Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/5571f9-d9bb-4e78-bad6-09d4231c1c99/1/PGgsnHmp72qLndaJfaUgLzNEaX0.roa
File:                     PGgsnHmp72qLndaJfaUgLzNEaX0.roa (raw, json)
Hash identifier:          Cd213xLDTKshj7L4TcS/KoBIqsgL1q1xGlYtpNN1+OU=
Subject key identifier:   3C:68:2C:9C:79:A9:EF:6A:8B:9D:D6:89:7D:A5:20:2F:33:44:69:7D
Certificate issuer:       /CN=cbb996ff055d6575e01f2e64d9a3b382834702d1
Certificate serial:       018920EC83472F19AA1AF8C171F088334CB9
Authority key identifier: CB:B9:96:FF:05:5D:65:75:E0:1F:2E:64:D9:A3:B3:82:83:47:02:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y7mW_wVdZXXgHy5k2aOzgoNHAtE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/5571f9-d9bb-4e78-bad6-09d4231c1c99/1/PGgsnHmp72qLndaJfaUgLzNEaX0.roa
Signing time:             Tue 04 Jul 2023 12:41:58 +0000
ROA not before:           Tue 04 Jul 2023 12:41:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202351
IP address blocks:        2001:67c:ae0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:20:ec:83:47:2f:19:aa:1a:f8:c1:71:f0:88:33:4c:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbb996ff055d6575e01f2e64d9a3b382834702d1
        Validity
            Not Before: Jul  4 12:41:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3c682c9c79a9ef6a8b9dd6897da5202f3344697d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:32:69:cc:82:b7:c3:65:09:ef:9b:ff:ac:1a:
                    f5:ef:ad:5e:c4:cf:53:ea:78:e1:67:49:49:98:83:
                    d9:7d:d9:87:0f:45:36:99:bc:57:86:9d:72:3c:9a:
                    37:e4:b1:e6:d6:9c:e9:18:16:6a:46:aa:9d:7f:c1:
                    49:bc:19:9d:99:d8:45:87:56:16:35:73:bb:58:8f:
                    11:3a:ec:64:56:31:09:65:05:6b:b9:6b:34:fc:a2:
                    f9:31:95:23:e4:8f:4b:43:79:6a:d1:31:db:85:a5:
                    5e:00:ae:8d:51:9c:1a:de:e4:36:1c:2c:b6:ed:53:
                    5c:47:a7:c0:83:51:8f:05:8e:14:aa:5f:26:3c:c7:
                    4a:b2:21:47:ce:20:d5:83:79:8a:33:73:43:b0:97:
                    6d:dd:a5:21:63:3a:e4:c5:03:f7:67:7e:1a:82:59:
                    f6:28:0d:e1:46:ad:f2:e5:0c:78:0d:0d:ba:48:77:
                    bd:25:d9:63:c8:8b:8b:1c:41:fd:18:68:1a:5b:ed:
                    2d:2a:ae:e8:c8:ea:38:62:0c:8b:cc:4c:df:e8:63:
                    64:73:4d:9d:2b:3c:10:cd:df:e5:9f:01:bb:93:fc:
                    d4:8c:fe:fd:22:52:63:d7:ce:ad:4c:61:88:a6:c8:
                    72:82:85:8b:88:2c:a0:5d:d0:3b:5a:2a:c3:7d:88:
                    6c:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:68:2C:9C:79:A9:EF:6A:8B:9D:D6:89:7D:A5:20:2F:33:44:69:7D
            X509v3 Authority Key Identifier:
                keyid:CB:B9:96:FF:05:5D:65:75:E0:1F:2E:64:D9:A3:B3:82:83:47:02:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y7mW_wVdZXXgHy5k2aOzgoNHAtE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/5571f9-d9bb-4e78-bad6-09d4231c1c99/1/PGgsnHmp72qLndaJfaUgLzNEaX0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/5571f9-d9bb-4e78-bad6-09d4231c1c99/1/y7mW_wVdZXXgHy5k2aOzgoNHAtE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:ae0::/48

