Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/KDAejeBFyNyW9DE4Rs1NNw4YaPk.roa
File:                     KDAejeBFyNyW9DE4Rs1NNw4YaPk.roa (raw, json)
Hash identifier:          mK69p1YU87uCMHwZ1wz8WZuNuxZtXvdtTZ9tRnNh/Ok=
Subject key identifier:   28:30:1E:8D:E0:45:C8:DC:96:F4:31:38:46:CD:4D:37:0E:18:68:F9
Certificate issuer:       /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial:       018B8695F33681245D89A6B9370D41B6A058
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/KDAejeBFyNyW9DE4Rs1NNw4YaPk.roa
Signing time:             Tue 31 Oct 2023 16:34:15 +0000
ROA not before:           Tue 31 Oct 2023 16:34:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202044
IP address blocks:        2a13:1880::/31 maxlen: 31
                          2a13:1884::/31 maxlen: 31
                          2a13:1886::/31 maxlen: 31
                          2a13:1882::/31 maxlen: 31

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:31:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:86:95:f3:36:81:24:5d:89:a6:b9:37:0d:41:b6:a0:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
        Validity
            Not Before: Oct 31 16:34:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=28301e8de045c8dc96f4313846cd4d370e1868f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:59:a4:32:75:88:60:da:a8:76:ad:1d:a6:a0:
                    c5:60:d6:2b:f4:a0:3a:bf:4f:e9:f0:16:f4:11:5b:
                    bb:5c:b5:de:9d:d8:7e:6c:1f:9b:18:88:e1:7d:31:
                    4a:39:5a:c4:80:57:71:c3:46:81:7d:b7:03:cf:18:
                    2e:d5:05:84:7e:10:32:eb:d4:7d:39:fc:1d:dc:d3:
                    2f:fc:4b:8f:2e:68:ad:a4:d8:97:c2:57:fe:1f:83:
                    e1:84:e3:73:70:62:b0:74:ba:79:09:c9:78:b9:f0:
                    84:fb:25:77:91:74:8f:6c:f8:ff:e8:93:10:6f:d7:
                    a0:23:1f:83:f6:d8:57:41:92:34:37:9a:d8:e3:8d:
                    d3:d5:fd:12:d0:9c:c7:2f:e9:5c:52:78:60:2c:5c:
                    2f:0f:50:4e:c4:41:59:89:18:a9:5f:16:39:1d:60:
                    31:1f:d0:78:6a:1e:79:4f:1f:e3:89:c0:a3:d4:4d:
                    63:f8:c9:32:50:d5:d1:34:87:c1:bc:8e:3e:e2:6c:
                    2a:4a:dc:98:53:0e:62:c0:52:a0:35:e7:b1:b4:bb:
                    22:88:00:5c:c2:52:ca:27:5c:e6:7f:5f:95:01:38:
                    7d:d3:2e:85:85:88:b5:d3:ec:d4:82:84:41:77:93:
                    8e:f1:fa:be:2b:5b:cf:91:c0:2c:e2:ff:a2:65:ff:
                    6b:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:30:1E:8D:E0:45:C8:DC:96:F4:31:38:46:CD:4D:37:0E:18:68:F9
            X509v3 Authority Key Identifier:
                keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/KDAejeBFyNyW9DE4Rs1NNw4YaPk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:1880::/29

    Signature Algorithm: sha256WithRSAEncryption
         a6:d0:b9:97:d1:40:04:1a:62:99:f8:07:f3:b1:87:5a:09:0a:
         36:42:ee:65:3b:2f:64:15:86:67:9a:bb:d6:b1:bb:20:be:7e:
         5c:4d:7e:56:69:fa:99:86:df:a8:1d:75:e1:c6:66:52:0b:96:
         d3:1d:14:c0:ff:76:66:bc:9f:2f:e8:8a:b9:2f:e8:45:0f:09:
         3c:ab:7c:55:f5:13:63:63:ed:b0:d0:a9:ba:41:85:4d:9f:ed:
         b9:ee:5c:b6:50:2d:2b:56:9c:ef:d2:24:8d:94:03:21:dd:6f:
         42:0d:40:3f:3d:aa:cc:8e:6f:4d:0e:a4:55:86:68:c2:bd:22:
         69:1b:c7:ad:eb:35:69:c7:b2:24:ce:38:e6:f8:17:25:06:80:
         2c:7b:14:71:5a:ed:85:ce:46:cd:60:d4:eb:4c:b5:29:73:34:
         4b:45:16:a7:d3:29:88:b7:2d:89:5c:5e:ae:55:df:82:a3:93:
         df:4f:29:dc:95:ef:ec:98:22:0c:0e:db:ee:ae:72:f7:8b:63:
         be:cf:9b:3e:19:43:bd:31:21:d1:f1:fb:03:f5:6d:5c:b9:f7:
         77:de:d8:f0:2c:66:6d:ca:f7:e3:fb:c8:28:9f:5e:b4:6e:50:
         6b:71:dd:09:64:85:e7:f3:dc:23:db:d3:94:c7:3f:a6:d1:4c:
         45:ca:81:dc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYuGlfM2gSRdiaa5Nw1BtqBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjMxMDMxMTYzNDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODMwMWU4ZGUwNDVjOGRjOTZmNDMxMzg0NmNkNGQzNzBlMTg2OGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVmkMnWIYNqodq0dpqDFYNYr9KA6
v0/p8Bb0EVu7XLXendh+bB+bGIjhfTFKOVrEgFdxw0aBfbcDzxgu1QWEfhAy69R9
Ofwd3NMv/EuPLmitpNiXwlf+H4PhhONzcGKwdLp5Ccl4ufCE+yV3kXSPbPj/6JMQ
b9egIx+D9thXQZI0N5rY443T1f0S0JzHL+lcUnhgLFwvD1BOxEFZiRipXxY5HWAx
H9B4ah55Tx/jicCj1E1j+MkyUNXRNIfBvI4+4mwqStyYUw5iwFKgNeextLsiiABc
wlLKJ1zmf1+VATh90y6FhYi10+zUgoRBd5OO8fq+K1vPkcAs4v+iZf9rmQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCgwHo3gRcjclvQxOEbNTTcOGGj5MB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvS0RBZWplQkZ5TnlXOURFNFJzMU5OdzRZYVBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhMYgDAN
BgkqhkiG9w0BAQsFAAOCAQEAptC5l9FABBpimfgH87GHWgkKNkLuZTsvZBWGZ5q7
1rG7IL5+XE1+Vmn6mYbfqB114cZmUguW0x0UwP92ZryfL+iKuS/oRQ8JPKt8VfUT
Y2PtsNCpukGFTZ/tue5ctlAtK1ac79IkjZQDId1vQg1APz2qzI5vTQ6kVYZowr0i
aRvHres1aceyJM445vgXJQaALHsUcVrthc5GzWDU60y1KXM0S0UWp9MpiLctiVxe
rlXfgqOT308p3JXv7JgiDA7b7q5y94tjvs+bPhlDvTEh0fH7A/VtXLn3d97Y8Cxm
bcr34/vIKJ9etG5Qa3HdCWSF5/PcI9vTlMc/ptFMRcqB3A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:04 2024 by rpki-client on console-ams.rpki-client.org