Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c3f419-a596-46be-8aff-ceff546c933e/1/aJUONpLhNOwHJVCol_riBcvZ6Zc.roa
File:                     aJUONpLhNOwHJVCol_riBcvZ6Zc.roa (raw, json)
Hash identifier:          n6rUI+QyABgYWReOPlnXbJ8O4xTWbMF7ysB1pD69/ho=
Subject key identifier:   68:95:0E:36:92:E1:34:EC:07:25:50:A8:97:FA:E2:05:CB:D9:E9:97
Certificate issuer:       /CN=dd010938d9ef72158fc98bd45de71b0b1a9ff729
Certificate serial:       0188B684E7B7F7CA3FA9F6D1EA3AA64EE053
Authority key identifier: DD:01:09:38:D9:EF:72:15:8F:C9:8B:D4:5D:E7:1B:0B:1A:9F:F7:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3QEJONnvchWPyYvUXecbCxqf9yk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/c3f419-a596-46be-8aff-ceff546c933e/1/aJUONpLhNOwHJVCol_riBcvZ6Zc.roa
Signing time:             Tue 13 Jun 2023 20:49:03 +0000
ROA not before:           Tue 13 Jun 2023 20:49:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        2a13:7c40::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 14 Jun 2023 23:22:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:b6:84:e7:b7:f7:ca:3f:a9:f6:d1:ea:3a:a6:4e:e0:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd010938d9ef72158fc98bd45de71b0b1a9ff729
        Validity
            Not Before: Jun 13 20:49:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=68950e3692e134ec072550a897fae205cbd9e997
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:5a:a5:f0:9e:76:9d:bf:d9:04:b8:f5:d3:b6:
                    58:da:af:57:7c:15:e8:7b:12:2b:cc:74:a5:83:bd:
                    6f:59:73:7c:09:a0:97:5b:25:8d:f0:7c:e7:df:9e:
                    92:58:14:8d:ce:fb:93:ed:41:4d:c2:c6:59:93:78:
                    88:ef:b2:73:9f:65:eb:9f:65:44:0b:47:6c:96:b9:
                    2e:c6:9e:b6:c2:d2:3e:ff:ba:88:0c:b5:c7:a0:0e:
                    75:af:86:06:ea:9f:33:89:26:82:0a:ac:51:f6:6d:
                    26:0b:02:3b:4e:94:e3:e7:85:cc:b6:75:be:0b:44:
                    8f:37:5f:bc:1c:34:5e:07:f4:b4:da:f8:4d:34:fc:
                    9c:16:bc:48:57:e4:6b:cc:76:b0:1d:2a:b3:78:bc:
                    0f:22:16:77:61:ab:ff:fb:7e:33:78:d3:3b:38:d3:
                    43:37:95:82:ba:b9:49:80:af:0f:03:99:5c:8f:b9:
                    63:cb:d3:96:69:42:f3:58:65:42:f8:ab:73:56:96:
                    c1:fc:a1:59:a5:89:3b:ae:86:16:b6:6b:8b:01:aa:
                    b6:17:86:33:a1:31:b0:d5:63:c4:9b:ea:6f:09:d1:
                    fe:d6:67:0a:f2:85:48:60:44:14:67:e9:d3:35:c6:
                    2b:dc:bd:23:eb:0e:a8:ce:34:31:ae:7f:77:cf:ad:
                    78:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:95:0E:36:92:E1:34:EC:07:25:50:A8:97:FA:E2:05:CB:D9:E9:97
            X509v3 Authority Key Identifier:
                keyid:DD:01:09:38:D9:EF:72:15:8F:C9:8B:D4:5D:E7:1B:0B:1A:9F:F7:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QEJONnvchWPyYvUXecbCxqf9yk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c3f419-a596-46be-8aff-ceff546c933e/1/aJUONpLhNOwHJVCol_riBcvZ6Zc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c3f419-a596-46be-8aff-ceff546c933e/1/3QEJONnvchWPyYvUXecbCxqf9yk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:7c40::/32

