Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c3f419-a596-46be-8aff-ceff546c933e/1/XM70Bkb89QP2jp0NRTDv7rdyquI.roa
File:                     XM70Bkb89QP2jp0NRTDv7rdyquI.roa (raw, json)
Hash identifier:          tzxa8gjDBv94ytcU9l38ylhXE+e1xITxhPEV/UmTGlo=
Subject key identifier:   5C:CE:F4:06:46:FC:F5:03:F6:8E:9D:0D:45:30:EF:EE:B7:72:AA:E2
Certificate issuer:       /CN=dd010938d9ef72158fc98bd45de71b0b1a9ff729
Certificate serial:       0188BC51E37B69E5367E1543355CDC0985A0
Authority key identifier: DD:01:09:38:D9:EF:72:15:8F:C9:8B:D4:5D:E7:1B:0B:1A:9F:F7:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3QEJONnvchWPyYvUXecbCxqf9yk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/c3f419-a596-46be-8aff-ceff546c933e/1/XM70Bkb89QP2jp0NRTDv7rdyquI.roa
Signing time:             Wed 14 Jun 2023 23:51:03 +0000
ROA not before:           Wed 14 Jun 2023 23:51:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        2a13:7c40::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 19 Jun 2023 18:20:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:bc:51:e3:7b:69:e5:36:7e:15:43:35:5c:dc:09:85:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd010938d9ef72158fc98bd45de71b0b1a9ff729
        Validity
            Not Before: Jun 14 23:51:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5ccef40646fcf503f68e9d0d4530efeeb772aae2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:02:a5:6e:c5:c6:fd:33:05:4e:f9:d6:43:f9:
                    47:13:03:93:5f:99:b3:84:fc:8f:f5:58:0b:59:c9:
                    a0:ee:9f:d1:ce:90:4c:a9:33:da:45:9c:56:c7:fc:
                    53:83:b5:35:09:ba:a9:48:43:e0:89:d2:0b:22:07:
                    4c:14:c5:8b:b2:c0:bf:9c:6c:41:95:24:c1:f2:fa:
                    18:8c:49:c2:de:50:96:a1:71:e7:f6:ec:b1:1d:1a:
                    cb:a3:10:98:a0:36:e8:d1:95:47:0d:e7:36:9d:3c:
                    56:b6:70:50:92:9c:45:5d:47:24:c8:d5:8c:63:89:
                    b6:a5:57:39:e2:70:4f:5e:04:94:ca:3a:01:0c:c5:
                    84:27:fb:7e:53:f5:58:8a:86:8e:29:87:40:5d:81:
                    fa:52:c0:3d:ca:ca:71:47:7d:d3:d8:72:e5:ec:18:
                    d1:37:42:05:51:73:4d:24:1f:62:db:99:e7:2b:70:
                    34:2f:26:91:21:e8:80:8e:87:c4:d4:79:1c:4c:62:
                    f6:e8:14:5a:b8:8c:5e:1f:f4:7f:f6:a0:b8:07:9b:
                    84:76:a5:1c:28:de:83:7c:58:95:f6:19:50:bc:18:
                    2f:2c:a8:94:ab:84:12:59:9d:39:ce:61:64:3f:b7:
                    06:1a:45:1d:5a:b5:fc:ec:3d:a9:5c:5c:76:7b:7a:
                    ea:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:CE:F4:06:46:FC:F5:03:F6:8E:9D:0D:45:30:EF:EE:B7:72:AA:E2
            X509v3 Authority Key Identifier:
                keyid:DD:01:09:38:D9:EF:72:15:8F:C9:8B:D4:5D:E7:1B:0B:1A:9F:F7:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QEJONnvchWPyYvUXecbCxqf9yk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c3f419-a596-46be-8aff-ceff546c933e/1/XM70Bkb89QP2jp0NRTDv7rdyquI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c3f419-a596-46be-8aff-ceff546c933e/1/3QEJONnvchWPyYvUXecbCxqf9yk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:7c40::/32

