Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/1b6b21-5eb2-4bf8-b55d-9f171597ae78/1/0WpKKsVo5w2JZEvQnxmWMKAjK7I.roa
File:                     0WpKKsVo5w2JZEvQnxmWMKAjK7I.roa (raw, json)
Hash identifier:          d+y5WoR+j5Ri3TACgKkf8eklDsJd+hRtw19A2mq29qw=
Subject key identifier:   D1:6A:4A:2A:C5:68:E7:0D:89:64:4B:D0:9F:19:96:30:A0:23:2B:B2
Certificate issuer:       /CN=14a63359e84e00c0f9e2a203ead2781a26d904e6
Certificate serial:       0185F25AB41419E409299EF7BBFFEF2534E5
Authority key identifier: 14:A6:33:59:E8:4E:00:C0:F9:E2:A2:03:EA:D2:78:1A:26:D9:04:E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FKYzWehOAMD54qID6tJ4GibZBOY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/1b6b21-5eb2-4bf8-b55d-9f171597ae78/1/0WpKKsVo5w2JZEvQnxmWMKAjK7I.roa
Signing time:             Fri 27 Jan 2023 08:31:48 +0000
ROA not before:           Fri 27 Jan 2023 08:31:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200203
IP address blocks:        2a13:d800::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 31 Jan 2023 14:44:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:f2:5a:b4:14:19:e4:09:29:9e:f7:bb:ff:ef:25:34:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14a63359e84e00c0f9e2a203ead2781a26d904e6
        Validity
            Not Before: Jan 27 08:31:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d16a4a2ac568e70d89644bd09f199630a0232bb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:35:41:07:9a:90:16:99:f0:7c:3e:91:26:60:
                    52:c7:b7:0e:dc:97:1c:10:9d:d9:42:36:9b:f0:23:
                    0c:06:47:e3:25:1f:aa:9b:af:06:08:37:13:05:d8:
                    aa:3d:c2:6b:45:9f:66:b9:27:6e:d5:93:19:2e:50:
                    07:8a:f8:9a:5b:90:f0:a9:fb:f8:a2:8d:bc:28:99:
                    c6:12:1b:86:4d:35:2c:bb:b3:c8:ce:90:3c:8f:21:
                    a5:f2:c5:9c:eb:00:95:41:22:ec:29:53:e5:ba:2d:
                    b6:9a:85:86:04:90:6b:3a:bf:72:9c:22:b9:5b:f0:
                    31:9a:4f:3c:c0:b4:a8:fb:85:f1:48:d9:71:e0:bd:
                    3f:18:ae:17:9d:71:f9:c3:d8:99:f1:d8:75:dc:92:
                    71:b0:1b:36:6e:82:e1:81:64:ac:49:6c:1d:eb:34:
                    e5:f3:52:03:4c:0d:76:fd:5b:e3:72:09:f8:ac:e6:
                    5b:44:e9:13:67:36:cf:b4:19:60:57:f8:1a:4a:4e:
                    95:1e:16:30:e2:60:da:d7:a2:d9:71:3f:40:5b:12:
                    2a:0e:a4:2f:74:e4:57:2f:28:a9:37:91:49:8f:26:
                    92:cf:d9:59:57:76:45:8b:aa:6e:14:60:71:44:50:
                    f1:e1:04:09:e3:e3:17:74:34:cb:97:5d:5c:00:72:
                    fc:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:6A:4A:2A:C5:68:E7:0D:89:64:4B:D0:9F:19:96:30:A0:23:2B:B2
            X509v3 Authority Key Identifier:
