Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/0vBzU4BZEa3R-Sj06h-d9CahMkk.roa
File:                     0vBzU4BZEa3R-Sj06h-d9CahMkk.roa (raw, json)
Hash identifier:          c9Dvk8uf+s/9GLHV882ZBb/N4m2V0h/HExSA2xktRcU=
Subject key identifier:   D2:F0:73:53:80:59:11:AD:D1:F9:28:F4:EA:1F:9D:F4:26:A1:32:49
Certificate issuer:       /CN=6cc69c3d7030cec19f8fb66e543bde65595708a2
Certificate serial:       018D5AB9C23CCA79C8205052B9E6D20DCDB8
Authority key identifier: 6C:C6:9C:3D:70:30:CE:C1:9F:8F:B6:6E:54:3B:DE:65:59:57:08:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bMacPXAwzsGfj7ZuVDveZVlXCKI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/0vBzU4BZEa3R-Sj06h-d9CahMkk.roa
Signing time:             Tue 30 Jan 2024 14:15:39 +0000
ROA not before:           Tue 30 Jan 2024 14:15:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204033
IP address blocks:        2a13:3d00::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 12 Feb 2024 22:27:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:5a:b9:c2:3c:ca:79:c8:20:50:52:b9:e6:d2:0d:cd:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cc69c3d7030cec19f8fb66e543bde65595708a2
        Validity
            Not Before: Jan 30 14:15:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d2f07353805911add1f928f4ea1f9df426a13249
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:f0:31:f3:53:73:65:de:8c:9a:b2:8c:86:4a:
                    e5:3e:ca:a1:31:2a:5e:f3:14:b7:ad:f0:42:7b:04:
                    c2:a5:a5:99:cd:b0:a5:bd:e6:a8:98:64:8b:01:1a:
                    70:f2:69:06:2e:97:7c:44:b1:8a:48:e4:43:38:98:
                    95:76:b4:a6:7e:90:80:f0:53:5e:85:b4:aa:4a:db:
                    54:cf:09:68:1e:f7:91:b9:e5:ce:4e:99:20:a8:36:
                    a3:55:b5:ce:af:00:9c:45:4e:6f:0f:56:99:da:ab:
                    de:ae:a1:e2:d3:5d:5f:52:4d:71:b8:51:a7:69:97:
                    67:7c:67:91:df:b7:34:5e:7f:45:b7:05:19:7c:0b:
                    5e:a2:1c:99:ea:a6:3b:6a:c6:41:1b:2b:cc:b9:bb:
                    58:61:2d:a7:fe:fc:5e:ae:89:4b:63:68:59:05:ad:
                    34:fc:53:af:c8:ab:4a:e0:64:ce:4b:8d:f7:70:e1:
                    ec:54:58:1c:b6:69:4c:47:13:d3:b5:41:4c:c7:e8:
                    d2:f0:22:8a:ed:47:79:3a:06:b1:19:b0:10:b7:9a:
                    6a:2a:2d:60:f6:c0:f0:d5:c0:0c:c1:bf:46:67:e0:
                    51:bc:09:4d:8a:50:2c:2d:bf:d4:11:92:c4:65:83:
                    5e:be:8f:dc:c6:e7:80:9f:fe:ad:9b:41:f0:e6:fd:
                    02:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:F0:73:53:80:59:11:AD:D1:F9:28:F4:EA:1F:9D:F4:26:A1:32:49
            X509v3 Authority Key Identifier:
                keyid:6C:C6:9C:3D:70:30:CE:C1:9F:8F:B6:6E:54:3B:DE:65:59:57:08:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bMacPXAwzsGfj7ZuVDveZVlXCKI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/0vBzU4BZEa3R-Sj06h-d9CahMkk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/bMacPXAwzsGfj7ZuVDveZVlXCKI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:3d00::/29

