Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/38969d-7276-4f27-9e1c-7286ac0a907b/1/hv9pqibiJd8cmNuICTmvWGg8lhk.roa
File:                     hv9pqibiJd8cmNuICTmvWGg8lhk.roa (raw, json)
Hash identifier:          mNNvKF3EQ3yOk3zjpmnI2rEjFaPjS+unpzTQT98xB3A=
Subject key identifier:   86:FF:69:AA:26:E2:25:DF:1C:98:DB:88:09:39:AF:58:68:3C:96:19
Certificate issuer:       /CN=f8a4850c7ab30bbb8af80dcf9aabc6b951aa65a4
Certificate serial:       018A9FD5E67BB0BA7E5A9555BDA7843E77DB
Authority key identifier: F8:A4:85:0C:7A:B3:0B:BB:8A:F8:0D:CF:9A:AB:C6:B9:51:AA:65:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-KSFDHqzC7uK-A3PmqvGuVGqZaQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/38969d-7276-4f27-9e1c-7286ac0a907b/1/hv9pqibiJd8cmNuICTmvWGg8lhk.roa
Signing time:             Sat 16 Sep 2023 21:11:50 +0000
ROA not before:           Sat 16 Sep 2023 21:11:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216313
IP address blocks:        2a13:cd80::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:9f:d5:e6:7b:b0:ba:7e:5a:95:55:bd:a7:84:3e:77:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f8a4850c7ab30bbb8af80dcf9aabc6b951aa65a4
        Validity
            Not Before: Sep 16 21:11:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=86ff69aa26e225df1c98db880939af58683c9619
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:d6:6b:0e:99:73:7c:08:d0:7e:07:98:0f:da:
                    79:df:30:b3:66:f6:13:da:52:84:6e:6e:80:21:dc:
                    46:78:a0:96:09:d4:4a:5a:cd:7c:6d:6d:44:d7:45:
                    ca:2d:32:3f:78:15:c2:74:21:cc:18:a2:07:c1:03:
                    37:8b:42:6e:0e:0b:1c:fd:63:05:7d:3f:2e:64:9f:
                    fc:d5:f2:1c:f8:55:62:17:8a:74:6e:ec:7f:68:81:
                    6b:42:77:a1:ee:66:16:3f:19:c0:67:a2:94:6a:96:
                    f8:ed:66:b5:f0:80:91:62:9a:96:6b:a6:1b:f3:d7:
                    17:ee:15:ba:9b:f8:11:8f:0e:e9:b0:3f:a3:a8:a4:
                    ad:87:b7:f4:bd:dc:dc:b9:54:ca:7c:09:f7:c9:b4:
                    c7:00:a8:a3:73:1b:a1:9d:4b:8b:f4:9e:56:d4:d6:
                    d0:e4:30:bd:89:cd:03:d9:31:23:fd:37:be:85:ec:
                    01:aa:db:39:50:26:9e:53:bc:0b:34:58:39:8a:30:
                    42:b5:e1:d8:85:71:3b:1b:bc:71:fa:81:26:fc:2a:
                    c4:ed:cb:5a:0c:c6:8d:79:bf:c0:a6:b1:d1:48:0f:
                    51:6c:43:8b:b6:f2:4b:81:ab:84:3f:d1:0e:6f:01:
                    90:45:1d:1d:6d:6c:1b:a7:ed:56:6d:0e:ca:42:ec:
                    70:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:FF:69:AA:26:E2:25:DF:1C:98:DB:88:09:39:AF:58:68:3C:96:19
            X509v3 Authority Key Identifier:
                keyid:F8:A4:85:0C:7A:B3:0B:BB:8A:F8:0D:CF:9A:AB:C6:B9:51:AA:65:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-KSFDHqzC7uK-A3PmqvGuVGqZaQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/38969d-7276-4f27-9e1c-7286ac0a907b/1/hv9pqibiJd8cmNuICTmvWGg8lhk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/38969d-7276-4f27-9e1c-7286ac0a907b/1/1-KSFDHqzC7uK-A3PmqvGuVGqZaQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:cd80::/32

