Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/1nPGTcBRuLLXw7eAHlpILV1oSTo.roa
File:                     1nPGTcBRuLLXw7eAHlpILV1oSTo.roa (raw, json)
Hash identifier:          Yb+vb6cz7BymL12Z5mdYNiwSqQ4RoCJQ/sjL7pgXPfI=
Subject key identifier:   D6:73:C6:4D:C0:51:B8:B2:D7:C3:B7:80:1E:5A:48:2D:5D:68:49:3A
Certificate issuer:       /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial:       01856DAF681B0C26E46A0EEDD9F0E56FCEF6
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/1nPGTcBRuLLXw7eAHlpILV1oSTo.roa
Signing time:             Sun 01 Jan 2023 14:14:50 +0000
ROA not before:           Sun 01 Jan 2023 14:14:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211327
IP address blocks:        213.142.134.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 28 Nov 2023 14:17:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:af:68:1b:0c:26:e4:6a:0e:ed:d9:f0:e5:6f:ce:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
        Validity
            Not Before: Jan  1 14:14:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d673c64dc051b8b2d7c3b7801e5a482d5d68493a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:76:6b:0b:f5:d5:22:ce:a4:3a:cc:69:42:0b:
                    8f:ea:e0:03:50:d5:c6:05:5f:d2:ef:5f:c5:d5:39:
                    de:a3:fe:9d:f5:b7:04:e1:a8:6f:22:ff:03:aa:03:
                    97:13:d5:b7:a6:7a:bd:49:c6:a6:8e:1e:31:3e:70:
                    ae:25:55:e5:8c:7e:aa:65:8d:16:f8:80:b9:a7:51:
                    dc:1e:d5:4c:7f:f1:5b:b7:d9:1c:92:1f:fb:cf:cb:
                    f8:fa:7f:ac:01:88:da:5e:ce:5d:5b:16:9f:d2:55:
                    c5:dd:7e:6c:05:8c:8a:ff:4d:d4:2c:2d:6d:14:9d:
                    4c:55:40:2f:66:e9:52:bf:47:98:82:27:68:20:f2:
                    45:af:d6:a5:08:65:7f:ff:3d:28:9d:fe:5c:de:d9:
                    82:50:b8:02:ce:ed:9c:82:29:07:53:47:bf:20:8a:
                    91:f7:19:31:fb:e0:a5:0c:fc:84:56:22:3b:86:55:
                    8e:2b:78:c2:c2:ca:82:9b:d1:47:47:92:f9:80:0a:
                    41:57:3e:fb:0f:5c:86:ca:f9:24:6f:ed:a5:54:56:
                    f9:1b:e9:80:dc:2c:34:c3:6a:87:b6:e9:a5:6d:d1:
                    30:e3:ec:05:97:e0:d9:8e:cc:91:ed:cf:17:e1:98:
                    bb:b3:e3:77:a7:ee:f0:a1:2d:f1:33:12:e3:aa:ed:
                    c0:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:73:C6:4D:C0:51:B8:B2:D7:C3:B7:80:1E:5A:48:2D:5D:68:49:3A
            X509v3 Authority Key Identifier:
                keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/1nPGTcBRuLLXw7eAHlpILV1oSTo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.142.134.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:81:9f:56:b2:01:a3:47:98:68:91:f3:14:08:d8:96:a4:0a:
         ea:2e:8f:95:69:d0:ba:f4:05:41:44:50:48:59:6d:1f:02:17:
         11:c2:9c:ab:d5:81:5d:26:71:23:a5:c1:aa:c4:5e:fa:5a:ba:
         5d:ee:1b:2c:7e:f5:bf:39:f9:7e:f6:9e:b8:d5:27:1f:94:fa:
         8d:0a:52:e8:db:36:bf:52:8b:1f:94:90:9f:76:85:64:1d:06:
         58:b9:05:bf:b6:71:f3:16:da:44:67:93:29:3e:74:dd:43:81:
         dd:e4:82:12:39:d7:a0:66:12:47:9e:c7:bf:1f:0f:1b:b4:1e:
         a5:c0:a1:a9:b4:ae:cd:8f:fe:85:70:dc:69:7b:e2:46:39:4c:
         df:1b:63:0d:8c:ff:8d:b6:9c:a2:a0:b1:58:96:7c:a1:eb:6e:
         a9:3e:e5:51:d8:6f:40:26:58:58:04:48:78:1f:b2:68:7b:c3:
         71:f2:20:3a:4c:d0:86:bc:a0:e4:2b:25:11:cd:71:67:a5:b4:
         22:24:32:41:73:0f:be:3e:e3:7d:f6:35:2c:13:f0:46:d2:20:
         8c:d9:e1:b8:cc:18:0e:72:b6:2b:05:4b:3c:24:38:0c:21:84:
         4b:ea:df:a8:7c:f5:80:e0:b9:62:56:b7:f9:c4:3b:8d:50:c7:
         33:7b:3b:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtr2gbDCbkag7t2fDlb872MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjMwMTAxMTQxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjczYzY0ZGMwNTFiOGIyZDdjM2I3ODAxZTVhNDgyZDVkNjg0OTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHZrC/XVIs6kOsxpQguP6uADUNXG
BV/S71/F1Tneo/6d9bcE4ahvIv8DqgOXE9W3pnq9Scamjh4xPnCuJVXljH6qZY0W
+IC5p1HcHtVMf/Fbt9kckh/7z8v4+n+sAYjaXs5dWxaf0lXF3X5sBYyK/03ULC1t
FJ1MVUAvZulSv0eYgidoIPJFr9alCGV//z0onf5c3tmCULgCzu2cgikHU0e/IIqR
9xkx++ClDPyEViI7hlWOK3jCwsqCm9FHR5L5gApBVz77D1yGyvkkb+2lVFb5G+mA
3Cw0w2qHtumlbdEw4+wFl+DZjsyR7c8X4Zi7s+N3p+7woS3xMxLjqu3AfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZzxk3AUbiy18O3gB5aSC1daEk6MB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvMW5QR1RjQlJ1TExYdzdlQUhscElMVjFvU1RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1Y6GMA0G
CSqGSIb3DQEBCwUAA4IBAQA8gZ9WsgGjR5hokfMUCNiWpArqLo+VadC69AVBRFBI
WW0fAhcRwpyr1YFdJnEjpcGqxF76Wrpd7hssfvW/Ofl+9p641ScflPqNClLo2za/
UosflJCfdoVkHQZYuQW/tnHzFtpEZ5MpPnTdQ4Hd5IISOdegZhJHnse/Hw8btB6l
wKGptK7Nj/6FcNxpe+JGOUzfG2MNjP+NtpyioLFYlnyh626pPuVR2G9AJlhYBEh4
H7Joe8Nx8iA6TNCGvKDkKyURzXFnpbQiJDJBcw++PuN99jUsE/BG0iCM2eG4zBgO
crYrBUs8JDgMIYRL6t+ofPWA4LliVrf5xDuNUMczezsi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:38 2024 by rpki-client on console-ams.rpki-client.org