Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/060268-4894-4eb3-b971-0089f3b8212a/1/aZ7sKQqY-IIsQPSb5CDO9N5TZUI.roa
File:                     aZ7sKQqY-IIsQPSb5CDO9N5TZUI.roa (raw, json)
Hash identifier:          ZtXcw9r4zRsJWX4XGCFSD5O6jgAnEix/OqpHGyUavTI=
Subject key identifier:   69:9E:EC:29:0A:98:F8:82:2C:40:F4:9B:E4:20:CE:F4:DE:53:65:42
Certificate issuer:       /CN=853654f19a88c501e4aa07a8bfc173e91e9ca16a
Certificate serial:       018781188CF181F11557E1B22846CC4706DC
Authority key identifier: 85:36:54:F1:9A:88:C5:01:E4:AA:07:A8:BF:C1:73:E9:1E:9C:A1:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTZU8ZqIxQHkqgeov8Fz6R6coWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/060268-4894-4eb3-b971-0089f3b8212a/1/aZ7sKQqY-IIsQPSb5CDO9N5TZUI.roa
Signing time:             Fri 14 Apr 2023 18:48:02 +0000
ROA not before:           Fri 14 Apr 2023 18:48:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203355
IP address blocks:        2a13:1f80::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 20 Dec 2023 19:45:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:81:18:8c:f1:81:f1:15:57:e1:b2:28:46:cc:47:06:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=853654f19a88c501e4aa07a8bfc173e91e9ca16a
        Validity
            Not Before: Apr 14 18:48:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=699eec290a98f8822c40f49be420cef4de536542
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:7e:71:3d:fc:bb:59:14:ae:e7:c8:a3:6c:23:
                    ed:49:3f:b5:8d:e5:2a:6f:cd:93:a7:3f:9c:ce:83:
                    a6:37:2e:2f:69:02:bb:02:cc:39:ca:4f:3e:d3:be:
                    f0:de:49:52:67:b6:be:4a:d6:1c:65:4d:ef:c7:20:
                    17:c9:37:a6:2d:5b:00:8d:c2:f3:10:0f:32:5a:b1:
                    cd:bb:03:59:2f:b0:d8:17:2d:58:f6:ad:a4:2a:4f:
                    0d:89:3b:ef:b9:78:4b:16:cd:f4:c9:c8:46:e1:7d:
                    db:38:c2:11:52:65:bc:bc:5d:07:20:d5:61:1e:34:
                    60:55:4e:e4:a2:e3:e8:b7:49:9e:ec:6b:52:0e:ba:
                    32:b8:3a:3b:f2:56:f6:24:09:30:96:1b:62:d5:05:
                    99:77:1d:03:00:33:f4:48:c7:16:c3:c3:51:ce:7a:
                    f7:c3:a5:29:66:07:ae:62:28:c6:87:0c:8d:9e:5b:
                    67:48:ac:1b:6b:3f:59:6a:cf:ff:a1:58:fa:54:9d:
                    ea:f2:9c:06:82:36:79:d3:bb:9f:7b:fd:c0:fa:87:
                    c9:56:91:cb:93:95:02:94:52:e7:a8:d4:5f:ba:b6:
                    cb:93:4c:4b:d9:c8:b4:92:42:69:a6:2d:8d:93:01:
                    13:53:57:ee:42:37:a1:40:94:41:d5:96:80:ab:69:
                    09:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:9E:EC:29:0A:98:F8:82:2C:40:F4:9B:E4:20:CE:F4:DE:53:65:42
            X509v3 Authority Key Identifier:
                keyid:85:36:54:F1:9A:88:C5:01:E4:AA:07:A8:BF:C1:73:E9:1E:9C:A1:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTZU8ZqIxQHkqgeov8Fz6R6coWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/060268-4894-4eb3-b971-0089f3b8212a/1/aZ7sKQqY-IIsQPSb5CDO9N5TZUI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/060268-4894-4eb3-b971-0089f3b8212a/1/hTZU8ZqIxQHkqgeov8Fz6R6coWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:1f80::/48

