a7fk/iiPzt/rnVUQ09grHALsR0hOZqgHGu8+pkEOTfRsJ1knjCaB
u0Fa8gBXpQYUtfpfOm6ubOlP0ULMf1zNb5sYCg+fkzdE3FEm1w1KtJ5289vm6Lyi
GPaegr/UkMPxCdTGv6qXlml70w3aXvEO95UeVJLLgqV+/UxZLT4/k/JKPqybMsgk
2WrBwatHl52jKVsCcsMOxJYzqnOb/gUvMIC7tndQboGE9Ulo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:50 2024 by rpki-client on console-ams.rpki-client.org