Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/bbb1c6-9f91-4346-b616-c2dc7a058e30/1/oj4n4sWUiyFqcxPOgbnJplUv-Uo.roa
File:                     oj4n4sWUiyFqcxPOgbnJplUv-Uo.roa (raw, json)
Hash identifier:          mznol8nZmw7CfG62xuU+zXzCv++yGCZAlSSbI5sRRzM=
Subject key identifier:   A2:3E:27:E2:C5:94:8B:21:6A:73:13:CE:81:B9:C9:A6:55:2F:F9:4A
Certificate issuer:       /CN=061bb0916c853801f22ce723bc2cc418869db7d0
Certificate serial:       018570428B7CFA2980DC8193AFC6030DC73B
Authority key identifier: 06:1B:B0:91:6C:85:38:01:F2:2C:E7:23:BC:2C:C4:18:86:9D:B7:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BhuwkWyFOAHyLOcjvCzEGIadt9A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/bbb1c6-9f91-4346-b616-c2dc7a058e30/1/oj4n4sWUiyFqcxPOgbnJplUv-Uo.roa
Signing time:             Mon 02 Jan 2023 02:14:47 +0000
ROA not before:           Mon 02 Jan 2023 02:14:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208242
IP address blocks:        2001:678:b04::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:42:8b:7c:fa:29:80:dc:81:93:af:c6:03:0d:c7:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=061bb0916c853801f22ce723bc2cc418869db7d0
        Validity
            Not Before: Jan  2 02:14:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a23e27e2c5948b216a7313ce81b9c9a6552ff94a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:e1:15:b3:f5:e6:2f:79:a1:52:1a:93:d8:b3:
                    55:09:dd:7b:db:dd:44:3a:c4:84:f7:99:83:07:8f:
                    bb:20:66:13:a1:56:7c:7e:3a:f2:3b:5a:db:69:14:
                    68:e9:66:6f:90:89:b7:9a:7b:5b:dd:8e:bc:51:19:
                    6e:68:e4:4b:bb:dc:4b:b4:4e:03:a9:8c:40:c3:00:
                    4c:c7:a4:47:70:71:42:4a:6f:ce:2e:47:c5:00:cc:
                    05:af:8d:c4:26:f2:cf:f3:cc:f6:52:a6:d4:9c:93:
                    0a:e5:7a:9b:d3:8c:8b:da:9f:28:83:e7:ba:be:b6:
                    d9:fa:d7:bf:18:12:c6:5e:b5:c7:fd:1e:33:3f:bf:
                    fc:79:1a:dc:e6:3f:3e:a5:af:fd:99:07:79:33:97:
                    0b:f3:a8:a4:8f:6f:8d:60:49:74:f7:39:6e:ad:50:
                    6a:25:06:4a:8b:9c:e9:71:87:76:69:cd:8c:44:e6:
                    dc:b4:f4:30:58:80:3b:89:b4:9c:b2:97:29:2e:66:
                    f4:03:c7:ec:85:fe:9b:9b:af:97:37:71:7a:0c:54:
                    74:99:b5:b4:01:8c:3f:e1:b9:14:fe:cb:b0:46:7c:
                    0c:f8:6b:b0:24:df:de:52:b3:cc:1d:ad:d3:e6:d7:
                    d0:b6:4f:11:e0:39:53:5d:6b:2c:2e:88:f3:32:e4:
                    a1:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:3E:27:E2:C5:94:8B:21:6A:73:13:CE:81:B9:C9:A6:55:2F:F9:4A
            X509v3 Authority Key Identifier:
                keyid:06:1B:B0:91:6C:85:38:01:F2:2C:E7:23:BC:2C:C4:18:86:9D:B7:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BhuwkWyFOAHyLOcjvCzEGIadt9A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/bbb1c6-9f91-4346-b616-c2dc7a058e30/1/oj4n4sWUiyFqcxPOgbnJplUv-Uo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/bbb1c6-9f91-4346-b616-c2dc7a058e30/1/BhuwkWyFOAHyLOcjvCzEGIadt9A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:b04::/48

