Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/zgWOzV7KEoxzHP7I3Gfc1zj3txU.roa
File:                     zgWOzV7KEoxzHP7I3Gfc1zj3txU.roa (raw, json)
Hash identifier:          UAUxcEfDWZ87Fp0Wga5+/DScEpyhquzGalf5k6LsRyk=
Subject key identifier:   CE:05:8E:CD:5E:CA:12:8C:73:1C:FE:C8:DC:67:DC:D7:38:F7:B7:15
Certificate issuer:       /CN=a42371281dfe19072d1339dd0482b2aafad542ce
Certificate serial:       018782858AAFE4DEC37D44EFD50A5901D22C
Authority key identifier: A4:23:71:28:1D:FE:19:07:2D:13:39:DD:04:82:B2:AA:FA:D5:42:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/zgWOzV7KEoxzHP7I3Gfc1zj3txU.roa
Signing time:             Sat 15 Apr 2023 01:26:42 +0000
ROA not before:           Sat 15 Apr 2023 01:26:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57025
IP address blocks:        2a13:db00::/30 maxlen: 30

Validation:               Failed, certificate revoked on Wed 19 Apr 2023 16:53:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:82:85:8a:af:e4:de:c3:7d:44:ef:d5:0a:59:01:d2:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a42371281dfe19072d1339dd0482b2aafad542ce
        Validity
            Not Before: Apr 15 01:26:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ce058ecd5eca128c731cfec8dc67dcd738f7b715
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:a1:93:52:8e:03:e2:3c:8d:fc:b5:c8:8c:56:
                    2a:5d:21:3a:8f:71:b8:92:3b:5f:78:8b:79:0d:01:
                    1d:fb:6c:d5:44:b2:bd:34:96:7f:44:a3:81:a6:a6:
                    44:f2:2f:d8:4c:18:59:7b:aa:30:68:89:a0:d2:1e:
                    4c:b6:80:bb:ee:f3:03:9a:e5:97:a7:eb:a8:f5:22:
                    24:ea:35:a7:d5:d9:0d:be:9a:aa:7c:41:a3:cf:83:
                    b4:f6:90:f2:37:07:ba:86:f4:e9:09:f8:96:7a:9c:
                    44:4f:a2:f9:aa:8d:e0:24:fa:3b:51:30:a7:f9:03:
                    80:23:12:9b:27:97:16:ee:93:bc:90:f3:7e:9a:06:
                    91:ce:fd:e9:f7:e2:f6:a7:4d:62:68:02:33:1f:09:
                    2f:a1:0e:07:c1:90:cd:e8:58:e1:04:f3:26:3e:72:
                    0b:c5:fb:54:71:97:b1:2a:20:61:5c:fe:6f:d4:46:
                    69:df:86:f6:ff:3e:8a:f8:d9:42:11:0f:ec:e4:40:
                    59:86:7c:20:7a:46:5d:11:35:af:19:bf:b1:0c:7e:
                    b8:24:a1:ba:7c:a3:13:0c:5c:aa:43:c5:47:83:32:
                    dd:8e:c8:35:0f:85:72:6c:74:48:d8:45:6f:04:0f:
                    df:17:4d:ab:04:98:6b:44:5d:fc:05:f1:7a:12:38:
                    2d:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:05:8E:CD:5E:CA:12:8C:73:1C:FE:C8:DC:67:DC:D7:38:F7:B7:15
            X509v3 Authority Key Identifier:
                keyid:A4:23:71:28:1D:FE:19:07:2D:13:39:DD:04:82:B2:AA:FA:D5:42:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/zgWOzV7KEoxzHP7I3Gfc1zj3txU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:db00::/30

    Signature Algorithm: sha256WithRSAEncryption
         6a:05:be:d3:37:43:15:a2:2e:26:e5:b8:6a:03:28:a1:75:bd:
         4c:a2:72:c6:1d:c3:61:02:9c:a7:6a:3f:cc:85:47:b9:34:8a:
         55:08:da:56:0f:49:7e:8e:1c:d6:bd:e2:71:6e:9d:f0:3e:08:
         a2:9b:a0:68:60:2a:99:f9:c0:b0:80:e3:e0:77:9f:b3:ee:2f:
         8a:34:2a:f0:ac:b6:57:ab:6f:1c:1b:2f:e1:12:8e:51:d6:29:
         10:18:78:cb:57:3d:ba:b5:4a:4c:db:d9:f1:a5:8d:a6:a5:1c:
         e4:76:6a:a5:3e:20:d5:f8:2d:33:a5:90:e6:e7:ba:e9:de:5f:
         a0:a6:63:41:02:74:b4:c4:83:67:60:c9:46:a8:40:fb:40:36:
         ac:d4:cd:c7:f1:1d:a3:31:96:a0:a7:73:a7:43:be:68:ef:dc:
         5b:3f:56:6c:5c:28:18:0d:ff:3a:4d:72:a0:25:90:2f:77:d6:
         39:0e:14:71:df:ce:b3:ec:4f:15:8f:c3:5c:85:7d:80:5e:f5:
         9d:fd:da:9f:6e:16:40:4e:83:14:21:86:28:c5:37:e1:5a:3c:
         e4:b4:8e:b1:d7:ba:f8:5b:b8:e2:36:d1:92:a6:1f:0c:bb:a8:
         ca:bf:8f:df:1d:bf:76:23:7a:0e:75:12:69:b8:e4:d1:8c:17:
         94:38:af:5b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYeChYqv5N7DfUTv1QpZAdIsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MjM3MTI4MWRmZTE5MDcyZDEzMzlkZDA0ODJiMmFhZmFk
NTQyY2UwHhcNMjMwNDE1MDEyNjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTA1OGVjZDVlY2ExMjhjNzMxY2ZlYzhkYzY3ZGNkNzM4ZjdiNzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6GTUo4D4jyN/LXIjFYqXSE6j3G4
kjtfeIt5DQEd+2zVRLK9NJZ/RKOBpqZE8i/YTBhZe6owaImg0h5MtoC77vMDmuWX
p+uo9SIk6jWn1dkNvpqqfEGjz4O09pDyNwe6hvTpCfiWepxET6L5qo3gJPo7UTCn
+QOAIxKbJ5cW7pO8kPN+mgaRzv3p9+L2p01iaAIzHwkvoQ4HwZDN6FjhBPMmPnIL
xftUcZexKiBhXP5v1EZp34b2/z6K+NlCEQ/s5EBZhnwgekZdETWvGb+xDH64JKG6
fKMTDFyqQ8VHgzLdjsg1D4VybHRI2EVvBA/fF02rBJhrRF38BfF6EjgtxQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFM4Fjs1eyhKMcxz+yNxn3Nc497cVMB8GA1UdIwQY
MBaAFKQjcSgd/hkHLRM53QSCsqr61ULOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hNDNhMDUtNjAzZi00NjA3LWJjNjgt
OTkwNjBlMjQ1OGVjLzEvemdXT3pWN0tFb3h6SFA3STNHZmMxemozdHhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hNDNhMDUtNjAzZi00NjA3LWJjNjgtOTkwNjBlMjQ1OGVj
LzEvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKhPbADAN
BgkqhkiG9w0BAQsFAAOCAQEAagW+0zdDFaIuJuW4agMooXW9TKJyxh3DYQKcp2o/
zIVHuTSKVQjaVg9Jfo4c1r3icW6d8D4IopugaGAqmfnAsIDj4Hefs+4vijQq8Ky2
V6tvHBsv4RKOUdYpEBh4y1c9urVKTNvZ8aWNpqUc5HZqpT4g1fgtM6WQ5ue66d5f
oKZjQQJ0tMSDZ2DJRqhA+0A2rNTNx/EdozGWoKdzp0O+aO/cWz9WbFwoGA3/Ok1y
oCWQL3fWOQ4Ucd/Os+xPFY/DXIV9gF71nf3an24WQE6DFCGGKMU34Vo85LSOsde6
+Fu44jbRkqYfDLuoyr+P3x2/diN6DnUSabjk0YwXlDivWw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:21 2024 by rpki-client on console-ams.rpki-client.org