    Signature Algorithm: sha256WithRSAEncryption
         83:d2:b6:05:73:3a:7f:e7:01:6e:38:37:0f:f0:26:89:88:39:
         11:a3:9c:96:4b:22:9d:ca:38:ff:34:9e:84:a0:42:1f:d3:53:
         bc:3c:c5:0e:35:14:31:a8:95:d9:67:66:6b:e3:70:94:46:30:
         c7:78:6f:62:d7:3f:e0:28:8d:82:99:21:a0:f8:a2:9e:32:95:
         bd:b1:95:bf:95:dd:81:c6:5b:ca:94:95:86:5a:d3:6f:e4:0f:
         4e:71:f8:ef:8d:d6:bf:a0:15:60:a4:60:0d:14:bf:ac:64:8f:
         1d:36:dc:6e:93:35:fc:4b:f4:bf:35:bb:48:da:c3:82:c4:f8:
         30:bb:e9:32:bf:4f:f5:28:17:9f:7a:97:92:98:fe:1a:68:34:
         52:b8:e4:88:be:45:40:ea:23:24:e5:27:74:5a:b0:01:11:c2:
         d3:b2:77:31:71:00:74:db:a5:8f:76:3d:cc:d7:bb:c9:ad:21:
         c6:8c:49:a2:24:59:bb:ac:80:c1:19:86:be:5e:0f:55:33:5f:
         fd:8f:bc:1b:54:69:27:c2:a7:f4:18:aa:93:d3:7c:2d:05:1b:
         2e:65:a4:5e:9f:0d:65:fe:4f:68:7c:af:9f:d1:bd:d3:db:c0:
         fd:e9:60:c1:30:6b:a8:f4:1b:eb:25:47:a3:c8:5f:bf:c8:6d:
         19:ed:e5:c3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYkg7INHLxmqGvjBcfCIM0y5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYjk5NmZmMDU1ZDY1NzVlMDFmMmU2NGQ5YTNiMzgyODM0
NzAyZDEwHhcNMjMwNzA0MTI0MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzY4MmM5Yzc5YTllZjZhOGI5ZGQ2ODk3ZGE1MjAyZjMzNDQ2OTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTJpzIK3w2UJ75v/rBr1761exM9T
6njhZ0lJmIPZfdmHD0U2mbxXhp1yPJo35LHm1pzpGBZqRqqdf8FJvBmdmdhFh1YW
NXO7WI8ROuxkVjEJZQVruWs0/KL5MZUj5I9LQ3lq0THbhaVeAK6NUZwa3uQ2HCy2
7VNcR6fAg1GPBY4Uql8mPMdKsiFHziDVg3mKM3NDsJdt3aUhYzrkxQP3Z34agln2
KA3hRq3y5Qx4DQ26SHe9JdljyIuLHEH9GGgaW+0tKq7oyOo4YgyLzEzf6GNkc02d
KzwQzd/lnwG7k/zUjP79IlJj186tTGGIpshygoWLiCygXdA7WirDfYhs1wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDxoLJx5qe9qi53WiX2lIC8zRGl9MB8GA1UdIwQY
MBaAFMu5lv8FXWV14B8uZNmjs4KDRwLRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTdtV193VmRaWFhnSHk1azJhT3pnb05IQXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81NTcxZjktZDliYi00ZTc4LWJhZDYt
MDlkNDIzMWMxYzk5LzEvUEdnc25IbXA3MnFMbmRhSmZhVWdMek5FYVgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC81NTcxZjktZDliYi00ZTc4LWJhZDYtMDlkNDIzMWMxYzk5
LzEveTdtV193VmRaWFhnSHk1azJhT3pnb05IQXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfArg
MA0GCSqGSIb3DQEBCwUAA4IBAQCD0rYFczp/5wFuODcP8CaJiDkRo5yWSyKdyjj/
NJ6EoEIf01O8PMUONRQxqJXZZ2Zr43CURjDHeG9i1z/gKI2CmSGg+KKeMpW9sZW/
ld2BxlvKlJWGWtNv5A9Ocfjvjda/oBVgpGANFL+sZI8dNtxukzX8S/S/NbtI2sOC
xPgwu+kyv0/1KBefepeSmP4aaDRSuOSIvkVA6iMk5Sd0WrABEcLTsncxcQB026WP
dj3M17vJrSHGjEmiJFm7rIDBGYa+Xg9VM1/9j7wbVGknwqf0GKqT03wtBRsuZaRe
nw1l/k9ofK+f0b3T28D96WDBMGuo9BvrJUejyF+/yG0Z7eXD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:58 2024 by rpki-client on console-ams.rpki-client.org