    Signature Algorithm: sha256WithRSAEncryption
         5f:5d:6e:a5:65:64:84:6e:9f:63:4e:5c:a4:a8:bf:8d:ea:bf:
         80:23:24:35:e7:78:f7:aa:5a:f2:f9:17:32:d8:81:d4:cb:0c:
         09:00:cf:36:c6:6a:7a:fd:d0:49:0e:da:6c:75:55:2b:88:5b:
         cf:8a:62:f0:92:cb:e3:72:dc:62:0e:81:a3:e1:d8:87:ae:ed:
         59:03:b3:5e:9e:1b:2d:06:af:6e:21:b2:87:8d:69:1f:65:48:
         01:f1:d5:20:9e:a5:26:c0:4b:e5:c6:d8:63:c6:40:3b:c8:24:
         96:57:15:47:14:0c:5a:1d:25:87:6c:f7:c2:68:1a:77:21:4c:
         36:65:e3:78:82:86:ff:24:92:5a:6e:00:ed:fb:2a:40:d2:0a:
         24:17:a0:a4:af:b7:a2:46:32:26:78:02:23:86:3a:86:ed:16:
         76:eb:42:84:82:0e:86:34:88:8d:c8:73:7f:14:db:57:3c:bd:
         d0:12:53:0a:77:ab:a6:1a:a0:82:19:77:3d:4d:39:46:32:0a:
         26:81:11:48:1b:fc:b9:37:a8:7d:46:f0:b2:bf:8c:6b:e8:08:
         89:29:e2:45:64:db:4e:b8:f1:e6:10:5d:18:21:6f:05:a8:f9:
         e6:7d:6a:7d:35:99:6d:13:a8:f3:57:26:c1:3c:fe:23:09:51:
         af:e6:33:9a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY1aucI8ynnIIFBSuebSDc24MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYzY5YzNkNzAzMGNlYzE5ZjhmYjY2ZTU0M2JkZTY1NTk1
NzA4YTIwHhcNMjQwMTMwMTQxNTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmYwNzM1MzgwNTkxMWFkZDFmOTI4ZjRlYTFmOWRmNDI2YTEzMjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofAx81NzZd6MmrKMhkrlPsqhMSpe
8xS3rfBCewTCpaWZzbClveaomGSLARpw8mkGLpd8RLGKSORDOJiVdrSmfpCA8FNe
hbSqSttUzwloHveRueXOTpkgqDajVbXOrwCcRU5vD1aZ2qverqHi011fUk1xuFGn
aZdnfGeR37c0Xn9FtwUZfAteohyZ6qY7asZBGyvMubtYYS2n/vxerolLY2hZBa00
/FOvyKtK4GTOS433cOHsVFgctmlMRxPTtUFMx+jS8CKK7Ud5OgaxGbAQt5pqKi1g
9sDw1cAMwb9GZ+BRvAlNilAsLb/UEZLEZYNevo/cxueAn/6tm0Hw5v0CwwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNLwc1OAWRGt0fko9OofnfQmoTJJMB8GA1UdIwQY
MBaAFGzGnD1wMM7Bn4+2blQ73mVZVwiiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk1hY1BYQXd6c0dmajdadVZEdmVaVmxYQ0tJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85Y2E1OGUtOWUzMi00MjhmLTg0MTEt
MWFlYjZhNGU0NWFkLzEvMHZCelU0QlpFYTNSLVNqMDZoLWQ5Q2FoTWtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85Y2E1OGUtOWUzMi00MjhmLTg0MTEtMWFlYjZhNGU0NWFk
LzEvYk1hY1BYQXd6c0dmajdadVZEdmVaVmxYQ0tJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhM9ADAN
BgkqhkiG9w0BAQsFAAOCAQEAX11upWVkhG6fY05cpKi/jeq/gCMkNed496pa8vkX
MtiB1MsMCQDPNsZqev3QSQ7abHVVK4hbz4pi8JLL43LcYg6Bo+HYh67tWQOzXp4b
LQavbiGyh41pH2VIAfHVIJ6lJsBL5cbYY8ZAO8gkllcVRxQMWh0lh2z3wmgadyFM
NmXjeIKG/ySSWm4A7fsqQNIKJBegpK+3okYyJngCI4Y6hu0WdutChIIOhjSIjchz
fxTbVzy90BJTCnerphqgghl3PU05RjIKJoERSBv8uTeofUbwsr+Ma+gIiSniRWTb
Trjx5hBdGCFvBaj55n1qfTWZbROo81cmwTz+IwlRr+Yzmg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:03 2024 by rpki-client on console-fra.rpki-client.org