Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/1d3cdc-d04b-4adb-b069-2a351ab3b8f6/1/XzmmHiU3L3c89AB3mNiUiey9ZR8.roa
File:                     XzmmHiU3L3c89AB3mNiUiey9ZR8.roa (raw, json)
Hash identifier:          cPaS13K5hdcj+r4E5uLSyk1JzIs6US8Nq12yWBJuYTk=
Subject key identifier:   5F:39:A6:1E:25:37:2F:77:3C:F4:00:77:98:D8:94:89:EC:BD:65:1F
Certificate issuer:       /CN=b504bcceb9c363f13e3adaa4c0fa52780f064684
Certificate serial:       0188B0212F7BED184A9A6C01DEE09CC10679
Authority key identifier: B5:04:BC:CE:B9:C3:63:F1:3E:3A:DA:A4:C0:FA:52:78:0F:06:46:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tQS8zrnDY_E-OtqkwPpSeA8GRoQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/1d3cdc-d04b-4adb-b069-2a351ab3b8f6/1/XzmmHiU3L3c89AB3mNiUiey9ZR8.roa
Signing time:             Mon 12 Jun 2023 15:02:24 +0000
ROA not before:           Mon 12 Jun 2023 15:02:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213216
IP address blocks:        2a13:7fc0:a42a::/48 maxlen: 64

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:b0:21:2f:7b:ed:18:4a:9a:6c:01:de:e0:9c:c1:06:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b504bcceb9c363f13e3adaa4c0fa52780f064684
        Validity
            Not Before: Jun 12 15:02:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5f39a61e25372f773cf4007798d89489ecbd651f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:86:3e:20:ae:05:aa:18:13:d6:10:21:c6:94:
                    10:d8:15:9a:92:21:15:62:81:f9:8f:b5:f5:c6:4b:
                    45:45:f1:7e:3c:9b:6a:70:60:45:f9:ae:a3:f4:ac:
                    7f:35:c3:57:50:09:e5:d7:7a:9e:d9:b8:01:74:45:
                    f8:88:bf:9c:ef:56:ae:a9:bd:f2:33:df:ce:1e:d9:
                    7e:aa:ac:4f:03:93:a9:83:0b:53:de:8e:60:d6:97:
                    14:43:82:4a:c5:9b:d3:fc:59:e2:e8:40:3e:bc:47:
                    3e:17:db:b2:57:68:3c:06:f8:63:34:3c:7d:4d:2f:
                    35:c9:18:58:48:5f:0d:f9:93:2d:8b:e1:e7:0b:5b:
                    9c:83:9b:af:34:80:60:02:3b:ec:ad:38:ae:f7:50:
                    bc:ab:88:5f:23:8e:3a:be:d7:5e:df:a9:4b:78:ac:
                    88:96:97:57:86:e7:06:e4:24:8e:a5:c9:a1:17:42:
                    e7:c2:35:6e:49:55:42:d0:87:05:01:aa:01:04:37:
                    d6:d6:3d:b5:41:6f:6e:fd:77:fe:3b:b5:51:05:f5:
                    48:a9:a4:2a:08:72:45:78:5a:e6:1a:04:31:bb:25:
                    67:0a:02:fd:c2:c0:d4:be:31:1b:9e:0f:c2:83:59:
                    9b:ce:70:fa:64:08:56:33:4d:4f:29:31:67:5f:a2:
                    9b:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:39:A6:1E:25:37:2F:77:3C:F4:00:77:98:D8:94:89:EC:BD:65:1F
            X509v3 Authority Key Identifier:
                keyid:B5:04:BC:CE:B9:C3:63:F1:3E:3A:DA:A4:C0:FA:52:78:0F:06:46:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tQS8zrnDY_E-OtqkwPpSeA8GRoQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/1d3cdc-d04b-4adb-b069-2a351ab3b8f6/1/XzmmHiU3L3c89AB3mNiUiey9ZR8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/1d3cdc-d04b-4adb-b069-2a351ab3b8f6/1/tQS8zrnDY_E-OtqkwPpSeA8GRoQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:7fc0:a42a::/48

