Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/9ah32rF4aXNajks_C_bd6VmXuhc.roa
File:                     9ah32rF4aXNajks_C_bd6VmXuhc.roa (raw, json)
Hash identifier:          GOZVC9qHjAEWLhAEJ9SF81twbhb7G897QbzOk6VyVkU=
Subject key identifier:   F5:A8:77:DA:B1:78:69:73:5A:8E:4B:3F:0B:F6:DD:E9:59:97:BA:17
Certificate issuer:       /CN=6ca977f854c63dc9f97a18be7b13002121a5d384
Certificate serial:       01874749D84B97F273A30E1220E5BBC72435
Authority key identifier: 6C:A9:77:F8:54:C6:3D:C9:F9:7A:18:BE:7B:13:00:21:21:A5:D3:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bKl3-FTGPcn5ehi-exMAISGl04Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/9ah32rF4aXNajks_C_bd6VmXuhc.roa
Signing time:             Mon 03 Apr 2023 13:23:54 +0000
ROA not before:           Mon 03 Apr 2023 13:23:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212013
IP address blocks:        2a13:b487:2000::/36 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:47:49:d8:4b:97:f2:73:a3:0e:12:20:e5:bb:c7:24:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ca977f854c63dc9f97a18be7b13002121a5d384
        Validity
            Not Before: Apr  3 13:23:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f5a877dab17869735a8e4b3f0bf6dde95997ba17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:6e:8c:de:74:b5:62:ce:77:13:4d:33:77:17:
                    38:8a:29:c3:8b:8e:d9:0c:99:7d:e1:3c:ac:32:ed:
                    b0:2d:26:f2:d7:36:47:43:9f:ca:94:b2:54:97:ff:
                    6f:72:47:ee:98:79:86:41:35:b4:5e:66:90:5f:a6:
                    11:84:cd:1e:61:33:2f:76:24:41:42:1e:6d:a5:58:
                    f4:47:de:37:65:61:e4:07:2a:cf:4c:36:f2:26:e0:
                    da:b2:56:7b:97:c3:48:bc:7f:04:87:83:72:0a:50:
                    39:79:31:1f:f1:bf:df:65:37:8f:55:b7:80:dd:49:
                    7c:79:39:38:42:f0:b7:c2:96:62:42:eb:6e:45:b4:
                    76:0b:a5:8d:56:73:33:cc:23:c9:83:ee:45:97:d8:
                    03:c7:c0:a8:e8:58:05:f7:4d:da:eb:40:bf:4c:20:
                    6d:85:fe:3d:6e:b1:fe:57:f6:d6:8d:1d:ea:fb:aa:
                    7d:0b:64:64:e6:e2:f2:06:6b:82:76:fd:c8:b8:22:
                    69:05:e2:24:2f:60:0d:f4:0e:e0:8f:f7:1c:1d:cc:
                    8e:d6:94:99:9c:c9:22:f9:f1:e5:a7:49:96:b5:96:
                    61:5f:ae:a7:4d:b8:fb:e0:0a:78:fd:9c:7a:83:b2:
                    94:67:8d:d2:93:f9:75:c2:ea:31:59:00:99:a0:53:
                    79:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:A8:77:DA:B1:78:69:73:5A:8E:4B:3F:0B:F6:DD:E9:59:97:BA:17
            X509v3 Authority Key Identifier:
                keyid:6C:A9:77:F8:54:C6:3D:C9:F9:7A:18:BE:7B:13:00:21:21:A5:D3:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bKl3-FTGPcn5ehi-exMAISGl04Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/9ah32rF4aXNajks_C_bd6VmXuhc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/bKl3-FTGPcn5ehi-exMAISGl04Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:b487:2000::/36

