Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/ihZMeemMkgEvDWBxBUuHPEYiUt4.roa
File:                     ihZMeemMkgEvDWBxBUuHPEYiUt4.roa (raw, json)
Hash identifier:          3S2JFWRLQ1OBH8Rfq1AD208EdBR4VBnwFyV4Dr7xY8c=
Subject key identifier:   8A:16:4C:79:E9:8C:92:01:2F:0D:60:71:05:4B:87:3C:46:22:52:DE
Certificate issuer:       /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial:       018BFDA131A547EC865F9FB52B365BE1B7E3
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/ihZMeemMkgEvDWBxBUuHPEYiUt4.roa
Signing time:             Thu 23 Nov 2023 19:21:21 +0000
ROA not before:           Thu 23 Nov 2023 19:21:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        2a13:b9c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:fd:a1:31:a5:47:ec:86:5f:9f:b5:2b:36:5b:e1:b7:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
        Validity
            Not Before: Nov 23 19:21:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8a164c79e98c92012f0d6071054b873c462252de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:a8:fe:14:3b:76:9d:51:1b:27:3f:cd:3f:73:
                    82:e7:fd:89:b8:0e:40:8a:9c:f7:e5:34:d9:b3:c6:
                    b7:c9:0d:09:fe:bb:74:07:2b:76:4f:b5:df:6e:0e:
                    86:d9:4a:ac:66:3b:ec:01:7b:55:84:df:5d:ed:44:
                    e7:9a:de:f7:61:b9:8c:7e:f2:f4:e6:bd:e3:bf:90:
                    67:c0:e0:24:b6:3f:22:49:bb:26:f9:b1:be:36:73:
                    2d:ed:77:97:51:ff:42:f5:d8:7c:ca:62:d7:7b:af:
                    f9:f0:27:11:db:20:c8:a8:2d:b0:6f:3a:ca:56:0d:
                    70:38:a4:5e:e3:0c:55:a4:ab:27:48:d3:0d:22:e1:
                    2d:5a:2a:be:15:92:c8:4c:6b:7b:09:dc:74:2c:47:
                    33:7d:71:71:71:9a:f6:75:06:97:34:46:9a:52:49:
                    15:43:9a:e0:7f:52:5a:b9:34:2b:51:73:bd:de:1c:
                    96:9a:bb:5e:75:97:3c:b9:1e:2b:1c:be:d4:5d:ac:
                    cf:f6:5f:bc:71:6c:5a:ee:5a:59:ab:db:2d:10:0a:
                    6f:63:d2:b7:96:4c:5f:e2:e3:71:e6:04:39:dd:74:
                    86:05:42:a5:20:4f:d7:33:29:c4:67:d7:45:c5:0d:
                    49:fb:ff:f6:13:ab:1b:f2:94:9f:c6:a6:4b:c5:d3:
                    1c:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:16:4C:79:E9:8C:92:01:2F:0D:60:71:05:4B:87:3C:46:22:52:DE
            X509v3 Authority Key Identifier:
                keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/ihZMeemMkgEvDWBxBUuHPEYiUt4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:b9c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         7b:4c:c5:85:72:e3:5d:b2:aa:76:b5:9c:12:73:0f:82:4a:98:
         a2:95:c2:b7:cb:88:c3:15:fe:48:9c:a8:a4:c6:1e:99:ea:9e:
         13:ce:0b:e4:35:fd:c5:38:2e:3b:56:af:cc:61:50:ab:9a:29:
         8b:08:c0:2f:7f:75:a6:86:52:4f:a5:4a:55:8d:1b:c5:4a:bc:
         c7:52:8f:82:cc:72:3a:7d:3b:e1:59:86:f3:c9:a0:eb:77:ca:
         68:d8:dc:3e:7e:4c:53:62:c1:30:2f:b0:42:4a:6c:50:4e:43:
         b2:ef:9e:a9:d7:85:f3:63:f0:07:96:03:00:02:0d:72:af:67:
         41:64:02:32:f0:e9:e6:a0:e3:ba:b3:b8:91:d2:b6:7c:49:7d:
         09:55:9c:1d:a9:7f:b9:9e:5a:f2:5b:f3:8a:34:3a:5d:0e:67:
         0b:ec:0f:81:14:d6:73:32:33:82:08:86:d2:b8:8d:af:fb:5e:
         95:38:56:a8:18:21:81:4e:de:dd:e4:bb:c1:c8:65:d1:99:56:
         a0:69:d3:6c:46:4e:a2:e9:77:cd:83:59:dd:29:b0:08:e9:c1:
         38:59:ff:d0:a0:35:e4:ac:42:b0:f4:75:0c:d8:d3:f9:35:ed:
         0d:76:1b:a3:b0:0b:50:f3:69:bd:d0:64:cf:44:6d:0b:1d:1b:
         53:cd:ab:cb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYv9oTGlR+yGX5+1KzZb4bfjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjMxMTIzMTkyMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTE2NGM3OWU5OGM5MjAxMmYwZDYwNzEwNTRiODczYzQ2MjI1MmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6j+FDt2nVEbJz/NP3OC5/2JuA5A
ipz35TTZs8a3yQ0J/rt0Byt2T7Xfbg6G2UqsZjvsAXtVhN9d7UTnmt73YbmMfvL0
5r3jv5BnwOAktj8iSbsm+bG+NnMt7XeXUf9C9dh8ymLXe6/58CcR2yDIqC2wbzrK
Vg1wOKRe4wxVpKsnSNMNIuEtWiq+FZLITGt7Cdx0LEczfXFxcZr2dQaXNEaaUkkV
Q5rgf1JauTQrUXO93hyWmrtedZc8uR4rHL7UXazP9l+8cWxa7lpZq9stEApvY9K3
lkxf4uNx5gQ53XSGBUKlIE/XMynEZ9dFxQ1J+//2E6sb8pSfxqZLxdMcqQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIoWTHnpjJIBLw1gcQVLhzxGIlLeMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvaWhaTWVlbU1rZ0V2RFdCeEJVdUhQRVlpVXQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhO5wDAN
BgkqhkiG9w0BAQsFAAOCAQEAe0zFhXLjXbKqdrWcEnMPgkqYopXCt8uIwxX+SJyo
pMYemeqeE84L5DX9xTguO1avzGFQq5opiwjAL391poZST6VKVY0bxUq8x1KPgsxy
On074VmG88mg63fKaNjcPn5MU2LBMC+wQkpsUE5Dsu+eqdeF82PwB5YDAAINcq9n
QWQCMvDp5qDjurO4kdK2fEl9CVWcHal/uZ5a8lvzijQ6XQ5nC+wPgRTWczIzggiG
0riNr/telThWqBghgU7e3eS7wchl0ZlWoGnTbEZOoul3zYNZ3SmwCOnBOFn/0KA1
5KxCsPR1DNjT+TXtDXYbo7ALUPNpvdBkz0RtCx0bU82ryw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:45 2024 by rpki-client on console-fra.rpki-client.org