Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/3qRqcpFAF5r92lVaXP5Xz8HnvnY.roa
File:                     3qRqcpFAF5r92lVaXP5Xz8HnvnY.roa (raw, json)
Hash identifier:          xRUqRn5uy3sTycHZqg/QOAmwYCEdsLQBybEX+y6hhIk=
Subject key identifier:   DE:A4:6A:72:91:40:17:9A:FD:DA:55:5A:5C:FE:57:CF:C1:E7:BE:76
Certificate issuer:       /CN=63392e929317ae6bde08a5a3b98a2b701ddb893a
Certificate serial:       0190C995C66C9586383E44E11EC604538375
Authority key identifier: 63:39:2E:92:93:17:AE:6B:DE:08:A5:A3:B9:8A:2B:70:1D:DB:89:3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YzkukpMXrmveCKWjuYorcB3biTo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/3qRqcpFAF5r92lVaXP5Xz8HnvnY.roa
Signing time:             Fri 19 Jul 2024 06:02:34 +0000
ROA not before:           Fri 19 Jul 2024 06:02:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     151338
IP address blocks:        2a13:fc0::/44 maxlen: 44

Validation:               Failed, certificate revoked on Mon 09 Sep 2024 02:53:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:c9:95:c6:6c:95:86:38:3e:44:e1:1e:c6:04:53:83:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63392e929317ae6bde08a5a3b98a2b701ddb893a
        Validity
            Not Before: Jul 19 06:02:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=dea46a729140179afdda555a5cfe57cfc1e7be76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:0d:a2:0b:4e:31:85:2d:ee:d6:e9:66:12:97:
                    c0:bb:52:c4:fa:ad:da:a7:6b:1e:66:85:46:a9:eb:
                    57:b8:e6:90:8a:aa:d2:c9:85:74:e5:37:fe:bb:28:
                    77:bc:bd:66:9a:99:1e:c2:00:e7:80:29:dc:da:1c:
                    d6:9f:f5:27:99:3b:2e:7f:c9:22:dc:18:9c:1c:d6:
                    91:51:b1:f6:02:23:15:c7:f1:31:c8:ee:23:2a:1b:
                    66:6e:bf:44:91:06:c5:94:ba:23:0f:da:72:e5:af:
                    e4:4e:f2:99:e9:de:f2:6c:c2:ed:53:c7:d8:9a:81:
                    ca:76:6d:fe:8f:1c:b8:1b:2e:c1:d7:1f:ff:15:a7:
                    c7:cd:bf:62:64:b3:d5:ac:cb:67:5c:25:68:e3:74:
                    55:da:f9:ca:1a:1c:39:e9:3e:2e:03:75:aa:f1:4b:
                    8f:62:1d:2d:f9:0a:61:41:ec:0d:93:53:c2:dc:ac:
                    51:7e:03:17:e4:6d:b9:86:a3:bd:4d:48:61:99:bb:
                    bb:fa:66:47:e0:83:39:4f:28:47:5b:39:54:a5:9b:
                    28:9a:ec:95:c0:cb:7e:f3:7b:26:02:06:42:76:90:
                    23:8b:36:2e:4f:1f:bc:e7:88:9a:9e:23:14:82:9d:
                    07:67:8f:89:fd:69:7d:c5:ce:72:ef:2f:c9:77:d6:
                    08:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:A4:6A:72:91:40:17:9A:FD:DA:55:5A:5C:FE:57:CF:C1:E7:BE:76
            X509v3 Authority Key Identifier:
                keyid:63:39:2E:92:93:17:AE:6B:DE:08:A5:A3:B9:8A:2B:70:1D:DB:89:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YzkukpMXrmveCKWjuYorcB3biTo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/3qRqcpFAF5r92lVaXP5Xz8HnvnY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/YzkukpMXrmveCKWjuYorcB3biTo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:fc0::/44

