Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/9f5105-12d7-4f6b-9d0d-d977b389d5ab/1/DjRhAR6ibnrLqFsba93HaPX-k54.roa
File:                     DjRhAR6ibnrLqFsba93HaPX-k54.roa (raw, json)
Hash identifier:          Lo1U2eP3K6THTJ6NdOIR5caz245UCP3WC4F+Ayo8sgI=
Subject key identifier:   0E:34:61:01:1E:A2:6E:7A:CB:A8:5B:1B:6B:DD:C7:68:F5:FE:93:9E
Certificate issuer:       /CN=f618619ae3c9b59d868bcdfcc7e73d813f8504e5
Certificate serial:       018B66035465506A27493457ED5D62B4F982
Authority key identifier: F6:18:61:9A:E3:C9:B5:9D:86:8B:CD:FC:C7:E7:3D:81:3F:85:04:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9hhhmuPJtZ2Gi838x-c9gT-FBOU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/9f5105-12d7-4f6b-9d0d-d977b389d5ab/1/DjRhAR6ibnrLqFsba93HaPX-k54.roa
Signing time:             Wed 25 Oct 2023 08:46:16 +0000
ROA not before:           Wed 25 Oct 2023 08:46:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216333
IP address blocks:        2a13:d6c0::/32 maxlen: 48
                          2a13:d6c0:100::/48 maxlen: 48
                          2a13:d6c0:110::/48 maxlen: 48
                          2a13:d6c0:20::/48 maxlen: 48
                          2a13:d6c0:1::/48 maxlen: 48
                          2a13:d6c0:101::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 26 Oct 2023 18:16:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:66:03:54:65:50:6a:27:49:34:57:ed:5d:62:b4:f9:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f618619ae3c9b59d868bcdfcc7e73d813f8504e5
        Validity
            Not Before: Oct 25 08:46:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0e3461011ea26e7acba85b1b6bddc768f5fe939e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:2d:03:59:b9:97:d9:b4:e0:9a:9d:fa:a2:cb:
                    5d:76:f8:8f:45:e8:03:dd:43:dd:c0:e3:f4:e2:17:
                    39:06:57:56:a2:24:4f:63:40:37:61:06:73:7d:23:
                    e4:f2:a5:a5:77:da:44:e4:75:1f:ae:37:24:9f:ae:
                    9d:45:01:f3:df:ed:14:f8:8e:05:fa:8e:a1:c5:8a:
                    26:7e:e4:93:61:97:59:d6:70:c4:96:0c:e1:c4:25:
                    bb:d2:3f:46:84:4e:90:3f:fa:71:6d:6c:93:76:55:
                    7a:87:2f:1d:49:12:58:e3:32:ad:84:95:99:25:07:
                    d8:1b:6e:ec:25:54:79:7b:77:95:3f:bf:2e:51:46:
                    45:5a:88:f4:8f:7c:23:5f:56:61:5c:2b:7f:4b:72:
                    4a:b0:d7:20:68:45:73:03:fc:76:bb:81:f1:f0:6e:
                    14:a7:a4:ce:c6:64:cf:fb:11:a4:5e:34:52:22:e3:
                    d5:58:98:bf:26:86:94:df:d9:6f:bc:8a:60:e8:66:
                    f6:98:c3:86:a8:60:3a:d5:70:28:bf:e4:44:45:eb:
                    89:58:cf:4c:a1:b9:63:a0:93:29:00:ae:32:42:8d:
                    1e:df:2f:c0:10:70:f4:a1:23:92:24:1b:2a:fd:74:
                    e8:b0:fa:a5:19:0e:58:4c:92:31:b4:c7:4d:fe:c2:
                    2d:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:34:61:01:1E:A2:6E:7A:CB:A8:5B:1B:6B:DD:C7:68:F5:FE:93:9E
            X509v3 Authority Key Identifier:
                keyid:F6:18:61:9A:E3:C9:B5:9D:86:8B:CD:FC:C7:E7:3D:81:3F:85:04:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9hhhmuPJtZ2Gi838x-c9gT-FBOU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/9f5105-12d7-4f6b-9d0d-d977b389d5ab/1/DjRhAR6ibnrLqFsba93HaPX-k54.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/9f5105-12d7-4f6b-9d0d-d977b389d5ab/1/9hhhmuPJtZ2Gi838x-c9gT-FBOU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:d6c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         01:89:56:88:da:8b:07:d4:b3:c7:a1:e4:bb:2b:24:c1:fd:13:
         99:6c:37:c6:e4:13:8e:a4:c3:f4:2c:4b:ef:11:10:23:5b:fb:
         99:dc:be:0a:e7:bb:e2:2c:f0:f8:ff:36:ce:6b:de:6b:54:6c:
         05:22:5c:5b:25:50:c1:c3:fc:c7:2b:88:38:51:25:57:a5:fa:
         bb:76:b2:e6:34:b8:db:29:38:ff:d6:17:ed:7a:72:45:3d:78:
         c2:11:bf:20:ae:c8:bf:fb:7d:67:ac:c9:87:cf:d7:58:1d:31:
         bb:2c:b5:b5:78:b8:eb:ca:ad:77:f2:0d:03:ef:ea:01:b2:44:
         5d:cd:6c:33:42:85:0e:16:26:eb:49:a6:d7:3f:e7:53:dd:27:
         3d:54:f3:0d:18:e6:38:df:43:d4:2d:06:03:ba:6f:72:da:ae:
         b1:a0:ac:24:e8:88:2e:5e:98:e9:17:36:0a:09:88:7d:23:dd:
         e5:fd:52:19:da:fc:13:6c:24:5e:70:59:d5:79:62:6f:bd:db:
         94:ff:42:99:9e:e2:da:75:6e:35:89:dd:dd:63:1b:87:53:63:
         97:15:e3:86:48:90:cd:ba:ce:43:7e:4b:7a:2e:2e:47:87:99:
         33:0a:8c:3b:8e:15:71:92:0d:c5:3a:d4:56:76:a8:6c:62:66:
         67:c8:2d:8b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYtmA1RlUGonSTRX7V1itPmCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MTg2MTlhZTNjOWI1OWQ4NjhiY2RmY2M3ZTczZDgxM2Y4
NTA0ZTUwHhcNMjMxMDI1MDg0NjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTM0NjEwMTFlYTI2ZTdhY2JhODViMWI2YmRkYzc2OGY1ZmU5MzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjC0DWbmX2bTgmp36ostddviPRegD
3UPdwOP04hc5BldWoiRPY0A3YQZzfSPk8qWld9pE5HUfrjckn66dRQHz3+0U+I4F
+o6hxYomfuSTYZdZ1nDElgzhxCW70j9GhE6QP/pxbWyTdlV6hy8dSRJY4zKthJWZ
JQfYG27sJVR5e3eVP78uUUZFWoj0j3wjX1ZhXCt/S3JKsNcgaEVzA/x2u4Hx8G4U
p6TOxmTP+xGkXjRSIuPVWJi/JoaU39lvvIpg6Gb2mMOGqGA61XAov+REReuJWM9M
obljoJMpAK4yQo0e3y/AEHD0oSOSJBsq/XTosPqlGQ5YTJIxtMdN/sItfwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFA40YQEeom56y6hbG2vdx2j1/pOeMB8GA1UdIwQY
MBaAFPYYYZrjybWdhovN/MfnPYE/hQTlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWhoaG11UEp0WjJHaTgzOHgtYzlnVC1GQk9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS85ZjUxMDUtMTJkNy00ZjZiLTlkMGQt
ZDk3N2IzODlkNWFiLzEvRGpSaEFSNmlibnJMcUZzYmE5M0hhUFgtazU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS85ZjUxMDUtMTJkNy00ZjZiLTlkMGQtZDk3N2IzODlkNWFi
LzEvOWhoaG11UEp0WjJHaTgzOHgtYzlnVC1GQk9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhPWwDAN
BgkqhkiG9w0BAQsFAAOCAQEAAYlWiNqLB9Szx6Hkuyskwf0TmWw3xuQTjqTD9CxL
7xEQI1v7mdy+Cue74izw+P82zmvea1RsBSJcWyVQwcP8xyuIOFElV6X6u3ay5jS4
2yk4/9YX7XpyRT14whG/IK7Iv/t9Z6zJh8/XWB0xuyy1tXi468qtd/INA+/qAbJE
Xc1sM0KFDhYm60mm1z/nU90nPVTzDRjmON9D1C0GA7pvctqusaCsJOiILl6Y6Rc2
CgmIfSPd5f1SGdr8E2wkXnBZ1Xlib73blP9CmZ7i2nVuNYnd3WMbh1NjlxXjhkiQ
zbrOQ35Lei4uR4eZMwqMO44VcZINxTrUVnaobGJmZ8gtiw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:43 2024 by rpki-client on console-ams.rpki-client.org