Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/8f9f32-c1d5-4fa6-b013-9297b855fa72/1/j5b6yVWIfO4HlOJYh1ok04_81AQ.roa
File:                     j5b6yVWIfO4HlOJYh1ok04_81AQ.roa (raw, json)
Hash identifier:          8c978JKXvyzR5s2UZls1nkys6Kj3rxlnQJZAVFtIv7w=
Subject key identifier:   8F:96:FA:C9:55:88:7C:EE:07:94:E2:58:87:5A:24:D3:8F:FC:D4:04
Certificate issuer:       /CN=439a7f93fca808c82d26fbfe0fde1b968cf6e8d3
Certificate serial:       0188C4A0AC7A60D19D6682DAA8C6E86F83A2
Authority key identifier: 43:9A:7F:93:FC:A8:08:C8:2D:26:FB:FE:0F:DE:1B:96:8C:F6:E8:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q5p_k_yoCMgtJvv-D94bloz26NM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/8f9f32-c1d5-4fa6-b013-9297b855fa72/1/j5b6yVWIfO4HlOJYh1ok04_81AQ.roa
Signing time:             Fri 16 Jun 2023 14:34:04 +0000
ROA not before:           Fri 16 Jun 2023 14:34:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198824
IP address blocks:        2001:67c:c74::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:c4:a0:ac:7a:60:d1:9d:66:82:da:a8:c6:e8:6f:83:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=439a7f93fca808c82d26fbfe0fde1b968cf6e8d3
        Validity
            Not Before: Jun 16 14:34:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8f96fac955887cee0794e258875a24d38ffcd404
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:b2:39:61:84:ad:ac:04:6c:15:29:28:9c:d8:
                    5d:08:c6:fa:ef:7c:d6:1a:93:4e:8f:30:20:97:2f:
                    79:1e:7e:58:49:a0:fe:3a:d2:11:58:21:11:d8:8d:
                    5e:b3:86:e1:00:e4:6a:11:4e:cd:a3:9b:8c:a6:d4:
                    e0:d6:80:68:63:82:00:4f:65:25:40:ca:3a:04:58:
                    07:6c:8d:ea:0b:a4:50:d4:2c:1d:1c:9b:af:2b:0f:
                    8b:de:8d:a7:43:52:d4:02:93:01:c2:20:47:0f:8a:
                    cf:35:1e:cb:48:77:43:c7:8c:c6:f1:5d:c9:52:08:
                    2e:2e:e0:be:f3:a3:62:e4:b3:10:fa:63:b8:ee:2b:
                    c4:71:58:2e:74:76:39:d4:e4:55:d1:a2:68:ec:17:
                    a2:e2:1a:ce:c9:79:60:8f:ce:0a:cb:d2:0d:d1:b6:
                    99:2f:73:e3:14:f7:bb:01:3b:dc:07:ea:c5:13:71:
                    92:70:dc:f0:cb:83:b8:67:50:a4:88:a4:50:e8:32:
                    69:c7:c7:f7:c2:af:67:00:95:32:f5:fa:c9:6b:49:
                    3d:95:19:b9:fe:4c:c9:2f:49:c0:a0:70:c8:fd:ef:
                    07:34:33:ac:c2:f7:d1:db:69:d2:9e:70:4b:ee:fa:
                    28:89:d3:69:57:3a:3c:a9:45:61:c4:5c:3a:37:80:
                    1d:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:96:FA:C9:55:88:7C:EE:07:94:E2:58:87:5A:24:D3:8F:FC:D4:04
            X509v3 Authority Key Identifier:
                keyid:43:9A:7F:93:FC:A8:08:C8:2D:26:FB:FE:0F:DE:1B:96:8C:F6:E8:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5p_k_yoCMgtJvv-D94bloz26NM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/8f9f32-c1d5-4fa6-b013-9297b855fa72/1/j5b6yVWIfO4HlOJYh1ok04_81AQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/8f9f32-c1d5-4fa6-b013-9297b855fa72/1/Q5p_k_yoCMgtJvv-D94bloz26NM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:c74::/48

