Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/wExaURUuhseZJm8i3JY7j8SUcYc.roa
File:                     wExaURUuhseZJm8i3JY7j8SUcYc.roa (raw, json)
Hash identifier:          OhqDgY/c3UI4KM/1jx2ruiq4EHv9FtYyRdVqHHKiwrE=
Subject key identifier:   C0:4C:5A:51:15:2E:86:C7:99:26:6F:22:DC:96:3B:8F:C4:94:71:87
Certificate issuer:       /CN=5e8d3c0b6414c9c86e3c94a714dfb269cb5e9169
Certificate serial:       01856CF87288AC8EAB47B2E3C4DDEA7DA446
Authority key identifier: 5E:8D:3C:0B:64:14:C9:C8:6E:3C:94:A7:14:DF:B2:69:CB:5E:91:69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xo08C2QUychuPJSnFN-yactekWk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/wExaURUuhseZJm8i3JY7j8SUcYc.roa
Signing time:             Sun 01 Jan 2023 10:54:59 +0000
ROA not before:           Sun 01 Jan 2023 10:54:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2485
IP address blocks:        2001:67c:1348::/48 maxlen: 48
                          2001:67c:2218::/47 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:f8:72:88:ac:8e:ab:47:b2:e3:c4:dd:ea:7d:a4:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e8d3c0b6414c9c86e3c94a714dfb269cb5e9169
        Validity
            Not Before: Jan  1 10:54:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c04c5a51152e86c799266f22dc963b8fc4947187
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:49:d3:df:d1:65:db:17:22:60:64:51:16:cd:
                    b6:12:35:87:3f:6e:fc:df:e6:de:81:30:71:16:a2:
                    df:20:92:16:60:bb:2d:0c:a9:d8:15:07:76:c7:db:
                    1d:05:be:ec:06:f4:d5:41:a5:df:ca:24:bc:20:41:
                    2a:a5:48:ab:1e:7b:bb:8c:a1:e1:47:46:68:3c:84:
                    2a:e8:76:a3:d1:5a:18:fe:35:8f:af:a8:4a:4c:29:
                    24:59:7e:11:60:3e:61:c9:7d:c9:64:94:81:f0:70:
                    f2:c8:3a:e2:ef:99:e2:4b:fb:ec:5f:14:63:1c:b0:
                    30:4c:5c:66:41:bb:b1:5c:d1:83:f0:80:71:fc:78:
                    a3:c8:60:8a:7d:3e:b4:5b:fa:09:50:8a:ea:59:1f:
                    12:9d:ef:38:6d:87:83:cc:e8:0c:27:d0:12:1b:b4:
                    51:6e:96:49:5f:99:33:a2:95:71:cc:63:4c:cf:83:
                    9e:10:a3:bf:08:9b:0b:91:68:66:a3:29:b4:1b:df:
                    b3:9e:72:6c:be:b8:5d:2e:cb:a2:bf:6d:37:6a:f2:
                    dc:9b:2d:e9:18:20:d3:67:56:6f:2f:18:40:64:6a:
                    3c:6f:9b:d2:66:2a:68:68:07:44:38:a3:4f:09:62:
                    41:c5:80:d4:ed:13:be:23:6d:3c:01:ad:b9:81:6f:
                    38:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:4C:5A:51:15:2E:86:C7:99:26:6F:22:DC:96:3B:8F:C4:94:71:87
            X509v3 Authority Key Identifier:
                keyid:5E:8D:3C:0B:64:14:C9:C8:6E:3C:94:A7:14:DF:B2:69:CB:5E:91:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xo08C2QUychuPJSnFN-yactekWk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/wExaURUuhseZJm8i3JY7j8SUcYc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/Xo08C2QUychuPJSnFN-yactekWk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:1348::/48