    Signature Algorithm: sha256WithRSAEncryption
         94:05:91:54:77:fb:f2:70:f9:f2:d7:06:56:a5:0b:d0:9f:ac:
         98:80:a4:4d:d0:af:fe:c7:af:13:5c:44:72:4c:16:f4:fc:42:
         eb:9a:36:94:b4:dc:9c:43:e3:b7:93:03:76:f2:64:fa:a7:19:
         03:9a:02:18:27:07:b3:99:34:63:65:ae:f1:e5:59:ba:5d:01:
         5c:13:33:b9:99:ab:ce:aa:13:f2:d9:14:7e:68:bd:9d:d5:40:
         3b:d2:86:93:1a:37:fe:e7:14:3b:99:d0:06:d3:1b:cc:a5:2d:
         bb:4a:86:f0:a6:26:2a:ce:f7:e4:30:be:b5:60:bd:69:51:9c:
         49:34:cf:a3:33:c2:9b:ee:40:7f:3f:b3:4b:86:0a:2c:43:2d:
         c5:2e:72:7a:18:15:e4:9f:29:d2:b8:34:7e:a8:83:c4:0b:48:
         e9:97:61:66:c5:b8:d1:fe:0d:d0:5f:14:57:4d:73:18:ca:4a:
         ae:93:5d:08:f4:ba:76:ac:86:84:ed:0e:d5:79:74:04:65:db:
         05:c2:f5:16:48:13:1e:08:9a:71:94:1f:76:25:a4:f3:5f:3a:
         b8:89:7f:8f:71:6d:d7:4f:57:17:39:90:6c:4b:f9:c5:8a:8a:
         e7:fd:c5:aa:cd:3c:3a:aa:a1:75:cc:42:82:51:d2:b8:79:36:
         c6:cb:d8:65
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYqf1eZ7sLp+WpVVvaeEPnfbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4YTQ4NTBjN2FiMzBiYmI4YWY4MGRjZjlhYWJjNmI5NTFh
YTY1YTQwHhcNMjMwOTE2MjExMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmZmNjlhYTI2ZTIyNWRmMWM5OGRiODgwOTM5YWY1ODY4M2M5NjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtZrDplzfAjQfgeYD9p53zCzZvYT
2lKEbm6AIdxGeKCWCdRKWs18bW1E10XKLTI/eBXCdCHMGKIHwQM3i0JuDgsc/WMF
fT8uZJ/81fIc+FViF4p0bux/aIFrQneh7mYWPxnAZ6KUapb47Wa18ICRYpqWa6Yb
89cX7hW6m/gRjw7psD+jqKSth7f0vdzcuVTKfAn3ybTHAKijcxuhnUuL9J5W1NbQ
5DC9ic0D2TEj/Te+hewBqts5UCaeU7wLNFg5ijBCteHYhXE7G7xx+oEm/CrE7cta
DMaNeb/AprHRSA9RbEOLtvJLgauEP9EObwGQRR0dbWwbp+1WbQ7KQuxw4QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIb/aaom4iXfHJjbiAk5r1hoPJYZMB8GA1UdIwQY
MBaAFPikhQx6swu7ivgNz5qrxrlRqmWkMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1LU0ZESHF6Qzd1Sy1BM1BtcXZHdVZHcVphUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzEvMzg5NjlkLTcyNzYtNGYyNy05ZTFj
LTcyODZhYzBhOTA3Yi8xL2h2OXBxaWJpSmQ4Y21OdUlDVG12V0dnOGxoay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzEvMzg5NjlkLTcyNzYtNGYyNy05ZTFjLTcyODZhYzBhOTA3
Yi8xLzEtS1NGREhxekM3dUstQTNQbXF2R3VWR3FaYVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAqE82A
MA0GCSqGSIb3DQEBCwUAA4IBAQCUBZFUd/vycPny1wZWpQvQn6yYgKRN0K/+x68T
XERyTBb0/ELrmjaUtNycQ+O3kwN28mT6pxkDmgIYJwezmTRjZa7x5Vm6XQFcEzO5
mavOqhPy2RR+aL2d1UA70oaTGjf+5xQ7mdAG0xvMpS27SobwpiYqzvfkML61YL1p
UZxJNM+jM8Kb7kB/P7NLhgosQy3FLnJ6GBXknynSuDR+qIPEC0jpl2FmxbjR/g3Q
XxRXTXMYykquk10I9Lp2rIaE7Q7VeXQEZdsFwvUWSBMeCJpxlB92JaTzXzq4iX+P
cW3XT1cXOZBsS/nFiorn/cWqzTw6qqF1zEKCUdK4eTbGy9hl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:33 2024 by rpki-client on console-fra.rpki-client.org