    Signature Algorithm: sha256WithRSAEncryption
         9d:cf:a9:ac:1c:fa:69:37:3d:a8:df:d6:e6:d9:8d:4a:d4:9e:
         10:50:42:ab:cb:22:0b:2e:66:96:ca:3d:d2:1e:ec:36:fb:85:
         fb:7b:cb:c5:be:2f:ee:07:f4:ad:00:e3:f0:c9:88:7e:fc:81:
         2e:63:fc:98:d8:db:11:9f:98:22:1c:c7:eb:3b:02:bd:e9:83:
         47:52:20:5b:82:e9:fc:70:2a:44:0c:9b:08:f5:0b:25:8b:ed:
         84:fc:b1:32:42:41:a8:a9:0b:42:ac:fe:70:9c:7b:51:52:8f:
         68:6d:46:70:7d:d0:fe:d1:67:25:c0:b6:76:90:c6:07:a3:56:
         b9:39:75:bf:99:ab:de:20:8b:79:e4:3d:4b:8f:03:a5:59:a2:
         11:ca:e8:fc:3b:92:de:af:b4:cf:d2:c2:80:e6:d2:91:60:07:
         5c:33:71:10:fc:28:51:8a:b4:ea:e7:c6:72:74:af:d9:08:30:
         e1:33:11:7f:ec:71:c8:39:7b:3b:c9:ea:bd:05:af:fc:2d:a7:
         c0:32:d6:f5:3d:13:cc:89:54:cf:cf:de:88:2e:5f:99:4f:0a:
         5c:d0:06:92:e9:8b:04:ce:be:bd:f6:27:bd:f8:47:60:8b:a4:
         57:98:4c:e1:18:a8:71:5e:28:ee:b9:08:9c:0e:58:d2:d1:bb:
         da:7d:6d:0e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYeBGIzxgfEVV+GyKEbMRwbcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzY1NGYxOWE4OGM1MDFlNGFhMDdhOGJmYzE3M2U5MWU5
Y2ExNmEwHhcNMjMwNDE0MTg0ODAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTllZWMyOTBhOThmODgyMmM0MGY0OWJlNDIwY2VmNGRlNTM2NTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA035xPfy7WRSu58ijbCPtST+1jeUq
b82Tpz+czoOmNy4vaQK7Asw5yk8+077w3klSZ7a+StYcZU3vxyAXyTemLVsAjcLz
EA8yWrHNuwNZL7DYFy1Y9q2kKk8NiTvvuXhLFs30ychG4X3bOMIRUmW8vF0HINVh
HjRgVU7kouPot0me7GtSDroyuDo78lb2JAkwlhti1QWZdx0DADP0SMcWw8NRznr3
w6UpZgeuYijGhwyNnltnSKwbaz9Zas//oVj6VJ3q8pwGgjZ507ufe/3A+ofJVpHL
k5UClFLnqNRfurbLk0xL2ci0kkJppi2NkwETU1fuQjehQJRB1ZaAq2kJ1QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGme7CkKmPiCLED0m+QgzvTeU2VCMB8GA1UdIwQY
MBaAFIU2VPGaiMUB5KoHqL/Bc+kenKFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRaVThacUl4UUhrcWdlb3Y4Rno2UjZjb1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8wNjAyNjgtNDg5NC00ZWIzLWI5NzEt
MDA4OWYzYjgyMTJhLzEvYVo3c0tRcVktSUlzUVBTYjVDRE85TjVUWlVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8wNjAyNjgtNDg5NC00ZWIzLWI5NzEtMDA4OWYzYjgyMTJh
LzEvaFRaVThacUl4UUhrcWdlb3Y4Rno2UjZjb1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhMfgAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCdz6msHPppNz2o39bm2Y1K1J4QUEKryyILLmaW
yj3SHuw2+4X7e8vFvi/uB/StAOPwyYh+/IEuY/yY2NsRn5giHMfrOwK96YNHUiBb
gun8cCpEDJsI9Qsli+2E/LEyQkGoqQtCrP5wnHtRUo9obUZwfdD+0WclwLZ2kMYH
o1a5OXW/maveIIt55D1LjwOlWaIRyuj8O5Ler7TP0sKA5tKRYAdcM3EQ/ChRirTq
58ZydK/ZCDDhMxF/7HHIOXs7yeq9Ba/8LafAMtb1PRPMiVTPz96ILl+ZTwpc0AaS
6YsEzr699ie9+Edgi6RXmEzhGKhxXijuuQicDljS0bvafW0O
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:46 2024 by rpki-client on console-ams.rpki-client.org