    Signature Algorithm: sha256WithRSAEncryption
         97:03:67:ed:e5:ac:ed:b1:8a:02:2e:f3:34:64:f5:2a:07:b0:
         f8:e7:5d:dd:7a:3f:b3:4b:5f:6f:6d:a3:4f:07:47:25:e2:9c:
         08:1d:c7:35:f7:9b:51:4e:70:90:c4:9e:5a:d5:7a:0b:7c:a1:
         ef:6e:02:da:fc:44:d2:ca:0f:f3:33:f1:c0:64:f4:69:b2:d9:
         dc:c2:8e:5f:01:7b:cd:b0:a7:a7:04:a4:e5:9a:f3:e5:44:fc:
         36:5a:23:aa:42:7c:a6:28:56:71:16:5a:44:bd:a0:e6:31:c0:
         8f:d9:95:85:37:68:91:4e:d6:09:66:28:a8:79:04:a8:ad:c5:
         3d:a6:5d:73:c5:b3:d8:70:10:cc:6c:98:9d:a4:32:0e:8e:44:
         95:0b:f2:e8:bf:4f:6f:89:34:c0:02:20:9b:3b:76:21:1b:8a:
         5c:8f:9a:43:d1:8a:12:fc:68:36:18:ae:2a:44:ec:0d:7d:2e:
         1c:1e:a7:d1:54:15:3a:00:ec:75:4b:93:ac:c3:13:4b:79:26:
         89:4b:08:09:b6:3e:69:10:8a:52:b6:c8:12:96:b1:18:f3:03:
         c5:4f:23:3b:fc:c8:33:c5:a0:e6:0f:47:71:0b:ea:8a:2d:24:
         91:da:0b:69:14:57:7b:ff:f6:e5:17:ff:1b:e8:4c:29:3f:66:
         87:a2:85:99
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZDJlcZslYY4PkThHsYEU4N1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMzkyZTkyOTMxN2FlNmJkZTA4YTVhM2I5OGEyYjcwMWRk
Yjg5M2EwHhcNMjQwNzE5MDYwMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWE0NmE3MjkxNDAxNzlhZmRkYTU1NWE1Y2ZlNTdjZmMxZTdiZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqg2iC04xhS3u1ulmEpfAu1LE+q3a
p2seZoVGqetXuOaQiqrSyYV05Tf+uyh3vL1mmpkewgDngCnc2hzWn/UnmTsuf8ki
3BicHNaRUbH2AiMVx/ExyO4jKhtmbr9EkQbFlLojD9py5a/kTvKZ6d7ybMLtU8fY
moHKdm3+jxy4Gy7B1x//FafHzb9iZLPVrMtnXCVo43RV2vnKGhw56T4uA3Wq8UuP
Yh0t+QphQewNk1PC3KxRfgMX5G25hqO9TUhhmbu7+mZH4IM5TyhHWzlUpZsomuyV
wMt+83smAgZCdpAjizYuTx+854ianiMUgp0HZ4+J/Wl9xc5y7y/Jd9YIxwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN6kanKRQBea/dpVWlz+V8/B5752MB8GA1UdIwQY
MBaAFGM5LpKTF65r3gilo7mKK3Ad24k6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXprdWtwTVhybXZlQ0tXanVZb3JjQjNiaVRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9mZTcwMmUtYzI2Yi00NDI5LTk5YzEt
ODcyNTBmNWEwN2NjLzEvM3FScWNwRkFGNXI5MmxWYVhQNVh6OEhudm5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9mZTcwMmUtYzI2Yi00NDI5LTk5YzEtODcyNTBmNWEwN2Nj
LzEvWXprdWtwTVhybXZlQ0tXanVZb3JjQjNiaVRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhMPwAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCXA2ft5aztsYoCLvM0ZPUqB7D4513dej+zS19v
baNPB0cl4pwIHcc195tRTnCQxJ5a1XoLfKHvbgLa/ETSyg/zM/HAZPRpstncwo5f
AXvNsKenBKTlmvPlRPw2WiOqQnymKFZxFlpEvaDmMcCP2ZWFN2iRTtYJZiioeQSo
rcU9pl1zxbPYcBDMbJidpDIOjkSVC/Lov09viTTAAiCbO3YhG4pcj5pD0YoS/Gg2
GK4qROwNfS4cHqfRVBU6AOx1S5OswxNLeSaJSwgJtj5pEIpStsgSlrEY8wPFTyM7
/MgzxaDmD0dxC+qKLSSR2gtpFFd7//blF/8b6EwpP2aHooWZ
-----END CERTIFICATE-----
Generated at Mon Sep 9 05:07:13 2024 by rpki-client on console-ams.rpki-client.org