Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/6bdd74-8cd0-4cc4-8b67-f83e3c71efcb/1/UjniMFat6xLY2Hi7P_Yx9aFyNAM.roa
File:                     UjniMFat6xLY2Hi7P_Yx9aFyNAM.roa (raw, json)
Hash identifier:          JCIj+32iJq8psS0GNv7RLMLIkHCG0S+2q6kcBAQpWQc=
Subject key identifier:   52:39:E2:30:56:AD:EB:12:D8:D8:78:BB:3F:F6:31:F5:A1:72:34:03
Certificate issuer:       /CN=a41c96e931eee41b899d62c7db83633446a3c42b
Certificate serial:       01857142D077F37F5EFACDCBD32BC1BD3304
Authority key identifier: A4:1C:96:E9:31:EE:E4:1B:89:9D:62:C7:DB:83:63:34:46:A3:C4:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pByW6THu5BuJnWLH24NjNEajxCs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/6bdd74-8cd0-4cc4-8b67-f83e3c71efcb/1/UjniMFat6xLY2Hi7P_Yx9aFyNAM.roa
Signing time:             Mon 02 Jan 2023 06:54:42 +0000
ROA not before:           Mon 02 Jan 2023 06:54:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200273
IP address blocks:        2001:678:7f8::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:42:d0:77:f3:7f:5e:fa:cd:cb:d3:2b:c1:bd:33:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a41c96e931eee41b899d62c7db83633446a3c42b
        Validity
            Not Before: Jan  2 06:54:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5239e23056adeb12d8d878bb3ff631f5a1723403
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:bc:ec:cd:d7:8d:9e:83:95:55:d4:c4:76:f0:
                    3a:46:4a:77:64:f5:98:3c:82:c2:fa:9d:d3:f6:ea:
                    a0:83:3f:2c:5a:49:fd:26:8d:29:54:dc:5b:e9:90:
                    04:4e:e8:92:a3:35:35:a1:21:dc:2d:e6:ba:46:b8:
                    38:ad:3d:2a:32:9c:bc:a2:43:fb:86:c0:2b:32:b1:
                    ee:48:ab:97:01:d3:6a:19:00:01:78:14:09:f4:80:
                    f0:f4:8a:3e:a0:24:70:e5:75:b4:60:50:95:79:b3:
                    ee:aa:41:00:70:ec:64:9b:55:03:a2:19:db:72:59:
                    3b:e8:cc:75:89:e4:29:db:34:fe:b1:41:55:1d:62:
                    eb:96:d1:88:85:22:39:15:25:9f:d5:d0:a8:fa:cb:
                    ac:69:a7:f6:ac:63:fe:aa:1f:13:66:68:20:9d:64:
                    6f:af:da:77:bd:62:b4:ec:82:33:a4:83:c6:2f:c5:
                    bb:77:cd:46:2e:9b:41:3d:00:bf:3d:07:13:d3:bc:
                    11:e6:b3:cc:f4:a6:40:34:30:d1:4c:d0:13:96:f2:
                    a3:f3:20:49:aa:85:68:6e:4b:19:5b:c2:53:0c:8d:
                    8d:d2:50:4c:45:ab:36:96:00:23:9b:c4:b5:b7:00:
                    60:84:ee:48:83:c9:b5:52:d5:dc:f9:85:df:a1:b3:
                    29:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:39:E2:30:56:AD:EB:12:D8:D8:78:BB:3F:F6:31:F5:A1:72:34:03
            X509v3 Authority Key Identifier:
                keyid:A4:1C:96:E9:31:EE:E4:1B:89:9D:62:C7:DB:83:63:34:46:A3:C4:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pByW6THu5BuJnWLH24NjNEajxCs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/6bdd74-8cd0-4cc4-8b67-f83e3c71efcb/1/UjniMFat6xLY2Hi7P_Yx9aFyNAM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/6bdd74-8cd0-4cc4-8b67-f83e3c71efcb/1/pByW6THu5BuJnWLH24NjNEajxCs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:7f8::/48