    Signature Algorithm: sha256WithRSAEncryption
         74:60:bf:86:5b:d9:22:cb:a4:88:dd:89:32:a6:f5:54:4c:80:
         6a:13:55:20:c8:85:67:95:02:d9:06:c6:47:68:5f:1b:13:36:
         da:66:d0:64:c1:45:2f:90:be:d1:fe:f0:2d:94:da:af:00:b6:
         4d:16:e7:81:0a:ae:3b:82:ee:5e:3f:9b:90:88:95:80:ea:b2:
         f9:fb:2b:d5:26:ae:3c:16:57:74:bf:81:47:f6:60:53:af:a9:
         7f:47:1b:04:7e:dd:c3:15:5e:ed:3e:ad:28:74:06:6d:a6:17:
         93:da:ad:94:08:71:4f:70:58:c9:b6:20:1c:8a:55:34:8a:5a:
         aa:2e:84:f6:b0:c3:e8:4c:e3:fa:f9:ce:1a:01:82:5a:e3:bb:
         fd:8b:b7:24:8e:cf:6c:f0:f1:ab:9c:fe:0b:d8:8d:da:96:71:
         22:ca:5e:b1:4d:3a:bd:40:93:d2:68:4a:8a:9e:5f:ad:fd:44:
         7b:e4:5a:68:0d:2f:62:90:8b:d3:c2:09:20:59:79:1c:af:c1:
         8e:7a:b6:8d:9a:bf:91:46:26:dc:38:b6:e5:78:88:66:01:07:
         ef:6c:d1:70:7b:ac:57:df:5f:6a:86:47:f6:71:6c:f6:ec:9a:
         3e:89:a3:a9:ce:b3:95:8e:68:70:b5:f1:ac:b7:36:9b:91:cc:
         16:8b:92:cc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYiwIS977RhKmmwB3uCcwQZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MDRiY2NlYjljMzYzZjEzZTNhZGFhNGMwZmE1Mjc4MGYw
NjQ2ODQwHhcNMjMwNjEyMTUwMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjM5YTYxZTI1MzcyZjc3M2NmNDAwNzc5OGQ4OTQ4OWVjYmQ2NTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA84Y+IK4FqhgT1hAhxpQQ2BWakiEV
YoH5j7X1xktFRfF+PJtqcGBF+a6j9Kx/NcNXUAnl13qe2bgBdEX4iL+c71auqb3y
M9/OHtl+qqxPA5OpgwtT3o5g1pcUQ4JKxZvT/Fni6EA+vEc+F9uyV2g8BvhjNDx9
TS81yRhYSF8N+ZMti+HnC1ucg5uvNIBgAjvsrTiu91C8q4hfI446vtde36lLeKyI
lpdXhucG5CSOpcmhF0LnwjVuSVVC0IcFAaoBBDfW1j21QW9u/Xf+O7VRBfVIqaQq
CHJFeFrmGgQxuyVnCgL9wsDUvjEbng/Cg1mbznD6ZAhWM01PKTFnX6KbLQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF85ph4lNy93PPQAd5jYlInsvWUfMB8GA1UdIwQY
MBaAFLUEvM65w2PxPjrapMD6UngPBkaEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFFTOHpybkRZX0UtT3Rxa3dQcFNlQThHUm9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8xZDNjZGMtZDA0Yi00YWRiLWIwNjkt
MmEzNTFhYjNiOGY2LzEvWHptbUhpVTNMM2M4OUFCM21OaVVpZXk5WlI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8xZDNjZGMtZDA0Yi00YWRiLWIwNjktMmEzNTFhYjNiOGY2
LzEvdFFTOHpybkRZX0UtT3Rxa3dQcFNlQThHUm9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhN/wKQq
MA0GCSqGSIb3DQEBCwUAA4IBAQB0YL+GW9kiy6SI3YkypvVUTIBqE1UgyIVnlQLZ
BsZHaF8bEzbaZtBkwUUvkL7R/vAtlNqvALZNFueBCq47gu5eP5uQiJWA6rL5+yvV
Jq48Fld0v4FH9mBTr6l/RxsEft3DFV7tPq0odAZtpheT2q2UCHFPcFjJtiAcilU0
ilqqLoT2sMPoTOP6+c4aAYJa47v9i7ckjs9s8PGrnP4L2I3alnEiyl6xTTq9QJPS
aEqKnl+t/UR75FpoDS9ikIvTwgkgWXkcr8GOeraNmr+RRibcOLbleIhmAQfvbNFw
e6xX319qhkf2cWz27Jo+iaOpzrOVjmhwtfGstzabkcwWi5LM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:22 2024 by rpki-client on console-fra.rpki-client.org