Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/OQoU0EJTvK0fHbrO9i5xqYMUDU0.roa
File:                     OQoU0EJTvK0fHbrO9i5xqYMUDU0.roa (raw, json)
Hash identifier:          lROQ8ZhaV8Hf9MF8lljvjJOktAdrS1ZeogCM0uCZIWU=
Subject key identifier:   39:0A:14:D0:42:53:BC:AD:1F:1D:BA:CE:F6:2E:71:A9:83:14:0D:4D
Certificate issuer:       /CN=95189b158d8d6011ba5f96252d30266a70d3e066
Certificate serial:       01856F67050B435FCEEB1B977FB41095CF8F
Authority key identifier: 95:18:9B:15:8D:8D:60:11:BA:5F:96:25:2D:30:26:6A:70:D3:E0:66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lRibFY2NYBG6X5YlLTAmanDT4GY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/OQoU0EJTvK0fHbrO9i5xqYMUDU0.roa
Signing time:             Sun 01 Jan 2023 22:15:00 +0000
ROA not before:           Sun 01 Jan 2023 22:15:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204302
IP address blocks:        2001:678:640::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:67:05:0b:43:5f:ce:eb:1b:97:7f:b4:10:95:cf:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95189b158d8d6011ba5f96252d30266a70d3e066
        Validity
            Not Before: Jan  1 22:15:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=390a14d04253bcad1f1dbacef62e71a983140d4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:e2:1d:6c:5e:84:52:64:e5:2f:35:a7:d4:87:
                    08:5f:04:e2:d5:6f:78:a9:55:fd:79:76:49:68:0b:
                    c5:a8:82:26:90:71:96:1e:29:6a:27:05:e0:72:ac:
                    64:6f:43:b4:65:fa:3a:37:7f:ca:d7:a3:c7:70:d4:
                    bc:8f:39:f5:2b:6a:fd:28:ae:fa:9e:f9:40:4f:f8:
                    b7:b6:25:a2:24:4a:5d:62:6f:4b:d1:a1:84:e5:44:
                    cb:db:96:0c:5e:34:42:e4:1a:b7:c2:31:08:ef:d8:
                    28:61:d8:92:d2:87:2e:f7:b9:c9:90:7f:b9:ff:49:
                    59:10:d8:d7:05:09:09:92:4a:9b:3a:46:94:65:ea:
                    18:60:73:1b:5d:f5:4a:6a:ba:c3:ae:5b:07:16:58:
                    40:46:43:87:f7:8d:79:35:39:4e:a7:b3:cf:d9:6e:
                    24:17:83:fd:63:dc:e3:1b:4c:0b:ef:fa:0b:6d:e4:
                    38:54:33:2c:ee:6d:6f:9b:4b:a8:05:96:9a:ed:66:
                    94:9e:08:42:9b:21:09:7a:02:e7:36:f3:1d:2f:e3:
                    f0:cb:b3:68:f4:69:e8:31:9c:23:af:e0:6f:9f:c1:
                    d7:4a:34:4e:d4:09:79:1b:0a:37:33:45:7a:ce:ec:
                    7d:e8:90:3c:fb:50:f3:fb:de:0d:6d:b3:1e:dc:ad:
                    f0:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:0A:14:D0:42:53:BC:AD:1F:1D:BA:CE:F6:2E:71:A9:83:14:0D:4D
            X509v3 Authority Key Identifier:
                keyid:95:18:9B:15:8D:8D:60:11:BA:5F:96:25:2D:30:26:6A:70:D3:E0:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lRibFY2NYBG6X5YlLTAmanDT4GY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/OQoU0EJTvK0fHbrO9i5xqYMUDU0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:640::/48

