Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/cee55d-985a-4e36-8e39-82bc8a3180c6/1/vZVxB9lnC5ISOHYr4hnVq7IvgFM.roa
File:                     vZVxB9lnC5ISOHYr4hnVq7IvgFM.roa (raw, json)
Hash identifier:          mxUGyM+6ax/9os9SBs1ZJsXmy7UQtC0EzHFTX0X6lEw=
Subject key identifier:   BD:95:71:07:D9:67:0B:92:12:38:76:2B:E2:19:D5:AB:B2:2F:80:53
Certificate issuer:       /CN=607656b8f7e81b5149b4860f8127b1d4e3b487dc
Certificate serial:       018570674E3E28B5156474D705720FCFAF9F
Authority key identifier: 60:76:56:B8:F7:E8:1B:51:49:B4:86:0F:81:27:B1:D4:E3:B4:87:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YHZWuPfoG1FJtIYPgSex1OO0h9w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/cee55d-985a-4e36-8e39-82bc8a3180c6/1/vZVxB9lnC5ISOHYr4hnVq7IvgFM.roa
Signing time:             Mon 02 Jan 2023 02:54:56 +0000
ROA not before:           Mon 02 Jan 2023 02:54:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204571
IP address blocks:        2001:67c:a1c::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:67:4e:3e:28:b5:15:64:74:d7:05:72:0f:cf:af:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=607656b8f7e81b5149b4860f8127b1d4e3b487dc
        Validity
            Not Before: Jan  2 02:54:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bd957107d9670b921238762be219d5abb22f8053
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:a7:91:bb:db:f2:72:c9:38:bb:5a:8a:50:ef:
                    43:c4:bb:2c:52:fe:02:1f:b5:94:33:d1:5a:54:44:
                    a0:6e:16:49:4a:43:31:40:02:b9:2d:9c:1f:a8:13:
                    fa:e7:a1:d4:43:5e:5a:37:85:d2:87:6e:70:64:50:
                    dc:c6:ce:ce:63:20:e7:51:6d:da:1f:d6:25:dc:46:
                    07:72:03:d5:49:5c:72:c2:ec:20:3e:70:75:10:69:
                    d8:8f:57:47:be:86:1f:ca:39:b4:e6:1a:fa:28:56:
                    59:fd:f2:76:4e:96:cd:69:4d:11:9e:0f:7e:f8:49:
                    1b:7e:54:32:4c:12:30:e7:ee:51:02:58:de:22:af:
                    34:78:72:a1:7e:ff:f2:d8:5c:f3:f0:8d:26:fa:c7:
                    bf:6f:67:01:13:4f:57:20:60:97:af:78:22:64:9b:
                    8b:b2:16:77:0c:03:25:be:21:d1:e6:d0:0b:34:4f:
                    34:5c:62:a4:3b:1f:94:e8:c0:7a:1e:42:e3:0f:0d:
                    91:14:ad:10:cd:fb:1d:cc:71:f1:e7:e7:04:db:c7:
                    e2:b7:af:7f:d5:64:71:90:64:c5:c6:60:97:a0:83:
                    55:0a:53:b3:eb:41:ac:75:a9:57:0f:2c:e0:3e:b5:
                    f0:79:6d:11:25:48:75:59:f8:27:ba:91:15:10:ab:
                    1b:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:95:71:07:D9:67:0B:92:12:38:76:2B:E2:19:D5:AB:B2:2F:80:53
            X509v3 Authority Key Identifier:
                keyid:60:76:56:B8:F7:E8:1B:51:49:B4:86:0F:81:27:B1:D4:E3:B4:87:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YHZWuPfoG1FJtIYPgSex1OO0h9w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/cee55d-985a-4e36-8e39-82bc8a3180c6/1/vZVxB9lnC5ISOHYr4hnVq7IvgFM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/cee55d-985a-4e36-8e39-82bc8a3180c6/1/YHZWuPfoG1FJtIYPgSex1OO0h9w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:a1c::/48

