Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/NOSSDAU6ag8iE5u24bTHcYrpHC0.roa
File:                     NOSSDAU6ag8iE5u24bTHcYrpHC0.roa (raw, json)
Hash identifier:          5YAzT4exsW7K6F8+T0XHzMGfe2Cwop2kFLLMcoRl+yw=
Subject key identifier:   34:E4:92:0C:05:3A:6A:0F:22:13:9B:B6:E1:B4:C7:71:8A:E9:1C:2D
Certificate issuer:       /CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Certificate serial:       01892670744A3BEDEAB7ED50D611FC62A572
Authority key identifier: 4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/NOSSDAU6ag8iE5u24bTHcYrpHC0.roa
Signing time:             Wed 05 Jul 2023 14:24:11 +0000
ROA not before:           Wed 05 Jul 2023 14:24:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        2a13:85c0::/40 maxlen: 48

Validation:               Failed, certificate revoked on Tue 22 Aug 2023 04:21:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:26:70:74:4a:3b:ed:ea:b7:ed:50:d6:11:fc:62:a5:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
        Validity
            Not Before: Jul  5 14:24:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=34e4920c053a6a0f22139bb6e1b4c7718ae91c2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:72:2e:4e:40:bb:c2:cc:44:e5:db:db:11:08:
                    fa:42:d5:bb:68:ad:40:bc:83:e1:ec:6e:db:fa:1d:
                    10:6c:f0:f9:3e:1b:06:fd:c8:82:d7:bc:7d:55:58:
                    75:02:ce:21:77:98:61:af:5d:3d:27:92:0d:54:2d:
                    10:b7:24:8b:db:ca:cb:31:74:a1:3f:be:66:80:5e:
                    a7:1a:e0:86:0b:48:fa:57:70:ff:74:d5:49:89:20:
                    73:4a:d2:4e:a9:4a:93:8d:6a:48:94:77:3f:65:a4:
                    05:cb:a8:db:d5:e6:15:0a:cc:14:77:05:49:f1:94:
                    c8:2c:da:25:bc:25:0b:a1:93:cc:81:d7:7b:96:93:
                    6c:2c:af:42:c2:de:3f:9a:d9:6d:91:22:f1:9f:cd:
                    8b:0f:fa:8f:1d:53:fa:e6:66:25:3d:8c:13:d2:18:
                    d8:8e:c2:15:39:22:fc:b2:06:cd:ab:71:92:eb:33:
                    ee:f6:c1:f2:86:00:d8:ab:13:02:b2:2d:22:6d:54:
                    1c:23:5c:38:46:ac:5e:da:1b:10:b2:20:e8:c1:23:
                    0f:19:ce:b4:83:b8:9a:b7:a5:2c:c9:e5:11:54:ec:
                    a1:07:11:ac:86:1a:39:92:df:c7:96:30:99:3f:21:
                    57:11:2b:36:bc:fa:57:be:04:a1:b9:0c:33:4d:14:
                    da:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:E4:92:0C:05:3A:6A:0F:22:13:9B:B6:E1:B4:C7:71:8A:E9:1C:2D
            X509v3 Authority Key Identifier:
                keyid:4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/NOSSDAU6ag8iE5u24bTHcYrpHC0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/TIEnPcsDw0V7eSUL4Qnhml508P0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:85c0::/40

    Signature Algorithm: sha256WithRSAEncryption
         74:89:15:c4:3e:06:13:cb:5f:97:2e:81:ea:1c:b6:6c:d0:f3:
         bd:88:19:e7:20:64:6f:50:00:1a:bb:1f:30:a8:f1:43:2d:fc:
         f8:19:d4:65:9d:27:03:39:1c:88:8d:f8:7d:ff:30:b9:47:2b:
         ca:91:d3:04:85:f2:31:90:29:a9:65:4e:c4:d5:d2:31:fb:92:
         47:ea:a8:62:be:35:49:fa:27:09:48:ef:33:27:fa:c9:43:4a:
         b5:02:6d:05:04:40:63:47:2b:fb:c7:35:c8:6d:f1:18:2d:69:
         8b:b6:2e:c9:45:4b:20:6e:c5:ca:22:fd:64:bc:2e:37:c9:f8:
         99:92:d1:7c:97:8b:fd:01:b8:cb:ab:1c:a4:f5:a6:2c:52:a4:
         c2:3d:b0:e6:35:a4:2e:c5:35:94:19:76:c3:8c:f3:26:4c:a0:
         b1:24:27:dd:e3:03:5f:9a:67:b8:42:da:dd:72:d4:f7:ae:25:
         ca:a4:5f:c0:1e:98:b9:a6:69:8d:3c:47:20:4c:b7:81:37:25:
         9a:e0:39:3b:f6:9b:60:e9:4c:6a:2e:2a:53:32:20:e6:ec:d2:
         d6:7e:53:fa:7f:27:97:3e:6e:7b:09:ad:cd:60:8f:52:86:ee:
         1b:cd:fd:1c:d6:28:3a:97:3c:c8:c5:4f:7c:fe:4e:9f:4f:09:
         e0:9a:36:11
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYkmcHRKO+3qt+1Q1hH8YqVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjODEyNzNkY2IwM2MzNDU3Yjc5MjUwYmUxMDllMTlhNWU3
NGYwZmQwHhcNMjMwNzA1MTQyNDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGU0OTIwYzA1M2E2YTBmMjIxMzliYjZlMWI0Yzc3MThhZTkxYzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXIuTkC7wsxE5dvbEQj6QtW7aK1A
vIPh7G7b+h0QbPD5PhsG/ciC17x9VVh1As4hd5hhr109J5INVC0QtySL28rLMXSh
P75mgF6nGuCGC0j6V3D/dNVJiSBzStJOqUqTjWpIlHc/ZaQFy6jb1eYVCswUdwVJ
8ZTILNolvCULoZPMgdd7lpNsLK9Cwt4/mtltkSLxn82LD/qPHVP65mYlPYwT0hjY
jsIVOSL8sgbNq3GS6zPu9sHyhgDYqxMCsi0ibVQcI1w4Rqxe2hsQsiDowSMPGc60
g7iat6UsyeURVOyhBxGshho5kt/HljCZPyFXESs2vPpXvgShuQwzTRTaOwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDTkkgwFOmoPIhObtuG0x3GK6RwtMB8GA1UdIwQY
MBaAFEyBJz3LA8NFe3klC+EJ4ZpedPD9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYt
Nzc3OTRmYmZkMmU0LzEvTk9TU0RBVTZhZzhpRTV1MjRiVEhjWXJwSEMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYtNzc3OTRmYmZkMmU0
LzEvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhOFwAAw
DQYJKoZIhvcNAQELBQADggEBAHSJFcQ+BhPLX5cugeoctmzQ872IGecgZG9QABq7
HzCo8UMt/PgZ1GWdJwM5HIiN+H3/MLlHK8qR0wSF8jGQKallTsTV0jH7kkfqqGK+
NUn6JwlI7zMn+slDSrUCbQUEQGNHK/vHNcht8RgtaYu2LslFSyBuxcoi/WS8LjfJ
+JmS0XyXi/0BuMurHKT1pixSpMI9sOY1pC7FNZQZdsOM8yZMoLEkJ93jA1+aZ7hC
2t1y1PeuJcqkX8AemLmmaY08RyBMt4E3JZrgOTv2m2DpTGouKlMyIObs0tZ+U/p/
J5c+bnsJrc1gj1KG7hvN/RzWKDqXPMjFT3z+Tp9PCeCaNhE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:35 2024 by rpki-client on console-fra.rpki-client.org