Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/6ab93e-8563-4606-b19e-8c003c4a5456/1/45cvmYdE8rUSN9elOE4ouFFXVMs.roa
File:                     45cvmYdE8rUSN9elOE4ouFFXVMs.roa (raw, json)
Hash identifier:          jgo1f2c7/W8uTMKQIlQBIB15ejtcCzOE6UdyMuiFAf0=
Subject key identifier:   E3:97:2F:99:87:44:F2:B5:12:37:D7:A5:38:4E:28:B8:51:57:54:CB
Certificate issuer:       /CN=2389341e10e6b021fa847f555e5603def85d2c2b
Certificate serial:       01861752D42E9237BA09FCD98570B7C9AF39
Authority key identifier: 23:89:34:1E:10:E6:B0:21:FA:84:7F:55:5E:56:03:DE:F8:5D:2C:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I4k0HhDmsCH6hH9VXlYD3vhdLCs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/6ab93e-8563-4606-b19e-8c003c4a5456/1/45cvmYdE8rUSN9elOE4ouFFXVMs.roa
Signing time:             Fri 03 Feb 2023 12:49:09 +0000
ROA not before:           Fri 03 Feb 2023 12:49:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200091
IP address blocks:        2a13:ae00::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:17:52:d4:2e:92:37:ba:09:fc:d9:85:70:b7:c9:af:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2389341e10e6b021fa847f555e5603def85d2c2b
        Validity
            Not Before: Feb  3 12:49:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e3972f998744f2b51237d7a5384e28b8515754cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:ff:8a:b6:bc:d4:ee:06:07:d4:b4:b4:38:95:
                    11:12:25:c2:23:3d:be:90:c5:af:96:c6:9b:9e:57:
                    37:02:7c:c1:da:d8:06:24:eb:6e:23:a5:6f:c0:00:
                    c9:a7:56:ec:1a:3b:ac:81:c7:8d:b9:25:29:3e:2d:
                    26:69:c4:d6:38:1b:7e:eb:57:1f:25:4b:39:ce:51:
                    6f:96:1f:4f:6d:70:a6:f6:9e:3d:e6:12:2a:20:b3:
                    83:f3:cf:5f:11:57:5c:ab:62:ae:8f:0f:46:b0:cd:
                    cb:79:5a:c7:51:90:0c:ab:4d:61:51:42:c5:84:68:
                    69:3f:e3:0c:ba:de:3a:5b:65:97:ac:88:c5:b0:35:
                    39:ee:35:fc:1f:d7:e9:99:7f:72:94:bd:12:79:41:
                    b9:bc:f6:b7:7c:d9:46:fa:24:aa:72:43:43:d0:3b:
                    ba:d7:bb:e1:74:1f:0a:29:1c:e6:23:d1:18:05:a2:
                    f8:18:b5:c4:90:82:01:f4:26:a1:d0:40:4f:3a:15:
                    82:8f:61:fb:80:6d:23:62:89:a2:bb:9d:44:39:6c:
                    0a:88:e4:9d:cb:d6:eb:5d:48:dd:8f:ff:22:71:05:
                    74:5b:ed:1b:d8:bf:fc:c7:5b:be:a9:4a:a1:bb:04:
                    bb:05:ca:98:a9:fa:87:a4:13:7e:14:ae:f0:38:4b:
                    5f:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:97:2F:99:87:44:F2:B5:12:37:D7:A5:38:4E:28:B8:51:57:54:CB
            X509v3 Authority Key Identifier:
                keyid:23:89:34:1E:10:E6:B0:21:FA:84:7F:55:5E:56:03:DE:F8:5D:2C:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I4k0HhDmsCH6hH9VXlYD3vhdLCs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/6ab93e-8563-4606-b19e-8c003c4a5456/1/45cvmYdE8rUSN9elOE4ouFFXVMs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/6ab93e-8563-4606-b19e-8c003c4a5456/1/I4k0HhDmsCH6hH9VXlYD3vhdLCs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:ae00::/29