    Signature Algorithm: sha256WithRSAEncryption
         53:f2:45:54:f7:12:90:ae:8f:62:20:bd:64:ac:de:cd:20:1c:
         4d:2d:ba:80:c4:4c:38:11:53:4a:d7:d4:f5:14:07:aa:6f:85:
         0f:80:60:f2:d9:b2:60:43:06:eb:d0:d5:24:cd:d6:37:fd:49:
         30:53:d6:b2:3c:09:19:34:aa:ea:e4:ca:3f:2b:34:0d:e9:8e:
         e1:ed:bb:2d:a8:5b:dc:67:01:f0:c6:55:bb:2f:89:42:77:9e:
         c3:18:bb:02:d8:33:5a:95:ac:7a:52:e2:51:48:55:71:5b:59:
         8a:e0:0e:9c:d4:36:d8:c3:3b:59:db:ef:68:13:d9:3f:2d:12:
         2d:41:22:b9:3a:5a:68:5e:91:3d:63:19:d7:26:12:6f:fa:3c:
         ee:03:60:9c:be:c2:59:a2:e7:6b:c9:bf:e2:d5:d6:b7:d6:d8:
         ed:bd:f1:0c:9a:03:f7:b7:b0:75:ea:38:77:16:99:5c:56:bb:
         f1:d0:3a:5c:3c:c6:e6:2b:c9:04:26:a7:51:8b:42:50:07:9f:
         3d:05:eb:e0:dd:7e:c2:c0:c7:8a:7e:49:73:93:64:0a:36:58:
         a0:fd:02:12:b1:26:43:00:71:e1:5e:47:7b:66:d0:1f:38:bb:
         dc:8d:c2:d9:a1:79:16:a3:da:ca:88:59:ad:e5:d9:06:11:4d:
         86:cb:c5:99
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvZwULQ1/O6xuXf7QQlc+PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MTg5YjE1OGQ4ZDYwMTFiYTVmOTYyNTJkMzAyNjZhNzBk
M2UwNjYwHhcNMjMwMTAxMjIxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTBhMTRkMDQyNTNiY2FkMWYxZGJhY2VmNjJlNzFhOTgzMTQwZDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuIdbF6EUmTlLzWn1IcIXwTi1W94
qVX9eXZJaAvFqIImkHGWHilqJwXgcqxkb0O0Zfo6N3/K16PHcNS8jzn1K2r9KK76
nvlAT/i3tiWiJEpdYm9L0aGE5UTL25YMXjRC5Bq3wjEI79goYdiS0ocu97nJkH+5
/0lZENjXBQkJkkqbOkaUZeoYYHMbXfVKarrDrlsHFlhARkOH9415NTlOp7PP2W4k
F4P9Y9zjG0wL7/oLbeQ4VDMs7m1vm0uoBZaa7WaUnghCmyEJegLnNvMdL+Pwy7No
9GnoMZwjr+Bvn8HXSjRO1Al5Gwo3M0V6zux96JA8+1Dz+94NbbMe3K3wawIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDkKFNBCU7ytHx26zvYucamDFA1NMB8GA1UdIwQY
MBaAFJUYmxWNjWARul+WJS0wJmpw0+BmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFJpYkZZMk5ZQkc2WDVZbExUQW1hbkRUNEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMjdhZDAtNTVjMi00OTA0LWE4YzUt
YWNlMTgwZmY5YjE5LzEvT1FvVTBFSlR2SzBmSGJyTzlpNXhxWU1VRFUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMjdhZDAtNTVjMi00OTA0LWE4YzUtYWNlMTgwZmY5YjE5
LzEvbFJpYkZZMk5ZQkc2WDVZbExUQW1hbkRUNEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAZA
MA0GCSqGSIb3DQEBCwUAA4IBAQBT8kVU9xKQro9iIL1krN7NIBxNLbqAxEw4EVNK
19T1FAeqb4UPgGDy2bJgQwbr0NUkzdY3/UkwU9ayPAkZNKrq5Mo/KzQN6Y7h7bst
qFvcZwHwxlW7L4lCd57DGLsC2DNalax6UuJRSFVxW1mK4A6c1DbYwztZ2+9oE9k/
LRItQSK5OlpoXpE9YxnXJhJv+jzuA2CcvsJZoudryb/i1da31tjtvfEMmgP3t7B1
6jh3FplcVrvx0DpcPMbmK8kEJqdRi0JQB589Bevg3X7CwMeKfklzk2QKNlig/QIS
sSZDAHHhXkd7ZtAfOLvcjcLZoXkWo9rKiFmt5dkGEU2Gy8WZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:38 2024 by rpki-client on console-ams.rpki-client.org