Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/51e59e-2cff-4765-b6a8-a113aca38183/1/HxUWTb0PRs2lYH9Za41V8_XsN6I.roa
File:                     HxUWTb0PRs2lYH9Za41V8_XsN6I.roa (raw, json)
Hash identifier:          9XEgGNDEWUrSHsPFSmiQyszVOKovbsdPmjepV4POUC8=
Subject key identifier:   1F:15:16:4D:BD:0F:46:CD:A5:60:7F:59:6B:8D:55:F3:F5:EC:37:A2
Certificate issuer:       /CN=b4768ca3f71b13172794121ada78b359a36b855a
Certificate serial:       01856D01B70DE2CDAC4C095204004AFCE902
Authority key identifier: B4:76:8C:A3:F7:1B:13:17:27:94:12:1A:DA:78:B3:59:A3:6B:85:5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tHaMo_cbExcnlBIa2nizWaNrhVo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/51e59e-2cff-4765-b6a8-a113aca38183/1/HxUWTb0PRs2lYH9Za41V8_XsN6I.roa
Signing time:             Sun 01 Jan 2023 11:05:07 +0000
ROA not before:           Sun 01 Jan 2023 11:05:07 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209619
IP address blocks:        2001:678:8f0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:01:b7:0d:e2:cd:ac:4c:09:52:04:00:4a:fc:e9:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4768ca3f71b13172794121ada78b359a36b855a
        Validity
            Not Before: Jan  1 11:05:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1f15164dbd0f46cda5607f596b8d55f3f5ec37a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:06:7b:dd:4f:9d:c3:e6:8f:2f:5f:32:5a:0b:
                    c0:36:65:14:57:58:64:84:e9:58:85:28:15:76:19:
                    ab:27:09:f4:e9:e8:b7:e5:14:ee:8e:ec:22:2f:0c:
                    da:56:33:6a:ec:a3:34:14:77:73:b9:a8:fa:5b:28:
                    76:75:ba:d8:dd:cf:e3:c0:db:63:db:b5:db:f2:da:
                    f4:2e:38:f6:2a:04:f6:17:13:6f:cd:37:66:ca:26:
                    a0:96:f6:2b:fa:1e:be:55:2c:e5:ac:af:a4:b5:87:
                    2c:9e:4b:d0:e2:d0:1b:44:8f:d2:32:5d:6f:96:e0:
                    af:80:73:a9:44:ad:3a:71:29:04:53:15:62:1d:3b:
                    a2:df:52:19:73:48:ea:e3:3f:dd:6c:12:71:37:1b:
                    e7:a5:a9:97:b2:15:b6:ba:2a:ef:5f:86:0d:7b:2c:
                    49:86:7f:62:0e:68:a8:b0:22:d7:af:bb:cb:19:0f:
                    69:06:5a:90:76:f8:31:76:fa:48:10:be:3f:3a:c9:
                    44:06:c5:51:e9:61:fe:a3:c6:17:48:4c:a1:ef:cd:
                    2b:e0:52:9a:1d:aa:a5:85:85:cf:b0:8b:9d:14:11:
                    df:17:d7:8d:92:8e:91:6b:0c:05:49:74:c6:5a:af:
                    99:9c:6c:8d:58:af:71:07:af:51:f8:ce:cc:43:18:
                    d1:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:15:16:4D:BD:0F:46:CD:A5:60:7F:59:6B:8D:55:F3:F5:EC:37:A2
            X509v3 Authority Key Identifier:
                keyid:B4:76:8C:A3:F7:1B:13:17:27:94:12:1A:DA:78:B3:59:A3:6B:85:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tHaMo_cbExcnlBIa2nizWaNrhVo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/51e59e-2cff-4765-b6a8-a113aca38183/1/HxUWTb0PRs2lYH9Za41V8_XsN6I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/51e59e-2cff-4765-b6a8-a113aca38183/1/tHaMo_cbExcnlBIa2nizWaNrhVo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:8f0::/48

