Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/6rrHLjzwVjUyxNQNY9EEszJloGk.roa
File:                     6rrHLjzwVjUyxNQNY9EEszJloGk.roa (raw, json)
Hash identifier:          YiHMo2hHFdpb6fMVaBy5x9wTqyN2WvRGsdYWvIS25PU=
Subject key identifier:   EA:BA:C7:2E:3C:F0:56:35:32:C4:D4:0D:63:D1:04:B3:32:65:A0:69
Certificate issuer:       /CN=6ca977f854c63dc9f97a18be7b13002121a5d384
Certificate serial:       018972FF654C1007A7BB1BF6F7C755B1ED61
Authority key identifier: 6C:A9:77:F8:54:C6:3D:C9:F9:7A:18:BE:7B:13:00:21:21:A5:D3:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bKl3-FTGPcn5ehi-exMAISGl04Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/6rrHLjzwVjUyxNQNY9EEszJloGk.roa
Signing time:             Thu 20 Jul 2023 11:11:27 +0000
ROA not before:           Thu 20 Jul 2023 11:11:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212623
IP address blocks:        2a13:b487:4200::/40 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:72:ff:65:4c:10:07:a7:bb:1b:f6:f7:c7:55:b1:ed:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ca977f854c63dc9f97a18be7b13002121a5d384
        Validity
            Not Before: Jul 20 11:11:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eabac72e3cf0563532c4d40d63d104b33265a069
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:9f:e8:ad:3a:c7:00:ba:c5:92:d6:ba:76:e7:
                    67:52:f0:5e:08:76:95:c2:02:98:da:e4:68:95:d2:
                    df:c7:65:a7:21:92:fc:0f:b0:4a:ea:9a:30:36:64:
                    58:84:71:0a:e0:f1:37:9b:c3:1d:4e:0b:d5:0d:df:
                    7b:3a:95:4c:04:ba:ad:ec:b1:72:19:8f:4a:ba:6e:
                    05:73:26:03:25:f0:c4:78:e9:7c:1e:a4:39:36:24:
                    98:fe:10:b9:9d:66:96:1e:14:11:d5:bb:e2:c0:34:
                    6b:33:b2:6c:24:0c:80:7f:3e:62:42:19:3b:d7:49:
                    c3:48:09:47:29:6c:c7:b9:31:a6:cf:bb:bd:c9:30:
                    3d:16:49:50:68:b0:d1:83:19:78:c0:6a:2d:d8:7f:
                    05:6e:3b:44:81:13:73:22:10:4f:28:f6:db:2c:c9:
                    7a:34:3b:ae:57:20:7f:59:37:e5:a9:58:17:3b:96:
                    7d:5d:cc:26:05:92:f1:e6:f7:8a:4a:17:a1:b7:e3:
                    50:e2:1c:10:3a:6b:a2:03:93:15:98:17:1e:fe:e7:
                    62:15:7d:cb:66:d7:a9:64:98:a4:bf:3a:6d:8d:c0:
                    89:2b:5d:d8:d5:91:52:38:24:fa:a1:95:4b:32:20:
                    d4:21:dd:6e:58:76:27:ff:2d:bb:a7:62:3a:53:f9:
                    44:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:BA:C7:2E:3C:F0:56:35:32:C4:D4:0D:63:D1:04:B3:32:65:A0:69
            X509v3 Authority Key Identifier:
                keyid:6C:A9:77:F8:54:C6:3D:C9:F9:7A:18:BE:7B:13:00:21:21:A5:D3:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bKl3-FTGPcn5ehi-exMAISGl04Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/6rrHLjzwVjUyxNQNY9EEszJloGk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/bKl3-FTGPcn5ehi-exMAISGl04Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:b487:4200::/40

