Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/cEcy95tmYBkBrKppMaSVX7hazwU.roa
File:                     cEcy95tmYBkBrKppMaSVX7hazwU.roa (raw, json)
Hash identifier:          B1a9vSHuAqkmC27JXj14jYTrrE/r0bBsR8mAeIJIyfU=
Subject key identifier:   70:47:32:F7:9B:66:60:19:01:AC:AA:69:31:A4:95:5F:B8:5A:CF:05
Certificate issuer:       /CN=14bf39139b710c4f7237edfd88518655af39c323
Certificate serial:       01856F1DC1C541D7982301F2341A600E7684
Authority key identifier: 14:BF:39:13:9B:71:0C:4F:72:37:ED:FD:88:51:86:55:AF:39:C3:23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FL85E5txDE9yN-39iFGGVa85wyM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/cEcy95tmYBkBrKppMaSVX7hazwU.roa
Signing time:             Sun 01 Jan 2023 20:54:59 +0000
ROA not before:           Sun 01 Jan 2023 20:54:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213220
IP address blocks:        2a13:3d80::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 13 Apr 2023 08:54:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:1d:c1:c5:41:d7:98:23:01:f2:34:1a:60:0e:76:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14bf39139b710c4f7237edfd88518655af39c323
        Validity
            Not Before: Jan  1 20:54:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=704732f79b66601901acaa6931a4955fb85acf05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:23:45:af:26:17:0f:1f:df:a2:90:49:d0:fd:
                    47:4e:9d:e7:8c:a5:f4:e3:11:f3:e4:6e:e4:98:d0:
                    ed:7a:b1:dc:76:ce:aa:69:43:2b:ad:8c:5c:67:b4:
                    db:7d:74:9d:6a:24:fa:1b:cd:49:92:ad:57:f7:c5:
                    5e:b0:69:dd:ac:21:b8:ea:2a:18:60:03:d3:28:c0:
                    bf:c9:b8:be:06:51:fe:58:35:36:c5:c6:f8:dd:50:
                    bc:5d:53:32:26:f5:99:f2:a1:19:64:cf:8d:cd:89:
                    35:05:5d:38:09:75:a5:84:fa:0b:40:21:f7:95:1f:
                    8f:bc:96:d6:ef:7e:4e:3d:cd:c4:07:6d:bb:51:6d:
                    e5:2a:9c:a1:72:95:e7:c4:90:2c:ef:57:3e:dc:f4:
                    f4:f7:eb:c2:e6:a9:24:1f:12:b8:d0:8b:39:1a:49:
                    2a:02:30:40:71:64:3b:cb:09:02:6e:48:f6:c9:b2:
                    96:8f:6b:40:bf:a4:0e:8e:87:b4:00:34:dc:28:af:
                    76:d8:64:f9:d6:06:6c:21:f9:88:3f:30:3b:29:a9:
                    6e:bf:98:0a:95:24:91:ca:e3:5d:77:15:3c:ba:24:
                    4d:c5:6f:0b:c9:f1:8b:c2:39:19:38:db:82:fc:3b:
                    89:a0:bd:c2:b0:50:e9:23:6d:bc:29:0d:52:6a:ce:
                    d0:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:47:32:F7:9B:66:60:19:01:AC:AA:69:31:A4:95:5F:B8:5A:CF:05
            X509v3 Authority Key Identifier:
                keyid:14:BF:39:13:9B:71:0C:4F:72:37:ED:FD:88:51:86:55:AF:39:C3:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL85E5txDE9yN-39iFGGVa85wyM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/cEcy95tmYBkBrKppMaSVX7hazwU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/FL85E5txDE9yN-39iFGGVa85wyM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:3d80::/48

