Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/tJUUOWb9HIli2rPVRDrTafXwtwE.roa
File:                     tJUUOWb9HIli2rPVRDrTafXwtwE.roa (raw, json)
Hash identifier:          NjVnOEQxoedw550H2pkW9b+xR2MwvxIGf8KM2wnN1GY=
Subject key identifier:   B4:95:14:39:66:FD:1C:89:62:DA:B3:D5:44:3A:D3:69:F5:F0:B7:01
Certificate issuer:       /CN=6ca977f854c63dc9f97a18be7b13002121a5d384
Certificate serial:       018A4C2B3841F98293392503680B1BCF24BF
Authority key identifier: 6C:A9:77:F8:54:C6:3D:C9:F9:7A:18:BE:7B:13:00:21:21:A5:D3:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bKl3-FTGPcn5ehi-exMAISGl04Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/tJUUOWb9HIli2rPVRDrTafXwtwE.roa
Signing time:             Thu 31 Aug 2023 15:16:55 +0000
ROA not before:           Thu 31 Aug 2023 15:16:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202402
IP address blocks:        2a13:b487:4400::/40 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:4c:2b:38:41:f9:82:93:39:25:03:68:0b:1b:cf:24:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ca977f854c63dc9f97a18be7b13002121a5d384
        Validity
            Not Before: Aug 31 15:16:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b495143966fd1c8962dab3d5443ad369f5f0b701
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:7c:d4:4a:76:e3:f0:9b:8f:b6:15:8c:44:9d:
                    9f:8d:47:69:a4:51:ae:b5:30:00:e5:c4:e5:4e:92:
                    1e:9c:2b:62:6e:87:a0:75:66:54:a0:85:88:16:29:
                    ad:e8:74:5e:90:a1:12:c2:ab:95:4b:77:c1:b3:b2:
                    8f:0b:b2:24:62:86:ac:cd:8a:92:9a:90:d3:0e:d9:
                    ca:24:90:b4:36:6d:01:8c:08:52:fa:35:f7:2e:92:
                    f9:27:f5:5f:d1:f6:18:7d:09:0c:fc:3a:75:50:0e:
                    f5:b2:8e:e4:03:cc:64:8e:d4:14:95:4b:9d:fb:35:
                    35:76:66:3d:68:ff:78:72:17:ce:f4:58:87:b8:c4:
                    4d:f3:68:cd:a9:e5:ba:28:80:bc:b6:04:e9:f8:df:
                    20:50:6f:72:2a:1a:ee:2e:9e:a2:14:9f:4e:9d:90:
                    9b:2d:7a:35:3c:b8:5e:b3:72:0b:df:79:8d:7a:46:
                    65:0f:c0:3b:97:a2:89:2a:7d:6a:26:85:9f:62:0a:
                    54:31:fc:13:bd:2c:81:9f:1b:d7:a3:e8:68:12:c5:
                    3a:c8:8c:26:76:e7:87:24:05:72:36:37:65:c2:cd:
                    cc:01:0d:e2:36:08:f5:16:e2:08:39:61:ea:f1:62:
                    9a:62:66:c8:92:c8:71:b4:fa:db:b9:ba:cc:78:a8:
                    44:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:95:14:39:66:FD:1C:89:62:DA:B3:D5:44:3A:D3:69:F5:F0:B7:01
            X509v3 Authority Key Identifier:
                keyid:6C:A9:77:F8:54:C6:3D:C9:F9:7A:18:BE:7B:13:00:21:21:A5:D3:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bKl3-FTGPcn5ehi-exMAISGl04Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/tJUUOWb9HIli2rPVRDrTafXwtwE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/bKl3-FTGPcn5ehi-exMAISGl04Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:b487:4400::/40