                keyid:14:A6:33:59:E8:4E:00:C0:F9:E2:A2:03:EA:D2:78:1A:26:D9:04:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FKYzWehOAMD54qID6tJ4GibZBOY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/1b6b21-5eb2-4bf8-b55d-9f171597ae78/1/0WpKKsVo5w2JZEvQnxmWMKAjK7I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/1b6b21-5eb2-4bf8-b55d-9f171597ae78/1/FKYzWehOAMD54qID6tJ4GibZBOY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:d800::/32

    Signature Algorithm: sha256WithRSAEncryption
         35:7e:2a:04:7b:ee:fd:3f:f4:90:79:8c:3b:27:c7:57:b9:92:
         48:ce:26:ad:e1:5e:c1:c0:53:16:8c:db:67:b7:72:62:1d:dd:
         a2:16:0f:2d:d2:a0:48:12:c2:61:40:2c:63:37:c4:a2:99:c2:
         54:a7:a6:96:dc:d3:d7:61:50:d1:58:16:6a:09:02:2d:08:02:
         84:74:db:2e:88:68:70:a5:4f:ed:1f:de:ba:c9:8c:9f:66:9e:
         3e:20:e7:8b:fd:75:49:16:f1:65:30:3b:48:f8:8d:79:10:68:
         0e:0d:28:96:80:6d:80:46:56:3c:62:e1:e4:43:7b:27:05:52:
         9a:01:12:1e:df:7e:7c:55:65:7b:a5:20:23:90:0a:96:d3:c3:
         7e:81:a2:ed:78:07:59:9d:38:f4:ac:97:cd:aa:fb:75:86:63:
         fd:31:a6:79:2e:c5:84:cf:dd:75:44:92:64:e7:1d:85:80:74:
         1e:32:ec:22:26:ba:8a:11:21:fe:96:0e:4d:e0:27:f4:03:16:
         e3:6b:c1:19:9f:6d:88:fb:03:7c:83:2c:74:fa:8d:3a:81:50:
         74:e9:d1:43:4f:6b:4e:f0:d1:fd:45:4c:2e:d8:5f:aa:19:39:
         f8:a5:a0:b9:ff:1e:33:4b:de:29:21:0c:20:b7:66:fb:55:96:
         da:84:16:85
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYXyWrQUGeQJKZ73u//vJTTlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YTYzMzU5ZTg0ZTAwYzBmOWUyYTIwM2VhZDI3ODFhMjZk
OTA0ZTYwHhcNMjMwMTI3MDgzMTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTZhNGEyYWM1NjhlNzBkODk2NDRiZDA5ZjE5OTYzMGEwMjMyYmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTVBB5qQFpnwfD6RJmBSx7cO3Jcc
EJ3ZQjab8CMMBkfjJR+qm68GCDcTBdiqPcJrRZ9muSdu1ZMZLlAHiviaW5Dwqfv4
oo28KJnGEhuGTTUsu7PIzpA8jyGl8sWc6wCVQSLsKVPlui22moWGBJBrOr9ynCK5
W/Axmk88wLSo+4XxSNlx4L0/GK4XnXH5w9iZ8dh13JJxsBs2boLhgWSsSWwd6zTl
81IDTA12/Vvjcgn4rOZbROkTZzbPtBlgV/gaSk6VHhYw4mDa16LZcT9AWxIqDqQv
dORXLyipN5FJjyaSz9lZV3ZFi6puFGBxRFDx4QQJ4+MXdDTLl11cAHL8TQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNFqSirFaOcNiWRL0J8ZljCgIyuyMB8GA1UdIwQY
MBaAFBSmM1noTgDA+eKiA+rSeBom2QTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRktZeldlaE9BTUQ1NHFJRDZ0SjRHaWJaQk9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xYjZiMjEtNWViMi00YmY4LWI1NWQt
OWYxNzE1OTdhZTc4LzEvMFdwS0tzVm81dzJKWkV2UW54bVdNS0FqSzdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xYjZiMjEtNWViMi00YmY4LWI1NWQtOWYxNzE1OTdhZTc4
LzEvRktZeldlaE9BTUQ1NHFJRDZ0SjRHaWJaQk9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhPYADAN
BgkqhkiG9w0BAQsFAAOCAQEANX4qBHvu/T/0kHmMOyfHV7mSSM4mreFewcBTFozb
Z7dyYh3dohYPLdKgSBLCYUAsYzfEopnCVKemltzT12FQ0VgWagkCLQgChHTbLoho
cKVP7R/eusmMn2aePiDni/11SRbxZTA7SPiNeRBoDg0oloBtgEZWPGLh5EN7JwVS
mgESHt9+fFVle6UgI5AKltPDfoGi7XgHWZ049KyXzar7dYZj/TGmeS7FhM/ddUSS
ZOcdhYB0HjLsIia6ihEh/pYOTeAn9AMW42vBGZ9tiPsDfIMsdPqNOoFQdOnRQ09r
TvDR/UVMLthfqhk5+KWguf8eM0veKSEMILdm+1WW2oQWhQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:38 2024 by rpki-client on console-fra.rpki-client.org