Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/4ClgE8gZvcSt2wbXTd2WJ4megnA.roa
File:                     4ClgE8gZvcSt2wbXTd2WJ4megnA.roa (raw, json)
Hash identifier:          9f9M6ts9kzPiwLLNgNMJmkLAV2nIcT5YtsmMtf886CE=
Subject key identifier:   E0:29:60:13:C8:19:BD:C4:AD:DB:06:D7:4D:DD:96:27:89:9E:82:70
Certificate issuer:       /CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Certificate serial:       0189265C4D8309B181B636ADCF4C2B1222D1
Authority key identifier: 4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/4ClgE8gZvcSt2wbXTd2WJ4megnA.roa
Signing time:             Wed 05 Jul 2023 14:02:10 +0000
ROA not before:           Wed 05 Jul 2023 14:02:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        2a13:85c0::/40 maxlen: 48
                          2a13:85c0:100::/40 maxlen: 48

Validation:               Failed, certificate revoked on Wed 05 Jul 2023 14:05:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:26:5c:4d:83:09:b1:81:b6:36:ad:cf:4c:2b:12:22:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
        Validity
            Not Before: Jul  5 14:02:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e0296013c819bdc4addb06d74ddd9627899e8270
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:06:5e:1b:78:df:9e:07:06:9c:18:79:8f:14:
                    4c:8f:89:22:58:00:87:ba:2d:c1:87:69:87:08:ea:
                    b6:bf:ab:ab:75:31:ad:63:e0:2d:72:76:2c:ee:23:
                    4e:ab:ab:3c:78:b1:70:5d:c5:a5:d1:37:8e:f1:e0:
                    11:c8:33:f9:79:db:0d:9e:e6:46:2b:3c:d2:81:76:
                    1a:53:92:59:1b:b2:5a:ce:43:ca:b2:84:06:b9:79:
                    cc:b5:d2:82:75:f5:9f:24:3f:d4:05:91:e8:ae:c2:
                    27:0d:46:87:78:87:b4:bc:95:75:15:9d:c9:04:46:
                    36:0f:df:a9:9f:0e:09:47:f0:19:5c:74:1d:aa:4c:
                    09:76:bc:6b:cc:ed:ec:5e:74:8e:77:31:1d:38:66:
                    7d:b0:06:50:f2:63:56:f8:66:05:78:7d:64:d4:27:
                    4b:0b:7a:83:9c:a3:f1:99:ce:70:04:67:9f:d4:1b:
                    34:01:de:cb:3e:f7:b5:29:86:c7:f2:00:1e:55:d3:
                    67:7b:60:b3:1c:37:0f:e3:13:35:a8:e2:1e:49:64:
                    b9:bd:a3:4a:1a:b3:33:26:e3:93:79:f0:f3:c7:e0:
                    e8:84:81:34:a9:ab:f5:97:3d:9f:89:e5:ac:31:ea:
                    02:dc:0d:1b:4d:8d:94:e9:0b:a1:25:5a:ca:f5:77:
                    ab:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:29:60:13:C8:19:BD:C4:AD:DB:06:D7:4D:DD:96:27:89:9E:82:70
            X509v3 Authority Key Identifier:
                keyid:4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/4ClgE8gZvcSt2wbXTd2WJ4megnA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/TIEnPcsDw0V7eSUL4Qnhml508P0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:85c0::/39

    Signature Algorithm: sha256WithRSAEncryption
         12:ff:24:c0:99:61:59:b0:c0:f5:38:fe:bd:64:e6:89:72:17:
         45:23:80:9d:e3:6c:22:f4:c9:2d:4d:5f:35:cf:cf:f0:72:a7:
         ff:4f:42:33:4d:ec:4d:79:fc:e5:22:fa:0f:ad:68:e5:64:bf:
         da:f1:8a:ef:35:99:a3:63:03:5d:ca:d6:f4:9c:61:f3:81:9f:
         c4:55:aa:48:a7:73:16:a4:a0:67:a2:7c:7f:e8:cd:90:e6:22:
         9c:b9:5d:51:1d:86:3c:91:33:e7:03:f8:92:d9:1d:61:c7:dd:
         4a:9b:c7:ba:cb:6e:c7:9e:1d:8e:4b:0c:48:6c:79:f7:d6:a2:
         82:06:8d:5f:7a:0f:c0:ca:48:4f:f6:9b:83:da:66:27:d3:10:
         7f:af:f1:4c:60:d2:f1:19:19:e7:52:ae:d7:8b:40:87:97:6a:
         db:9e:37:67:0d:39:d4:2e:9a:b9:54:fc:83:43:69:ae:b5:c1:
         73:53:a8:cc:2a:18:84:2a:12:c1:82:01:50:9c:30:be:62:bc:
         35:06:a2:83:14:f7:29:95:fa:92:6d:6a:a1:0b:34:e0:05:f6:
         da:5b:3d:7f:1a:50:6c:0d:d1:90:26:d7:59:85:30:a6:90:3a:
         ed:b0:08:b1:8a:a2:ff:1e:8a:1d:54:5f:88:ba:f7:1a:03:3e:
         76:93:03:cd
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYkmXE2DCbGBtjatz0wrEiLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjODEyNzNkY2IwM2MzNDU3Yjc5MjUwYmUxMDllMTlhNWU3
NGYwZmQwHhcNMjMwNzA1MTQwMjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDI5NjAxM2M4MTliZGM0YWRkYjA2ZDc0ZGRkOTYyNzg5OWU4MjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogZeG3jfngcGnBh5jxRMj4kiWACH
ui3Bh2mHCOq2v6urdTGtY+AtcnYs7iNOq6s8eLFwXcWl0TeO8eARyDP5edsNnuZG
KzzSgXYaU5JZG7JazkPKsoQGuXnMtdKCdfWfJD/UBZHorsInDUaHeIe0vJV1FZ3J
BEY2D9+pnw4JR/AZXHQdqkwJdrxrzO3sXnSOdzEdOGZ9sAZQ8mNW+GYFeH1k1CdL
C3qDnKPxmc5wBGef1Bs0Ad7LPve1KYbH8gAeVdNne2CzHDcP4xM1qOIeSWS5vaNK
GrMzJuOTefDzx+DohIE0qav1lz2fieWsMeoC3A0bTY2U6QuhJVrK9XermQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFOApYBPIGb3ErdsG103dlieJnoJwMB8GA1UdIwQY
MBaAFEyBJz3LA8NFe3klC+EJ4ZpedPD9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYt
Nzc3OTRmYmZkMmU0LzEvNENsZ0U4Z1p2Y1N0MndiWFRkMldKNG1lZ25BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYtNzc3OTRmYmZkMmU0
LzEvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYBKhOFwAAw
DQYJKoZIhvcNAQELBQADggEBABL/JMCZYVmwwPU4/r1k5olyF0UjgJ3jbCL0yS1N
XzXPz/Byp/9PQjNN7E15/OUi+g+taOVkv9rxiu81maNjA13K1vScYfOBn8RVqkin
cxakoGeifH/ozZDmIpy5XVEdhjyRM+cD+JLZHWHH3Uqbx7rLbseeHY5LDEhseffW
ooIGjV96D8DKSE/2m4PaZifTEH+v8Uxg0vEZGedSrteLQIeXatueN2cNOdQumrlU
/INDaa61wXNTqMwqGIQqEsGCAVCcML5ivDUGooMU9ymV+pJtaqELNOAF9tpbPX8a
UGwN0ZAm11mFMKaQOu2wCLGKov8eih1UX4i69xoDPnaTA80=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:27 2024 by rpki-client on console-ams.rpki-client.org