Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b35513-ebdb-4550-a7d4-12f9f733dc4f/1/wVXyvvq0JaMYlTxj09DYrlXEWDM.roa
File:                     wVXyvvq0JaMYlTxj09DYrlXEWDM.roa (raw, json)
Hash identifier:          Y710NU/wExcRvK+30ZPfg+VwJJym3Q0oiPxz8AYsKbI=
Subject key identifier:   C1:55:F2:BE:FA:B4:25:A3:18:95:3C:63:D3:D0:D8:AE:55:C4:58:33
Certificate issuer:       /CN=e2636e02f1554f70d971a656849c01bdff138ce8
Certificate serial:       018A5E7ADC138DF41BD1D61F6F47DF40D49D
Authority key identifier: E2:63:6E:02:F1:55:4F:70:D9:71:A6:56:84:9C:01:BD:FF:13:8C:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4mNuAvFVT3DZcaZWhJwBvf8TjOg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/b35513-ebdb-4550-a7d4-12f9f733dc4f/1/wVXyvvq0JaMYlTxj09DYrlXEWDM.roa
Signing time:             Mon 04 Sep 2023 04:37:04 +0000
ROA not before:           Mon 04 Sep 2023 04:37:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202827
IP address blocks:        2a13:89c0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:5e:7a:dc:13:8d:f4:1b:d1:d6:1f:6f:47:df:40:d4:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2636e02f1554f70d971a656849c01bdff138ce8
        Validity
            Not Before: Sep  4 04:37:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c155f2befab425a318953c63d3d0d8ae55c45833
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:1e:4a:b9:28:fa:0d:fe:bc:77:35:3f:3c:e2:
                    61:2f:dc:0d:67:f2:8f:87:5b:23:b2:26:7f:0e:d2:
                    bd:ba:5e:7d:15:fa:aa:1c:46:1d:1d:2e:44:e5:95:
                    d8:7a:b3:fc:be:4c:3e:55:d1:29:c8:76:df:e5:0e:
                    62:96:a4:b7:4f:b8:99:4b:41:0f:8a:d4:d8:4a:ab:
                    21:33:87:24:f4:d3:70:e5:36:e3:9e:75:24:4b:88:
                    c6:da:27:be:d6:39:51:2f:3f:6d:29:7b:7c:ae:51:
                    4d:ec:9d:7e:78:48:a7:dd:f0:85:fd:da:60:32:ea:
                    da:d1:f8:9a:60:bf:73:16:5a:03:e7:ca:c1:c7:53:
                    96:8c:fe:7d:5c:a5:75:e5:fa:60:ad:6a:70:1c:df:
                    c3:6c:5c:3c:98:95:80:06:56:02:3c:3a:e6:3e:76:
                    ad:68:e7:14:7a:af:71:15:47:1d:f2:4c:f4:dc:e9:
                    0e:0f:d5:41:a8:14:ff:b5:f0:ff:8e:64:7b:d9:54:
                    d6:40:6b:73:e8:4f:3b:af:5e:bc:2f:d8:a1:4e:e6:
                    cf:74:98:25:c0:7e:2d:62:2c:51:1f:66:1b:c1:9a:
                    4f:f3:51:31:59:04:48:00:28:7e:3b:23:a2:e1:32:
                    5d:a4:0a:64:31:be:45:c3:26:cc:89:4b:c7:b0:e5:
                    d8:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:55:F2:BE:FA:B4:25:A3:18:95:3C:63:D3:D0:D8:AE:55:C4:58:33
            X509v3 Authority Key Identifier:
                keyid:E2:63:6E:02:F1:55:4F:70:D9:71:A6:56:84:9C:01:BD:FF:13:8C:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4mNuAvFVT3DZcaZWhJwBvf8TjOg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b35513-ebdb-4550-a7d4-12f9f733dc4f/1/wVXyvvq0JaMYlTxj09DYrlXEWDM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b35513-ebdb-4550-a7d4-12f9f733dc4f/1/4mNuAvFVT3DZcaZWhJwBvf8TjOg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:89c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         68:cd:cb:70:45:85:d6:37:e3:1c:1f:54:38:6b:f2:37:d7:4c:
         d5:04:85:de:2b:2f:13:34:99:2c:4a:b6:3c:7c:92:47:1b:02:
         2c:e3:a8:7f:00:db:a7:6e:1c:ad:67:c5:9e:79:97:c4:d7:7e:
         8d:7d:72:65:21:d1:e7:91:59:2f:7b:b9:20:f4:91:ff:f9:3f:
         98:1d:5c:f4:e8:f4:73:7a:ce:69:5a:5a:d2:88:77:98:2c:b4:
         2c:be:9b:b5:29:11:c2:26:32:1d:ae:7f:05:9e:e7:ea:17:21:
         85:7b:ee:7b:6b:95:2f:7b:ee:b7:ce:fc:21:c9:76:fe:45:e6:
         87:2d:01:11:9b:f6:0d:30:25:2d:60:c5:ee:e2:0a:f2:7b:4a:
         ad:1d:de:9e:10:16:e1:dc:4e:c6:d1:82:44:c1:29:75:f5:22:
         dc:7b:a3:e0:18:92:ca:9f:b1:ce:d9:03:32:e3:7f:ff:6b:52:
         6f:44:ad:4b:f7:6d:09:3e:0f:4e:7d:61:69:a7:70:39:ef:40:
         38:3a:99:38:7b:30:11:31:f0:bc:8d:36:93:a4:df:26:b5:ee:
         c6:bb:76:33:41:3b:30:f3:43:bd:0c:17:09:a2:14:bc:1e:f6:
         d6:9d:3f:7e:44:26:c6:e0:19:03:39:ed:75:45:1b:fd:00:f7:
         5d:01:28:aa
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYpeetwTjfQb0dYfb0ffQNSdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNjM2ZTAyZjE1NTRmNzBkOTcxYTY1Njg0OWMwMWJkZmYx
MzhjZTgwHhcNMjMwOTA0MDQzNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTU1ZjJiZWZhYjQyNWEzMTg5NTNjNjNkM2QwZDhhZTU1YzQ1ODMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoR5KuSj6Df68dzU/POJhL9wNZ/KP
h1sjsiZ/DtK9ul59FfqqHEYdHS5E5ZXYerP8vkw+VdEpyHbf5Q5ilqS3T7iZS0EP
itTYSqshM4ck9NNw5TbjnnUkS4jG2ie+1jlRLz9tKXt8rlFN7J1+eEin3fCF/dpg
Mura0fiaYL9zFloD58rBx1OWjP59XKV15fpgrWpwHN/DbFw8mJWABlYCPDrmPnat
aOcUeq9xFUcd8kz03OkOD9VBqBT/tfD/jmR72VTWQGtz6E87r168L9ihTubPdJgl
wH4tYixRH2YbwZpP81ExWQRIACh+OyOi4TJdpApkMb5FwybMiUvHsOXYTQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMFV8r76tCWjGJU8Y9PQ2K5VxFgzMB8GA1UdIwQY
MBaAFOJjbgLxVU9w2XGmVoScAb3/E4zoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNG1OdUF2RlZUM0RaY2FaV2hKd0J2ZjhUak9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iMzU1MTMtZWJkYi00NTUwLWE3ZDQt
MTJmOWY3MzNkYzRmLzEvd1ZYeXZ2cTBKYU1ZbFR4ajA5RFlybFhFV0RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iMzU1MTMtZWJkYi00NTUwLWE3ZDQtMTJmOWY3MzNkYzRm
LzEvNG1OdUF2RlZUM0RaY2FaV2hKd0J2ZjhUak9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhOJwDAN
BgkqhkiG9w0BAQsFAAOCAQEAaM3LcEWF1jfjHB9UOGvyN9dM1QSF3isvEzSZLEq2
PHySRxsCLOOofwDbp24crWfFnnmXxNd+jX1yZSHR55FZL3u5IPSR//k/mB1c9Oj0
c3rOaVpa0oh3mCy0LL6btSkRwiYyHa5/BZ7n6hchhXvue2uVL3vut878Icl2/kXm
hy0BEZv2DTAlLWDF7uIK8ntKrR3enhAW4dxOxtGCRMEpdfUi3Huj4BiSyp+xztkD
MuN//2tSb0StS/dtCT4PTn1haadwOe9AODqZOHswETHwvI02k6TfJrXuxrt2M0E7
MPNDvQwXCaIUvB721p0/fkQmxuAZAzntdUUb/QD3XQEoqg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:28 2024 by rpki-client on console-ams.rpki-client.org