Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/143b5c-c5ab-4d98-ae4b-d141a8692039/1/i1keSe3uZ2mjrce5v6v_l6MwuVY.roa
File:                     i1keSe3uZ2mjrce5v6v_l6MwuVY.roa (raw, json)
Hash identifier:          YTFgKnXcK58RT9ourMQMXzE+lIhwtGn757h7XGiQsgk=
Subject key identifier:   8B:59:1E:49:ED:EE:67:69:A3:AD:C7:B9:BF:AB:FF:97:A3:30:B9:56
Certificate issuer:       /CN=13edfb910fffe47d51ad9d0f883b1b649669e135
Certificate serial:       0189C5D1A5567210114495BB00C34D3538AB
Authority key identifier: 13:ED:FB:91:0F:FF:E4:7D:51:AD:9D:0F:88:3B:1B:64:96:69:E1:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/E-37kQ__5H1RrZ0PiDsbZJZp4TU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/143b5c-c5ab-4d98-ae4b-d141a8692039/1/i1keSe3uZ2mjrce5v6v_l6MwuVY.roa
Signing time:             Sat 05 Aug 2023 13:09:58 +0000
ROA not before:           Sat 05 Aug 2023 13:09:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29119
IP address blocks:        2a07:5d00::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:c5:d1:a5:56:72:10:11:44:95:bb:00:c3:4d:35:38:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=13edfb910fffe47d51ad9d0f883b1b649669e135
        Validity
            Not Before: Aug  5 13:09:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8b591e49edee6769a3adc7b9bfabff97a330b956
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:56:f7:10:95:55:8a:a8:0b:21:2f:b5:f0:ec:
                    5e:78:05:f6:f6:ef:43:bb:b2:64:68:eb:cf:b5:3f:
                    c6:e2:34:4b:f8:00:43:55:f2:d6:c1:a8:ee:d7:78:
                    e1:27:58:5f:02:00:b1:c0:67:0a:0d:82:a6:ef:97:
                    12:cc:aa:90:54:53:c1:68:5a:14:52:db:85:de:99:
                    7b:9f:b3:23:78:53:07:52:3e:47:74:75:16:03:19:
                    a6:23:08:75:90:ad:4f:b3:9a:a3:c1:b7:84:02:3a:
                    a2:5c:d1:f4:1e:b5:69:52:54:0b:90:eb:88:17:8d:
                    02:1e:74:e2:78:87:db:be:a4:cc:73:01:0c:5d:fa:
                    c9:d1:b9:65:55:d6:f6:40:2b:a8:88:c1:6f:77:62:
                    81:55:65:5e:49:cb:d3:9c:d5:71:50:e5:ed:0d:87:
                    b1:65:e1:d8:8d:6c:bd:b8:48:f2:e0:84:99:0e:8f:
                    0f:3d:5d:ea:d7:8e:a6:f6:df:0e:83:06:f5:91:76:
                    c7:2a:f5:d6:b6:0d:19:4f:26:01:a9:d0:8d:f7:5c:
                    28:e2:a6:8d:52:d5:43:ea:0f:13:b2:a8:b0:8a:f8:
                    d9:4d:f2:3f:5b:35:a1:a9:f3:d3:df:3c:6c:f0:42:
                    04:18:70:56:ad:74:93:f0:8c:b6:6a:26:12:6e:8f:
                    9a:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:59:1E:49:ED:EE:67:69:A3:AD:C7:B9:BF:AB:FF:97:A3:30:B9:56
            X509v3 Authority Key Identifier:
                keyid:13:ED:FB:91:0F:FF:E4:7D:51:AD:9D:0F:88:3B:1B:64:96:69:E1:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E-37kQ__5H1RrZ0PiDsbZJZp4TU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/143b5c-c5ab-4d98-ae4b-d141a8692039/1/i1keSe3uZ2mjrce5v6v_l6MwuVY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/143b5c-c5ab-4d98-ae4b-d141a8692039/1/E-37kQ__5H1RrZ0PiDsbZJZp4TU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:5d00::/29