    Signature Algorithm: sha256WithRSAEncryption
         3a:af:3f:13:88:43:84:19:57:dd:d3:9b:2e:04:5f:e6:27:7d:
         7e:3c:a3:c2:4c:a6:b8:4e:ad:1f:85:4d:05:43:fb:c4:56:f4:
         66:b9:42:cd:eb:ca:44:4e:af:ba:71:f2:65:ee:2d:70:e8:8a:
         f0:66:59:30:b2:49:5b:81:b8:82:2c:63:53:f0:ea:e9:cd:41:
         d4:52:12:a4:4b:0d:95:e5:6a:ca:c9:bb:a7:c2:3e:60:9d:06:
         81:b7:a1:65:8f:41:8e:d7:99:52:78:d3:ae:1d:7c:2b:bb:3b:
         ab:c6:b1:44:16:ac:10:2e:eb:23:3d:28:dd:f0:0b:6d:d2:43:
         75:de:14:2f:6e:da:4f:be:ec:91:55:5e:a9:61:e1:b2:af:21:
         76:4c:c2:4b:a1:80:2a:74:d6:89:9c:5b:8a:b7:53:cb:11:0a:
         52:3a:79:c5:bd:19:42:21:bb:1f:0d:88:60:4b:18:d1:3a:67:
         29:59:96:fe:cd:02:10:bd:9d:2f:68:f4:1a:5a:27:1f:26:91:
         93:ee:c6:8c:3e:6c:42:9c:8e:32:61:90:ad:da:33:ad:23:0d:
         a7:09:7d:27:d4:cb:9a:3a:f5:f5:72:06:a7:d9:5b:78:f1:2a:
         60:91:c4:02:85:d9:e0:8d:1a:83:06:dd:a8:23:1b:0f:38:72:
         59:5b:64:27
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYjEoKx6YNGdZoLaqMbob4OiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOWE3ZjkzZmNhODA4YzgyZDI2ZmJmZTBmZGUxYjk2OGNm
NmU4ZDMwHhcNMjMwNjE2MTQzNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjk2ZmFjOTU1ODg3Y2VlMDc5NGUyNTg4NzVhMjRkMzhmZmNkNDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbI5YYStrARsFSkonNhdCMb673zW
GpNOjzAgly95Hn5YSaD+OtIRWCER2I1es4bhAORqEU7No5uMptTg1oBoY4IAT2Ul
QMo6BFgHbI3qC6RQ1CwdHJuvKw+L3o2nQ1LUApMBwiBHD4rPNR7LSHdDx4zG8V3J
UgguLuC+86Ni5LMQ+mO47ivEcVgudHY51ORV0aJo7Bei4hrOyXlgj84Ky9IN0baZ
L3PjFPe7ATvcB+rFE3GScNzwy4O4Z1CkiKRQ6DJpx8f3wq9nAJUy9frJa0k9lRm5
/kzJL0nAoHDI/e8HNDOswvfR22nSnnBL7vooidNpVzo8qUVhxFw6N4AdAQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFI+W+slViHzuB5TiWIdaJNOP/NQEMB8GA1UdIwQY
MBaAFEOaf5P8qAjILSb7/g/eG5aM9ujTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVwX2tfeW9DTWd0SnZ2LUQ5NGJsb3oyNk5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy84ZjlmMzItYzFkNS00ZmE2LWIwMTMt
OTI5N2I4NTVmYTcyLzEvajViNnlWV0lmTzRIbE9KWWgxb2swNF84MUFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy84ZjlmMzItYzFkNS00ZmE2LWIwMTMtOTI5N2I4NTVmYTcy
LzEvUTVwX2tfeW9DTWd0SnZ2LUQ5NGJsb3oyNk5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAx0
MA0GCSqGSIb3DQEBCwUAA4IBAQA6rz8TiEOEGVfd05suBF/mJ31+PKPCTKa4Tq0f
hU0FQ/vEVvRmuULN68pETq+6cfJl7i1w6IrwZlkwsklbgbiCLGNT8OrpzUHUUhKk
Sw2V5WrKybunwj5gnQaBt6Flj0GO15lSeNOuHXwruzurxrFEFqwQLusjPSjd8Att
0kN13hQvbtpPvuyRVV6pYeGyryF2TMJLoYAqdNaJnFuKt1PLEQpSOnnFvRlCIbsf
DYhgSxjROmcpWZb+zQIQvZ0vaPQaWicfJpGT7saMPmxCnI4yYZCt2jOtIw2nCX0n
1MuaOvX1cgan2Vt48SpgkcQChdngjRqDBt2oIxsPOHJZW2Qn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:12 2024 by rpki-client on console-ams.rpki-client.org