Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/oz04ToRowypjvM3YciXkxjcenKM.roa
File:                     oz04ToRowypjvM3YciXkxjcenKM.roa (raw, json)
Hash identifier:          t49wZYV2BeIMluq9XovE6qPZRW+whpHeBYrlE3spbpc=
Subject key identifier:   A3:3D:38:4E:84:68:C3:2A:63:BC:CD:D8:72:25:E4:C6:37:1E:9C:A3
Certificate issuer:       /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial:       018C836558BB0D5E3ED2CAE9F0B221A5B090
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/oz04ToRowypjvM3YciXkxjcenKM.roa
Signing time:             Tue 19 Dec 2023 18:45:06 +0000
ROA not before:           Tue 19 Dec 2023 18:45:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206005
IP address blocks:        2a14:1100::/29 maxlen: 29
                          2a13:c440::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:83:65:58:bb:0d:5e:3e:d2:ca:e9:f0:b2:21:a5:b0:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
        Validity
            Not Before: Dec 19 18:45:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a33d384e8468c32a63bccdd87225e4c6371e9ca3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:12:17:98:f2:38:b3:d2:89:25:4d:0b:b5:cd:
                    b9:d4:98:5a:6a:1d:29:9a:a3:aa:b2:2b:a3:4d:3d:
                    e3:5c:aa:e1:24:9f:a2:53:94:e3:1d:cb:0c:0c:12:
                    2f:2f:f4:da:ff:41:0f:81:9e:22:18:73:b0:6a:fd:
                    15:63:70:c6:76:75:43:54:35:5e:f7:30:b0:ab:88:
                    51:42:f4:fd:d3:44:d8:8f:04:29:a6:51:00:c0:98:
                    cd:cf:d4:a6:81:6a:89:8b:b7:38:a8:49:7f:67:4a:
                    23:b1:de:1b:06:2b:fc:7e:c7:4f:41:d0:62:32:b8:
                    aa:42:27:e7:92:9a:64:da:6d:ae:a8:a1:8d:85:d8:
                    cc:48:cc:44:63:bf:7c:a1:95:e9:d0:10:9f:2f:47:
                    ad:57:22:aa:e2:49:90:e4:89:a7:f3:05:4e:ea:74:
                    21:21:18:a2:47:8b:8c:26:46:94:22:3c:54:d0:4f:
                    cc:d7:b6:3f:af:33:10:94:61:7d:c6:9b:2d:26:12:
                    f5:45:ed:b8:b6:98:73:ce:4d:83:55:0a:75:5f:90:
                    53:e6:5d:03:a4:ec:72:45:8f:d3:99:ba:e7:c2:b4:
                    44:1d:6f:44:67:32:d3:79:ac:a1:44:32:1f:58:87:
                    04:f5:44:1e:dc:20:f3:d5:5c:bf:ee:74:af:f1:4c:
                    c0:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:3D:38:4E:84:68:C3:2A:63:BC:CD:D8:72:25:E4:C6:37:1E:9C:A3
            X509v3 Authority Key Identifier:
                keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/oz04ToRowypjvM3YciXkxjcenKM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:c440::/29
                  2a14:1100::/29

    Signature Algorithm: sha256WithRSAEncryption
         6d:1a:f5:61:ed:b9:8f:d0:b6:1c:31:a2:26:a1:a6:bc:ba:39:
         79:13:70:4c:65:d3:28:e6:f7:f2:9c:5c:d6:df:0d:ec:9a:51:
         a0:80:18:b2:4b:ef:76:18:f9:72:4c:32:db:55:c8:2c:c5:b8:
         76:3f:d0:98:37:27:c9:dd:53:7e:c7:20:98:06:3c:e7:71:38:
         71:23:2a:cc:20:bc:9f:6d:44:5e:44:2c:f6:ac:bb:a3:3f:fd:
         c6:89:db:3e:40:f9:1b:d2:92:19:a0:d3:59:cd:1f:f7:39:31:
         c4:0c:e2:c1:f5:55:58:ad:98:01:71:79:e9:32:8d:31:dd:20:
         d5:82:d5:97:96:e1:39:87:55:3e:bc:bc:b9:a4:d3:9d:a6:49:
         20:9f:8a:49:1b:63:6d:14:60:9f:41:8b:03:cd:9d:bb:be:0a:
         9a:4f:6d:0d:5c:53:ab:cb:4e:47:f6:b2:21:03:b2:0f:3e:ed:
         39:b5:10:69:38:16:8c:6f:39:0d:6c:e9:9d:62:a4:8d:e6:e6:
         59:33:31:4f:ec:23:cb:1a:1b:64:4b:68:67:ef:51:2e:d4:e3:
         a3:ec:2d:be:8f:4d:1b:18:d2:1b:e2:57:2c:e6:45:7f:9b:5b:
         7e:c6:2f:12:10:a6:a6:4f:ca:c8:06:ca:2e:e7:7d:0e:e0:50:
         04:51:a9:79
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYyDZVi7DV4+0srp8LIhpbCQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjMxMjE5MTg0NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzNkMzg0ZTg0NjhjMzJhNjNiY2NkZDg3MjI1ZTRjNjM3MWU5Y2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRIXmPI4s9KJJU0Ltc251Jhaah0p
mqOqsiujTT3jXKrhJJ+iU5TjHcsMDBIvL/Ta/0EPgZ4iGHOwav0VY3DGdnVDVDVe
9zCwq4hRQvT900TYjwQpplEAwJjNz9SmgWqJi7c4qEl/Z0ojsd4bBiv8fsdPQdBi
MriqQifnkppk2m2uqKGNhdjMSMxEY798oZXp0BCfL0etVyKq4kmQ5Imn8wVO6nQh
IRiiR4uMJkaUIjxU0E/M17Y/rzMQlGF9xpstJhL1Re24tphzzk2DVQp1X5BT5l0D
pOxyRY/TmbrnwrREHW9EZzLTeayhRDIfWIcE9UQe3CDz1Vy/7nSv8UzABwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKM9OE6EaMMqY7zN2HIl5MY3HpyjMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvb3owNFRvUm93eXBqdk0zWWNpWGt4amNlbktNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhPEQAMF
AyoUEQAwDQYJKoZIhvcNAQELBQADggEBAG0a9WHtuY/Qthwxoiahpry6OXkTcExl
0yjm9/KcXNbfDeyaUaCAGLJL73YY+XJMMttVyCzFuHY/0Jg3J8ndU37HIJgGPOdx
OHEjKswgvJ9tRF5ELPasu6M//caJ2z5A+RvSkhmg01nNH/c5McQM4sH1VVitmAFx
eekyjTHdINWC1ZeW4TmHVT68vLmk052mSSCfikkbY20UYJ9BiwPNnbu+CppPbQ1c
U6vLTkf2siEDsg8+7Tm1EGk4FoxvOQ1s6Z1ipI3m5lkzMU/sI8saG2RLaGfvUS7U
46PsLb6PTRsY0hviVyzmRX+bW37GLxIQpqZPysgGyi7nfQ7gUARRqXk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:45 2024 by rpki-client on console-fra.rpki-client.org