Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/5UAIRx6NPS9cam9rDt-7o7xEZZs.roa
File:                     5UAIRx6NPS9cam9rDt-7o7xEZZs.roa (raw, json)
Hash identifier:          E/uSShEkz0V0hyCByKAT1F+9wgCDMl6xashRAfWE7/g=
Subject key identifier:   E5:40:08:47:1E:8D:3D:2F:5C:6A:6F:6B:0E:DF:BB:A3:BC:44:65:9B
Certificate issuer:       /CN=14bf39139b710c4f7237edfd88518655af39c323
Certificate serial:       018779D2F66806D22DA58F6BAFFBC49A7286
Authority key identifier: 14:BF:39:13:9B:71:0C:4F:72:37:ED:FD:88:51:86:55:AF:39:C3:23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FL85E5txDE9yN-39iFGGVa85wyM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/5UAIRx6NPS9cam9rDt-7o7xEZZs.roa
Signing time:             Thu 13 Apr 2023 08:54:41 +0000
ROA not before:           Thu 13 Apr 2023 08:54:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52000
IP address blocks:        2a13:3d81::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:79:d2:f6:68:06:d2:2d:a5:8f:6b:af:fb:c4:9a:72:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14bf39139b710c4f7237edfd88518655af39c323
        Validity
            Not Before: Apr 13 08:54:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e54008471e8d3d2f5c6a6f6b0edfbba3bc44659b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:86:2a:8f:a6:ff:6e:6c:b2:27:46:ed:b0:15:
                    3a:fc:03:6a:02:f8:db:fe:3c:61:1e:89:6c:bc:44:
                    27:b7:88:e0:20:20:14:be:16:1b:ca:5b:a4:85:d7:
                    25:b2:11:b8:d4:f7:cb:13:f5:9c:26:78:95:bb:fc:
                    dc:35:dd:70:58:9a:02:ef:64:fe:fe:4a:c3:5a:d1:
                    0f:5a:59:f1:59:ee:fb:5e:b9:95:96:8c:e1:8b:b1:
                    56:8b:38:63:7c:13:62:39:5a:cc:6d:37:a6:b1:b8:
                    d1:03:ad:36:5e:28:f4:0b:f9:e4:db:2f:9a:3d:ef:
                    4b:62:3e:cc:01:4b:86:82:62:68:4e:60:83:1b:27:
                    89:c0:77:ea:c7:d8:aa:3a:d7:24:10:aa:05:54:2d:
                    f0:5b:78:ff:3e:3c:e2:71:aa:4e:65:d1:29:23:be:
                    2e:61:83:f2:52:98:68:f2:a2:ab:53:21:62:a0:c9:
                    f6:a2:a7:7a:4f:8d:42:08:c7:8f:0f:07:2d:bf:57:
                    ae:02:dc:fc:c3:1b:fa:d7:00:5c:85:43:02:9b:f5:
                    3a:ce:b6:17:61:ad:0e:b3:42:e0:16:28:16:f9:b7:
                    e6:81:29:4a:ca:df:5b:fb:2e:ad:9e:ac:f4:e8:52:
                    a3:f5:0c:90:b4:51:21:e6:cf:2c:86:a3:b4:c6:3f:
                    a6:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:40:08:47:1E:8D:3D:2F:5C:6A:6F:6B:0E:DF:BB:A3:BC:44:65:9B
            X509v3 Authority Key Identifier:
                keyid:14:BF:39:13:9B:71:0C:4F:72:37:ED:FD:88:51:86:55:AF:39:C3:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL85E5txDE9yN-39iFGGVa85wyM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/5UAIRx6NPS9cam9rDt-7o7xEZZs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/FL85E5txDE9yN-39iFGGVa85wyM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:3d81::/48

