Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/2d2109-cfb8-4325-a0e3-058785b4a96e/1/aGWEH-VnoQ33FgdsFzfRvAFYnp8.roa
File:                     aGWEH-VnoQ33FgdsFzfRvAFYnp8.roa (raw, json)
Hash identifier:          Bd0zlpVLzbRgA/23NUGHJUCbZMNDQBVo/AwePrwExfo=
Subject key identifier:   68:65:84:1F:E5:67:A1:0D:F7:16:07:6C:17:37:D1:BC:01:58:9E:9F
Certificate issuer:       /CN=d83713fd7b4cdfa6cba016a87eaf8b31c891beb0
Certificate serial:       01865BC44F6561628303412B16E7CFDD286B
Authority key identifier: D8:37:13:FD:7B:4C:DF:A6:CB:A0:16:A8:7E:AF:8B:31:C8:91:BE:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2DcT_XtM36bLoBaofq-LMciRvrA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/2d2109-cfb8-4325-a0e3-058785b4a96e/1/aGWEH-VnoQ33FgdsFzfRvAFYnp8.roa
Signing time:             Thu 16 Feb 2023 19:47:17 +0000
ROA not before:           Thu 16 Feb 2023 19:47:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52042
IP address blocks:        2a13:3fc1::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:5b:c4:4f:65:61:62:83:03:41:2b:16:e7:cf:dd:28:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d83713fd7b4cdfa6cba016a87eaf8b31c891beb0
        Validity
            Not Before: Feb 16 19:47:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6865841fe567a10df716076c1737d1bc01589e9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:5f:16:1a:2a:d7:85:cc:2b:a1:ea:e5:7b:04:
                    cf:a8:81:e3:90:0b:28:e6:c1:76:54:ab:19:1c:ad:
                    37:4e:93:dc:59:b4:6f:36:4c:5f:74:6b:2b:74:ad:
                    af:79:e3:95:be:b9:4d:14:9c:5a:dd:2e:fc:e8:95:
                    1c:d1:16:29:e1:3b:5b:c6:75:94:3d:a4:25:79:b5:
                    3e:4c:a3:28:65:94:03:7a:28:52:3c:59:aa:b9:fe:
                    24:ba:79:6c:e1:7a:a0:57:b4:d4:9a:35:2c:f4:63:
                    94:86:3a:48:b7:76:83:dc:34:ca:f1:3a:91:7b:57:
                    b1:7e:c7:3f:4b:d0:a8:8f:be:89:d2:ca:49:5d:e4:
                    95:36:cf:28:19:3d:dd:8c:ac:18:db:f6:75:de:3e:
                    57:34:8a:3e:a3:01:a8:cb:0b:78:a0:50:c8:bd:28:
                    cd:bc:0f:69:83:c7:6d:30:7c:a4:e0:33:0b:f4:43:
                    ba:66:91:1c:71:e6:25:e7:c5:05:90:b2:83:04:1c:
                    82:e4:de:76:4d:1f:54:95:79:51:3d:63:60:48:a4:
                    85:66:4f:15:39:9e:93:b7:d9:80:03:c8:1f:08:33:
                    c8:3b:e6:b2:62:17:0d:bf:d2:02:bf:6a:52:ad:2c:
                    5e:56:be:0e:e6:6e:2a:f7:d6:e6:cd:b9:5a:8f:c6:
                    99:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:65:84:1F:E5:67:A1:0D:F7:16:07:6C:17:37:D1:BC:01:58:9E:9F
            X509v3 Authority Key Identifier:
                keyid:D8:37:13:FD:7B:4C:DF:A6:CB:A0:16:A8:7E:AF:8B:31:C8:91:BE:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DcT_XtM36bLoBaofq-LMciRvrA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/2d2109-cfb8-4325-a0e3-058785b4a96e/1/aGWEH-VnoQ33FgdsFzfRvAFYnp8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/2d2109-cfb8-4325-a0e3-058785b4a96e/1/2DcT_XtM36bLoBaofq-LMciRvrA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:3fc1::/32

