Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/2eed24-0dff-4400-a57c-459ddc631bcc/1/LxfTWlHpMaQpdPg_HSud--Y1KsA.roa
File:                     LxfTWlHpMaQpdPg_HSud--Y1KsA.roa (raw, json)
Hash identifier:          s98b9EqxcnqeP8bE733TJxVSIAO4YgbR2H2138UFh/8=
Subject key identifier:   2F:17:D3:5A:51:E9:31:A4:29:74:F8:3F:1D:2B:9D:FB:E6:35:2A:C0
Certificate issuer:       /CN=5a02ca81b9f0a9713b099687dc81551c45e3f8fc
Certificate serial:       01879013600315459150E528C8634657BB8D
Authority key identifier: 5A:02:CA:81:B9:F0:A9:71:3B:09:96:87:DC:81:55:1C:45:E3:F8:FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WgLKgbnwqXE7CZaH3IFVHEXj-Pw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/2eed24-0dff-4400-a57c-459ddc631bcc/1/LxfTWlHpMaQpdPg_HSud--Y1KsA.roa
Signing time:             Mon 17 Apr 2023 16:36:41 +0000
ROA not before:           Mon 17 Apr 2023 16:36:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     680
IP address blocks:        2a13:dd80::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:90:13:60:03:15:45:91:50:e5:28:c8:63:46:57:bb:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5a02ca81b9f0a9713b099687dc81551c45e3f8fc
        Validity
            Not Before: Apr 17 16:36:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2f17d35a51e931a42974f83f1d2b9dfbe6352ac0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:3d:3a:29:aa:38:02:5a:f5:33:3c:cd:be:4d:
                    72:0b:90:30:0a:80:be:a6:14:d1:c4:45:c5:6c:bc:
                    cb:a3:85:85:ea:7f:09:b0:ab:d2:a1:d7:80:52:14:
                    a2:bb:d9:ff:01:8f:72:8f:95:a0:c2:7a:40:67:f4:
                    4a:df:f0:49:4f:b9:0f:ae:6a:1d:eb:87:a8:c6:c3:
                    58:0c:75:04:b4:5a:4a:f0:c2:46:91:f6:cc:09:e6:
                    77:22:ce:77:0f:ae:1e:3d:a6:f8:02:f8:08:5b:a5:
                    7d:6c:8f:5a:c3:e7:a6:69:2c:ef:e4:f8:2f:8b:22:
                    42:4e:66:14:42:3c:61:fb:7a:3b:8c:25:94:a1:62:
                    98:7d:56:dc:c9:d9:84:ec:f4:34:43:f5:50:aa:38:
                    d2:5d:b6:1e:74:f0:d3:4a:c2:48:11:fb:de:8f:7c:
                    8a:47:79:ab:97:1d:ce:b4:01:88:0d:a5:18:a6:fe:
                    82:db:d9:03:7b:b3:75:08:6c:d8:16:67:3a:2b:7c:
                    0a:08:65:60:47:13:bc:44:11:a4:e5:10:95:20:2c:
                    90:9e:ed:7b:36:d9:72:1e:00:e7:70:92:fa:30:c4:
                    54:fd:08:84:90:70:49:e0:91:fd:6e:1f:d7:3e:dd:
                    46:f8:6e:24:32:be:b0:47:78:5f:bc:47:64:81:fc:
                    52:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:17:D3:5A:51:E9:31:A4:29:74:F8:3F:1D:2B:9D:FB:E6:35:2A:C0
            X509v3 Authority Key Identifier:
                keyid:5A:02:CA:81:B9:F0:A9:71:3B:09:96:87:DC:81:55:1C:45:E3:F8:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WgLKgbnwqXE7CZaH3IFVHEXj-Pw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/2eed24-0dff-4400-a57c-459ddc631bcc/1/LxfTWlHpMaQpdPg_HSud--Y1KsA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/2eed24-0dff-4400-a57c-459ddc631bcc/1/WgLKgbnwqXE7CZaH3IFVHEXj-Pw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:dd80::/29

