Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cf8791-9980-4c79-9c28-0e16baef7113/1/Jzcsu5fTy1dlQfDHuZCAe7D1NSk.roa
File:                     Jzcsu5fTy1dlQfDHuZCAe7D1NSk.roa (raw, json)
Hash identifier:          4O4N0YWe1jFoaVDdf8n/Ogl9tqVmPkly+Ymvj5M3nsk=
Subject key identifier:   27:37:2C:BB:97:D3:CB:57:65:41:F0:C7:B9:90:80:7B:B0:F5:35:29
Certificate issuer:       /CN=d33b32e05d0a85dbd4450f37a73e7fa1f6100afc
Certificate serial:       0186FF354965A2F345BFCCD3AA4F24460169
Authority key identifier: D3:3B:32:E0:5D:0A:85:DB:D4:45:0F:37:A7:3E:7F:A1:F6:10:0A:FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0zsy4F0KhdvURQ83pz5_ofYQCvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/cf8791-9980-4c79-9c28-0e16baef7113/1/Jzcsu5fTy1dlQfDHuZCAe7D1NSk.roa
Signing time:             Mon 20 Mar 2023 13:28:47 +0000
ROA not before:           Mon 20 Mar 2023 13:28:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57644
IP address blocks:        2a13:57c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 14:34:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:ff:35:49:65:a2:f3:45:bf:cc:d3:aa:4f:24:46:01:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d33b32e05d0a85dbd4450f37a73e7fa1f6100afc
        Validity
            Not Before: Mar 20 13:28:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=27372cbb97d3cb576541f0c7b990807bb0f53529
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:d4:f5:f1:62:c2:58:cf:d5:c1:6c:71:22:d6:
                    87:c5:6c:28:1a:ca:0d:a3:5e:8f:c4:17:5f:33:8c:
                    a5:28:1a:92:10:55:8b:36:ab:fa:55:4d:8f:59:de:
                    1e:59:d6:44:b6:d9:d4:89:35:2f:0c:29:38:4d:2f:
                    fa:97:0b:9c:4c:be:b0:f0:0e:42:f7:3a:38:71:ae:
                    cc:3d:e2:a1:e7:c3:9a:ff:3f:da:77:02:56:be:36:
                    8f:31:dc:23:c8:3b:fe:9b:55:b4:26:4b:a3:37:af:
                    74:ce:fc:a1:5f:c8:36:17:ec:75:b2:fd:d4:0d:31:
                    fe:ed:99:9d:b1:53:ca:a5:c9:7a:93:c6:5d:a0:70:
                    93:ff:10:40:9e:64:46:27:4c:a4:d9:9d:d3:6b:fc:
                    cd:55:54:2f:38:0a:b9:38:26:47:17:64:6f:8e:f8:
                    5b:7e:28:a2:8c:13:28:8c:a6:b7:ad:02:69:ac:5c:
                    f2:c7:27:1d:b0:be:e8:4d:a2:3c:88:fb:d1:90:73:
                    35:b7:d7:6a:a3:0c:1d:40:9b:19:b5:3e:c5:f2:a1:
                    43:b4:11:5f:83:68:55:5d:b2:a1:62:68:2d:6b:e3:
                    18:48:c7:d9:29:e4:4e:b2:8f:ac:bc:75:97:42:17:
                    93:2a:3a:6e:db:5f:b9:80:12:e7:1a:84:1c:d9:6b:
                    8e:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:37:2C:BB:97:D3:CB:57:65:41:F0:C7:B9:90:80:7B:B0:F5:35:29
            X509v3 Authority Key Identifier:
                keyid:D3:3B:32:E0:5D:0A:85:DB:D4:45:0F:37:A7:3E:7F:A1:F6:10:0A:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0zsy4F0KhdvURQ83pz5_ofYQCvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cf8791-9980-4c79-9c28-0e16baef7113/1/Jzcsu5fTy1dlQfDHuZCAe7D1NSk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cf8791-9980-4c79-9c28-0e16baef7113/1/0zsy4F0KhdvURQ83pz5_ofYQCvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:57c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         6d:ef:4d:29:0c:79:df:b6:31:6c:ee:b4:3a:3c:08:c1:f2:db:
         a9:03:fd:3b:20:c2:c5:5b:28:69:87:a3:e8:85:27:8d:07:13:
         78:ce:99:94:63:fb:c7:0c:3c:e3:44:d7:68:5e:9c:dd:9a:92:
         e7:23:9e:c6:c1:bf:7a:71:ef:32:ff:44:bd:b2:e9:38:b9:50:
         fe:ca:54:4e:d9:34:90:75:ca:dc:73:22:0b:ba:cd:db:49:3b:
         2a:c7:93:b5:64:85:47:cb:63:09:2d:a4:4a:61:f5:e2:ac:2e:
         e5:eb:ea:30:85:de:92:be:40:a7:ca:50:5b:ad:5b:a7:65:3b:
         99:c9:7f:a1:63:ca:83:9d:b3:14:cc:5a:de:d9:16:78:98:52:
         64:a0:fe:e3:cd:9b:2f:63:b7:66:2f:5b:e1:15:8c:cd:dc:5e:
         52:7c:4d:e8:ad:f1:48:8c:ac:3f:98:74:81:38:46:13:d8:26:
         79:3c:f1:02:bf:87:a7:28:53:73:4d:32:f5:db:df:c0:29:b7:
         b4:dc:a9:a8:44:5d:7b:b3:14:21:18:12:d9:b4:ef:62:8e:f6:
         47:37:e4:5d:0f:a9:ac:d4:63:72:3a:9f:6e:b7:9a:43:1a:62:
         5c:70:8f:89:d0:4b:2d:7d:84:88:6a:29:9a:54:ad:9c:46:4a:
         ba:a1:c3:09
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYb/NUllovNFv8zTqk8kRgFpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzM2IzMmUwNWQwYTg1ZGJkNDQ1MGYzN2E3M2U3ZmExZjYx
MDBhZmMwHhcNMjMwMzIwMTMyODQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzM3MmNiYjk3ZDNjYjU3NjU0MWYwYzdiOTkwODA3YmIwZjUzNTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdT18WLCWM/VwWxxItaHxWwoGsoN
o16PxBdfM4ylKBqSEFWLNqv6VU2PWd4eWdZEttnUiTUvDCk4TS/6lwucTL6w8A5C
9zo4ca7MPeKh58Oa/z/adwJWvjaPMdwjyDv+m1W0JkujN690zvyhX8g2F+x1sv3U
DTH+7ZmdsVPKpcl6k8ZdoHCT/xBAnmRGJ0yk2Z3Ta/zNVVQvOAq5OCZHF2Rvjvhb
fiiijBMojKa3rQJprFzyxycdsL7oTaI8iPvRkHM1t9dqowwdQJsZtT7F8qFDtBFf
g2hVXbKhYmgta+MYSMfZKeROso+svHWXQheTKjpu21+5gBLnGoQc2WuOKwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCc3LLuX08tXZUHwx7mQgHuw9TUpMB8GA1UdIwQY
MBaAFNM7MuBdCoXb1EUPN6c+f6H2EAr8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHpzeTRGMEtoZHZVUlE4M3B6NV9vZllRQ3Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jZjg3OTEtOTk4MC00Yzc5LTljMjgt
MGUxNmJhZWY3MTEzLzEvSnpjc3U1ZlR5MWRsUWZESHVaQ0FlN0QxTlNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jZjg3OTEtOTk4MC00Yzc5LTljMjgtMGUxNmJhZWY3MTEz
LzEvMHpzeTRGMEtoZHZVUlE4M3B6NV9vZllRQ3Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNXwDAN
BgkqhkiG9w0BAQsFAAOCAQEAbe9NKQx537YxbO60OjwIwfLbqQP9OyDCxVsoaYej
6IUnjQcTeM6ZlGP7xww840TXaF6c3ZqS5yOexsG/enHvMv9EvbLpOLlQ/spUTtk0
kHXK3HMiC7rN20k7KseTtWSFR8tjCS2kSmH14qwu5evqMIXekr5Ap8pQW61bp2U7
mcl/oWPKg52zFMxa3tkWeJhSZKD+482bL2O3Zi9b4RWMzdxeUnxN6K3xSIysP5h0
gThGE9gmeTzxAr+HpyhTc00y9dvfwCm3tNypqERde7MUIRgS2bTvYo72RzfkXQ+p
rNRjcjqfbreaQxpiXHCPidBLLX2EiGopmlStnEZKuqHDCQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:59 2024 by rpki-client on console-fra.rpki-client.org