    Signature Algorithm: sha256WithRSAEncryption
         b3:5a:c6:09:07:11:56:b0:ad:d7:81:a9:0f:a3:05:7c:cb:5a:
         39:9c:8b:4f:03:90:d5:b9:8b:3d:91:bd:b1:fa:17:ae:18:9b:
         2a:df:8c:68:36:df:b2:38:6b:28:0f:64:4d:6b:cc:df:c6:22:
         6d:4e:c6:0f:7b:43:0c:a0:6b:df:fc:27:95:1a:06:79:8b:c4:
         84:87:02:e6:2c:d1:c2:2c:bb:7e:df:43:8b:40:26:3b:93:7b:
         21:29:64:21:ae:27:66:56:ce:00:d6:c2:5b:a0:d4:43:0a:af:
         ef:a9:d5:88:a4:29:93:93:de:bd:67:bb:73:b0:d4:98:83:25:
         31:41:0d:9c:6b:c6:a8:b0:3c:67:dc:7c:a3:58:30:87:da:91:
         47:fd:fd:19:e7:27:bf:88:6c:84:1f:f0:62:2e:d5:37:ce:83:
         bc:d0:af:98:ad:85:43:56:51:bd:63:ad:df:41:d2:04:ba:78:
         26:d9:55:57:c5:1f:b5:d2:f1:19:f9:2f:9d:0c:bf:05:6f:ef:
         2a:44:ed:8b:f0:c4:59:c7:98:3d:62:f0:b2:98:91:4d:70:d1:
         b0:59:ba:f0:a1:71:f2:3e:99:20:32:b5:56:0d:3b:82:08:8b:
         ea:e1:30:5b:9d:8e:02:e3:ea:71:3d:30:cc:1a:02:69:05:6f:
         46:c6:42:71
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYpMKzhB+YKTOSUDaAsbzyS/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYTk3N2Y4NTRjNjNkYzlmOTdhMThiZTdiMTMwMDIxMjFh
NWQzODQwHhcNMjMwODMxMTUxNjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDk1MTQzOTY2ZmQxYzg5NjJkYWIzZDU0NDNhZDM2OWY1ZjBiNzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnzUSnbj8JuPthWMRJ2fjUdppFGu
tTAA5cTlTpIenCtiboegdWZUoIWIFimt6HRekKESwquVS3fBs7KPC7IkYoaszYqS
mpDTDtnKJJC0Nm0BjAhS+jX3LpL5J/Vf0fYYfQkM/Dp1UA71so7kA8xkjtQUlUud
+zU1dmY9aP94chfO9FiHuMRN82jNqeW6KIC8tgTp+N8gUG9yKhruLp6iFJ9OnZCb
LXo1PLhes3IL33mNekZlD8A7l6KJKn1qJoWfYgpUMfwTvSyBnxvXo+hoEsU6yIwm
dueHJAVyNjdlws3MAQ3iNgj1FuIIOWHq8WKaYmbIkshxtPrbubrMeKhEHwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLSVFDlm/RyJYtqz1UQ602n18LcBMB8GA1UdIwQY
MBaAFGypd/hUxj3J+XoYvnsTACEhpdOEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYktsMy1GVEdQY241ZWhpLWV4TUFJU0dsMDRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wOWNjYjQtMjQ4My00YmE3LTk2MzQt
ZDZhNTk1MGNhZGYyLzEvdEpVVU9XYjlISWxpMnJQVlJEclRhZlh3dHdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wOWNjYjQtMjQ4My00YmE3LTk2MzQtZDZhNTk1MGNhZGYy
LzEvYktsMy1GVEdQY241ZWhpLWV4TUFJU0dsMDRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhO0h0Qw
DQYJKoZIhvcNAQELBQADggEBALNaxgkHEVawrdeBqQ+jBXzLWjmci08DkNW5iz2R
vbH6F64YmyrfjGg237I4aygPZE1rzN/GIm1Oxg97Qwyga9/8J5UaBnmLxISHAuYs
0cIsu37fQ4tAJjuTeyEpZCGuJ2ZWzgDWwlug1EMKr++p1YikKZOT3r1nu3Ow1JiD
JTFBDZxrxqiwPGfcfKNYMIfakUf9/RnnJ7+IbIQf8GIu1TfOg7zQr5ithUNWUb1j
rd9B0gS6eCbZVVfFH7XS8Rn5L50MvwVv7ypE7YvwxFnHmD1i8LKYkU1w0bBZuvCh
cfI+mSAytVYNO4IIi+rhMFudjgLj6nE9MMwaAmkFb0bGQnE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:54 2024 by rpki-client on console-ams.rpki-client.org