    Signature Algorithm: sha256WithRSAEncryption
         c4:c2:42:cc:3c:b8:93:dd:07:8a:cd:f0:42:e9:04:28:79:32:
         a7:1c:6b:f6:d3:af:a5:08:65:ea:c2:34:a5:73:ce:fc:be:76:
         89:0b:f5:97:15:46:db:f9:84:5c:0d:68:c5:8c:53:d2:a2:ba:
         fd:d5:e0:64:75:83:a0:26:cd:45:b6:e2:c8:dc:3e:2a:77:77:
         93:bf:d5:0b:eb:14:f3:ca:80:f8:69:94:7b:82:76:48:55:20:
         ae:db:64:37:5e:4a:4b:e7:26:4d:37:a7:b6:0b:c8:2d:d5:09:
         f5:51:c9:8e:6c:ba:57:fc:ee:16:88:cf:a1:a7:ad:2b:11:f5:
         42:5d:93:3b:1c:b0:d9:4d:17:f3:48:ef:48:46:3c:b8:f6:e0:
         37:16:99:a9:35:73:5b:6a:ed:60:fb:44:17:6f:40:54:af:45:
         d0:10:61:1d:f0:a6:5a:27:cc:34:e5:53:eb:80:99:95:31:75:
         3d:d8:6d:b2:f9:1a:a7:8e:7b:6e:fe:28:23:81:56:ef:5e:e7:
         9f:90:9b:31:00:35:2d:cf:35:f9:5d:a3:d8:98:7f:e5:71:ee:
         e1:fa:a5:44:8e:a4:b2:c0:d2:06:3a:ba:bf:de:cf:b7:2d:da:
         8a:1c:15:ee:ff:9a:b2:b0:2f:31:13:52:65:92:c1:f2:44:b3:
         3e:97:45:3d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYeQE2ADFUWRUOUoyGNGV7uNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMDJjYTgxYjlmMGE5NzEzYjA5OTY4N2RjODE1NTFjNDVl
M2Y4ZmMwHhcNMjMwNDE3MTYzNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjE3ZDM1YTUxZTkzMWE0Mjk3NGY4M2YxZDJiOWRmYmU2MzUyYWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoD06Kao4Alr1MzzNvk1yC5AwCoC+
phTRxEXFbLzLo4WF6n8JsKvSodeAUhSiu9n/AY9yj5WgwnpAZ/RK3/BJT7kPrmod
64eoxsNYDHUEtFpK8MJGkfbMCeZ3Is53D64ePab4AvgIW6V9bI9aw+emaSzv5Pgv
iyJCTmYUQjxh+3o7jCWUoWKYfVbcydmE7PQ0Q/VQqjjSXbYedPDTSsJIEfvej3yK
R3mrlx3OtAGIDaUYpv6C29kDe7N1CGzYFmc6K3wKCGVgRxO8RBGk5RCVICyQnu17
NtlyHgDncJL6MMRU/QiEkHBJ4JH9bh/XPt1G+G4kMr6wR3hfvEdkgfxSXwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFC8X01pR6TGkKXT4Px0rnfvmNSrAMB8GA1UdIwQY
MBaAFFoCyoG58KlxOwmWh9yBVRxF4/j8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2dMS2dibndxWEU3Q1phSDNJRlZIRVhqLVB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8yZWVkMjQtMGRmZi00NDAwLWE1N2Mt
NDU5ZGRjNjMxYmNjLzEvTHhmVFdsSHBNYVFwZFBnX0hTdWQtLVkxS3NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8yZWVkMjQtMGRmZi00NDAwLWE1N2MtNDU5ZGRjNjMxYmNj
LzEvV2dMS2dibndxWEU3Q1phSDNJRlZIRVhqLVB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPdgDAN
BgkqhkiG9w0BAQsFAAOCAQEAxMJCzDy4k90His3wQukEKHkypxxr9tOvpQhl6sI0
pXPO/L52iQv1lxVG2/mEXA1oxYxT0qK6/dXgZHWDoCbNRbbiyNw+Knd3k7/VC+sU
88qA+GmUe4J2SFUgrttkN15KS+cmTTentgvILdUJ9VHJjmy6V/zuFojPoaetKxH1
Ql2TOxyw2U0X80jvSEY8uPbgNxaZqTVzW2rtYPtEF29AVK9F0BBhHfCmWifMNOVT
64CZlTF1Pdhtsvkap457bv4oI4FW717nn5CbMQA1Lc81+V2j2Jh/5XHu4fqlRI6k
ssDSBjq6v97Pty3aihwV7v+asrAvMRNSZZLB8kSzPpdFPQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:07 2024 by rpki-client on console-ams.rpki-client.org