Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/107d3e-fcdc-4767-9cca-e4f2cdc7a411/1/hgUMgpin7upKG-64tlxfrPjXTLY.roa
File:                     hgUMgpin7upKG-64tlxfrPjXTLY.roa (raw, json)
Hash identifier:          T5cC9uXeBwLpwe1ATAp0koglx7bmzvSEP1Zmi9PvhSQ=
Subject key identifier:   86:05:0C:82:98:A7:EE:EA:4A:1B:EE:B8:B6:5C:5F:AC:F8:D7:4C:B6
Certificate issuer:       /CN=63fa5e2bec0a3ec795f8f19cd47fecc680678b08
Certificate serial:       018CC4936655FC71F254AEA5E84B7CF837ED
Authority key identifier: 63:FA:5E:2B:EC:0A:3E:C7:95:F8:F1:9C:D4:7F:EC:C6:80:67:8B:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y_peK-wKPseV-PGc1H_sxoBniwg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/107d3e-fcdc-4767-9cca-e4f2cdc7a411/1/hgUMgpin7upKG-64tlxfrPjXTLY.roa
Signing time:             Mon 01 Jan 2024 10:30:43 +0000
ROA not before:           Mon 01 Jan 2024 10:30:43 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197677
IP address blocks:        2a13:c0::/48 maxlen: 48
                          2a13:c0:3::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 22 Jan 2024 12:29:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:93:66:55:fc:71:f2:54:ae:a5:e8:4b:7c:f8:37:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63fa5e2bec0a3ec795f8f19cd47fecc680678b08
        Validity
            Not Before: Jan  1 10:30:43 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=86050c8298a7eeea4a1beeb8b65c5facf8d74cb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:10:4b:08:39:7b:da:a2:3d:c4:2a:0f:50:77:
                    e8:5b:09:24:d9:de:db:0c:7c:e5:15:bb:80:81:53:
                    8f:c6:ea:a9:15:08:f1:96:b3:86:ea:df:2e:9d:6d:
                    69:70:c2:d7:95:94:09:a5:6e:de:d1:54:0c:3c:f9:
                    6b:f0:ef:83:5d:67:87:cf:11:81:c8:2c:b5:15:31:
                    3b:6c:45:c9:39:16:6e:6f:f2:54:48:df:c5:67:09:
                    a8:3d:e0:11:86:65:a1:9a:29:d1:0e:4b:bb:c4:a7:
                    d8:e4:58:98:97:9e:77:f0:4e:87:36:59:e1:7b:22:
                    d1:e2:b4:53:b0:92:77:70:30:6a:60:91:66:1e:10:
                    d3:cd:43:e1:f8:da:7a:cf:f2:9a:1a:09:4d:2c:3a:
                    fd:2e:45:1d:1a:b0:86:54:fb:be:da:63:5c:43:4a:
                    bc:14:75:23:41:44:e1:7a:89:04:0c:b4:48:04:97:
                    41:e4:32:04:9c:6c:91:32:75:bd:da:f1:ea:2a:10:
                    a0:4e:c1:c8:44:f7:d2:be:e6:dc:f6:4d:72:03:22:
                    f8:02:6d:17:5f:04:a1:eb:34:6b:9c:6d:16:bd:8e:
                    93:83:f8:41:84:50:3b:47:07:c1:bd:1d:8c:d8:db:
                    3f:c4:48:97:b8:2e:01:41:c6:4d:9c:bf:66:83:d5:
                    b3:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:05:0C:82:98:A7:EE:EA:4A:1B:EE:B8:B6:5C:5F:AC:F8:D7:4C:B6
            X509v3 Authority Key Identifier:
                keyid:63:FA:5E:2B:EC:0A:3E:C7:95:F8:F1:9C:D4:7F:EC:C6:80:67:8B:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y_peK-wKPseV-PGc1H_sxoBniwg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/107d3e-fcdc-4767-9cca-e4f2cdc7a411/1/hgUMgpin7upKG-64tlxfrPjXTLY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/107d3e-fcdc-4767-9cca-e4f2cdc7a411/1/Y_peK-wKPseV-PGc1H_sxoBniwg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:c0::/48
                  2a13:c0:3::/48

    Signature Algorithm: sha256WithRSAEncryption
         2f:3c:f6:f7:bc:08:a8:51:46:55:c8:2f:51:15:bd:bc:df:b5:
         b5:90:11:7a:21:e4:32:be:f1:23:35:1c:0e:23:6b:7d:bd:b1:
         33:f6:36:46:97:06:bc:ce:a4:db:42:44:7c:b4:10:3a:df:7a:
         09:a2:1b:79:d1:43:b9:c2:9d:af:5a:47:8b:d2:47:f4:2c:f8:
         1c:13:06:43:9b:47:48:b2:98:98:0d:ef:35:2d:c3:20:be:97:
         0e:c3:87:cd:52:b4:40:ce:e4:1d:8c:1f:12:10:32:73:c2:50:
         1d:e0:d8:5b:c8:6c:e7:ba:a8:44:16:31:b6:cc:53:76:4e:05:
         7d:2f:4b:d6:f9:a7:89:29:b8:4b:a2:97:49:a6:f8:ec:ea:83:
         e2:40:5b:01:2e:22:98:e8:0f:48:53:b5:a2:82:0b:66:c4:54:
         30:99:59:7e:4d:78:33:c0:d0:82:84:78:28:8b:32:59:ef:fb:
         9c:43:ed:5b:9b:d1:1f:da:4c:36:0b:b0:5d:1a:0d:2c:a4:a5:
         0d:42:e0:96:03:ef:3a:ba:fc:e2:5a:5b:93:28:d2:45:28:7b:
         5b:3d:57:28:d7:2a:bc:a2:e4:ce:48:fa:0e:6a:91:56:ac:3d:
         da:ed:30:d6:03:01:ce:d4:5c:d8:ad:3d:ff:88:f5:e5:59:45:
         ac:28:2e:fa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEk2ZV/HHyVK6l6Et8+DftMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZmE1ZTJiZWMwYTNlYzc5NWY4ZjE5Y2Q0N2ZlY2M2ODA2
NzhiMDgwHhcNMjQwMTAxMTAzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjA1MGM4Mjk4YTdlZWVhNGExYmVlYjhiNjVjNWZhY2Y4ZDc0Y2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRBLCDl72qI9xCoPUHfoWwkk2d7b
DHzlFbuAgVOPxuqpFQjxlrOG6t8unW1pcMLXlZQJpW7e0VQMPPlr8O+DXWeHzxGB
yCy1FTE7bEXJORZub/JUSN/FZwmoPeARhmWhminRDku7xKfY5FiYl5538E6HNlnh
eyLR4rRTsJJ3cDBqYJFmHhDTzUPh+Np6z/KaGglNLDr9LkUdGrCGVPu+2mNcQ0q8
FHUjQUTheokEDLRIBJdB5DIEnGyRMnW92vHqKhCgTsHIRPfSvubc9k1yAyL4Am0X
XwSh6zRrnG0WvY6Tg/hBhFA7RwfBvR2M2Ns/xEiXuC4BQcZNnL9mg9Wz9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIYFDIKYp+7qShvuuLZcX6z410y2MB8GA1UdIwQY
MBaAFGP6XivsCj7HlfjxnNR/7MaAZ4sIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWV9wZUstd0tQc2VWLVBHYzFIX3N4b0JuaXdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8xMDdkM2UtZmNkYy00NzY3LTljY2Et
ZTRmMmNkYzdhNDExLzEvaGdVTWdwaW43dXBLRy02NHRseGZyUGpYVExZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8xMDdkM2UtZmNkYy00NzY3LTljY2EtZTRmMmNkYzdhNDEx
LzEvWV9wZUstd0tQc2VWLVBHYzFIX3N4b0JuaXdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhMAwAAA
AwcAKhMAwAADMA0GCSqGSIb3DQEBCwUAA4IBAQAvPPb3vAioUUZVyC9RFb2837W1
kBF6IeQyvvEjNRwOI2t9vbEz9jZGlwa8zqTbQkR8tBA633oJoht50UO5wp2vWkeL
0kf0LPgcEwZDm0dIspiYDe81LcMgvpcOw4fNUrRAzuQdjB8SEDJzwlAd4NhbyGzn
uqhEFjG2zFN2TgV9L0vW+aeJKbhLopdJpvjs6oPiQFsBLiKY6A9IU7WiggtmxFQw
mVl+TXgzwNCChHgoizJZ7/ucQ+1bm9Ef2kw2C7BdGg0spKUNQuCWA+86uvziWluT
KNJFKHtbPVco1yq8ouTOSPoOapFWrD3a7TDWAwHO1FzYrT3/iPXlWUWsKC76
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:19 2024 by rpki-client on console-fra.rpki-client.org