    Signature Algorithm: sha256WithRSAEncryption
         6b:bf:db:2f:2d:9c:ee:f6:fa:32:82:66:cf:a6:64:0c:22:bf:
         f1:a0:0e:0b:50:27:e0:f9:d0:fc:bc:5b:fb:98:2e:b6:34:53:
         d4:80:65:90:3c:fc:a4:cd:db:89:36:93:57:34:4c:f7:4a:bb:
         1c:d1:ea:aa:fd:29:1f:04:a9:9e:e3:22:d1:63:3a:11:4d:e6:
         0d:9a:df:c9:f1:2b:74:04:2e:c8:a7:55:c9:43:c6:8c:18:af:
         81:90:dc:1c:51:7b:18:fa:f3:42:d4:b5:22:9a:95:9d:e9:b9:
         ca:ea:fc:41:ec:e8:2c:c4:7c:a9:16:a3:fa:34:c7:20:f0:5c:
         fe:96:f9:30:7e:4e:0c:5a:99:9c:e8:40:4a:76:fb:ce:d6:83:
         97:04:d5:dd:d4:98:a2:bc:fa:36:24:bf:d5:17:16:ca:21:4e:
         a5:57:fe:c0:24:4c:5e:5b:1f:00:f4:17:cf:b2:36:c0:5d:d3:
         ea:b3:6f:65:a1:7e:33:62:07:03:11:c7:18:42:31:bb:cb:b6:
         bc:5e:fe:12:0b:39:2e:3d:c1:5e:37:ee:ec:c8:5e:bd:89:9a:
         fd:f4:16:5a:59:04:1d:6e:f1:eb:91:6a:18:bb:2d:ae:b5:52:
         17:9b:8e:07:18:f6:ab:de:b2:aa:f9:30:6e:69:3b:c2:02:12:
         87:8f:22:a0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYi2hOe398o/qfbR6jqmTuBTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMDEwOTM4ZDllZjcyMTU4ZmM5OGJkNDVkZTcxYjBiMWE5
ZmY3MjkwHhcNMjMwNjEzMjA0OTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODk1MGUzNjkyZTEzNGVjMDcyNTUwYTg5N2ZhZTIwNWNiZDllOTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlql8J52nb/ZBLj107ZY2q9XfBXo
exIrzHSlg71vWXN8CaCXWyWN8Hzn356SWBSNzvuT7UFNwsZZk3iI77Jzn2Xrn2VE
C0dslrkuxp62wtI+/7qIDLXHoA51r4YG6p8ziSaCCqxR9m0mCwI7TpTj54XMtnW+
C0SPN1+8HDReB/S02vhNNPycFrxIV+RrzHawHSqzeLwPIhZ3Yav/+34zeNM7ONND
N5WCurlJgK8PA5lcj7ljy9OWaULzWGVC+KtzVpbB/KFZpYk7roYWtmuLAaq2F4Yz
oTGw1WPEm+pvCdH+1mcK8oVIYEQUZ+nTNcYr3L0j6w6ozjQxrn93z6147QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGiVDjaS4TTsByVQqJf64gXL2emXMB8GA1UdIwQY
MBaAFN0BCTjZ73IVj8mL1F3nGwsan/cpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1FFSk9ObnZjaFdQeVl2VVhlY2JDeHFmOXlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9jM2Y0MTktYTU5Ni00NmJlLThhZmYt
Y2VmZjU0NmM5MzNlLzEvYUpVT05wTGhOT3dISlZDb2xfcmlCY3ZaNlpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9jM2Y0MTktYTU5Ni00NmJlLThhZmYtY2VmZjU0NmM5MzNl
LzEvM1FFSk9ObnZjaFdQeVl2VVhlY2JDeHFmOXlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhN8QDAN
BgkqhkiG9w0BAQsFAAOCAQEAa7/bLy2c7vb6MoJmz6ZkDCK/8aAOC1An4PnQ/Lxb
+5gutjRT1IBlkDz8pM3biTaTVzRM90q7HNHqqv0pHwSpnuMi0WM6EU3mDZrfyfEr
dAQuyKdVyUPGjBivgZDcHFF7GPrzQtS1IpqVnem5yur8QezoLMR8qRaj+jTHIPBc
/pb5MH5ODFqZnOhASnb7ztaDlwTV3dSYorz6NiS/1RcWyiFOpVf+wCRMXlsfAPQX
z7I2wF3T6rNvZaF+M2IHAxHHGEIxu8u2vF7+Egs5Lj3BXjfu7MhevYma/fQWWlkE
HW7x65FqGLstrrVSF5uOBxj2q96yqvkwbmk7wgISh48ioA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:57 2024 by rpki-client on console-ams.rpki-client.org