Route Origin Authorization

$ rpki-client -vvf rpki.netiface.net/repo/AquaHost/0/326131333a646638373a623530303a3a2f34302d3430203d3e20313939303532.roa
File:                     326131333a646638373a623530303a3a2f34302d3430203d3e20313939303532.roa (raw, json)
Hash identifier:          cZnMCXT2pgjRVGUTbdd1oj1MO12K9G6up26Wybqy6bA=
Subject key identifier:   39:70:AB:BC:67:3C:EC:06:36:52:C9:80:36:8E:3E:0E:8F:E7:EC:E6
Certificate issuer:       /CN=C97E7DD81B07D53E3C076F9D1810810F6E2DC227
Certificate serial:       5BD6A65C4D8ADABE8596FDAB70CBDB5D97C95686
Authority key identifier: C9:7E:7D:D8:1B:07:D5:3E:3C:07:6F:9D:18:10:81:0F:6E:2D:C2:27
Authority info access:    rsync://rpki.netiface.net/repo/Apricot/1/C97E7DD81B07D53E3C076F9D1810810F6E2DC227.cer
Subject info access:      rsync://rpki.netiface.net/repo/AquaHost/0/326131333a646638373a623530303a3a2f34302d3430203d3e20313939303532.roa
Signing time:             Sat 13 Jan 2024 23:06:14 +0000
ROA not before:           Sat 13 Jan 2024 23:01:14 +0000
ROA not after:            Sat 11 Jan 2025 23:06:14 +0000
asID:                     199052
IP address blocks:        2a13:df87:b500::/40 maxlen: 40

Validation:               Failed, certificate revoked on Sun 14 Jan 2024 09:04:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:d6:a6:5c:4d:8a:da:be:85:96:fd:ab:70:cb:db:5d:97:c9:56:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C97E7DD81B07D53E3C076F9D1810810F6E2DC227
        Validity
            Not Before: Jan 13 23:01:14 2024 GMT
            Not After : Jan 11 23:06:14 2025 GMT
        Subject: CN=3970ABBC673CEC063652C980368E3E0E8FE7ECE6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:ad:80:73:b5:0c:60:15:02:bb:da:6a:96:d9:
                    f6:12:69:60:45:cd:68:68:00:3b:a6:ed:5d:77:ed:
                    31:40:51:d5:e3:b8:99:29:00:46:45:66:63:cf:e3:
                    6f:20:38:b5:f3:69:46:0d:e7:1b:9d:5e:0f:ba:49:
                    eb:cc:db:1f:e7:20:cd:c5:8e:60:2f:3c:4d:ee:bc:
                    69:80:a9:d6:b5:f7:3c:73:e8:f5:31:21:1e:e9:52:
                    6d:89:74:46:97:a7:14:39:fa:56:6e:98:1f:db:5c:
                    22:c3:91:5f:26:b3:b0:e8:d8:6e:19:d8:af:7e:37:
                    4e:02:ea:2c:a7:62:c2:80:22:75:74:ea:9b:65:e1:
                    e1:96:99:a1:7a:e1:31:1a:85:80:94:e0:91:f1:76:
                    5a:3e:f7:87:2e:74:b6:00:9b:93:a4:5b:9b:90:98:
                    8b:0b:36:8a:79:26:e8:77:0a:c6:e5:c0:70:4c:1e:
                    6c:c3:80:f4:69:b7:aa:4e:85:a0:34:9c:30:43:ee:
                    75:b0:dc:e4:17:fa:8c:ca:00:f6:fc:e7:00:05:e2:
                    3d:44:9d:ce:2f:ee:ef:04:13:2e:57:c2:f4:e0:ca:
                    18:83:18:be:46:4f:5f:07:78:93:20:49:8a:5b:82:
                    b7:d3:ee:14:0b:33:b3:15:ca:93:3a:59:20:83:5b:
                    df:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:70:AB:BC:67:3C:EC:06:36:52:C9:80:36:8E:3E:0E:8F:E7:EC:E6
            X509v3 Authority Key Identifier:
                keyid:C9:7E:7D:D8:1B:07:D5:3E:3C:07:6F:9D:18:10:81:0F:6E:2D:C2:27

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.netiface.net/repo/AquaHost/0/C97E7DD81B07D53E3C076F9D1810810F6E2DC227.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.netiface.net/repo/Apricot/1/C97E7DD81B07D53E3C076F9D1810810F6E2DC227.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.netiface.net/repo/AquaHost/0/326131333a646638373a623530303a3a2f34302d3430203d3e20313939303532.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:df87:b500::/40

