Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/chRLgh-BzOkR1x3o8OBFpBBwRps.roa
File:                     chRLgh-BzOkR1x3o8OBFpBBwRps.roa (raw, json)
Hash identifier:          RQRyU/YA+yOLgpETYS1eim4s9jTHgqlkYmITjE3VwSU=
Subject key identifier:   72:14:4B:82:1F:81:CC:E9:11:D7:1D:E8:F0:E0:45:A4:10:70:46:9B
Certificate issuer:       /CN=cff5dc76eb6f814ed601568fdd2c8110edef8c17
Certificate serial:       018EA876A476B4E2DA8ECAB7CF5E698041ED
Authority key identifier: CF:F5:DC:76:EB:6F:81:4E:D6:01:56:8F:DD:2C:81:10:ED:EF:8C:17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z_XcdutvgU7WAVaP3SyBEO3vjBc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/chRLgh-BzOkR1x3o8OBFpBBwRps.roa
Signing time:             Thu 04 Apr 2024 09:35:31 +0000
ROA not before:           Thu 04 Apr 2024 09:35:31 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60504
IP address blocks:        2a13:82c0::/32 maxlen: 32
                          2a13:82c1::/32 maxlen: 32
                          2a13:82c2::/32 maxlen: 32
                          2a13:82c3::/32 maxlen: 32
                          2a13:82c4:1::/48 maxlen: 48
                          2a13:82c4:2::/48 maxlen: 48
                          2a13:82c4:3::/48 maxlen: 48
                          2a13:82c7::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 22 May 2024 13:56:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:a8:76:a4:76:b4:e2:da:8e:ca:b7:cf:5e:69:80:41:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cff5dc76eb6f814ed601568fdd2c8110edef8c17
        Validity
            Not Before: Apr  4 09:35:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=72144b821f81cce911d71de8f0e045a41070469b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:21:54:d6:99:fa:a6:07:0a:67:c5:05:c3:cd:
                    d8:5f:d7:bf:5e:15:97:eb:ee:08:ac:21:d4:ba:1b:
                    8c:1d:a2:ad:8c:2c:55:70:48:dc:cb:a6:7a:df:e1:
                    fe:2b:d6:ff:6c:68:aa:0e:81:d6:cc:b6:dd:0f:9d:
                    a7:38:f8:e4:93:6a:55:ca:e8:b9:31:dc:86:a4:0a:
                    be:d7:24:d4:31:36:68:e1:fb:f4:ff:9f:82:21:72:
                    7b:db:28:08:bc:35:c9:87:da:e7:ae:18:6a:67:32:
                    26:e1:05:43:bc:8b:ea:fc:47:a6:38:a2:58:f6:8e:
                    19:ee:bc:8a:78:e2:55:ca:3d:55:14:19:ba:83:55:
                    f7:8c:0c:91:60:cb:13:cc:a4:12:cb:4d:45:c5:a6:
                    a9:8c:97:43:de:84:56:2b:60:96:76:b7:7b:ef:8b:
                    f4:00:35:66:ff:29:09:26:d2:f7:b5:ca:93:cf:e6:
                    7d:31:9a:6e:f9:a2:c3:ef:9e:78:23:e4:2c:65:51:
                    2c:66:be:6f:75:e6:73:c4:44:87:36:a1:d1:c2:bb:
                    87:3a:a5:db:93:7f:0f:4f:2e:e4:9c:dc:75:2f:00:
                    70:a3:7f:91:50:44:d6:0d:e6:91:49:6d:34:ad:c5:
                    b6:34:e7:83:83:7e:bf:d4:36:3e:a1:cc:0c:da:2e:
                    0d:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:14:4B:82:1F:81:CC:E9:11:D7:1D:E8:F0:E0:45:A4:10:70:46:9B
            X509v3 Authority Key Identifier:
                keyid:CF:F5:DC:76:EB:6F:81:4E:D6:01:56:8F:DD:2C:81:10:ED:EF:8C:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z_XcdutvgU7WAVaP3SyBEO3vjBc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/chRLgh-BzOkR1x3o8OBFpBBwRps.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/z_XcdutvgU7WAVaP3SyBEO3vjBc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:82c0::/30
                  2a13:82c4:1::-2a13:82c4:3:ffff:ffff:ffff:ffff:ffff
                  2a13:82c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         48:95:74:1c:c2:e7:c5:44:a0:0d:90:bc:5e:74:92:d9:ff:79:
         a8:59:5e:a2:d8:8d:ca:c8:67:35:ae:98:1e:9d:bd:a3:55:6e:
         1a:08:45:ce:9c:60:be:1a:2f:a0:cf:7f:c1:ac:0e:4d:ac:4a:
         0e:05:48:28:1f:cb:9b:ac:b9:5c:0c:b8:40:86:fd:43:d6:10:
         07:2a:84:01:84:51:db:19:db:99:6f:bd:3d:b0:d2:8d:e4:5e:
         11:91:d2:9f:e0:87:4f:9a:59:cb:6a:77:c3:b3:2a:73:98:f8:
         2d:86:dd:f2:8e:7c:e8:01:f2:2e:cc:5c:5f:49:b3:aa:a4:26:
         76:54:71:87:a1:43:d5:15:39:02:5c:4c:c4:20:96:3b:13:9c:
         83:58:eb:1c:0d:33:06:33:0e:fe:76:86:d2:a9:21:3a:a9:53:
         b5:09:2c:67:fe:b0:c9:bb:4b:60:6e:13:7f:20:17:73:79:13:
         2c:e6:0b:15:61:8d:1c:29:81:0d:56:21:dd:94:3e:80:c3:d2:
         fd:6a:f0:53:5e:83:22:ee:76:cb:9e:f5:a4:17:2d:09:78:59:
         18:c7:ee:d1:2f:c6:db:e9:a5:8b:a2:da:6e:18:6d:10:f7:ea:
         3d:c8:74:6d:9a:c4:f3:88:a7:14:49:43:59:c9:ba:e5:e0:ed:
         9f:39:da:2f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY6odqR2tOLajsq3z15pgEHtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZjVkYzc2ZWI2ZjgxNGVkNjAxNTY4ZmRkMmM4MTEwZWRl
ZjhjMTcwHhcNMjQwNDA0MDkzNTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjE0NGI4MjFmODFjY2U5MTFkNzFkZThmMGUwNDVhNDEwNzA0NjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiFU1pn6pgcKZ8UFw83YX9e/XhWX
6+4IrCHUuhuMHaKtjCxVcEjcy6Z63+H+K9b/bGiqDoHWzLbdD52nOPjkk2pVyui5
MdyGpAq+1yTUMTZo4fv0/5+CIXJ72ygIvDXJh9rnrhhqZzIm4QVDvIvq/EemOKJY
9o4Z7ryKeOJVyj1VFBm6g1X3jAyRYMsTzKQSy01FxaapjJdD3oRWK2CWdrd774v0
ADVm/ykJJtL3tcqTz+Z9MZpu+aLD7554I+QsZVEsZr5vdeZzxESHNqHRwruHOqXb
k38PTy7knNx1LwBwo3+RUETWDeaRSW00rcW2NOeDg36/1DY+ocwM2i4NpQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHIUS4IfgczpEdcd6PDgRaQQcEabMB8GA1UdIwQY
MBaAFM/13Hbrb4FO1gFWj90sgRDt74wXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvel9YY2R1dHZnVTdXQVZhUDNTeUJFTzN2akJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny84YzBjMDAtNWZjZS00NWNiLWJiYjct
MDFkOWU5ZDMxOTQzLzEvY2hSTGdoLUJ6T2tSMXgzbzhPQkZwQkJ3UnBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny84YzBjMDAtNWZjZS00NWNiLWJiYjctMDFkOWU5ZDMxOTQz
LzEvel9YY2R1dHZnVTdXQVZhUDNTeUJFTzN2akJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAAjAiAwUCKhOCwDAS
AwcAKhOCxAABAwcCKhOCxAAAAwUAKhOCxzANBgkqhkiG9w0BAQsFAAOCAQEASJV0
HMLnxUSgDZC8XnSS2f95qFleotiNyshnNa6YHp29o1VuGghFzpxgvhovoM9/wawO
TaxKDgVIKB/Lm6y5XAy4QIb9Q9YQByqEAYRR2xnbmW+9PbDSjeReEZHSn+CHT5pZ
y2p3w7Mqc5j4LYbd8o586AHyLsxcX0mzqqQmdlRxh6FD1RU5AlxMxCCWOxOcg1jr
HA0zBjMO/naG0qkhOqlTtQksZ/6wybtLYG4TfyAXc3kTLOYLFWGNHCmBDVYh3ZQ+
gMPS/WrwU16DIu52y571pBctCXhZGMfu0S/G2+mli6LabhhtEPfqPch0bZrE84in
FElDWcm65eDtnznaLw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:47 2024 by rpki-client on console-fra.rpki-client.org