Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/PB79N8IpUtBuIosDEF8gjxKL1Pc.roa
File:                     PB79N8IpUtBuIosDEF8gjxKL1Pc.roa (raw, json)
Hash identifier:          nrtTbHiRSsY/4q8LNxOL8ToCTs9dn+cUN7nyz0lBDEY=
Subject key identifier:   3C:1E:FD:37:C2:29:52:D0:6E:22:8B:03:10:5F:20:8F:12:8B:D4:F7
Certificate issuer:       /CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Certificate serial:       01856BDC69DFC752254D3CB4A41420959D2E
Authority key identifier: 0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/PB79N8IpUtBuIosDEF8gjxKL1Pc.roa
Signing time:             Sun 01 Jan 2023 05:44:45 +0000
ROA not before:           Sun 01 Jan 2023 05:44:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43126
IP address blocks:        2a0f:607:1060::/44 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:dc:69:df:c7:52:25:4d:3c:b4:a4:14:20:95:9d:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
        Validity
            Not Before: Jan  1 05:44:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3c1efd37c22952d06e228b03105f208f128bd4f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:39:72:68:6d:2b:3d:8a:b3:0f:cc:11:27:08:
                    9f:a4:44:17:a9:9a:43:1e:bd:e5:30:ad:02:b2:cf:
                    6d:aa:bc:aa:a9:20:79:bc:63:4e:03:af:c5:a7:67:
                    ed:2b:c4:18:fc:08:54:0a:6d:96:f2:b6:a5:62:63:
                    ee:19:43:d0:bc:a6:ce:65:30:de:6a:cd:4f:9f:8d:
                    b9:bc:77:a4:d1:03:ad:83:13:31:f7:d0:05:c9:ef:
                    e7:39:70:0c:8c:d5:ba:10:c9:56:75:72:9c:b0:f6:
                    5b:85:4f:19:2c:17:29:d1:a0:1b:6b:a5:34:b4:fd:
                    2e:d6:fb:30:0e:cc:e6:d3:63:2c:0a:ce:c1:6c:a8:
                    de:25:1d:96:47:ac:fa:c9:9c:f8:12:ee:39:85:cc:
                    9c:40:5c:30:50:a0:6a:d2:ba:72:48:0a:eb:c4:b0:
                    6f:6b:d8:b4:ad:7a:3d:04:f6:54:cb:f6:e1:db:2b:
                    f4:a1:25:ce:31:66:f4:20:64:7a:d2:34:58:5b:e9:
                    dd:98:64:4f:cf:b3:b6:45:44:b0:e4:67:d6:c5:4d:
                    97:0c:31:a4:a6:bb:12:77:c3:dc:6a:6d:94:5b:2f:
                    ec:4c:03:01:bc:ac:67:fb:4e:50:98:10:11:6a:90:
                    01:01:f1:0f:bf:9e:c0:62:45:bb:00:3c:28:3b:6a:
                    a4:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:1E:FD:37:C2:29:52:D0:6E:22:8B:03:10:5F:20:8F:12:8B:D4:F7
            X509v3 Authority Key Identifier:
                keyid:0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/PB79N8IpUtBuIosDEF8gjxKL1Pc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:607:1060::/44

    Signature Algorithm: sha256WithRSAEncryption
         82:4e:31:0c:9a:de:de:d8:2f:f2:b6:d2:ed:9b:2b:9d:29:af:
         b6:bb:42:2f:05:23:f1:e1:70:fb:fb:30:47:67:f1:47:3d:e8:
         b9:01:cb:1a:8e:76:dd:47:ab:14:1f:dd:52:ce:be:02:a2:29:
         ed:8d:c1:c5:72:3a:5f:a4:53:f3:e7:f7:e3:83:99:eb:0b:88:
         67:8f:45:1b:03:d5:4e:81:56:89:2a:cb:75:f9:07:a1:01:16:
         b0:a7:45:77:04:e4:da:3d:d8:61:99:33:24:cb:55:e4:dc:a7:
         60:4c:15:c4:d2:cb:a3:ff:2c:d1:1f:48:b9:f4:48:3d:37:a6:
         65:bc:32:b0:b7:cf:38:8c:11:38:e5:27:ce:b2:b2:ba:2b:85:
         74:29:23:f3:9e:08:b2:3e:35:56:45:1e:0b:16:0b:76:0a:cb:
         99:a1:72:88:3c:2f:c2:b1:af:62:1e:14:d3:23:fa:c5:83:bd:
         a3:95:5d:e7:5c:02:ba:23:06:55:23:64:d0:a9:e5:72:4d:4c:
         7f:89:5e:99:6a:2a:6b:5f:d5:75:a9:93:5f:a0:09:df:0a:68:
         61:af:90:70:17:24:6e:66:bc:a3:e7:8b:bc:de:37:77:95:17:
         f1:e3:69:d3:43:27:ee:31:e7:80:85:5a:19:5b:59:60:cc:b8:
         81:75:24:0e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVr3Gnfx1IlTTy0pBQglZ0uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMjFiOTI1YjRjNGJjYzMwZjc3YzljNDFiYThkMDQwYWM5
NWRmYzYwHhcNMjMwMTAxMDU0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzFlZmQzN2MyMjk1MmQwNmUyMjhiMDMxMDVmMjA4ZjEyOGJkNGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzlyaG0rPYqzD8wRJwifpEQXqZpD
Hr3lMK0Css9tqryqqSB5vGNOA6/Fp2ftK8QY/AhUCm2W8ralYmPuGUPQvKbOZTDe
as1Pn425vHek0QOtgxMx99AFye/nOXAMjNW6EMlWdXKcsPZbhU8ZLBcp0aAba6U0
tP0u1vswDszm02MsCs7BbKjeJR2WR6z6yZz4Eu45hcycQFwwUKBq0rpySArrxLBv
a9i0rXo9BPZUy/bh2yv0oSXOMWb0IGR60jRYW+ndmGRPz7O2RUSw5GfWxU2XDDGk
prsSd8Pcam2UWy/sTAMBvKxn+05QmBARapABAfEPv57AYkW7ADwoO2qkMwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDwe/TfCKVLQbiKLAxBfII8Si9T3MB8GA1UdIwQY
MBaAFAwhuSW0xLzDD3fJxBuo0ECsld/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2Ut
YTM0NzU2NDE1OGY4LzEvUEI3OU44SXBVdEJ1SW9zREVGOGdqeEtMMVBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2UtYTM0NzU2NDE1OGY4
LzEvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg8GBxBg
MA0GCSqGSIb3DQEBCwUAA4IBAQCCTjEMmt7e2C/yttLtmyudKa+2u0IvBSPx4XD7
+zBHZ/FHPei5AcsajnbdR6sUH91Szr4CointjcHFcjpfpFPz5/fjg5nrC4hnj0Ub
A9VOgVaJKst1+QehARawp0V3BOTaPdhhmTMky1Xk3KdgTBXE0suj/yzRH0i59Eg9
N6ZlvDKwt884jBE45SfOsrK6K4V0KSPzngiyPjVWRR4LFgt2CsuZoXKIPC/Csa9i
HhTTI/rFg72jlV3nXAK6IwZVI2TQqeVyTUx/iV6ZaiprX9V1qZNfoAnfCmhhr5Bw
FyRuZryj54u83jd3lRfx42nTQyfuMeeAhVoZW1lgzLiBdSQO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:12 2024 by rpki-client on console-ams.rpki-client.org