    Signature Algorithm: sha256WithRSAEncryption
         2c:d2:6c:cd:b5:1c:de:c3:82:81:6b:12:51:b4:68:9b:97:38:
         75:bc:87:b2:e3:26:f0:cd:60:b3:7a:3a:69:6f:cb:0a:93:34:
         7e:31:05:60:dc:5e:32:f1:48:ee:67:ee:1f:53:d3:67:ca:e3:
         d3:96:f4:03:36:fc:ba:ea:7a:08:d7:ad:17:8a:48:78:be:06:
         02:62:87:02:01:49:12:d5:22:b2:6e:fc:29:b1:b3:32:92:73:
         c0:93:2f:78:3d:0b:9f:72:c8:0e:3f:6c:69:e1:f5:43:ba:65:
         67:68:71:3e:4d:48:f0:c4:d8:dd:d7:91:9e:3d:83:55:23:8e:
         d7:97:d1:15:9e:ae:82:f6:cd:9a:3a:18:16:f6:2c:a7:62:61:
         35:3b:ff:9d:d3:38:c9:6c:de:c2:99:64:5d:22:56:4b:fd:b2:
         65:71:d2:4b:c0:41:d2:4f:9f:c7:bf:2f:35:13:73:fb:59:3f:
         c0:23:3b:0c:94:e2:78:8b:ab:a9:45:9d:a1:76:1f:69:ba:11:
         4e:8e:9f:3b:b5:fd:b7:b3:0b:50:1e:fb:6c:22:5e:2c:6c:5e:
         91:70:bb:45:c2:15:d6:38:25:86:0c:69:a5:6d:d8:0c:f1:60:
         bc:bd:26:97:cc:62:90:2f:a5:3f:b3:9c:eb:44:9c:e4:de:45:
         97:06:cc:97
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIUW9amXE2K2r6Flv2rcMvbXZfJVoYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzk3RTdERDgxQjA3RDUzRTNDMDc2RjlEMTgxMDgxMEY2
RTJEQzIyNzAeFw0yNDAxMTMyMzAxMTRaFw0yNTAxMTEyMzA2MTRaMDMxMTAvBgNV
BAMTKDM5NzBBQkJDNjczQ0VDMDYzNjUyQzk4MDM2OEUzRTBFOEZFN0VDRTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDprYBztQxgFQK72mqW2fYSaWBF
zWhoADum7V137TFAUdXjuJkpAEZFZmPP428gOLXzaUYN5xudXg+6SevM2x/nIM3F
jmAvPE3uvGmAqda19zxz6PUxIR7pUm2JdEaXpxQ5+lZumB/bXCLDkV8ms7Do2G4Z
2K9+N04C6iynYsKAInV06ptl4eGWmaF64TEahYCU4JHxdlo+94cudLYAm5OkW5uQ
mIsLNop5Juh3CsblwHBMHmzDgPRpt6pOhaA0nDBD7nWw3OQX+ozKAPb85wAF4j1E
nc4v7u8EEy5XwvTgyhiDGL5GT18HeJMgSYpbgrfT7hQLM7MVypM6WSCDW9+tAgMB
AAGjggH6MIIB9jAdBgNVHQ4EFgQUOXCrvGc87AY2UsmANo4+Do/n7OYwHwYDVR0j
BBgwFoAUyX592BsH1T48B2+dGBCBD24twicwDgYDVR0PAQH/BAQDAgeAMGcGA1Ud
HwRgMF4wXKBaoFiGVnJzeW5jOi8vcnBraS5uZXRpZmFjZS5uZXQvcmVwby9BcXVh
SG9zdC8wL0M5N0U3REQ4MUIwN0Q1M0UzQzA3NkY5RDE4MTA4MTBGNkUyREMyMjcu
Y3JsMHEGCCsGAQUFBwEBBGUwYzBhBggrBgEFBQcwAoZVcnN5bmM6Ly9ycGtpLm5l
dGlmYWNlLm5ldC9yZXBvL0Fwcmljb3QvMS9DOTdFN0REODFCMDdENTNFM0MwNzZG
OUQxODEwODEwRjZFMkRDMjI3LmNlcjCBigYIKwYBBQUHAQsEfjB8MHoGCCsGAQUF
BzALhm5yc3luYzovL3Jwa2kubmV0aWZhY2UubmV0L3JlcG8vQXF1YUhvc3QvMC8z
MjYxMzEzMzNhNjQ2NjM4MzczYTYyMzUzMDMwM2EzYTJmMzQzMDJkMzQzMDIwM2Qz
ZTIwMzEzOTM5MzAzNTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEG
CCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhPfh7UwDQYJKoZIhvcNAQELBQAD
ggEBACzSbM21HN7DgoFrElG0aJuXOHW8h7LjJvDNYLN6OmlvywqTNH4xBWDcXjLx
SO5n7h9T02fK49OW9AM2/LrqegjXrReKSHi+BgJihwIBSRLVIrJu/CmxszKSc8CT
L3g9C59yyA4/bGnh9UO6ZWdocT5NSPDE2N3XkZ49g1UjjteX0RWeroL2zZo6GBb2
LKdiYTU7/53TOMls3sKZZF0iVkv9smVx0kvAQdJPn8e/LzUTc/tZP8AjOwyU4niL
q6lFnaF2H2m6EU6Onzu1/bezC1Ae+2wiXixsXpFwu0XCFdY4JYYMaaVt2AzxYLy9
JpfMYpAvpT+znOtEnOTeRZcGzJc=
-----END CERTIFICATE-----
Generated at Sun Jan 14 11:36:23 2024 by rpki-client on console-fra.rpki-client.org