    Signature Algorithm: sha256WithRSAEncryption
         86:6f:75:ed:21:62:e3:07:f2:37:cf:bd:36:5d:5a:5d:a8:6a:
         42:e6:3b:05:b2:cb:97:60:bc:32:81:45:28:ef:09:f4:18:63:
         9f:fd:3f:f4:a0:f0:e0:17:46:b9:14:e0:eb:d0:d3:26:46:11:
         e9:58:a0:a8:62:a4:11:af:24:e4:fc:98:f6:75:e0:c6:f6:9e:
         c0:e5:7e:5f:5f:e9:f2:4f:c5:f3:55:26:f1:b5:b7:7e:6c:11:
         0f:51:ec:52:aa:b6:cc:15:d9:9d:89:33:d4:50:f4:0f:0b:89:
         65:db:f3:85:ec:83:82:11:78:69:f6:8f:17:f9:28:df:19:9c:
         06:cd:8f:56:e1:f1:d2:8d:15:da:b7:d7:4c:bd:93:f0:eb:3a:
         31:5d:b9:0a:48:fe:46:cb:d9:7c:5b:88:8e:42:71:1b:4d:1a:
         9d:60:56:77:09:8b:83:19:0b:34:20:ab:26:ff:18:8f:dc:b3:
         45:f1:08:7e:09:1e:7a:3e:d9:c9:9e:3d:5d:ca:1b:a2:48:42:
         8f:98:5e:23:7e:da:81:e0:d8:4e:93:e8:4d:c1:9c:f3:0d:d3:
         f4:6f:08:a3:44:65:7a:dd:0c:ed:67:83:38:99:01:96:f8:72:
         e1:c4:0c:1c:9a:d0:81:fc:1e:a3:0c:ef:76:37:8c:85:fc:b5:
         8e:36:d0:af
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtAbcN4s2sTAlSBABK/OkCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NzY4Y2EzZjcxYjEzMTcyNzk0MTIxYWRhNzhiMzU5YTM2
Yjg1NWEwHhcNMjMwMTAxMTEwNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjE1MTY0ZGJkMGY0NmNkYTU2MDdmNTk2YjhkNTVmM2Y1ZWMzN2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwZ73U+dw+aPL18yWgvANmUUV1hk
hOlYhSgVdhmrJwn06ei35RTujuwiLwzaVjNq7KM0FHdzuaj6Wyh2dbrY3c/jwNtj
27Xb8tr0Ljj2KgT2FxNvzTdmyiaglvYr+h6+VSzlrK+ktYcsnkvQ4tAbRI/SMl1v
luCvgHOpRK06cSkEUxViHTui31IZc0jq4z/dbBJxNxvnpamXshW2uirvX4YNeyxJ
hn9iDmiosCLXr7vLGQ9pBlqQdvgxdvpIEL4/OslEBsVR6WH+o8YXSEyh780r4FKa
HaqlhYXPsIudFBHfF9eNko6RawwFSXTGWq+ZnGyNWK9xB69R+M7MQxjRfQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB8VFk29D0bNpWB/WWuNVfP17DeiMB8GA1UdIwQY
MBaAFLR2jKP3GxMXJ5QSGtp4s1mja4VaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEhhTW9fY2JFeGNubEJJYTJuaXpXYU5yaFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi81MWU1OWUtMmNmZi00NzY1LWI2YTgt
YTExM2FjYTM4MTgzLzEvSHhVV1RiMFBSczJsWUg5WmE0MVY4X1hzTjZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi81MWU1OWUtMmNmZi00NzY1LWI2YTgtYTExM2FjYTM4MTgz
LzEvdEhhTW9fY2JFeGNubEJJYTJuaXpXYU5yaFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAjw
MA0GCSqGSIb3DQEBCwUAA4IBAQCGb3XtIWLjB/I3z702XVpdqGpC5jsFssuXYLwy
gUUo7wn0GGOf/T/0oPDgF0a5FODr0NMmRhHpWKCoYqQRryTk/Jj2deDG9p7A5X5f
X+nyT8XzVSbxtbd+bBEPUexSqrbMFdmdiTPUUPQPC4ll2/OF7IOCEXhp9o8X+Sjf
GZwGzY9W4fHSjRXat9dMvZPw6zoxXbkKSP5Gy9l8W4iOQnEbTRqdYFZ3CYuDGQs0
IKsm/xiP3LNF8Qh+CR56PtnJnj1dyhuiSEKPmF4jftqB4NhOk+hNwZzzDdP0bwij
RGV63QztZ4M4mQGW+HLhxAwcmtCB/B6jDO92N4yF/LWONtCv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:58 2024 by rpki-client on console-fra.rpki-client.org