Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/2a5574-7b12-4da2-a064-5e1b0788923b/1/LGanFcN3pO4Htn_iIG7FioPyNME.roa
File:                     LGanFcN3pO4Htn_iIG7FioPyNME.roa (raw, json)
Hash identifier:          tx4AOHXZmc8OzUf+Ve8z2Vvd82mWaDHl31lCvJoXURI=
Subject key identifier:   2C:66:A7:15:C3:77:A4:EE:07:B6:7F:E2:20:6E:C5:8A:83:F2:34:C1
Certificate issuer:       /CN=3d6c2958145f45fad5daeeb38b75b52c09661046
Certificate serial:       018DEF3B29A4DB1472B5FA6AC2283F78D4B9
Authority key identifier: 3D:6C:29:58:14:5F:45:FA:D5:DA:EE:B3:8B:75:B5:2C:09:66:10:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PWwpWBRfRfrV2u6zi3W1LAlmEEY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/2a5574-7b12-4da2-a064-5e1b0788923b/1/LGanFcN3pO4Htn_iIG7FioPyNME.roa
Signing time:             Wed 28 Feb 2024 10:20:48 +0000
ROA not before:           Wed 28 Feb 2024 10:20:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     199326
IP address blocks:        2a13:7705:ff00::/40 maxlen: 40
                          2a13:7705:ff00::/48 maxlen: 48
                          2a13:7705:ffff::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 28 Feb 2024 16:01:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:ef:3b:29:a4:db:14:72:b5:fa:6a:c2:28:3f:78:d4:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d6c2958145f45fad5daeeb38b75b52c09661046
        Validity
            Not Before: Feb 28 10:20:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2c66a715c377a4ee07b67fe2206ec58a83f234c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:e1:80:5a:5f:cc:b6:a0:29:2a:59:2f:de:b0:
                    28:a4:a2:b5:35:f4:84:5b:04:40:f4:7f:c4:98:b1:
                    bf:cb:d8:1b:4f:e1:63:4b:ef:aa:5a:94:f7:e5:00:
                    8a:04:89:22:78:9e:36:f0:fd:6b:45:0a:ed:ae:79:
                    31:95:00:23:99:59:cf:7d:d6:9c:9c:9a:8b:63:73:
                    45:17:ff:e7:04:35:a1:1d:08:b7:0f:3e:4f:e8:d6:
                    31:80:19:b6:5b:01:62:47:d0:ac:d1:d1:cc:ec:c3:
                    94:f3:bf:66:9e:3d:9d:ef:c6:11:ed:5d:44:6b:a3:
                    1c:18:de:a8:92:ba:7b:54:fc:ba:5a:6d:af:75:02:
                    65:a1:4f:4a:e3:c3:a1:bf:3b:60:be:66:e4:2b:a9:
                    75:37:58:9e:4a:97:50:27:59:24:f8:d6:5a:7a:17:
                    63:ba:d4:d3:ac:c9:f9:94:cf:67:74:0b:45:0d:13:
                    ca:4f:00:4b:9d:86:dd:86:c3:5f:8d:bb:50:26:a3:
                    27:b6:16:3f:95:0f:18:49:56:91:b0:63:a3:80:11:
                    25:e6:0a:86:37:00:8a:7e:e7:dc:2b:ad:0e:59:1c:
                    53:52:89:e8:39:b0:20:e2:da:16:78:c1:f6:72:33:
                    5a:0e:e7:e6:4d:ea:30:dc:a5:50:36:49:33:c1:4d:
                    7c:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:66:A7:15:C3:77:A4:EE:07:B6:7F:E2:20:6E:C5:8A:83:F2:34:C1
            X509v3 Authority Key Identifier:
                keyid:3D:6C:29:58:14:5F:45:FA:D5:DA:EE:B3:8B:75:B5:2C:09:66:10:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PWwpWBRfRfrV2u6zi3W1LAlmEEY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/2a5574-7b12-4da2-a064-5e1b0788923b/1/LGanFcN3pO4Htn_iIG7FioPyNME.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/2a5574-7b12-4da2-a064-5e1b0788923b/1/PWwpWBRfRfrV2u6zi3W1LAlmEEY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:7705:ff00::/40

    Signature Algorithm: sha256WithRSAEncryption
         5c:dd:b7:60:c7:c2:35:cd:76:cf:7c:b2:9f:e7:0d:2a:f2:60:
         52:27:70:a5:5e:8e:61:43:83:52:35:16:8d:df:21:c2:db:9a:
         f2:14:66:6a:42:47:e2:a6:ad:78:3b:1b:b2:fb:f4:f6:37:a4:
         55:00:b8:bd:5e:03:6a:6b:5b:e0:21:1d:15:ab:06:5e:08:4a:
         59:87:c3:1e:94:b7:e0:9b:51:31:6c:2e:6e:0b:95:b1:f2:0f:
         1d:18:25:fa:21:5f:f7:9b:c2:89:2f:85:31:91:1e:b8:dd:cc:
         6f:38:24:0a:46:14:ea:f3:d6:f6:6e:39:0c:d2:32:e9:69:09:
         89:73:20:79:05:bb:e2:53:5c:d7:06:e0:b8:23:1f:47:1e:da:
         d6:1c:28:42:ba:3a:e3:55:dd:5a:cd:86:e9:db:27:7d:f3:1f:
         a6:d7:f2:f9:24:91:52:f7:8a:76:34:53:92:44:01:1d:67:6f:
         a9:09:f7:3b:79:d1:62:76:d5:0f:a7:79:1c:36:45:f3:af:aa:
         cc:2d:da:48:5f:6b:22:c5:99:25:e3:6e:3b:a4:a4:d7:cb:1d:
         78:66:f6:e6:b3:c8:bb:82:d0:f0:66:51:bd:6b:42:58:6d:ac:
         56:d4:01:1e:9f:fd:c1:d5:26:76:15:c0:d0:66:a5:79:7c:cd:
         18:9a:14:66
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAY3vOymk2xRytfpqwig/eNS5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNmMyOTU4MTQ1ZjQ1ZmFkNWRhZWViMzhiNzViNTJjMDk2
NjEwNDYwHhcNMjQwMjI4MTAyMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzY2YTcxNWMzNzdhNGVlMDdiNjdmZTIyMDZlYzU4YTgzZjIzNGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+GAWl/MtqApKlkv3rAopKK1NfSE
WwRA9H/EmLG/y9gbT+FjS++qWpT35QCKBIkieJ428P1rRQrtrnkxlQAjmVnPfdac
nJqLY3NFF//nBDWhHQi3Dz5P6NYxgBm2WwFiR9Cs0dHM7MOU879mnj2d78YR7V1E
a6McGN6okrp7VPy6Wm2vdQJloU9K48OhvztgvmbkK6l1N1ieSpdQJ1kk+NZaehdj
utTTrMn5lM9ndAtFDRPKTwBLnYbdhsNfjbtQJqMnthY/lQ8YSVaRsGOjgBEl5gqG
NwCKfufcK60OWRxTUonoObAg4toWeMH2cjNaDufmTeow3KVQNkkzwU180wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCxmpxXDd6TuB7Z/4iBuxYqD8jTBMB8GA1UdIwQY
MBaAFD1sKVgUX0X61drus4t1tSwJZhBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFd3cFdCUmZSZnJWMnU2emkzVzFMQWxtRUVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8yYTU1NzQtN2IxMi00ZGEyLWEwNjQt
NWUxYjA3ODg5MjNiLzEvTEdhbkZjTjNwTzRIdG5faUlHN0Zpb1B5Tk1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8yYTU1NzQtN2IxMi00ZGEyLWEwNjQtNWUxYjA3ODg5MjNi
LzEvUFd3cFdCUmZSZnJWMnU2emkzVzFMQWxtRUVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhN3Bf8w
DQYJKoZIhvcNAQELBQADggEBAFzdt2DHwjXNds98sp/nDSryYFIncKVejmFDg1I1
Fo3fIcLbmvIUZmpCR+KmrXg7G7L79PY3pFUAuL1eA2prW+AhHRWrBl4ISlmHwx6U
t+CbUTFsLm4LlbHyDx0YJfohX/ebwokvhTGRHrjdzG84JApGFOrz1vZuOQzSMulp
CYlzIHkFu+JTXNcG4LgjH0ce2tYcKEK6OuNV3VrNhunbJ33zH6bX8vkkkVL3inY0
U5JEAR1nb6kJ9zt50WJ21Q+neRw2RfOvqswt2khfayLFmSXjbjukpNfLHXhm9uaz
yLuC0PBmUb1rQlhtrFbUAR6f/cHVJnYVwNBmpXl8zRiaFGY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:00 2024 by rpki-client on console-ams.rpki-client.org