Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5d7192-a719-4cd7-994a-62c01dc69cca/1/MnwGS0C-T0gyZzPCFBslREqlnJs.roa
File:                     MnwGS0C-T0gyZzPCFBslREqlnJs.roa (raw, json)
Hash identifier:          l26qDggE0GZwqslQmR+kCEeJt5uswjEheTDO2jz6Tjc=
Subject key identifier:   32:7C:06:4B:40:BE:4F:48:32:67:33:C2:14:1B:25:44:4A:A5:9C:9B
Certificate issuer:       /CN=67ce179cbe13ddb14012985a067100ef98a55601
Certificate serial:       018B82BB0350B14CFF42DBA954549C338300
Authority key identifier: 67:CE:17:9C:BE:13:DD:B1:40:12:98:5A:06:71:00:EF:98:A5:56:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z84XnL4T3bFAEphaBnEA75ilVgE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/5d7192-a719-4cd7-994a-62c01dc69cca/1/MnwGS0C-T0gyZzPCFBslREqlnJs.roa
Signing time:             Mon 30 Oct 2023 22:36:15 +0000
ROA not before:           Mon 30 Oct 2023 22:36:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51345
IP address blocks:        2a13:1c40::/29 maxlen: 48

Validation:               Failed, certificate revoked on Fri 03 Nov 2023 15:32:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:82:bb:03:50:b1:4c:ff:42:db:a9:54:54:9c:33:83:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67ce179cbe13ddb14012985a067100ef98a55601
        Validity
            Not Before: Oct 30 22:36:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=327c064b40be4f48326733c2141b25444aa59c9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:9c:ad:03:96:bf:6c:f7:27:b0:80:86:f2:ea:
                    34:a1:7d:c3:ec:d7:b2:05:71:3b:06:e2:61:a7:10:
                    13:c6:5b:92:57:44:a7:c7:09:70:ba:60:27:62:26:
                    23:29:e9:11:05:f8:95:8a:75:d4:88:2d:45:36:79:
                    94:aa:62:1b:3a:60:14:d6:98:13:22:d6:1d:a9:42:
                    70:b5:f6:a8:b8:12:86:47:c5:d7:83:e9:d6:21:e5:
                    bc:49:b5:b8:de:a6:25:6b:94:14:0d:c8:5f:89:4f:
                    59:34:43:3b:71:b1:6b:85:f0:aa:88:c1:ff:b6:5b:
                    d4:33:b4:42:11:e1:f9:24:94:5a:95:71:66:eb:00:
                    75:4f:ca:53:72:85:4d:ed:e8:20:7e:4a:e1:dd:76:
                    5d:6a:e4:f7:9a:b8:74:f8:68:16:1d:f5:66:93:46:
                    ba:bb:da:37:79:3a:9a:21:66:60:a7:7b:e7:88:8c:
                    b4:2e:27:ca:45:a7:79:0f:32:86:a1:a4:b1:ee:64:
                    15:a2:3f:d0:7a:29:07:f9:2e:17:bc:58:3a:d3:be:
                    cc:27:e6:87:a3:cc:72:1a:8a:e7:04:3f:0e:1a:34:
                    6e:ed:70:69:c8:31:35:d8:67:59:d7:a4:be:e4:9c:
                    58:1b:fd:e8:4b:da:0f:8e:a5:75:fc:ae:98:57:76:
                    d5:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:7C:06:4B:40:BE:4F:48:32:67:33:C2:14:1B:25:44:4A:A5:9C:9B
            X509v3 Authority Key Identifier:
                keyid:67:CE:17:9C:BE:13:DD:B1:40:12:98:5A:06:71:00:EF:98:A5:56:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z84XnL4T3bFAEphaBnEA75ilVgE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5d7192-a719-4cd7-994a-62c01dc69cca/1/MnwGS0C-T0gyZzPCFBslREqlnJs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5d7192-a719-4cd7-994a-62c01dc69cca/1/Z84XnL4T3bFAEphaBnEA75ilVgE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:1c40::/29

    Signature Algorithm: sha256WithRSAEncryption
         4c:00:8e:72:38:81:43:22:0d:f4:49:5c:ae:97:67:de:8a:03:
         88:c3:d9:59:e3:72:1b:f3:3f:63:09:01:46:cb:b0:89:4f:0a:
         3b:db:43:2e:d8:10:25:ff:84:01:55:ac:8f:25:24:07:73:21:
         75:db:c5:94:6f:ca:1e:ff:81:50:03:ae:22:d1:f1:e8:c6:81:
         b8:e2:1e:ea:09:68:81:a0:03:7e:89:24:27:19:6f:18:d4:f6:
         42:ce:69:a6:2f:63:95:61:ed:58:53:0b:eb:c4:af:73:21:71:
         75:d3:57:b6:9b:d6:8e:91:b5:77:35:4b:e8:24:cb:de:12:20:
         f4:06:9b:29:30:8c:c5:d8:95:ea:b3:87:ad:fc:ca:41:48:c0:
         34:ad:28:1f:5c:7e:ad:ca:26:02:dd:b3:a7:96:af:78:ce:25:
         99:10:4c:ab:e3:b3:23:88:c6:57:4a:96:cc:40:8c:32:e8:03:
         5c:9c:40:20:38:07:10:d6:9c:c4:f0:12:8d:66:d7:95:c9:f7:
         4b:7e:74:f3:31:f9:ca:4d:a1:96:80:3e:0c:66:d3:b6:6c:4d:
         13:61:1e:45:0d:6b:b0:45:e9:0e:44:29:c6:74:2f:38:52:b5:
         d7:6f:65:1e:1e:40:45:d4:a6:12:3f:61:04:2e:6c:03:63:49:
         e5:d5:1a:70
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYuCuwNQsUz/QtupVFScM4MAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3Y2UxNzljYmUxM2RkYjE0MDEyOTg1YTA2NzEwMGVmOThh
NTU2MDEwHhcNMjMxMDMwMjIzNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjdjMDY0YjQwYmU0ZjQ4MzI2NzMzYzIxNDFiMjU0NDRhYTU5YzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5ytA5a/bPcnsICG8uo0oX3D7Ney
BXE7BuJhpxATxluSV0SnxwlwumAnYiYjKekRBfiVinXUiC1FNnmUqmIbOmAU1pgT
ItYdqUJwtfaouBKGR8XXg+nWIeW8SbW43qYla5QUDchfiU9ZNEM7cbFrhfCqiMH/
tlvUM7RCEeH5JJRalXFm6wB1T8pTcoVN7eggfkrh3XZdauT3mrh0+GgWHfVmk0a6
u9o3eTqaIWZgp3vniIy0LifKRad5DzKGoaSx7mQVoj/QeikH+S4XvFg6077MJ+aH
o8xyGornBD8OGjRu7XBpyDE12GdZ16S+5JxYG/3oS9oPjqV1/K6YV3bV7wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDJ8BktAvk9IMmczwhQbJURKpZybMB8GA1UdIwQY
MBaAFGfOF5y+E92xQBKYWgZxAO+YpVYBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjg0WG5MNFQzYkZBRXBoYUJuRUE3NWlsVmdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81ZDcxOTItYTcxOS00Y2Q3LTk5NGEt
NjJjMDFkYzY5Y2NhLzEvTW53R1MwQy1UMGd5WnpQQ0ZCc2xSRXFsbkpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81ZDcxOTItYTcxOS00Y2Q3LTk5NGEtNjJjMDFkYzY5Y2Nh
LzEvWjg0WG5MNFQzYkZBRXBoYUJuRUE3NWlsVmdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhMcQDAN
BgkqhkiG9w0BAQsFAAOCAQEATACOcjiBQyIN9Elcrpdn3ooDiMPZWeNyG/M/YwkB
RsuwiU8KO9tDLtgQJf+EAVWsjyUkB3MhddvFlG/KHv+BUAOuItHx6MaBuOIe6glo
gaADfokkJxlvGNT2Qs5ppi9jlWHtWFML68SvcyFxddNXtpvWjpG1dzVL6CTL3hIg
9AabKTCMxdiV6rOHrfzKQUjANK0oH1x+rcomAt2zp5aveM4lmRBMq+OzI4jGV0qW
zECMMugDXJxAIDgHENacxPASjWbXlcn3S3508zH5yk2hloA+DGbTtmxNE2EeRQ1r
sEXpDkQpxnQvOFK1129lHh5ARdSmEj9hBC5sA2NJ5dUacA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:09 2024 by rpki-client on console-ams.rpki-client.org