    Signature Algorithm: sha256WithRSAEncryption
         94:c2:65:bd:cc:21:3a:42:70:90:0f:9e:0a:75:41:e7:23:1e:
         03:fd:e6:e0:5f:c9:2b:90:11:a8:71:29:2a:31:dd:58:95:11:
         ff:35:fb:4f:0a:a8:a0:1a:94:a5:c2:cb:6d:17:38:a0:e9:84:
         63:75:17:95:f5:5a:b8:b3:2b:1a:c4:07:ac:34:6e:5a:3e:48:
         20:c8:ea:11:c3:5a:cc:73:ae:98:03:94:09:38:6e:59:8f:0c:
         46:6f:39:2a:35:de:04:43:e8:2f:aa:5e:4a:d3:89:41:a0:25:
         e1:3d:73:0d:3f:12:bf:4b:8e:60:ba:89:78:53:69:6e:be:97:
         2a:12:9c:10:e4:db:5b:9c:a7:3d:18:2b:1b:38:92:28:55:f6:
         39:1d:c0:63:cc:e6:2e:f8:e5:50:7d:a1:28:1d:bc:34:c7:72:
         74:3f:6d:2a:d9:b8:19:b4:0f:38:f9:16:cc:e9:35:6c:e0:7c:
         43:87:a9:5f:ce:d4:63:dc:15:5a:60:80:06:41:36:62:8b:52:
         a8:c0:ea:02:d7:af:09:e7:85:21:d1:b0:3f:00:65:a8:ca:d3:
         fc:1b:84:5d:ac:ad:99:4e:28:8a:6b:9f:3d:e9:5e:a9:72:e5:
         53:fd:b2:cb:18:19:ff:37:6e:2e:bb:cd:3c:e0:d3:8b:08:b5:
         38:cd:29:8c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYnF0aVWchARRJW7AMNNNTirMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzZWRmYjkxMGZmZmU0N2Q1MWFkOWQwZjg4M2IxYjY0OTY2
OWUxMzUwHhcNMjMwODA1MTMwOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjU5MWU0OWVkZWU2NzY5YTNhZGM3YjliZmFiZmY5N2EzMzBiOTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFb3EJVViqgLIS+18OxeeAX29u9D
u7JkaOvPtT/G4jRL+ABDVfLWwaju13jhJ1hfAgCxwGcKDYKm75cSzKqQVFPBaFoU
UtuF3pl7n7MjeFMHUj5HdHUWAxmmIwh1kK1Ps5qjwbeEAjqiXNH0HrVpUlQLkOuI
F40CHnTieIfbvqTMcwEMXfrJ0bllVdb2QCuoiMFvd2KBVWVeScvTnNVxUOXtDYex
ZeHYjWy9uEjy4ISZDo8PPV3q146m9t8Ogwb1kXbHKvXWtg0ZTyYBqdCN91wo4qaN
UtVD6g8TsqiwivjZTfI/WzWhqfPT3zxs8EIEGHBWrXST8Iy2aiYSbo+aoQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFItZHknt7mdpo63Hub+r/5ejMLlWMB8GA1UdIwQY
MBaAFBPt+5EP/+R9Ua2dD4g7G2SWaeE1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRS0zN2tRX181SDFSclowUGlEc2JaSlpwNFRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8xNDNiNWMtYzVhYi00ZDk4LWFlNGIt
ZDE0MWE4NjkyMDM5LzEvaTFrZVNlM3VaMm1qcmNlNXY2dl9sNk13dVZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8xNDNiNWMtYzVhYi00ZDk4LWFlNGItZDE0MWE4NjkyMDM5
LzEvRS0zN2tRX181SDFSclowUGlEc2JaSlpwNFRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgddADAN
BgkqhkiG9w0BAQsFAAOCAQEAlMJlvcwhOkJwkA+eCnVB5yMeA/3m4F/JK5ARqHEp
KjHdWJUR/zX7TwqooBqUpcLLbRc4oOmEY3UXlfVauLMrGsQHrDRuWj5IIMjqEcNa
zHOumAOUCThuWY8MRm85KjXeBEPoL6peStOJQaAl4T1zDT8Sv0uOYLqJeFNpbr6X
KhKcEOTbW5ynPRgrGziSKFX2OR3AY8zmLvjlUH2hKB28NMdydD9tKtm4GbQPOPkW
zOk1bOB8Q4epX87UY9wVWmCABkE2YotSqMDqAtevCeeFIdGwPwBlqMrT/BuEXayt
mU4oimufPeleqXLlU/2yyxgZ/zduLrvNPODTiwi1OM0pjA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:07 2024 by rpki-client on console-fra.rpki-client.org