    Signature Algorithm: sha256WithRSAEncryption
         91:50:03:e5:f8:f1:63:a1:91:6f:8f:a5:3b:0b:77:02:a7:0b:
         89:f1:3c:04:18:de:39:7a:20:80:d4:59:9d:7a:43:fc:e4:e4:
         c0:2b:bc:b1:36:6b:b7:ae:e1:d4:ed:d0:b7:a0:14:28:6a:9c:
         97:21:c9:a1:01:c7:06:2f:cd:81:7d:ba:2c:d4:9a:4c:3a:09:
         68:cd:83:23:f3:ae:18:94:e9:99:a6:2c:e2:42:53:dd:1b:81:
         2d:cf:68:0b:d2:7b:df:8e:8d:f5:07:40:05:9a:2d:56:79:64:
         26:ef:dc:e8:d7:60:0c:4b:39:fe:50:66:52:61:f8:f5:b5:e5:
         31:d6:1a:4c:5a:cb:11:df:7f:df:30:1d:4f:c0:97:1a:65:8d:
         29:51:6a:dc:36:07:30:5d:da:28:10:a7:54:ed:8d:4a:5d:a7:
         b4:d7:9f:e3:94:5d:55:6b:f6:a1:db:16:ad:2b:78:87:33:65:
         76:e2:31:e3:0f:4c:d5:e5:ae:fe:5b:7b:77:d2:73:ee:86:83:
         a8:f7:2e:5a:c7:c2:18:d9:cd:fe:bd:9e:55:14:50:d6:99:30:
         49:c5:28:fd:08:eb:7e:6a:ce:27:e3:72:e1:26:16:0c:96:5b:
         b8:46:b5:7d:da:84:fe:e3:54:79:56:c8:ea:38:77:d8:87:f4:
         f4:6a:c4:51
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwZ04+KLUVZHTXBXIPz6+fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNzY1NmI4ZjdlODFiNTE0OWI0ODYwZjgxMjdiMWQ0ZTNi
NDg3ZGMwHhcNMjMwMTAyMDI1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDk1NzEwN2Q5NjcwYjkyMTIzODc2MmJlMjE5ZDVhYmIyMmY4MDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3aeRu9vycsk4u1qKUO9DxLssUv4C
H7WUM9FaVESgbhZJSkMxQAK5LZwfqBP656HUQ15aN4XSh25wZFDcxs7OYyDnUW3a
H9Yl3EYHcgPVSVxywuwgPnB1EGnYj1dHvoYfyjm05hr6KFZZ/fJ2TpbNaU0Rng9+
+EkbflQyTBIw5+5RAljeIq80eHKhfv/y2Fzz8I0m+se/b2cBE09XIGCXr3giZJuL
shZ3DAMlviHR5tALNE80XGKkOx+U6MB6HkLjDw2RFK0QzfsdzHHx5+cE28fit69/
1WRxkGTFxmCXoINVClOz60GsdalXDyzgPrXweW0RJUh1WfgnupEVEKsb0wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFL2VcQfZZwuSEjh2K+IZ1auyL4BTMB8GA1UdIwQY
MBaAFGB2Vrj36BtRSbSGD4EnsdTjtIfcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUhaV3VQZm9HMUZKdElZUGdTZXgxT08waDl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9jZWU1NWQtOTg1YS00ZTM2LThlMzkt
ODJiYzhhMzE4MGM2LzEvdlpWeEI5bG5DNUlTT0hZcjRoblZxN0l2Z0ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9jZWU1NWQtOTg1YS00ZTM2LThlMzktODJiYzhhMzE4MGM2
LzEvWUhaV3VQZm9HMUZKdElZUGdTZXgxT08waDl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAoc
MA0GCSqGSIb3DQEBCwUAA4IBAQCRUAPl+PFjoZFvj6U7C3cCpwuJ8TwEGN45eiCA
1FmdekP85OTAK7yxNmu3ruHU7dC3oBQoapyXIcmhAccGL82Bfbos1JpMOglozYMj
864YlOmZpiziQlPdG4Etz2gL0nvfjo31B0AFmi1WeWQm79zo12AMSzn+UGZSYfj1
teUx1hpMWssR33/fMB1PwJcaZY0pUWrcNgcwXdooEKdU7Y1KXae015/jlF1Va/ah
2xatK3iHM2V24jHjD0zV5a7+W3t30nPuhoOo9y5ax8IY2c3+vZ5VFFDWmTBJxSj9
COt+as4n43LhJhYMllu4RrV92oT+41R5VsjqOHfYh/T0asRR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:59 2024 by rpki-client on console-ams.rpki-client.org