Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/4q0AyhlF99WT9MXaYhP1kR-pyTM.roa
File:                     4q0AyhlF99WT9MXaYhP1kR-pyTM.roa (raw, json)
Hash identifier:          1V5NOVt8W6sSovCUqe0RvTlrUmMG/7RSIuvsHDoQesk=
Subject key identifier:   E2:AD:00:CA:19:45:F7:D5:93:F4:C5:DA:62:13:F5:91:1F:A9:C9:33
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018EA56CA7BF1AFB20DF4154AAD0A1525CF5
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/4q0AyhlF99WT9MXaYhP1kR-pyTM.roa
Signing time:             Wed 03 Apr 2024 19:25:45 +0000
ROA not before:           Wed 03 Apr 2024 19:25:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     213220
IP address blocks:        2a13:ba81::/32 maxlen: 32

Validation:               Failed, certificate revoked on Sat 06 Apr 2024 18:50:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:a5:6c:a7:bf:1a:fb:20:df:41:54:aa:d0:a1:52:5c:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Apr  3 19:25:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e2ad00ca1945f7d593f4c5da6213f5911fa9c933
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:80:ae:df:b8:cd:0d:85:2e:30:5a:fd:1f:1f:
                    15:38:c6:85:0f:f0:fc:8f:1b:58:c1:9e:9c:20:07:
                    02:66:01:13:06:fd:fe:e7:69:1c:9c:47:d7:ee:fa:
                    c2:95:3c:b2:53:2e:fd:0e:a5:ed:d8:c9:91:b7:3a:
                    2d:8e:e9:82:d2:75:4b:10:f9:e3:7a:34:4a:74:8d:
                    72:a6:17:76:7f:19:d0:1b:10:00:e5:10:49:64:dd:
                    c3:40:4d:0e:95:18:5c:01:ab:a6:fd:df:95:60:86:
                    20:a1:03:bf:f8:8a:0e:5d:03:2e:86:15:c2:aa:2c:
                    8d:7c:80:61:61:e4:cf:4a:3f:e6:06:2b:e4:3f:6a:
                    7d:59:d1:17:ee:3e:9d:9d:2c:ad:22:03:a4:22:cf:
                    f2:1e:23:c8:d3:ca:d7:7c:64:fb:43:b1:1b:89:39:
                    57:81:8c:4a:bd:9d:c4:bb:8f:de:f1:35:35:32:cb:
                    9b:08:5e:2c:cc:7d:d3:b0:1e:18:e3:26:54:6d:3a:
                    4b:d6:92:b5:fb:16:92:cf:ce:b9:b3:4c:e4:46:ae:
                    e2:ca:52:e1:b7:22:4a:61:be:9a:84:ce:2d:0b:52:
                    dd:28:91:e9:69:31:cd:c7:b7:1c:ff:18:fe:6b:a2:
                    44:e1:6b:40:31:dd:12:4d:3c:6b:3a:ed:f2:36:06:
                    3a:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:AD:00:CA:19:45:F7:D5:93:F4:C5:DA:62:13:F5:91:1F:A9:C9:33
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/4q0AyhlF99WT9MXaYhP1kR-pyTM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:ba81::/32

    Signature Algorithm: sha256WithRSAEncryption
         91:7f:43:c4:82:55:0e:53:ed:86:67:ad:84:e3:7b:7a:1e:c3:
         47:fa:e8:2d:ed:5a:e2:a4:aa:9a:47:2a:31:d9:7e:14:b2:0c:
         90:94:45:88:9a:52:2a:8f:0c:12:03:d9:67:f6:5f:e4:86:2c:
         84:c8:d4:07:2b:d5:e4:b5:d4:66:48:d8:b3:26:12:fe:1f:e4:
         73:ae:43:2e:ed:f9:1e:c4:c7:45:af:62:97:42:77:25:06:2d:
         02:39:16:2f:68:da:a1:91:16:56:db:c4:20:bb:55:3c:58:af:
         7f:aa:e8:1e:46:e4:66:8e:8b:93:ad:e0:4f:c0:9e:1d:21:cf:
         23:95:d0:2d:42:4b:76:f6:8a:63:bc:24:12:6b:e0:d1:2e:0c:
         9b:26:89:cd:e6:55:d5:22:80:95:9d:d9:19:e7:9e:05:fc:88:
         2f:71:3c:71:cb:bd:6f:f0:8d:84:f5:11:3f:cc:9b:cc:07:11:
         25:9a:3d:d8:3d:4a:06:bc:15:26:0c:4c:94:17:fd:f2:a0:31:
         35:9f:0c:5b:01:87:73:85:14:06:49:88:a9:36:eb:29:8d:00:
         90:e6:5a:89:15:ec:11:1e:21:37:e4:38:4f:4b:b7:cc:bc:a1:
         ad:81:4e:e8:00:c4:3b:1b:1c:3b:6d:59:f3:fa:c2:f2:82:e4:
         0d:3d:34:b4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY6lbKe/Gvsg30FUqtChUlz1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwNDAzMTkyNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmFkMDBjYTE5NDVmN2Q1OTNmNGM1ZGE2MjEzZjU5MTFmYTljOTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoCu37jNDYUuMFr9Hx8VOMaFD/D8
jxtYwZ6cIAcCZgETBv3+52kcnEfX7vrClTyyUy79DqXt2MmRtzotjumC0nVLEPnj
ejRKdI1yphd2fxnQGxAA5RBJZN3DQE0OlRhcAaum/d+VYIYgoQO/+IoOXQMuhhXC
qiyNfIBhYeTPSj/mBivkP2p9WdEX7j6dnSytIgOkIs/yHiPI08rXfGT7Q7EbiTlX
gYxKvZ3Eu4/e8TU1MsubCF4szH3TsB4Y4yZUbTpL1pK1+xaSz865s0zkRq7iylLh
tyJKYb6ahM4tC1LdKJHpaTHNx7cc/xj+a6JE4WtAMd0STTxrOu3yNgY6JwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOKtAMoZRffVk/TF2mIT9ZEfqckzMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvNHEwQXlobEY5OVdUOU1YYVloUDFrUi1weVRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhO6gTAN
BgkqhkiG9w0BAQsFAAOCAQEAkX9DxIJVDlPthmethON7eh7DR/roLe1a4qSqmkcq
Mdl+FLIMkJRFiJpSKo8MEgPZZ/Zf5IYshMjUByvV5LXUZkjYsyYS/h/kc65DLu35
HsTHRa9il0J3JQYtAjkWL2jaoZEWVtvEILtVPFivf6roHkbkZo6Lk63gT8CeHSHP
I5XQLUJLdvaKY7wkEmvg0S4MmyaJzeZV1SKAlZ3ZGeeeBfyIL3E8ccu9b/CNhPUR
P8ybzAcRJZo92D1KBrwVJgxMlBf98qAxNZ8MWwGHc4UUBkmIqTbrKY0AkOZaiRXs
ER4hN+Q4T0u3zLyhrYFO6ADEOxscO21Z8/rC8oLkDT00tA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org