    Signature Algorithm: sha256WithRSAEncryption
         80:43:6a:4b:65:11:fc:06:48:0b:02:5d:c1:9a:fc:59:93:b5:
         23:85:3a:03:88:54:2f:75:ec:20:c9:79:7a:e5:a1:64:e1:70:
         5b:5a:0d:82:5b:bb:dc:d5:7e:9f:91:a8:13:dc:4c:22:e5:ef:
         6f:e9:0f:65:37:6e:0b:d3:a9:71:b1:cd:20:bd:87:4e:59:40:
         01:1f:18:c9:2f:28:60:43:a8:1d:46:e4:e5:98:bd:03:d2:02:
         35:67:5c:47:af:f3:41:7f:f9:1b:81:8b:d9:15:ff:83:c7:52:
         89:4e:bb:76:1f:0a:a9:01:96:6e:f9:99:71:c9:c5:b6:06:8b:
         20:5e:41:e7:37:fb:c8:83:2c:d5:5f:43:9d:6e:ca:40:dc:2c:
         86:40:d8:47:ef:e5:be:0b:7d:aa:63:16:e6:90:c7:a1:e6:f0:
         a0:04:fd:77:ea:46:d7:5d:ef:70:6a:a6:c6:77:ed:32:71:e6:
         97:4b:0d:29:b8:11:13:88:27:14:cb:20:13:81:56:6f:be:e2:
         9b:4a:61:ab:48:dc:7c:8f:a1:bb:b9:62:47:31:64:c6:e2:6a:
         58:b8:ae:c4:d5:31:d5:ac:8a:9a:46:37:f7:b6:5a:74:b2:b7:
         b7:91:88:50:26:d8:da:01:13:19:5d:b1:4a:9c:4b:2e:ea:ed:
         bd:c6:a6:cb
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYdHSdhLl/Jzow4SIOW7xyQ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYTk3N2Y4NTRjNjNkYzlmOTdhMThiZTdiMTMwMDIxMjFh
NWQzODQwHhcNMjMwNDAzMTMyMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWE4NzdkYWIxNzg2OTczNWE4ZTRiM2YwYmY2ZGRlOTU5OTdiYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp26M3nS1Ys53E00zdxc4iinDi47Z
DJl94TysMu2wLSby1zZHQ5/KlLJUl/9vckfumHmGQTW0XmaQX6YRhM0eYTMvdiRB
Qh5tpVj0R943ZWHkByrPTDbyJuDaslZ7l8NIvH8Eh4NyClA5eTEf8b/fZTePVbeA
3Ul8eTk4QvC3wpZiQutuRbR2C6WNVnMzzCPJg+5Fl9gDx8Co6FgF903a60C/TCBt
hf49brH+V/bWjR3q+6p9C2Rk5uLyBmuCdv3IuCJpBeIkL2AN9A7gj/ccHcyO1pSZ
nMki+fHlp0mWtZZhX66nTbj74Ap4/Zx6g7KUZ43Sk/l1wuoxWQCZoFN5rQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPWod9qxeGlzWo5LPwv23elZl7oXMB8GA1UdIwQY
MBaAFGypd/hUxj3J+XoYvnsTACEhpdOEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYktsMy1GVEdQY241ZWhpLWV4TUFJU0dsMDRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wOWNjYjQtMjQ4My00YmE3LTk2MzQt
ZDZhNTk1MGNhZGYyLzEvOWFoMzJyRjRhWE5hamtzX0NfYmQ2Vm1YdWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wOWNjYjQtMjQ4My00YmE3LTk2MzQtZDZhNTk1MGNhZGYy
LzEvYktsMy1GVEdQY241ZWhpLWV4TUFJU0dsMDRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKhO0hyAw
DQYJKoZIhvcNAQELBQADggEBAIBDaktlEfwGSAsCXcGa/FmTtSOFOgOIVC917CDJ
eXrloWThcFtaDYJbu9zVfp+RqBPcTCLl72/pD2U3bgvTqXGxzSC9h05ZQAEfGMkv
KGBDqB1G5OWYvQPSAjVnXEev80F/+RuBi9kV/4PHUolOu3YfCqkBlm75mXHJxbYG
iyBeQec3+8iDLNVfQ51uykDcLIZA2Efv5b4LfapjFuaQx6Hm8KAE/XfqRtdd73Bq
psZ37TJx5pdLDSm4EROIJxTLIBOBVm++4ptKYatI3HyPobu5YkcxZMbiali4rsTV
MdWsippGN/e2WnSyt7eRiFAm2NoBExldsUqcSy7q7b3Gpss=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:54 2024 by rpki-client on console-ams.rpki-client.org