    Signature Algorithm: sha256WithRSAEncryption
         d7:e0:56:b8:d0:21:d7:9f:c2:23:ed:e2:8b:51:25:0a:d5:65:
         26:70:d5:78:88:61:76:ba:0d:e1:80:5d:15:92:63:20:18:98:
         6a:af:01:35:dd:f2:67:77:af:f0:36:d2:d9:73:3c:a3:d2:3b:
         b8:42:70:f1:57:93:f8:a1:4d:0f:11:94:e9:a1:66:1e:bb:36:
         f0:11:06:da:ce:ed:85:75:01:f9:f8:24:76:2b:0e:8a:88:4f:
         d6:d6:e6:f9:c9:2d:ee:40:a7:6d:87:0c:a0:8b:fb:01:5d:a6:
         1e:18:92:01:6c:fb:ee:3f:c0:20:6d:f2:df:76:b8:e2:b9:8c:
         18:65:87:14:8b:12:1e:8d:6e:e2:f5:80:06:00:c0:74:17:0c:
         a6:a3:50:b2:6c:9d:77:37:20:09:dc:9e:e2:43:c5:b7:c7:7e:
         cd:bd:ae:27:f2:db:68:b2:bc:5b:87:c1:fb:f5:a6:a6:ac:7b:
         2e:55:87:66:21:b0:6c:c8:ff:44:8e:f6:07:ac:c2:68:0c:c0:
         d5:87:39:1c:bb:ee:9f:d1:8e:7b:d4:dc:60:20:d1:8c:65:54:
         1f:3c:d9:4a:ca:14:a3:14:e8:c9:fd:dd:93:14:94:cf:ed:50:
         60:72:ee:c7:ae:1b:1b:96:0f:99:34:53:8f:d6:28:4c:2a:fd:
         ae:74:5c:07
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYly/2VMEAenuxv298dVse1hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYTk3N2Y4NTRjNjNkYzlmOTdhMThiZTdiMTMwMDIxMjFh
NWQzODQwHhcNMjMwNzIwMTExMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWJhYzcyZTNjZjA1NjM1MzJjNGQ0MGQ2M2QxMDRiMzMyNjVhMDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5/orTrHALrFkta6dudnUvBeCHaV
wgKY2uRoldLfx2WnIZL8D7BK6powNmRYhHEK4PE3m8MdTgvVDd97OpVMBLqt7LFy
GY9Kum4FcyYDJfDEeOl8HqQ5NiSY/hC5nWaWHhQR1bviwDRrM7JsJAyAfz5iQhk7
10nDSAlHKWzHuTGmz7u9yTA9FklQaLDRgxl4wGot2H8FbjtEgRNzIhBPKPbbLMl6
NDuuVyB/WTflqVgXO5Z9XcwmBZLx5veKSheht+NQ4hwQOmuiA5MVmBce/udiFX3L
ZtepZJikvzptjcCJK13Y1ZFSOCT6oZVLMiDUId1uWHYn/y27p2I6U/lEzwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFOq6xy488FY1MsTUDWPRBLMyZaBpMB8GA1UdIwQY
MBaAFGypd/hUxj3J+XoYvnsTACEhpdOEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYktsMy1GVEdQY241ZWhpLWV4TUFJU0dsMDRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wOWNjYjQtMjQ4My00YmE3LTk2MzQt
ZDZhNTk1MGNhZGYyLzEvNnJySExqendWalV5eE5RTlk5RUVzekpsb0drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wOWNjYjQtMjQ4My00YmE3LTk2MzQtZDZhNTk1MGNhZGYy
LzEvYktsMy1GVEdQY241ZWhpLWV4TUFJU0dsMDRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhO0h0Iw
DQYJKoZIhvcNAQELBQADggEBANfgVrjQIdefwiPt4otRJQrVZSZw1XiIYXa6DeGA
XRWSYyAYmGqvATXd8md3r/A20tlzPKPSO7hCcPFXk/ihTQ8RlOmhZh67NvARBtrO
7YV1Afn4JHYrDoqIT9bW5vnJLe5Ap22HDKCL+wFdph4YkgFs++4/wCBt8t92uOK5
jBhlhxSLEh6NbuL1gAYAwHQXDKajULJsnXc3IAncnuJDxbfHfs29rify22iyvFuH
wfv1pqasey5Vh2YhsGzI/0SO9geswmgMwNWHORy77p/RjnvU3GAg0YxlVB882UrK
FKMU6Mn93ZMUlM/tUGBy7seuGxuWD5k0U4/WKEwq/a50XAc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:58 2024 by rpki-client on console-fra.rpki-client.org