                  2001:67c:2218::/47

    Signature Algorithm: sha256WithRSAEncryption
         66:f4:a3:3d:74:f5:e0:f7:78:8d:cd:bb:0a:d3:6c:22:c0:9d:
         41:54:4d:e4:61:29:71:3e:37:09:6a:39:f8:c2:fa:b9:e4:30:
         71:65:d5:9e:72:6d:8f:46:73:dd:c4:90:7d:7e:6d:49:b7:65:
         dc:4f:a7:6a:ef:7f:5e:ab:e3:d9:84:27:b2:c1:97:4a:0a:db:
         51:7d:09:58:a4:38:fb:82:84:25:c5:29:af:94:f2:e1:72:71:
         73:8e:41:c4:9f:db:e9:61:0d:d4:62:59:42:41:c4:9f:2f:04:
         6a:7e:53:04:1f:65:d1:04:1e:4e:19:45:bb:fe:14:c9:e8:02:
         3c:01:55:43:00:75:b8:7f:76:4d:fa:dc:ed:d9:57:04:ff:fb:
         bc:9b:5a:5f:c7:54:9d:0d:1e:37:1b:7b:a2:f1:5e:04:95:9b:
         ac:b9:ec:12:2a:29:af:59:0c:5a:8e:ae:56:6d:50:88:ea:da:
         b7:ba:dd:ba:1d:bd:d2:be:79:bb:e8:5f:51:79:c5:d5:2b:0b:
         a3:e5:bc:7f:ef:7c:c0:73:68:29:27:aa:ef:40:2f:c7:88:4c:
         d2:1a:56:90:60:06:db:ef:0a:23:8e:97:04:18:60:1f:87:1c:
         18:bc:31:a8:99:cf:b0:39:ae:97:64:0f:d3:a4:e9:b1:59:4d:
         ba:87:66:f3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVs+HKIrI6rR7LjxN3qfaRGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOGQzYzBiNjQxNGM5Yzg2ZTNjOTRhNzE0ZGZiMjY5Y2I1
ZTkxNjkwHhcNMjMwMTAxMTA1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDRjNWE1MTE1MmU4NmM3OTkyNjZmMjJkYzk2M2I4ZmM0OTQ3MTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0nT39Fl2xciYGRRFs22EjWHP278
3+begTBxFqLfIJIWYLstDKnYFQd2x9sdBb7sBvTVQaXfyiS8IEEqpUirHnu7jKHh
R0ZoPIQq6Haj0VoY/jWPr6hKTCkkWX4RYD5hyX3JZJSB8HDyyDri75niS/vsXxRj
HLAwTFxmQbuxXNGD8IBx/HijyGCKfT60W/oJUIrqWR8Sne84bYeDzOgMJ9ASG7RR
bpZJX5kzopVxzGNMz4OeEKO/CJsLkWhmoym0G9+znnJsvrhdLsuiv203avLcmy3p
GCDTZ1ZvLxhAZGo8b5vSZipoaAdEOKNPCWJBxYDU7RO+I208Aa25gW845QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMBMWlEVLobHmSZvItyWO4/ElHGHMB8GA1UdIwQY
MBaAFF6NPAtkFMnIbjyUpxTfsmnLXpFpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG8wOEMyUVV5Y2h1UEpTbkZOLXlhY3Rla1drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9lYzM1MzEtODJmOC00YjRkLWI1OTAt
MjM0MzA5NTA2MDljLzEvd0V4YVVSVXVoc2VaSm04aTNKWTdqOFNVY1ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9lYzM1MzEtODJmOC00YjRkLWI1OTAtMjM0MzA5NTA2MDlj
LzEvWG8wOEMyUVV5Y2h1UEpTbkZOLXlhY3Rla1drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGfBNI
AwcBIAEGfCIYMA0GCSqGSIb3DQEBCwUAA4IBAQBm9KM9dPXg93iNzbsK02wiwJ1B
VE3kYSlxPjcJajn4wvq55DBxZdWecm2PRnPdxJB9fm1Jt2XcT6dq739eq+PZhCey
wZdKCttRfQlYpDj7goQlxSmvlPLhcnFzjkHEn9vpYQ3UYllCQcSfLwRqflMEH2XR
BB5OGUW7/hTJ6AI8AVVDAHW4f3ZN+tzt2VcE//u8m1pfx1SdDR43G3ui8V4ElZus
uewSKimvWQxajq5WbVCI6tq3ut26Hb3Svnm76F9RecXVKwuj5bx/73zAc2gpJ6rv
QC/HiEzSGlaQYAbb7wojjpcEGGAfhxwYvDGomc+wOa6XZA/TpOmxWU26h2bz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:23 2024 by rpki-client on console-fra.rpki-client.org