    Signature Algorithm: sha256WithRSAEncryption
         37:ba:db:0c:37:3b:06:8b:7d:87:46:1b:9a:11:26:17:f0:ae:
         ad:3b:38:f7:4e:f4:63:b7:20:5f:5a:8e:ba:f9:62:44:b4:18:
         99:94:86:b1:3b:c7:b6:27:b0:b1:7a:e9:ec:43:a2:ca:9c:0c:
         c1:9f:5e:fb:94:1a:d0:a7:ae:27:e2:b8:07:63:13:eb:31:31:
         5b:44:3b:bb:c5:71:f0:c4:31:07:4b:c8:15:04:e7:0f:f1:4e:
         1e:8b:0a:59:10:d1:46:44:ff:fd:ee:32:2b:22:46:79:2e:ed:
         95:de:8d:a7:26:42:05:ae:16:08:ee:72:3b:ed:3b:8b:80:61:
         db:b2:3b:f4:8d:45:77:cc:7d:08:bd:1d:49:c1:ee:cc:1d:64:
         0e:b4:2a:ef:19:2f:fa:b5:e5:8b:bf:a2:55:ed:ec:14:d8:55:
         05:f5:90:18:ac:0e:3d:93:71:69:52:ba:04:16:d7:4e:dc:f0:
         1e:4e:3b:fc:4d:f8:a1:b9:ca:e7:fe:60:c2:e7:65:ce:6b:09:
         f2:43:d8:96:3d:7f:2d:7d:43:0b:7c:74:ee:a2:7f:b5:06:c6:
         64:e3:c7:78:0f:eb:44:66:c4:79:c1:31:7e:4e:a6:4c:68:0a:
         c3:a7:1f:38:4d:b7:27:d2:3e:1e:b7:5b:3a:d6:60:d8:55:62:
         fe:fd:f5:7f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwQot8+imA3IGTr8YDDcc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MWJiMDkxNmM4NTM4MDFmMjJjZTcyM2JjMmNjNDE4ODY5
ZGI3ZDAwHhcNMjMwMTAyMDIxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjNlMjdlMmM1OTQ4YjIxNmE3MzEzY2U4MWI5YzlhNjU1MmZmOTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOEVs/XmL3mhUhqT2LNVCd17291E
OsSE95mDB4+7IGYToVZ8fjryO1rbaRRo6WZvkIm3mntb3Y68URluaORLu9xLtE4D
qYxAwwBMx6RHcHFCSm/OLkfFAMwFr43EJvLP88z2UqbUnJMK5Xqb04yL2p8og+e6
vrbZ+te/GBLGXrXH/R4zP7/8eRrc5j8+pa/9mQd5M5cL86ikj2+NYEl09zlurVBq
JQZKi5zpcYd2ac2MRObctPQwWIA7ibScspcpLmb0A8fshf6bm6+XN3F6DFR0mbW0
AYw/4bkU/suwRnwM+GuwJN/eUrPMHa3T5tfQtk8R4DlTXWssLojzMuShZwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKI+J+LFlIshanMTzoG5yaZVL/lKMB8GA1UdIwQY
MBaAFAYbsJFshTgB8iznI7wsxBiGnbfQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmh1d2tXeUZPQUh5TE9janZDekVHSWFkdDlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iYmIxYzYtOWY5MS00MzQ2LWI2MTYt
YzJkYzdhMDU4ZTMwLzEvb2o0bjRzV1VpeUZxY3hQT2dibkpwbFV2LVVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9iYmIxYzYtOWY5MS00MzQ2LWI2MTYtYzJkYzdhMDU4ZTMw
LzEvQmh1d2tXeUZPQUh5TE9janZDekVHSWFkdDlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAsE
MA0GCSqGSIb3DQEBCwUAA4IBAQA3utsMNzsGi32HRhuaESYX8K6tOzj3TvRjtyBf
Wo66+WJEtBiZlIaxO8e2J7CxeunsQ6LKnAzBn177lBrQp64n4rgHYxPrMTFbRDu7
xXHwxDEHS8gVBOcP8U4eiwpZENFGRP/97jIrIkZ5Lu2V3o2nJkIFrhYI7nI77TuL
gGHbsjv0jUV3zH0IvR1Jwe7MHWQOtCrvGS/6teWLv6JV7ewU2FUF9ZAYrA49k3Fp
UroEFtdO3PAeTjv8Tfihucrn/mDC52XOawnyQ9iWPX8tfUMLfHTuon+1BsZk48d4
D+tEZsR5wTF+TqZMaArDpx84Tbcn0j4et1s61mDYVWL+/fV/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:53 2024 by rpki-client on console-fra.rpki-client.org