    Signature Algorithm: sha256WithRSAEncryption
         49:6d:91:62:14:5e:67:c9:32:75:ab:f2:f9:61:82:b7:8e:f4:
         61:80:b1:ad:33:4e:b1:3e:6f:d2:36:8b:b3:e0:67:64:7a:56:
         58:da:9e:2b:b8:1e:00:1f:a4:3e:73:2d:4d:61:13:59:c4:d4:
         52:42:8a:ad:43:2e:9c:61:05:44:87:25:7f:f3:07:c8:b4:e8:
         1e:27:57:71:dd:1e:06:bb:ea:70:de:28:00:d6:6b:43:4d:70:
         4a:e2:aa:24:9a:00:43:92:42:61:20:0e:34:47:fe:0e:44:ac:
         76:88:41:fb:52:71:ed:fe:c6:5f:ab:8e:ff:51:eb:87:d3:ef:
         55:f9:5e:4f:4b:9f:15:0c:73:4d:63:66:be:8e:63:e8:8a:a6:
         c1:27:a8:d8:a5:58:44:76:6e:06:25:2a:c9:f7:65:59:c9:d7:
         6b:ea:9e:fd:35:b9:d3:e6:2c:41:85:af:be:33:6a:ce:67:71:
         c7:38:22:22:2c:af:98:12:67:ae:47:aa:cd:d9:2f:3e:99:79:
         30:a2:81:a9:7f:0e:0b:7c:b2:92:97:99:6c:8d:e6:68:69:d5:
         57:26:57:2d:ea:0b:41:10:e1:2e:ce:e1:4d:1e:2e:10:a3:f5:
         d1:a3:d1:a8:a7:74:ff:7f:58:e3:74:90:d9:94:50:59:e1:9c:
         c8:34:72:67
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYi8UeN7aeU2fhVDNVzcCYWgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMDEwOTM4ZDllZjcyMTU4ZmM5OGJkNDVkZTcxYjBiMWE5
ZmY3MjkwHhcNMjMwNjE0MjM1MTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2NlZjQwNjQ2ZmNmNTAzZjY4ZTlkMGQ0NTMwZWZlZWI3NzJhYWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgKlbsXG/TMFTvnWQ/lHEwOTX5mz
hPyP9VgLWcmg7p/RzpBMqTPaRZxWx/xTg7U1CbqpSEPgidILIgdMFMWLssC/nGxB
lSTB8voYjEnC3lCWoXHn9uyxHRrLoxCYoDbo0ZVHDec2nTxWtnBQkpxFXUckyNWM
Y4m2pVc54nBPXgSUyjoBDMWEJ/t+U/VYioaOKYdAXYH6UsA9yspxR33T2HLl7BjR
N0IFUXNNJB9i25nnK3A0LyaRIeiAjofE1HkcTGL26BRauIxeH/R/9qC4B5uEdqUc
KN6DfFiV9hlQvBgvLKiUq4QSWZ05zmFkP7cGGkUdWrX87D2pXFx2e3rqdwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFzO9AZG/PUD9o6dDUUw7+63cqriMB8GA1UdIwQY
MBaAFN0BCTjZ73IVj8mL1F3nGwsan/cpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1FFSk9ObnZjaFdQeVl2VVhlY2JDeHFmOXlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9jM2Y0MTktYTU5Ni00NmJlLThhZmYt
Y2VmZjU0NmM5MzNlLzEvWE03MEJrYjg5UVAyanAwTlJURHY3cmR5cXVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9jM2Y0MTktYTU5Ni00NmJlLThhZmYtY2VmZjU0NmM5MzNl
LzEvM1FFSk9ObnZjaFdQeVl2VVhlY2JDeHFmOXlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhN8QDAN
BgkqhkiG9w0BAQsFAAOCAQEASW2RYhReZ8kydavy+WGCt470YYCxrTNOsT5v0jaL
s+BnZHpWWNqeK7geAB+kPnMtTWETWcTUUkKKrUMunGEFRIclf/MHyLToHidXcd0e
BrvqcN4oANZrQ01wSuKqJJoAQ5JCYSAONEf+DkSsdohB+1Jx7f7GX6uO/1Hrh9Pv
VfleT0ufFQxzTWNmvo5j6IqmwSeo2KVYRHZuBiUqyfdlWcnXa+qe/TW50+YsQYWv
vjNqzmdxxzgiIiyvmBJnrkeqzdkvPpl5MKKBqX8OC3yykpeZbI3maGnVVyZXLeoL
QRDhLs7hTR4uEKP10aPRqKd0/39Y43SQ2ZRQWeGcyDRyZw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:10 2024 by rpki-client on console-fra.rpki-client.org