Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/2a5574-7b12-4da2-a064-5e1b0788923b/1/PvAQX_Z-QeL4VOeATvw5Jzoe7N4.roa
File:                     PvAQX_Z-QeL4VOeATvw5Jzoe7N4.roa (raw, json)
Hash identifier:          YaAoB3FbPwH/mZkCC2pmv/i8gAvWfTUOPwE5rwwdOAA=
Subject key identifier:   3E:F0:10:5F:F6:7E:41:E2:F8:54:E7:80:4E:FC:39:27:3A:1E:EC:DE
Certificate issuer:       /CN=3d6c2958145f45fad5daeeb38b75b52c09661046
Certificate serial:       018DF659FA5F3BE0A8DB5C07713127BB8647
Authority key identifier: 3D:6C:29:58:14:5F:45:FA:D5:DA:EE:B3:8B:75:B5:2C:09:66:10:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PWwpWBRfRfrV2u6zi3W1LAlmEEY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/2a5574-7b12-4da2-a064-5e1b0788923b/1/PvAQX_Z-QeL4VOeATvw5Jzoe7N4.roa
Signing time:             Thu 29 Feb 2024 19:31:48 +0000
ROA not before:           Thu 29 Feb 2024 19:31:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     199326
IP address blocks:        2a13:7705:ff00::/40 maxlen: 40
                          2a13:7705:ff00::/48 maxlen: 48
                          2a13:7705:ff01::/48 maxlen: 48
                          2a13:7705:ff04::/48 maxlen: 48
                          2a13:7705:ff08::/48 maxlen: 48
                          2a13:7705:ff10::/48 maxlen: 48
                          2a13:7705:ff14::/48 maxlen: 48
                          2a13:7705:ff18::/48 maxlen: 48
                          2a13:7705:ff1c::/48 maxlen: 48
                          2a13:7705:ff20::/48 maxlen: 48
                          2a13:7705:ff24::/48 maxlen: 48
                          2a13:7705:ff28::/48 maxlen: 48
                          2a13:7705:ff2c::/48 maxlen: 48
                          2a13:7705:ff30::/48 maxlen: 48
                          2a13:7705:ff34::/48 maxlen: 48
                          2a13:7705:ff38::/48 maxlen: 48
                          2a13:7705:ff3c::/48 maxlen: 48
                          2a13:7705:ff40::/48 maxlen: 48
                          2a13:7705:ff44::/48 maxlen: 48
                          2a13:7705:ff4c::/48 maxlen: 48
                          2a13:7705:ff50::/48 maxlen: 48
                          2a13:7705:ff54::/48 maxlen: 48
                          2a13:7705:ff58::/48 maxlen: 48
                          2a13:7705:ff5c::/48 maxlen: 48
                          2a13:7705:ff60::/48 maxlen: 48
                          2a13:7705:ff64::/48 maxlen: 48
                          2a13:7705:ff68::/48 maxlen: 48
                          2a13:7705:ff6c::/48 maxlen: 48
                          2a13:7705:ff70::/48 maxlen: 48
                          2a13:7705:ff74::/48 maxlen: 48
                          2a13:7705:ff78::/48 maxlen: 48
                          2a13:7705:ff7c::/48 maxlen: 48
                          2a13:7705:ff80::/48 maxlen: 48
                          2a13:7705:ff84::/48 maxlen: 48
                          2a13:7705:ff88::/48 maxlen: 48
                          2a13:7705:ff8c::/48 maxlen: 48
                          2a13:7705:ff90::/48 maxlen: 48
                          2a13:7705:ffff::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 12 Mar 2024 14:09:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:f6:59:fa:5f:3b:e0:a8:db:5c:07:71:31:27:bb:86:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d6c2958145f45fad5daeeb38b75b52c09661046
        Validity
            Not Before: Feb 29 19:31:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3ef0105ff67e41e2f854e7804efc39273a1eecde
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:4e:24:2c:29:b2:13:5b:cd:a0:f4:cb:6c:f8:
                    be:cd:92:6e:ea:60:92:38:74:fd:a6:12:7c:e3:f9:
                    d0:1a:28:ff:96:1e:4e:fe:df:43:77:22:72:1b:62:
                    b5:03:55:c4:de:55:2b:6e:15:d8:fe:8f:04:8e:a3:
                    70:eb:18:e3:a1:db:ab:a0:9e:0c:a8:41:de:aa:32:
                    9e:d5:aa:58:e9:8f:e1:2a:88:6d:3a:57:bb:41:82:
                    33:27:78:0e:2f:f4:85:52:c4:04:39:77:92:2d:15:
                    44:2d:cf:f6:8c:3b:87:61:8a:1b:1b:7a:d9:88:2a:
                    00:50:12:14:98:e0:36:79:81:75:f8:43:66:38:13:
                    8c:98:18:a7:ac:81:be:b4:1b:26:35:60:a1:a3:e6:
                    15:4b:f2:60:56:a4:88:9b:f4:1e:7c:dd:05:a9:bd:
                    9c:2d:42:de:5f:d6:3a:32:a7:0f:0c:dc:fd:76:6f:
                    b8:00:c3:7a:bb:7e:99:2d:66:a4:26:26:7d:2a:43:
                    03:2e:32:66:17:50:84:32:9a:37:f4:75:fa:dd:43:
                    a4:4f:cf:03:c3:04:84:49:66:45:14:79:62:eb:99:
                    1d:fd:35:cd:a6:19:15:d4:11:a8:82:ce:9a:02:27:
                    1a:78:ed:9d:81:f8:2b:12:e8:ce:22:97:0b:bc:b4:
                    5e:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:F0:10:5F:F6:7E:41:E2:F8:54:E7:80:4E:FC:39:27:3A:1E:EC:DE
            X509v3 Authority Key Identifier:
                keyid:3D:6C:29:58:14:5F:45:FA:D5:DA:EE:B3:8B:75:B5:2C:09:66:10:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PWwpWBRfRfrV2u6zi3W1LAlmEEY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/2a5574-7b12-4da2-a064-5e1b0788923b/1/PvAQX_Z-QeL4VOeATvw5Jzoe7N4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/2a5574-7b12-4da2-a064-5e1b0788923b/1/PWwpWBRfRfrV2u6zi3W1LAlmEEY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:7705:ff00::/40

    Signature Algorithm: sha256WithRSAEncryption
         11:7b:bf:8d:49:44:04:d7:20:0c:ef:77:30:26:c8:de:41:63:
         91:cf:98:de:5f:63:24:21:db:fa:12:08:70:32:45:35:fa:8d:
         4b:d0:cf:97:20:a9:52:1e:3b:10:36:e3:e9:09:58:a2:7b:e7:
         9a:ea:4b:d3:43:17:1e:86:e6:29:52:c3:55:38:e1:e7:30:8a:
         8a:e5:52:f6:ee:c1:29:fd:53:16:38:28:ae:9f:f4:5f:d1:be:
         87:e4:ee:65:66:5d:55:56:8d:0f:68:1f:60:98:1b:90:f9:f6:
         d0:72:1b:ad:c7:26:6d:da:7f:9a:fd:32:07:24:b4:7e:96:59:
         f5:90:c1:32:e7:09:0e:01:17:0a:d7:91:d3:e9:2a:5e:37:4f:
         bf:a5:73:26:e5:e6:ad:a5:b9:55:8b:91:e5:ab:af:1e:30:7b:
         5d:dc:8a:88:b2:31:d7:f2:23:eb:70:e1:6f:3e:77:a3:ae:d7:
         5e:89:99:e0:69:dd:c6:4f:29:1b:fc:df:62:17:2a:5a:c1:32:
         1d:05:ec:f3:ef:f5:5d:2d:ad:a6:41:f8:56:6a:d5:30:79:c0:
         6c:c9:e7:66:c7:c8:6d:09:02:9e:07:ce:65:02:9d:ef:f4:e9:
         a1:db:e0:b6:01:0d:5c:6a:9a:81:7a:25:1d:57:51:62:9f:24:
         33:ea:a2:72
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAY32WfpfO+Co21wHcTEnu4ZHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNmMyOTU4MTQ1ZjQ1ZmFkNWRhZWViMzhiNzViNTJjMDk2
NjEwNDYwHhcNMjQwMjI5MTkzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWYwMTA1ZmY2N2U0MWUyZjg1NGU3ODA0ZWZjMzkyNzNhMWVlY2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzU4kLCmyE1vNoPTLbPi+zZJu6mCS
OHT9phJ84/nQGij/lh5O/t9DdyJyG2K1A1XE3lUrbhXY/o8EjqNw6xjjoduroJ4M
qEHeqjKe1apY6Y/hKohtOle7QYIzJ3gOL/SFUsQEOXeSLRVELc/2jDuHYYobG3rZ
iCoAUBIUmOA2eYF1+ENmOBOMmBinrIG+tBsmNWCho+YVS/JgVqSIm/QefN0Fqb2c
LULeX9Y6MqcPDNz9dm+4AMN6u36ZLWakJiZ9KkMDLjJmF1CEMpo39HX63UOkT88D
wwSESWZFFHli65kd/TXNphkV1BGogs6aAicaeO2dgfgrEujOIpcLvLReWwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFD7wEF/2fkHi+FTngE78OSc6HuzeMB8GA1UdIwQY
MBaAFD1sKVgUX0X61drus4t1tSwJZhBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFd3cFdCUmZSZnJWMnU2emkzVzFMQWxtRUVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8yYTU1NzQtN2IxMi00ZGEyLWEwNjQt
NWUxYjA3ODg5MjNiLzEvUHZBUVhfWi1RZUw0Vk9lQVR2dzVKem9lN040LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8yYTU1NzQtN2IxMi00ZGEyLWEwNjQtNWUxYjA3ODg5MjNi
LzEvUFd3cFdCUmZSZnJWMnU2emkzVzFMQWxtRUVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhN3Bf8w
DQYJKoZIhvcNAQELBQADggEBABF7v41JRATXIAzvdzAmyN5BY5HPmN5fYyQh2/oS
CHAyRTX6jUvQz5cgqVIeOxA24+kJWKJ755rqS9NDFx6G5ilSw1U44ecwiorlUvbu
wSn9UxY4KK6f9F/Rvofk7mVmXVVWjQ9oH2CYG5D59tByG63HJm3af5r9MgcktH6W
WfWQwTLnCQ4BFwrXkdPpKl43T7+lcybl5q2luVWLkeWrrx4we13cioiyMdfyI+tw
4W8+d6Ou116JmeBp3cZPKRv832IXKlrBMh0F7PPv9V0traZB+FZq1TB5wGzJ52bH
yG0JAp4HzmUCne/06aHb4LYBDVxqmoF6JR1XUWKfJDPqonI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:00 2024 by rpki-client on console-ams.rpki-client.org