Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/2d2109-cfb8-4325-a0e3-058785b4a96e/1/61iELbideo2xN1tgkTwZXlLRbGQ.roa
File:                     61iELbideo2xN1tgkTwZXlLRbGQ.roa (raw, json)
Hash identifier:          XLAHnz4tdvu4RNpleYYe4z04yPkkXW3dyM5z+c41JDg=
Subject key identifier:   EB:58:84:2D:B8:9D:7A:8D:B1:37:5B:60:91:3C:19:5E:52:D1:6C:64
Certificate issuer:       /CN=d83713fd7b4cdfa6cba016a87eaf8b31c891beb0
Certificate serial:       01865BC44E8CF472B86356C8CD308386F2E5
Authority key identifier: D8:37:13:FD:7B:4C:DF:A6:CB:A0:16:A8:7E:AF:8B:31:C8:91:BE:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2DcT_XtM36bLoBaofq-LMciRvrA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/2d2109-cfb8-4325-a0e3-058785b4a96e/1/61iELbideo2xN1tgkTwZXlLRbGQ.roa
Signing time:             Thu 16 Feb 2023 19:47:17 +0000
ROA not before:           Thu 16 Feb 2023 19:47:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51126
IP address blocks:        2a13:3fc0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:5b:c4:4e:8c:f4:72:b8:63:56:c8:cd:30:83:86:f2:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d83713fd7b4cdfa6cba016a87eaf8b31c891beb0
        Validity
            Not Before: Feb 16 19:47:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eb58842db89d7a8db1375b60913c195e52d16c64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:c7:27:88:6c:ad:a3:01:60:bd:63:76:22:71:
                    73:1e:76:43:ef:b2:0e:f9:77:c1:23:88:9a:b4:02:
                    2c:72:f0:d4:48:7c:11:f1:35:c0:37:e7:98:91:d9:
                    57:23:8f:d1:d8:71:87:3a:5b:fb:ff:b9:66:c7:de:
                    93:04:78:05:c3:47:54:c1:c6:be:f0:28:2f:98:39:
                    63:a2:bd:46:e0:50:a9:2c:c9:8c:ed:c9:99:82:bf:
                    fa:b0:c8:b6:0f:ba:dc:0b:d1:d6:12:79:bc:9f:c7:
                    2b:b6:88:56:52:2f:f1:30:97:ac:0b:2d:7a:66:7f:
                    24:5b:43:5e:98:02:dd:26:86:1c:4a:b3:89:02:8f:
                    28:9a:70:ae:e2:26:2b:d9:46:ed:9b:c7:36:ea:a8:
                    25:ee:96:63:e7:77:96:e2:93:e5:b6:e0:51:c4:d7:
                    31:d0:c8:1a:78:27:74:7c:40:72:23:fb:f3:85:2a:
                    23:3e:5e:9f:b7:95:88:56:1d:01:a3:b6:d2:ee:d2:
                    d7:de:43:b7:96:93:43:7e:6a:31:80:b5:bf:1f:3e:
                    7c:74:05:7b:36:0f:73:81:bd:c0:7d:31:b3:a5:a1:
                    a7:66:08:d8:a0:09:06:0c:db:24:c2:0b:f3:98:93:
                    94:c1:45:af:2b:a2:03:0c:d3:12:df:21:62:d6:0b:
                    c1:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:58:84:2D:B8:9D:7A:8D:B1:37:5B:60:91:3C:19:5E:52:D1:6C:64
            X509v3 Authority Key Identifier:
                keyid:D8:37:13:FD:7B:4C:DF:A6:CB:A0:16:A8:7E:AF:8B:31:C8:91:BE:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DcT_XtM36bLoBaofq-LMciRvrA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/2d2109-cfb8-4325-a0e3-058785b4a96e/1/61iELbideo2xN1tgkTwZXlLRbGQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/2d2109-cfb8-4325-a0e3-058785b4a96e/1/2DcT_XtM36bLoBaofq-LMciRvrA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:3fc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         63:f7:7e:88:d9:ab:5c:f1:12:1b:de:b2:3a:42:4a:1a:cc:92:
         6a:8f:bc:a5:5b:37:b4:6f:d8:3b:bd:1d:7f:a2:1c:e0:a8:23:
         ee:8b:38:14:04:f9:16:cf:33:d1:b8:ee:1b:d2:eb:ba:80:59:
         a1:d3:e8:9a:e9:a0:3d:49:67:23:ef:46:7b:af:f6:95:17:0e:
         17:50:52:15:9a:48:36:36:dc:68:80:2b:83:fe:6b:5f:59:2f:
         05:74:6d:9d:76:b7:8e:c1:24:fe:fc:2b:42:46:b1:9b:c2:ba:
         69:69:f0:70:0e:31:cf:89:e6:ad:ee:da:c9:85:5b:e6:61:4c:
         d0:de:25:07:51:67:a7:d1:bb:4b:0c:48:6d:6f:71:95:ce:b6:
         4c:1d:77:e6:3d:97:e9:42:8f:b8:f5:8a:3c:6b:9b:f2:00:19:
         14:84:37:86:be:6f:b5:8e:24:4b:40:0b:d3:61:00:d0:d8:c9:
         f6:44:9b:e1:20:05:35:65:04:2a:68:eb:7a:0a:c1:c0:79:43:
         41:a4:a7:3b:62:72:6d:9e:c5:61:99:6d:e8:72:f7:0d:92:4d:
         78:e1:86:73:4d:4f:83:27:24:ef:a1:06:40:a4:45:e8:2d:28:
         f2:aa:71:56:1b:d5:62:e0:5a:d0:dd:21:0d:d5:48:0d:ce:83:
         c4:85:0e:da
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYZbxE6M9HK4Y1bIzTCDhvLlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MzcxM2ZkN2I0Y2RmYTZjYmEwMTZhODdlYWY4YjMxYzg5
MWJlYjAwHhcNMjMwMjE2MTk0NzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjU4ODQyZGI4OWQ3YThkYjEzNzViNjA5MTNjMTk1ZTUyZDE2YzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoscniGytowFgvWN2InFzHnZD77IO
+XfBI4iatAIscvDUSHwR8TXAN+eYkdlXI4/R2HGHOlv7/7lmx96TBHgFw0dUwca+
8CgvmDljor1G4FCpLMmM7cmZgr/6sMi2D7rcC9HWEnm8n8crtohWUi/xMJesCy16
Zn8kW0NemALdJoYcSrOJAo8omnCu4iYr2Ubtm8c26qgl7pZj53eW4pPltuBRxNcx
0MgaeCd0fEByI/vzhSojPl6ft5WIVh0Bo7bS7tLX3kO3lpNDfmoxgLW/Hz58dAV7
Ng9zgb3AfTGzpaGnZgjYoAkGDNskwgvzmJOUwUWvK6IDDNMS3yFi1gvBDwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOtYhC24nXqNsTdbYJE8GV5S0WxkMB8GA1UdIwQY
MBaAFNg3E/17TN+my6AWqH6vizHIkb6wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkRjVF9YdE0zNmJMb0Jhb2ZxLUxNY2lSdnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8yZDIxMDktY2ZiOC00MzI1LWEwZTMt
MDU4Nzg1YjRhOTZlLzEvNjFpRUxiaWRlbzJ4TjF0Z2tUd1pYbExSYkdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8yZDIxMDktY2ZiOC00MzI1LWEwZTMtMDU4Nzg1YjRhOTZl
LzEvMkRjVF9YdE0zNmJMb0Jhb2ZxLUxNY2lSdnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhM/wDAN
BgkqhkiG9w0BAQsFAAOCAQEAY/d+iNmrXPESG96yOkJKGsySao+8pVs3tG/YO70d
f6Ic4Kgj7os4FAT5Fs8z0bjuG9LruoBZodPomumgPUlnI+9Ge6/2lRcOF1BSFZpI
NjbcaIArg/5rX1kvBXRtnXa3jsEk/vwrQkaxm8K6aWnwcA4xz4nmre7ayYVb5mFM
0N4lB1Fnp9G7SwxIbW9xlc62TB135j2X6UKPuPWKPGub8gAZFIQ3hr5vtY4kS0AL
02EA0NjJ9kSb4SAFNWUEKmjregrBwHlDQaSnO2JybZ7FYZlt6HL3DZJNeOGGc01P
gyck76EGQKRF6C0o8qpxVhvVYuBa0N0hDdVIDc6DxIUO2g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:54 2024 by rpki-client on console-fra.rpki-client.org