    Signature Algorithm: sha256WithRSAEncryption
         41:eb:9f:1a:32:f2:4b:e0:ea:f4:cb:00:4c:e4:25:c1:9c:c6:
         ff:dd:d1:bd:74:18:cc:94:bc:7c:1e:85:ef:5c:1e:a1:18:f1:
         88:4c:9f:75:29:79:19:3a:5b:fe:51:50:6a:7d:dc:81:6e:71:
         df:8a:35:99:ce:bf:e2:91:ef:ea:ee:c6:09:fb:fe:f1:28:07:
         75:9a:46:a6:28:69:21:8b:2e:a3:74:2d:fd:3a:30:1e:fd:23:
         a2:d0:a7:d5:5b:3f:fb:3c:e3:be:40:45:8e:aa:80:43:77:86:
         98:f9:68:af:1d:c5:7a:e5:89:8d:10:0c:79:de:54:9f:f3:02:
         ba:e6:6a:60:14:e5:72:2a:3c:b6:67:46:4d:8f:4c:3e:0b:10:
         79:36:f7:fe:ea:98:9c:3e:18:37:cf:55:79:0c:6d:ea:f3:19:
         54:75:bf:ca:c6:5e:f6:54:82:c1:af:60:fc:2f:5f:2f:31:25:
         15:be:56:0b:db:91:e7:f3:da:0d:73:23:04:e5:ae:85:01:8b:
         55:83:d5:c8:ff:aa:b6:b5:08:8e:d8:6e:ff:de:fb:dc:89:a5:
         db:81:08:38:1d:c7:dd:21:5a:87:68:99:c6:0a:2b:f4:48:d3:
         4c:ca:21:30:61:48:01:d9:08:03:7f:5f:f9:1c:39:13:45:67:
         6e:e4:ca:e9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYZbxE9lYWKDA0ErFufP3ShrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MzcxM2ZkN2I0Y2RmYTZjYmEwMTZhODdlYWY4YjMxYzg5
MWJlYjAwHhcNMjMwMjE2MTk0NzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODY1ODQxZmU1NjdhMTBkZjcxNjA3NmMxNzM3ZDFiYzAxNTg5ZTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhF8WGirXhcwroerlewTPqIHjkAso
5sF2VKsZHK03TpPcWbRvNkxfdGsrdK2veeOVvrlNFJxa3S786JUc0RYp4TtbxnWU
PaQlebU+TKMoZZQDeihSPFmquf4kunls4XqgV7TUmjUs9GOUhjpIt3aD3DTK8TqR
e1exfsc/S9Coj76J0spJXeSVNs8oGT3djKwY2/Z13j5XNIo+owGoywt4oFDIvSjN
vA9pg8dtMHyk4DML9EO6ZpEcceYl58UFkLKDBByC5N52TR9UlXlRPWNgSKSFZk8V
OZ6Tt9mAA8gfCDPIO+ayYhcNv9ICv2pSrSxeVr4O5m4q99bmzblaj8aZSwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGhlhB/lZ6EN9xYHbBc30bwBWJ6fMB8GA1UdIwQY
MBaAFNg3E/17TN+my6AWqH6vizHIkb6wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkRjVF9YdE0zNmJMb0Jhb2ZxLUxNY2lSdnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8yZDIxMDktY2ZiOC00MzI1LWEwZTMt
MDU4Nzg1YjRhOTZlLzEvYUdXRUgtVm5vUTMzRmdkc0Z6ZlJ2QUZZbnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8yZDIxMDktY2ZiOC00MzI1LWEwZTMtMDU4Nzg1YjRhOTZl
LzEvMkRjVF9YdE0zNmJMb0Jhb2ZxLUxNY2lSdnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhM/wTAN
BgkqhkiG9w0BAQsFAAOCAQEAQeufGjLyS+Dq9MsATOQlwZzG/93RvXQYzJS8fB6F
71weoRjxiEyfdSl5GTpb/lFQan3cgW5x34o1mc6/4pHv6u7GCfv+8SgHdZpGpihp
IYsuo3Qt/TowHv0jotCn1Vs/+zzjvkBFjqqAQ3eGmPlorx3FeuWJjRAMed5Un/MC
uuZqYBTlcio8tmdGTY9MPgsQeTb3/uqYnD4YN89VeQxt6vMZVHW/ysZe9lSCwa9g
/C9fLzElFb5WC9uR5/PaDXMjBOWuhQGLVYPVyP+qtrUIjthu/9773Iml24EIOB3H
3SFah2iZxgor9EjTTMohMGFIAdkIA39f+Rw5E0VnbuTK6Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:56 2024 by rpki-client on console-ams.rpki-client.org