Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/1d3cdc-d04b-4adb-b069-2a351ab3b8f6/1/dCFosk0hETnzApA1l9JAyxcx5jM.roa
File:                     dCFosk0hETnzApA1l9JAyxcx5jM.roa (raw, json)
Hash identifier:          Ja82mjAqGyHOVNS+bjHYqLlBm6gafeJyOAD4L6K1hNs=
Subject key identifier:   74:21:68:B2:4D:21:11:39:F3:02:90:35:97:D2:40:CB:17:31:E6:33
Certificate issuer:       /CN=b504bcceb9c363f13e3adaa4c0fa52780f064684
Certificate serial:       018CC3B676F861136EA19A058806310AACD2
Authority key identifier: B5:04:BC:CE:B9:C3:63:F1:3E:3A:DA:A4:C0:FA:52:78:0F:06:46:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tQS8zrnDY_E-OtqkwPpSeA8GRoQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/1d3cdc-d04b-4adb-b069-2a351ab3b8f6/1/dCFosk0hETnzApA1l9JAyxcx5jM.roa
Signing time:             Mon 01 Jan 2024 06:29:24 +0000
ROA not before:           Mon 01 Jan 2024 06:29:24 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     213216
IP address blocks:        2a13:7fc0:a42a::/48 maxlen: 64

Validation:               Failed, certificate revoked on Tue 12 Mar 2024 17:22:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:76:f8:61:13:6e:a1:9a:05:88:06:31:0a:ac:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b504bcceb9c363f13e3adaa4c0fa52780f064684
        Validity
            Not Before: Jan  1 06:29:24 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=742168b24d211139f302903597d240cb1731e633
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:f4:d5:0b:47:5d:29:cc:a0:ec:6d:b4:06:10:
                    41:1d:f5:8f:53:cb:75:15:fc:0d:98:97:e0:0c:87:
                    50:9f:83:68:5e:68:a5:98:18:29:b1:2e:c9:ce:aa:
                    fa:dc:c7:14:bf:ba:95:b1:90:50:e0:74:6f:3f:51:
                    e7:a3:bd:19:9b:06:39:90:51:78:b2:ac:75:f3:34:
                    16:db:7f:d9:f3:4f:8b:89:e5:6e:3f:5b:ee:c4:de:
                    af:2f:7c:d6:7d:ab:d6:a7:ae:47:ff:2b:c7:f5:53:
                    4e:92:60:11:10:63:f4:75:be:d7:ac:ac:b3:4e:f0:
                    88:29:c6:c5:88:fe:41:62:85:b1:f6:a1:b5:b2:0a:
                    21:fb:bc:85:6d:c4:c8:be:2f:d3:53:0c:21:32:7f:
                    1f:61:1e:77:e1:92:c9:da:72:43:80:a3:d7:7e:92:
                    71:ae:5d:6d:06:9d:e4:cf:76:89:05:c8:49:cc:88:
                    7d:7c:a7:45:0c:88:a8:19:57:cb:b2:63:ee:8c:1e:
                    9f:06:7c:18:9a:b5:b1:5e:1f:8e:cc:74:5e:0e:ca:
                    31:86:e7:c3:ae:e0:26:37:00:a5:33:50:4e:fd:b2:
                    de:24:78:c3:b2:bb:43:69:22:b4:2f:f0:d2:7e:a5:
                    cf:bf:45:a8:32:96:4a:cf:a7:ce:5a:71:59:a5:4f:
                    2e:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:21:68:B2:4D:21:11:39:F3:02:90:35:97:D2:40:CB:17:31:E6:33
            X509v3 Authority Key Identifier:
                keyid:B5:04:BC:CE:B9:C3:63:F1:3E:3A:DA:A4:C0:FA:52:78:0F:06:46:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tQS8zrnDY_E-OtqkwPpSeA8GRoQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/1d3cdc-d04b-4adb-b069-2a351ab3b8f6/1/dCFosk0hETnzApA1l9JAyxcx5jM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/1d3cdc-d04b-4adb-b069-2a351ab3b8f6/1/tQS8zrnDY_E-OtqkwPpSeA8GRoQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:7fc0:a42a::/48

    Signature Algorithm: sha256WithRSAEncryption
         b8:92:3a:8c:99:d7:76:7d:ed:1e:57:27:77:eb:01:55:f6:9b:
         4f:82:cc:52:f0:bb:07:13:17:d4:98:39:f6:33:80:aa:9e:f8:
         80:e5:2b:38:a8:cf:66:6c:a0:4c:1b:65:8d:50:9c:88:d3:85:
         3d:0d:f3:93:a2:d3:99:36:e5:8d:42:67:e3:50:db:97:55:9a:
         31:03:84:49:2b:54:57:e9:84:57:6e:4d:d8:e3:e3:2c:3d:80:
         ea:27:82:92:88:aa:10:fc:25:59:79:18:34:f1:35:20:8a:27:
         33:86:4a:ee:fc:d2:4a:b7:e0:2b:38:7a:84:e1:e0:f5:7c:ff:
         84:55:cc:97:c6:08:0e:5c:4a:88:5b:7f:01:3b:90:34:b2:58:
         37:a7:a6:67:1b:23:c4:34:ca:2c:ef:b8:8a:a0:45:8c:a9:cd:
         50:19:aa:2e:37:bc:a9:ce:28:d0:1a:cd:8a:54:07:8e:63:14:
         71:06:83:05:a5:c0:f7:c8:6a:5f:59:71:02:64:6d:42:f3:f9:
         10:29:5d:33:cb:39:de:a9:42:fb:0b:7c:d7:84:e2:b1:d1:64:
         60:a2:45:2a:9b:24:0a:73:bc:45:15:7b:05:3b:ee:81:cb:2d:
         65:8b:66:26:17:31:ef:d4:2c:44:4a:3c:3d:ec:9d:70:ac:83:
         79:c6:e9:7e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzDtnb4YRNuoZoFiAYxCqzSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MDRiY2NlYjljMzYzZjEzZTNhZGFhNGMwZmE1Mjc4MGYw
NjQ2ODQwHhcNMjQwMTAxMDYyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDIxNjhiMjRkMjExMTM5ZjMwMjkwMzU5N2QyNDBjYjE3MzFlNjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/TVC0ddKcyg7G20BhBBHfWPU8t1
FfwNmJfgDIdQn4NoXmilmBgpsS7Jzqr63McUv7qVsZBQ4HRvP1Hno70ZmwY5kFF4
sqx18zQW23/Z80+LieVuP1vuxN6vL3zWfavWp65H/yvH9VNOkmAREGP0db7XrKyz
TvCIKcbFiP5BYoWx9qG1sgoh+7yFbcTIvi/TUwwhMn8fYR534ZLJ2nJDgKPXfpJx
rl1tBp3kz3aJBchJzIh9fKdFDIioGVfLsmPujB6fBnwYmrWxXh+OzHReDsoxhufD
ruAmNwClM1BO/bLeJHjDsrtDaSK0L/DSfqXPv0WoMpZKz6fOWnFZpU8uKwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHQhaLJNIRE58wKQNZfSQMsXMeYzMB8GA1UdIwQY
MBaAFLUEvM65w2PxPjrapMD6UngPBkaEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFFTOHpybkRZX0UtT3Rxa3dQcFNlQThHUm9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8xZDNjZGMtZDA0Yi00YWRiLWIwNjkt
MmEzNTFhYjNiOGY2LzEvZENGb3NrMGhFVG56QXBBMWw5SkF5eGN4NWpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8xZDNjZGMtZDA0Yi00YWRiLWIwNjktMmEzNTFhYjNiOGY2
LzEvdFFTOHpybkRZX0UtT3Rxa3dQcFNlQThHUm9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhN/wKQq
MA0GCSqGSIb3DQEBCwUAA4IBAQC4kjqMmdd2fe0eVyd36wFV9ptPgsxS8LsHExfU
mDn2M4CqnviA5Ss4qM9mbKBMG2WNUJyI04U9DfOTotOZNuWNQmfjUNuXVZoxA4RJ
K1RX6YRXbk3Y4+MsPYDqJ4KSiKoQ/CVZeRg08TUgiiczhkru/NJKt+ArOHqE4eD1
fP+EVcyXxggOXEqIW38BO5A0slg3p6ZnGyPENMos77iKoEWMqc1QGaouN7ypzijQ
Gs2KVAeOYxRxBoMFpcD3yGpfWXECZG1C8/kQKV0zyzneqUL7C3zXhOKx0WRgokUq
myQKc7xFFXsFO+6Byy1li2YmFzHv1CxESjw97J1wrIN5xul+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:22 2024 by rpki-client on console-fra.rpki-client.org