    Signature Algorithm: sha256WithRSAEncryption
         44:3f:36:20:42:2a:50:e1:2b:15:c7:f7:1b:41:38:86:46:5a:
         1d:a5:c8:64:e1:ec:55:39:e5:e0:b3:be:2c:5b:38:f9:88:5b:
         40:25:f4:99:fe:8e:41:9f:94:d8:ae:c6:11:29:5b:6e:67:fd:
         d5:bb:96:98:89:34:ba:3f:37:c0:f0:c3:96:99:0c:fd:1a:e7:
         28:a3:30:55:0e:49:7c:69:da:c3:f8:5e:35:8e:7d:61:b8:92:
         d2:ac:d2:9e:05:8a:3d:4c:31:8f:a5:24:a1:ae:d9:34:cd:06:
         4b:27:e9:f4:3e:53:3e:ef:07:da:1b:2b:d0:7a:39:d9:e0:dd:
         86:f6:cc:21:f6:a2:d4:4e:65:12:f5:07:7b:a4:b2:61:08:70:
         a8:e5:d4:12:b0:6b:5d:df:4b:92:58:28:fa:0f:a4:bd:ef:59:
         a4:3c:63:0d:2d:e1:4d:23:72:e5:b3:8b:9d:01:66:f0:5d:13:
         6a:9d:00:7d:cb:91:b0:d6:4c:3b:43:44:93:ff:b9:a9:e0:51:
         09:66:15:86:14:33:d1:61:0e:28:df:5a:ca:45:66:89:c1:84:
         5e:34:2d:36:95:5b:b7:f5:10:84:c7:6c:38:da:86:48:de:70:
         9c:6f:ae:e6:16:66:3a:f3:76:d0:5b:65:2c:14:c5:48:22:a2:
         1d:e1:c9:d6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvHcHFQdeYIwHyNBpgDnaEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YmYzOTEzOWI3MTBjNGY3MjM3ZWRmZDg4NTE4NjU1YWYz
OWMzMjMwHhcNMjMwMTAxMjA1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDQ3MzJmNzliNjY2MDE5MDFhY2FhNjkzMWE0OTU1ZmI4NWFjZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSNFryYXDx/fopBJ0P1HTp3njKX0
4xHz5G7kmNDterHcds6qaUMrrYxcZ7TbfXSdaiT6G81Jkq1X98VesGndrCG46ioY
YAPTKMC/ybi+BlH+WDU2xcb43VC8XVMyJvWZ8qEZZM+NzYk1BV04CXWlhPoLQCH3
lR+PvJbW735OPc3EB227UW3lKpyhcpXnxJAs71c+3PT09+vC5qkkHxK40Is5Gkkq
AjBAcWQ7ywkCbkj2ybKWj2tAv6QOjoe0ADTcKK922GT51gZsIfmIPzA7Kaluv5gK
lSSRyuNddxU8uiRNxW8LyfGLwjkZONuC/DuJoL3CsFDpI228KQ1Sas7Q8QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHBHMvebZmAZAayqaTGklV+4Ws8FMB8GA1UdIwQY
MBaAFBS/ORObcQxPcjft/YhRhlWvOcMjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkw4NUU1dHhERTl5Ti0zOWlGR0dWYTg1d3lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iOTYyNTktMzNiOC00NTRhLThjNWYt
YTg2MmI4ODU5M2EwLzEvY0VjeTk1dG1ZQmtCcktwcE1hU1ZYN2hhendVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iOTYyNTktMzNiOC00NTRhLThjNWYtYTg2MmI4ODU5M2Ew
LzEvRkw4NUU1dHhERTl5Ti0zOWlGR0dWYTg1d3lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhM9gAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBEPzYgQipQ4SsVx/cbQTiGRlodpchk4exVOeXg
s74sWzj5iFtAJfSZ/o5Bn5TYrsYRKVtuZ/3Vu5aYiTS6PzfA8MOWmQz9GucoozBV
Dkl8adrD+F41jn1huJLSrNKeBYo9TDGPpSShrtk0zQZLJ+n0PlM+7wfaGyvQejnZ
4N2G9swh9qLUTmUS9Qd7pLJhCHCo5dQSsGtd30uSWCj6D6S971mkPGMNLeFNI3Ll
s4udAWbwXRNqnQB9y5Gw1kw7Q0ST/7mp4FEJZhWGFDPRYQ4o31rKRWaJwYReNC02
lVu39RCEx2w42oZI3nCcb67mFmY683bQW2UsFMVIIqId4cnW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:13 2024 by rpki-client on console-fra.rpki-client.org