Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/YUZpaDCbyPcqWVWtx5MB4YE2VaE.roa
File:                     YUZpaDCbyPcqWVWtx5MB4YE2VaE.roa (raw, json)
Hash identifier:          /vufoeIupALma4I2Rw1q3myS7J3oZ+Fe5nxERMxeMys=
Subject key identifier:   61:46:69:68:30:9B:C8:F7:2A:59:55:AD:C7:93:01:E1:81:36:55:A1
Certificate issuer:       /CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
Certificate serial:       0186CB1FEF9C3B84C15405778C8B85F7DA4D
Authority key identifier: 88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/YUZpaDCbyPcqWVWtx5MB4YE2VaE.roa
Signing time:             Fri 10 Mar 2023 10:45:13 +0000
ROA not before:           Fri 10 Mar 2023 10:45:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        2a13:27c0:10::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:31:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:cb:1f:ef:9c:3b:84:c1:54:05:77:8c:8b:85:f7:da:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
        Validity
            Not Before: Mar 10 10:45:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=61466968309bc8f72a5955adc79301e1813655a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:ed:98:24:64:56:c8:05:d7:29:a7:a4:d3:48:
                    6d:af:11:b9:ef:68:23:b5:5a:17:71:89:ad:c7:74:
                    fa:34:51:41:d2:b5:b0:9b:08:24:0e:7f:30:0b:4d:
                    f7:d9:2f:e1:c4:1d:04:28:57:8f:c0:a8:17:ef:b1:
                    d2:e1:2d:db:56:a8:81:56:d2:62:1c:a1:c9:61:eb:
                    96:0d:4d:f4:df:6a:7a:58:3a:06:95:07:c1:19:07:
                    43:9b:0c:61:0b:d4:5c:97:b1:67:af:d6:3f:ac:11:
                    c7:c1:9d:dc:22:02:45:79:74:d9:b2:13:c9:bd:97:
                    52:73:42:51:f3:28:50:0b:f5:23:a4:6a:47:a5:b7:
                    be:d1:1d:b3:58:05:b3:df:3c:f2:14:27:aa:1f:66:
                    38:7e:04:8b:90:09:70:5b:1f:32:7a:72:bd:49:c8:
                    88:c8:68:80:c4:47:59:59:73:d3:7b:eb:39:ee:a8:
                    36:b3:8f:21:7e:c5:c0:bb:41:41:58:e0:4f:fc:93:
                    24:2e:d8:35:95:d6:1a:c6:11:e2:d6:76:38:34:a7:
                    c1:7f:d2:91:8d:56:11:59:4f:f9:c7:35:69:85:4f:
                    6c:4f:89:7a:82:00:98:14:b7:21:6b:c7:ac:6f:dc:
                    31:03:79:7d:18:da:d4:89:e5:33:18:f5:0f:4d:2b:
                    30:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:46:69:68:30:9B:C8:F7:2A:59:55:AD:C7:93:01:E1:81:36:55:A1
            X509v3 Authority Key Identifier:
                keyid:88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/YUZpaDCbyPcqWVWtx5MB4YE2VaE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:27c0:10::/44

    Signature Algorithm: sha256WithRSAEncryption
         6d:9a:dc:5d:e7:31:72:77:3c:84:d3:09:8d:fd:00:7f:52:7a:
         31:25:35:c5:ae:d1:e7:68:a2:83:dc:f9:27:8c:3c:df:1f:02:
         92:03:12:cd:8e:5c:28:e7:0f:7d:38:18:6c:8d:33:09:89:14:
         4f:93:aa:de:59:8d:c8:52:78:53:98:ed:6c:89:19:26:c9:32:
         3c:45:68:50:ef:64:e9:c1:27:1b:c1:81:d6:aa:5e:35:ec:38:
         fd:92:79:30:5e:fc:af:7f:8e:7d:93:a4:a8:a9:fa:d6:4f:2d:
         6c:e1:4f:f0:12:64:81:3b:71:67:ba:6e:af:b1:8b:c1:87:c5:
         0b:d3:8c:16:ee:a7:45:4e:02:c6:d5:77:7d:e3:7b:c2:b8:ab:
         eb:1f:41:49:a4:12:5d:0d:27:f7:76:01:88:02:61:e6:08:26:
         a8:b2:a2:24:41:fd:cb:37:19:73:5d:b1:e2:fc:3d:d9:65:99:
         0e:fa:f7:41:55:e1:c4:7e:61:66:b4:3f:f1:1d:d2:7f:44:e1:
         eb:c2:8b:a8:2d:50:60:85:80:1e:dc:90:9f:3e:95:84:c6:fd:
         92:c0:12:8d:2d:8d:79:be:07:71:46:24:c7:df:c1:44:63:1d:
         dd:91:80:22:10:a2:5a:1f:ec:d0:b6:5d:3a:c1:94:97:33:01:
         90:4c:0d:e6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYbLH++cO4TBVAV3jIuF99pNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTdhYWZlYzYxYzNhNmIwMjRiNmE5ZjU0ZmZiNzY0Y2Ez
ZGY5MjIwHhcNMjMwMzEwMTA0NTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTQ2Njk2ODMwOWJjOGY3MmE1OTU1YWRjNzkzMDFlMTgxMzY1NWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAku2YJGRWyAXXKaek00htrxG572gj
tVoXcYmtx3T6NFFB0rWwmwgkDn8wC0332S/hxB0EKFePwKgX77HS4S3bVqiBVtJi
HKHJYeuWDU3032p6WDoGlQfBGQdDmwxhC9Rcl7Fnr9Y/rBHHwZ3cIgJFeXTZshPJ
vZdSc0JR8yhQC/UjpGpHpbe+0R2zWAWz3zzyFCeqH2Y4fgSLkAlwWx8yenK9SciI
yGiAxEdZWXPTe+s57qg2s48hfsXAu0FBWOBP/JMkLtg1ldYaxhHi1nY4NKfBf9KR
jVYRWU/5xzVphU9sT4l6ggCYFLcha8esb9wxA3l9GNrUieUzGPUPTSswowIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGFGaWgwm8j3KllVrceTAeGBNlWhMB8GA1UdIwQY
MBaAFIgXqv7GHDprAktqn1T/t2TKPfkiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJlcV9zWWNPbXNDUzJxZlZQLTNaTW85LVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9mZTJkNzItYzJkZC00NmMxLTk0Mjkt
ZTY2MzY5NjQ5NDExLzEvWVVacGFEQ2J5UGNxV1ZXdHg1TUI0WUUyVmFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9mZTJkNzItYzJkZC00NmMxLTk0MjktZTY2MzY5NjQ5NDEx
LzEvaUJlcV9zWWNPbXNDUzJxZlZQLTNaTW85LVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhMnwAAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBtmtxd5zFydzyE0wmN/QB/UnoxJTXFrtHnaKKD
3PknjDzfHwKSAxLNjlwo5w99OBhsjTMJiRRPk6reWY3IUnhTmO1siRkmyTI8RWhQ
72TpwScbwYHWql417Dj9knkwXvyvf459k6SoqfrWTy1s4U/wEmSBO3Fnum6vsYvB
h8UL04wW7qdFTgLG1Xd943vCuKvrH0FJpBJdDSf3dgGIAmHmCCaosqIkQf3LNxlz
XbHi/D3ZZZkO+vdBVeHEfmFmtD/xHdJ/ROHrwouoLVBghYAe3JCfPpWExv2SwBKN
LY15vgdxRiTH38FEYx3dkYAiEKJaH+zQtl06wZSXMwGQTA3m
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:59 2024 by rpki-client on console-ams.rpki-client.org