    Signature Algorithm: sha256WithRSAEncryption
         a1:a6:3b:58:00:8d:18:99:b5:9c:31:51:eb:0f:14:86:e3:0e:
         70:7f:34:01:9c:66:81:b9:4d:cd:12:0e:6f:b3:c5:f3:f6:23:
         df:df:e8:71:9a:f9:70:93:e5:92:b6:fe:ac:6d:95:49:cd:f9:
         e8:73:cd:de:dc:8f:c9:c8:2f:b0:b5:fc:65:a2:5a:25:f3:b2:
         66:f7:d9:a2:dd:9e:16:94:46:60:d7:13:d1:48:55:fe:4e:28:
         b4:83:6a:d7:6a:b8:a9:e7:c9:0e:01:9f:b3:34:48:cf:3e:a6:
         38:57:65:1e:3e:9e:dc:95:5e:8a:da:86:1e:44:7a:0f:4b:9a:
         95:e7:a0:91:98:33:d5:f7:e6:cc:08:a9:e4:b0:a3:b8:92:ca:
         3a:0a:ab:81:b9:ae:78:19:c2:88:14:66:0b:af:21:de:f8:bd:
         06:5f:3d:16:6c:b6:d0:c6:86:fc:03:79:ca:2c:e3:36:f1:f3:
         fb:f6:2a:75:d7:1d:99:5c:6b:57:3e:e9:32:3f:ee:59:3d:2c:
         8d:9a:0a:db:2f:b5:e1:6f:d0:21:18:cb:45:ba:99:be:05:db:
         41:72:55:15:36:11:89:1b:98:92:ab:18:76:c1:a3:c0:13:39:
         85:3a:59:ca:19:15:00:7e:ec:1b:5a:3e:d8:c7:bb:3a:56:b2:
         a2:c7:d6:7d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYYXUtQukje6CfzZhXC3ya85MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzODkzNDFlMTBlNmIwMjFmYTg0N2Y1NTVlNTYwM2RlZjg1
ZDJjMmIwHhcNMjMwMjAzMTI0OTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzk3MmY5OTg3NDRmMmI1MTIzN2Q3YTUzODRlMjhiODUxNTc1NGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/+KtrzU7gYH1LS0OJUREiXCIz2+
kMWvlsabnlc3AnzB2tgGJOtuI6VvwADJp1bsGjusgceNuSUpPi0macTWOBt+61cf
JUs5zlFvlh9PbXCm9p495hIqILOD889fEVdcq2Kujw9GsM3LeVrHUZAMq01hUULF
hGhpP+MMut46W2WXrIjFsDU57jX8H9fpmX9ylL0SeUG5vPa3fNlG+iSqckND0Du6
17vhdB8KKRzmI9EYBaL4GLXEkIIB9Cah0EBPOhWCj2H7gG0jYomiu51EOWwKiOSd
y9brXUjdj/8icQV0W+0b2L/8x1u+qUqhuwS7BcqYqfqHpBN+FK7wOEtf+wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOOXL5mHRPK1EjfXpThOKLhRV1TLMB8GA1UdIwQY
MBaAFCOJNB4Q5rAh+oR/VV5WA974XSwrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTRrMEhoRG1zQ0g2aEg5VlhsWUQzdmhkTENzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC82YWI5M2UtODU2My00NjA2LWIxOWUt
OGMwMDNjNGE1NDU2LzEvNDVjdm1ZZEU4clVTTjllbE9FNG91RkZYVk1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC82YWI5M2UtODU2My00NjA2LWIxOWUtOGMwMDNjNGE1NDU2
LzEvSTRrMEhoRG1zQ0g2aEg5VlhsWUQzdmhkTENzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhOuADAN
BgkqhkiG9w0BAQsFAAOCAQEAoaY7WACNGJm1nDFR6w8UhuMOcH80AZxmgblNzRIO
b7PF8/Yj39/ocZr5cJPlkrb+rG2VSc356HPN3tyPycgvsLX8ZaJaJfOyZvfZot2e
FpRGYNcT0UhV/k4otINq12q4qefJDgGfszRIzz6mOFdlHj6e3JVeitqGHkR6D0ua
leegkZgz1ffmzAip5LCjuJLKOgqrgbmueBnCiBRmC68h3vi9Bl89Fmy20MaG/AN5
yizjNvHz+/YqddcdmVxrVz7pMj/uWT0sjZoK2y+14W/QIRjLRbqZvgXbQXJVFTYR
iRuYkqsYdsGjwBM5hTpZyhkVAH7sG1o+2Me7OlayosfWfQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:47 2024 by rpki-client on console-fra.rpki-client.org