Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/70e678-8495-46ae-96d7-29c5176902c6/1/I189XyFwCDhUhl2of5xzoNTwGJI.roa
File:                     I189XyFwCDhUhl2of5xzoNTwGJI.roa (raw, json)
Hash identifier:          Gc5XCz35B1/tQK0eA+ylukL1Wq7eianr0bskiRFN3Ec=
Subject key identifier:   23:5F:3D:5F:21:70:08:38:54:86:5D:A8:7F:9C:73:A0:D4:F0:18:92
Certificate issuer:       /CN=8ae4b93feb71dde2823b70c7dbb79e0f99b56c1b
Certificate serial:       01871438E9660FB1036B413773817DD1E959
Authority key identifier: 8A:E4:B9:3F:EB:71:DD:E2:82:3B:70:C7:DB:B7:9E:0F:99:B5:6C:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iuS5P-tx3eKCO3DH27eeD5m1bBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/70e678-8495-46ae-96d7-29c5176902c6/1/I189XyFwCDhUhl2of5xzoNTwGJI.roa
Signing time:             Fri 24 Mar 2023 15:24:46 +0000
ROA not before:           Fri 24 Mar 2023 15:24:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199162
IP address blocks:        2a13:da80::/29 maxlen: 29

Validation:               Failed, certificate revoked on Thu 25 May 2023 09:15:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:14:38:e9:66:0f:b1:03:6b:41:37:73:81:7d:d1:e9:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ae4b93feb71dde2823b70c7dbb79e0f99b56c1b
        Validity
            Not Before: Mar 24 15:24:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=235f3d5f2170083854865da87f9c73a0d4f01892
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:4d:e5:17:ec:99:fe:f6:f2:ee:80:8f:ec:ed:
                    34:dd:83:c5:38:de:ee:8f:eb:33:64:37:43:87:66:
                    d3:7e:e7:9a:88:cc:05:c1:b6:1b:03:7f:21:78:00:
                    3b:d8:f3:5b:50:bc:35:0b:2a:a9:65:ea:59:3f:9d:
                    5b:2e:6a:dd:4e:5f:ac:86:37:c5:0d:0c:08:71:3c:
                    d8:7f:fa:7a:c9:51:21:35:53:6e:a3:a6:78:8c:36:
                    87:f3:4b:7b:dc:c2:4f:a6:7e:f3:e9:89:04:41:f5:
                    90:23:13:f2:2d:bd:ee:c1:7f:9e:60:bb:59:fd:9d:
                    df:c2:a8:89:07:55:6a:6d:32:45:f3:61:6d:66:40:
                    42:21:06:4d:2c:3f:94:0e:1a:1c:5a:29:12:3c:44:
                    3b:94:9b:ae:b1:ae:b1:82:f8:25:b2:bc:6e:5e:4e:
                    07:ad:31:a2:42:32:07:63:cb:4b:46:d0:25:85:1f:
                    4d:d0:7a:52:d1:df:90:2c:d3:1b:1a:a6:45:83:3c:
                    65:db:07:78:b5:23:bc:1c:b4:5f:4f:cc:5e:a5:4c:
                    88:bf:78:77:4d:1d:da:8b:17:41:25:e1:4b:65:61:
                    97:ab:47:1d:47:dd:cb:e8:df:46:35:24:83:f4:6c:
                    05:4b:02:53:5e:e5:23:13:42:e3:82:52:9b:e5:71:
                    b2:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:5F:3D:5F:21:70:08:38:54:86:5D:A8:7F:9C:73:A0:D4:F0:18:92
            X509v3 Authority Key Identifier:
                keyid:8A:E4:B9:3F:EB:71:DD:E2:82:3B:70:C7:DB:B7:9E:0F:99:B5:6C:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iuS5P-tx3eKCO3DH27eeD5m1bBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/70e678-8495-46ae-96d7-29c5176902c6/1/I189XyFwCDhUhl2of5xzoNTwGJI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/70e678-8495-46ae-96d7-29c5176902c6/1/iuS5P-tx3eKCO3DH27eeD5m1bBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:da80::/29

    Signature Algorithm: sha256WithRSAEncryption
         52:4a:8d:38:33:dc:ff:08:09:bd:8e:31:83:3e:22:cb:ba:9a:
         f1:a1:b9:0b:eb:ca:1d:33:13:3a:51:ce:25:61:a7:14:1e:2b:
         c1:90:d3:d6:2f:6f:4e:66:3d:67:c8:d9:ea:7a:8e:2e:d9:a3:
         88:dd:34:e0:b8:92:83:0d:6d:0d:ac:8a:8e:58:c4:fc:be:81:
         72:7e:22:a3:bc:b8:8e:b2:bb:a0:02:b4:b4:15:2b:f0:42:56:
         34:10:e1:5d:71:bf:11:d9:ff:fa:98:15:71:54:7e:78:3a:00:
         43:34:2c:91:08:72:4b:88:34:e6:48:c8:cc:1f:f7:b2:10:57:
         6c:6e:37:97:1b:63:99:ad:2d:ba:6c:9f:8a:e2:c8:08:a7:a4:
         9e:99:6d:15:cc:0b:e3:5d:13:15:53:f9:3c:65:26:2f:5e:e5:
         2f:72:9c:8c:3e:67:7c:ac:b6:74:bb:ee:d3:50:e5:d4:e8:d2:
         ae:08:30:bd:15:23:81:1f:da:4a:40:ab:cb:e3:43:2c:29:f2:
         1c:fc:0d:3f:56:49:18:47:54:90:3a:3a:4d:0b:1a:ea:0e:6d:
         fc:67:a2:ab:23:8e:ff:9e:5a:c6:57:6b:c8:b1:6a:8a:fb:dd:
         08:ff:30:00:d9:d1:da:e7:70:5a:45:7f:3c:73:6a:fa:bf:06:
         69:7a:c3:cc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYcUOOlmD7EDa0E3c4F90elZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZTRiOTNmZWI3MWRkZTI4MjNiNzBjN2RiYjc5ZTBmOTli
NTZjMWIwHhcNMjMwMzI0MTUyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzVmM2Q1ZjIxNzAwODM4NTQ4NjVkYTg3ZjljNzNhMGQ0ZjAxODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArk3lF+yZ/vby7oCP7O003YPFON7u
j+szZDdDh2bTfueaiMwFwbYbA38heAA72PNbULw1CyqpZepZP51bLmrdTl+shjfF
DQwIcTzYf/p6yVEhNVNuo6Z4jDaH80t73MJPpn7z6YkEQfWQIxPyLb3uwX+eYLtZ
/Z3fwqiJB1VqbTJF82FtZkBCIQZNLD+UDhocWikSPEQ7lJuusa6xgvglsrxuXk4H
rTGiQjIHY8tLRtAlhR9N0HpS0d+QLNMbGqZFgzxl2wd4tSO8HLRfT8xepUyIv3h3
TR3aixdBJeFLZWGXq0cdR93L6N9GNSSD9GwFSwJTXuUjE0LjglKb5XGytwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCNfPV8hcAg4VIZdqH+cc6DU8BiSMB8GA1UdIwQY
MBaAFIrkuT/rcd3igjtwx9u3ng+ZtWwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXVTNVAtdHgzZUtDTzNESDI3ZWVENW0xYkJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC83MGU2NzgtODQ5NS00NmFlLTk2ZDct
MjljNTE3NjkwMmM2LzEvSTE4OVh5RndDRGhVaGwyb2Y1eHpvTlR3R0pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC83MGU2NzgtODQ5NS00NmFlLTk2ZDctMjljNTE3NjkwMmM2
LzEvaXVTNVAtdHgzZUtDTzNESDI3ZWVENW0xYkJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPagDAN
BgkqhkiG9w0BAQsFAAOCAQEAUkqNODPc/wgJvY4xgz4iy7qa8aG5C+vKHTMTOlHO
JWGnFB4rwZDT1i9vTmY9Z8jZ6nqOLtmjiN004LiSgw1tDayKjljE/L6Bcn4io7y4
jrK7oAK0tBUr8EJWNBDhXXG/Edn/+pgVcVR+eDoAQzQskQhyS4g05kjIzB/3shBX
bG43lxtjma0tumyfiuLICKeknpltFcwL410TFVP5PGUmL17lL3KcjD5nfKy2dLvu
01Dl1OjSrggwvRUjgR/aSkCry+NDLCnyHPwNP1ZJGEdUkDo6TQsa6g5t/GeiqyOO
/55axldryLFqivvdCP8wANnR2udwWkV/PHNq+r8GaXrDzA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:12 2024 by rpki-client on console-ams.rpki-client.org