    Signature Algorithm: sha256WithRSAEncryption
         6c:58:92:ab:0f:d8:56:4b:bb:3a:b0:66:e9:62:7f:10:26:ff:
         07:eb:7b:75:dc:a1:09:b2:10:8e:67:2d:ea:f4:50:f0:fa:f3:
         73:9d:53:09:4d:da:e9:67:e1:44:4b:d1:f3:65:59:88:9e:5d:
         0b:81:13:c5:52:75:b6:e5:77:e5:8c:b5:75:57:f3:43:7a:1d:
         a1:69:22:1c:6a:71:02:6a:f5:f9:b6:9b:97:ee:8b:4f:41:4c:
         17:4b:88:81:5d:51:95:f8:71:7a:1b:c3:8e:52:25:d2:ff:f4:
         9f:fb:7d:f0:fe:58:32:f5:8e:e5:3e:65:26:a9:a6:d6:1f:e2:
         33:f8:bf:be:31:41:b4:ea:25:a4:a5:1d:08:62:b8:66:1f:4a:
         cf:eb:b2:7f:7a:e3:1c:e7:9f:26:15:a5:5d:5d:83:8f:f4:8e:
         96:e5:40:7e:f5:2c:e3:49:af:63:4b:d5:42:d1:1f:3f:14:2b:
         ca:38:54:db:c5:38:f9:8d:e2:4b:41:f9:1f:ab:10:c8:b7:ab:
         d9:15:d4:15:5c:b0:c6:77:3d:a4:9f:42:4a:39:ef:05:b4:b4:
         b2:c5:55:78:a2:d4:05:88:09:fb:07:7d:32:cf:57:67:38:b7:
         19:35:a6:2d:75:86:13:2b:50:1d:99:6f:24:9b:09:57:73:9b:
         bd:2f:31:a7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxQtB3839e+s3L0yvBvTMEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MWM5NmU5MzFlZWU0MWI4OTlkNjJjN2RiODM2MzM0NDZh
M2M0MmIwHhcNMjMwMTAyMDY1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjM5ZTIzMDU2YWRlYjEyZDhkODc4YmIzZmY2MzFmNWExNzIzNDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybzszdeNnoOVVdTEdvA6Rkp3ZPWY
PILC+p3T9uqggz8sWkn9Jo0pVNxb6ZAETuiSozU1oSHcLea6Rrg4rT0qMpy8okP7
hsArMrHuSKuXAdNqGQABeBQJ9IDw9Io+oCRw5XW0YFCVebPuqkEAcOxkm1UDohnb
clk76Mx1ieQp2zT+sUFVHWLrltGIhSI5FSWf1dCo+susaaf2rGP+qh8TZmggnWRv
r9p3vWK07IIzpIPGL8W7d81GLptBPQC/PQcT07wR5rPM9KZANDDRTNATlvKj8yBJ
qoVobksZW8JTDI2N0lBMRas2lgAjm8S1twBghO5Ig8m1UtXc+YXfobMpswIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFI54jBWresS2Nh4uz/2MfWhcjQDMB8GA1UdIwQY
MBaAFKQclukx7uQbiZ1ix9uDYzRGo8QrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEJ5VzZUSHU1QnVKbldMSDI0TmpORWFqeENzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy82YmRkNzQtOGNkMC00Y2M0LThiNjct
ZjgzZTNjNzFlZmNiLzEvVWpuaU1GYXQ2eExZMkhpN1BfWXg5YUZ5TkFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy82YmRkNzQtOGNkMC00Y2M0LThiNjctZjgzZTNjNzFlZmNi
LzEvcEJ5VzZUSHU1QnVKbldMSDI0TmpORWFqeENzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAf4
MA0GCSqGSIb3DQEBCwUAA4IBAQBsWJKrD9hWS7s6sGbpYn8QJv8H63t13KEJshCO
Zy3q9FDw+vNznVMJTdrpZ+FES9HzZVmInl0LgRPFUnW25XfljLV1V/NDeh2haSIc
anECavX5tpuX7otPQUwXS4iBXVGV+HF6G8OOUiXS//Sf+33w/lgy9Y7lPmUmqabW
H+Iz+L++MUG06iWkpR0IYrhmH0rP67J/euMc558mFaVdXYOP9I6W5UB+9SzjSa9j
S9VC0R8/FCvKOFTbxTj5jeJLQfkfqxDIt6vZFdQVXLDGdz2kn0JKOe8FtLSyxVV4
otQFiAn7B30yz1dnOLcZNaYtdYYTK1AdmW8kmwlXc5u9LzGn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:08 2024 by rpki-client on console-fra.rpki-client.org