Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/XUT7V9ZsOTNYZuEAf_mYU3xYh5M.roa
File:                     XUT7V9ZsOTNYZuEAf_mYU3xYh5M.roa (raw, json)
Hash identifier:          X1uzaR/X8Z7fIO6nhdaURmY4ZTi17MRgDegIIqScchA=
Subject key identifier:   5D:44:FB:57:D6:6C:39:33:58:66:E1:00:7F:F9:98:53:7C:58:87:93
Certificate issuer:       /CN=6aa8fa75c5020cd6218cf7f109de420265204bac
Certificate serial:       018CC86FA7D977268F2AE907C51DDAC67775
Authority key identifier: 6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/XUT7V9ZsOTNYZuEAf_mYU3xYh5M.roa
Signing time:             Tue 02 Jan 2024 04:30:09 +0000
ROA not before:           Tue 02 Jan 2024 04:30:09 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16509
IP address blocks:        2a13:d040:1e::/48 maxlen: 48
                          2a13:d040:19::/48 maxlen: 48
                          2a13:d040:14::/48 maxlen: 48
                          2a13:d040:1f::/48 maxlen: 48
                          2a13:d040:12::/48 maxlen: 48
                          2a13:d040:2::/48 maxlen: 48
                          2a13:d040:1d::/48 maxlen: 48
                          2a13:d040:18::/48 maxlen: 48
                          2a13:d040:3::/48 maxlen: 48
                          2a13:d040:13::/48 maxlen: 48
                          2a13:d040:16::/48 maxlen: 48
                          2a13:d040:1::/48 maxlen: 48
                          2a13:d040:11::/48 maxlen: 48
                          2a13:d040:1c::/48 maxlen: 48
                          2a13:d040:17::/48 maxlen: 48
                          2a13:d040:1a::/48 maxlen: 48
                          2a13:d040:15::/48 maxlen: 48
                          2a13:d040:10::/48 maxlen: 48
                          2a13:d040:1b::/48 maxlen: 48
Validation:               Failed, certificate revoked on Thu 10 Oct 2024 16:36:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:6f:a7:d9:77:26:8f:2a:e9:07:c5:1d:da:c6:77:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6aa8fa75c5020cd6218cf7f109de420265204bac
        Validity
            Not Before: Jan  2 04:30:09 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5d44fb57d66c39335866e1007ff998537c588793
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:05:8d:b6:e3:3d:32:86:a8:23:a2:45:75:94:
                    72:12:ea:97:9f:d8:a0:90:ce:01:ae:bb:ae:dd:22:
                    74:1a:4a:a6:31:cb:c2:72:56:dc:43:54:13:6a:4f:
                    e3:08:8f:4c:aa:24:e8:66:83:46:a8:e6:de:37:79:
                    eb:22:29:b0:45:5a:93:11:4e:12:1d:90:49:c2:92:
                    1b:02:7c:e6:1b:30:f1:e3:47:a8:22:cf:b5:b2:5d:
                    f2:ba:57:4b:9e:e1:57:45:2c:d0:f6:65:e5:35:ee:
                    aa:0f:b6:16:16:96:ce:aa:25:0a:fb:5b:9d:96:21:
                    ff:ec:e3:65:a4:9b:39:28:1b:8e:3a:2a:0d:e5:d0:
                    b4:1d:a9:86:06:92:40:46:5f:7b:75:47:d6:06:93:
                    17:8b:86:0d:80:1f:10:0d:92:1c:40:0a:c0:36:e7:
                    25:ac:19:2b:3a:f2:95:25:80:d2:c5:ff:ba:41:87:
                    b3:b2:ed:ae:a3:56:af:cc:3e:2f:f5:48:24:c5:1f:
                    66:24:df:b8:26:1f:2c:12:1d:28:67:00:a9:6b:23:
                    76:e1:e3:b1:38:21:f7:45:7a:0d:38:de:31:5f:41:
                    c8:4e:3e:13:57:1d:95:ff:51:70:7b:5e:0d:15:35:
                    1c:b8:b1:12:82:3f:c3:2a:28:17:c9:8b:8e:62:79:
                    8b:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:44:FB:57:D6:6C:39:33:58:66:E1:00:7F:F9:98:53:7C:58:87:93
            X509v3 Authority Key Identifier:
                keyid:6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/XUT7V9ZsOTNYZuEAf_mYU3xYh5M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:d040:1::-2a13:d040:3:ffff:ffff:ffff:ffff:ffff
                  2a13:d040:10::/44

    Signature Algorithm: sha256WithRSAEncryption
         1b:e3:ff:db:a9:75:f2:5b:23:f6:7c:62:46:e6:5c:0f:0b:79:
         21:77:70:d6:c8:51:f0:b1:12:af:c8:a9:26:b5:36:94:35:7f:
         9e:04:01:39:40:33:5c:db:fe:ef:56:29:61:e2:7d:0a:ad:de:
         96:c5:db:94:12:d9:d3:68:ef:55:5d:3b:83:31:7e:79:da:64:
         fd:e8:2c:89:30:be:96:f8:30:44:68:0d:e9:9f:48:7c:0c:ea:
         5c:4e:5a:41:ee:cb:9e:ac:87:ce:15:22:1c:c2:a0:84:5a:23:
         22:62:c8:f7:32:bd:c9:04:c0:7b:fc:84:57:9c:50:84:66:44:
         bc:a8:3d:13:39:d8:a4:cb:05:30:2e:9f:93:52:50:3c:64:e6:
         6c:24:37:46:0f:9d:b6:9d:83:43:e3:11:8d:18:32:4d:66:f8:
         14:04:2d:ca:fb:53:2e:33:89:6e:67:39:6c:6c:65:16:10:32:
         55:bf:e9:35:08:6d:69:53:bd:91:7e:14:48:d5:f9:c6:02:30:
         0f:dc:66:d7:8b:29:26:05:6f:c0:74:98:db:10:d5:fd:9b:4d:
         8c:38:8c:e7:23:16:00:67:12:5a:d4:02:27:55:94:98:a6:96:
         06:7d:bd:f1:eb:33:d0:32:06:4a:d1:c5:f4:3f:42:bb:76:3d:
         56:20:8b:fc
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzIb6fZdyaPKukHxR3axnd1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYThmYTc1YzUwMjBjZDYyMThjZjdmMTA5ZGU0MjAyNjUy
MDRiYWMwHhcNMjQwMTAyMDQzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDQ0ZmI1N2Q2NmMzOTMzNTg2NmUxMDA3ZmY5OTg1MzdjNTg4NzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAWNtuM9MoaoI6JFdZRyEuqXn9ig
kM4Brruu3SJ0GkqmMcvCclbcQ1QTak/jCI9MqiToZoNGqObeN3nrIimwRVqTEU4S
HZBJwpIbAnzmGzDx40eoIs+1sl3yuldLnuFXRSzQ9mXlNe6qD7YWFpbOqiUK+1ud
liH/7ONlpJs5KBuOOioN5dC0HamGBpJARl97dUfWBpMXi4YNgB8QDZIcQArANucl
rBkrOvKVJYDSxf+6QYezsu2uo1avzD4v9UgkxR9mJN+4Jh8sEh0oZwCpayN24eOx
OCH3RXoNON4xX0HITj4TVx2V/1Fwe14NFTUcuLESgj/DKigXyYuOYnmLKwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFF1E+1fWbDkzWGbhAH/5mFN8WIeTMB8GA1UdIwQY
MBaAFGqo+nXFAgzWIYz38QneQgJlIEusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXFqNmRjVUNETlloalBmeENkNUNBbVVnUzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy83MDEyZDgtYWZhMS00MTliLThiNjAt
MzVjNjNmYTc2NWEyLzEvWFVUN1Y5WnNPVE5ZWnVFQWZfbVlVM3hZaDVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy83MDEyZDgtYWZhMS00MTliLThiNjAtMzVjNjNmYTc2NWEy
LzEvYXFqNmRjVUNETlloalBmeENkNUNBbVVnUzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwAqE9BA
AAEDBwIqE9BAAAADBwQqE9BAABAwDQYJKoZIhvcNAQELBQADggEBABvj/9updfJb
I/Z8YkbmXA8LeSF3cNbIUfCxEq/IqSa1NpQ1f54EATlAM1zb/u9WKWHifQqt3pbF
25QS2dNo71VdO4MxfnnaZP3oLIkwvpb4MERoDemfSHwM6lxOWkHuy56sh84VIhzC
oIRaIyJiyPcyvckEwHv8hFecUIRmRLyoPRM52KTLBTAun5NSUDxk5mwkN0YPnbad
g0PjEY0YMk1m+BQELcr7Uy4ziW5nOWxsZRYQMlW/6TUIbWlTvZF+FEjV+cYCMA/c
ZteLKSYFb8B0mNsQ1f2bTYw4jOcjFgBnElrUAidVlJimlgZ9vfHrM9AyBkrRxfQ/
Qrt2PVYgi/w=
-----END CERTIFICATE-----