    Signature Algorithm: sha256WithRSAEncryption
         33:f6:a5:7d:2c:5a:b5:4b:5a:b4:d9:5f:95:e9:f7:92:a7:5a:
         c3:08:75:ad:c7:a8:ac:26:20:8f:7d:45:54:57:4e:24:51:ae:
         24:6d:cb:bb:fa:83:77:84:c6:c2:fe:06:73:01:63:15:a0:d8:
         84:32:d9:3e:09:07:11:40:2c:ee:bb:9e:56:da:a7:fd:e9:f5:
         ac:50:c5:a7:95:00:cd:c4:b7:b2:46:96:11:a3:3d:31:d7:14:
         a8:65:a5:b1:0b:d3:df:be:c4:53:e0:68:cb:c4:4e:88:8b:d6:
         d2:97:02:6c:62:f8:15:e2:0e:8e:dc:95:11:f9:01:86:c8:03:
         9c:14:98:54:7c:f5:1f:8f:77:7a:32:31:b2:7f:26:bf:11:b1:
         10:bf:4a:69:2a:41:45:c0:c8:46:4c:77:32:40:45:28:a8:ef:
         33:1a:a3:9e:cf:35:36:d4:41:08:e0:4f:38:44:b7:c9:5f:b9:
         78:8d:73:a2:e2:d7:8f:48:ae:d8:18:3b:2a:14:93:b8:11:73:
         ae:a8:df:fa:e5:1b:f0:23:93:cf:dc:53:06:5d:06:12:21:14:
         12:8d:4c:8c:79:9f:4c:c0:17:4b:f4:e4:95:f7:2d:13:05:95:
         47:6a:5d:ee:77:3b:98:55:36:b1:08:6d:c0:28:bf:9a:12:8b:
         ee:c7:f5:6a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYd50vZoBtItpY9rr/vEmnKGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YmYzOTEzOWI3MTBjNGY3MjM3ZWRmZDg4NTE4NjU1YWYz
OWMzMjMwHhcNMjMwNDEzMDg1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTQwMDg0NzFlOGQzZDJmNWM2YTZmNmIwZWRmYmJhM2JjNDQ2NTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA64Yqj6b/bmyyJ0btsBU6/ANqAvjb
/jxhHolsvEQnt4jgICAUvhYbylukhdclshG41PfLE/WcJniVu/zcNd1wWJoC72T+
/krDWtEPWlnxWe77XrmVlozhi7FWizhjfBNiOVrMbTemsbjRA602Xij0C/nk2y+a
Pe9LYj7MAUuGgmJoTmCDGyeJwHfqx9iqOtckEKoFVC3wW3j/PjzicapOZdEpI74u
YYPyUpho8qKrUyFioMn2oqd6T41CCMePDwctv1euAtz8wxv61wBchUMCm/U6zrYX
Ya0Os0LgFigW+bfmgSlKyt9b+y6tnqz06FKj9QyQtFEh5s8shqO0xj+mOQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOVACEcejT0vXGpvaw7fu6O8RGWbMB8GA1UdIwQY
MBaAFBS/ORObcQxPcjft/YhRhlWvOcMjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkw4NUU1dHhERTl5Ti0zOWlGR0dWYTg1d3lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iOTYyNTktMzNiOC00NTRhLThjNWYt
YTg2MmI4ODU5M2EwLzEvNVVBSVJ4Nk5QUzljYW05ckR0LTdvN3hFWlpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iOTYyNTktMzNiOC00NTRhLThjNWYtYTg2MmI4ODU5M2Ew
LzEvRkw4NUU1dHhERTl5Ti0zOWlGR0dWYTg1d3lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhM9gQAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAz9qV9LFq1S1q02V+V6feSp1rDCHWtx6isJiCP
fUVUV04kUa4kbcu7+oN3hMbC/gZzAWMVoNiEMtk+CQcRQCzuu55W2qf96fWsUMWn
lQDNxLeyRpYRoz0x1xSoZaWxC9PfvsRT4GjLxE6Ii9bSlwJsYvgV4g6O3JUR+QGG
yAOcFJhUfPUfj3d6MjGyfya/EbEQv0ppKkFFwMhGTHcyQEUoqO8zGqOezzU21EEI
4E84RLfJX7l4jXOi4tePSK7YGDsqFJO4EXOuqN/65RvwI5PP3FMGXQYSIRQSjUyM
eZ9MwBdL9OSV9y0TBZVHal3udzuYVTaxCG3AKL+aEovux/Vq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:21 2024 by rpki-client on console-ams.rpki-client.org