Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/6e9804-8a07-4238-b9d1-1fa522a05795/1/9G3tuyL06n5MGe8UqUCr8kA3ut8.roa
File:                     9G3tuyL06n5MGe8UqUCr8kA3ut8.roa (raw, json)
Hash identifier:          AKyLJv1/vvKZSaN8iBgrsaU7/Q06abkiXXwZNSB6kGM=
Subject key identifier:   F4:6D:ED:BB:22:F4:EA:7E:4C:19:EF:14:A9:40:AB:F2:40:37:BA:DF
Certificate issuer:       /CN=4b53f9567f6d6ad89412c0515f74647612dce04a
Certificate serial:       018CC2DB501E5A211C527DE3354015BAA2DD
Authority key identifier: 4B:53:F9:56:7F:6D:6A:D8:94:12:C0:51:5F:74:64:76:12:DC:E0:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S1P5Vn9tatiUEsBRX3RkdhLc4Eo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/6e9804-8a07-4238-b9d1-1fa522a05795/1/9G3tuyL06n5MGe8UqUCr8kA3ut8.roa
Signing time:             Mon 01 Jan 2024 02:30:01 +0000
ROA not before:           Mon 01 Jan 2024 02:30:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     213320
IP address blocks:        2a13:8a00::/29 maxlen: 29

Validation:               Failed, certificate revoked on Thu 11 Jan 2024 11:13:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:db:50:1e:5a:21:1c:52:7d:e3:35:40:15:ba:a2:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b53f9567f6d6ad89412c0515f74647612dce04a
        Validity
            Not Before: Jan  1 02:30:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f46dedbb22f4ea7e4c19ef14a940abf24037badf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:0a:1e:09:e8:b8:36:ca:48:85:32:d6:94:08:
                    65:6f:a6:a1:84:e2:ca:ef:0e:01:3a:02:fc:90:9f:
                    47:8d:5f:c9:e2:75:8f:2a:ed:4a:95:93:48:0f:f6:
                    a3:1e:8a:31:28:c6:49:07:01:dc:97:14:d3:65:17:
                    ad:69:a2:96:4c:3f:4f:4b:5b:e3:6e:99:61:c8:22:
                    57:b4:f5:7f:cd:bd:5a:c1:5b:37:92:a4:5f:b6:8b:
                    fc:09:c3:19:60:54:79:5f:7f:a4:b1:2d:46:cc:0f:
                    ad:e7:ac:79:db:25:50:ea:55:a7:eb:b0:b3:40:64:
                    d2:d2:b9:af:ca:eb:f6:5a:fa:d4:cd:d5:87:8d:22:
                    fb:3c:97:89:c4:ea:48:8a:bb:4f:9d:25:5c:78:2a:
                    c1:6e:78:8c:30:73:90:8e:19:b7:79:7a:19:9c:e7:
                    ab:21:2a:fd:d4:81:ac:bc:30:42:cf:6b:f1:43:f8:
                    72:44:92:bc:5e:94:b4:c4:fc:68:7e:0a:59:2d:36:
                    51:33:0c:4a:4a:35:b9:d6:cd:51:92:fe:06:87:a6:
                    ae:46:e0:20:bd:4f:fc:26:11:3c:7c:eb:10:1b:ea:
                    88:00:17:9f:91:0c:3d:be:6a:0d:70:0e:2a:53:dc:
                    db:58:ec:a1:23:ac:8b:5a:62:1e:b0:43:84:00:06:
                    d2:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:6D:ED:BB:22:F4:EA:7E:4C:19:EF:14:A9:40:AB:F2:40:37:BA:DF
            X509v3 Authority Key Identifier:
                keyid:4B:53:F9:56:7F:6D:6A:D8:94:12:C0:51:5F:74:64:76:12:DC:E0:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1P5Vn9tatiUEsBRX3RkdhLc4Eo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/6e9804-8a07-4238-b9d1-1fa522a05795/1/9G3tuyL06n5MGe8UqUCr8kA3ut8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/6e9804-8a07-4238-b9d1-1fa522a05795/1/S1P5Vn9tatiUEsBRX3RkdhLc4Eo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:8a00::/29

    Signature Algorithm: sha256WithRSAEncryption
         6e:13:f2:da:a7:0a:a1:a3:b3:44:69:60:e3:76:07:d1:30:25:
         65:13:72:d8:d2:3a:01:96:2f:f6:fa:60:a5:25:e7:1d:b5:6c:
         0d:d6:28:f1:4d:95:5b:ff:97:26:52:4c:5e:5c:24:dc:41:9d:
         44:df:1f:dd:66:49:f3:a3:1a:fa:dd:0a:f1:5b:4c:f5:8e:04:
         62:2e:6f:f7:2f:2c:05:a9:a7:f0:b7:74:14:40:0e:bc:82:46:
         6e:53:7a:c6:ba:b8:d7:04:46:9a:1b:c7:de:04:c2:99:0b:d7:
         1e:78:5d:22:c8:2e:f8:17:ce:e4:50:34:e8:5f:68:de:e1:0c:
         47:71:f9:bd:3e:3a:18:ee:cf:55:fe:9a:a7:42:ad:b2:d9:1d:
         ac:f3:06:16:97:fd:49:b3:f8:a3:78:d6:63:69:f5:3c:24:df:
         4e:50:ba:65:b1:96:52:0b:b1:53:f4:5f:c0:4c:ba:42:38:5a:
         ab:eb:5a:d0:39:bc:48:18:66:6a:35:b9:b8:0e:1e:0f:cf:95:
         9a:b2:f7:43:d2:f9:94:f5:b6:4b:45:c0:cc:ee:6e:d9:69:2b:
         16:a5:a8:61:d3:4b:c4:d1:c4:55:12:a4:e5:28:fd:8c:ea:73:
         94:a9:f7:f8:ac:b8:1f:69:18:a5:77:61:7a:30:00:e5:c0:8a:
         24:20:62:56
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzC21AeWiEcUn3jNUAVuqLdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTNmOTU2N2Y2ZDZhZDg5NDEyYzA1MTVmNzQ2NDc2MTJk
Y2UwNGEwHhcNMjQwMTAxMDIzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDZkZWRiYjIyZjRlYTdlNGMxOWVmMTRhOTQwYWJmMjQwMzdiYWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwoeCei4NspIhTLWlAhlb6ahhOLK
7w4BOgL8kJ9HjV/J4nWPKu1KlZNID/ajHooxKMZJBwHclxTTZRetaaKWTD9PS1vj
bplhyCJXtPV/zb1awVs3kqRftov8CcMZYFR5X3+ksS1GzA+t56x52yVQ6lWn67Cz
QGTS0rmvyuv2WvrUzdWHjSL7PJeJxOpIirtPnSVceCrBbniMMHOQjhm3eXoZnOer
ISr91IGsvDBCz2vxQ/hyRJK8XpS0xPxofgpZLTZRMwxKSjW51s1Rkv4Gh6auRuAg
vU/8JhE8fOsQG+qIABefkQw9vmoNcA4qU9zbWOyhI6yLWmIesEOEAAbS8QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPRt7bsi9Op+TBnvFKlAq/JAN7rfMB8GA1UdIwQY
MBaAFEtT+VZ/bWrYlBLAUV90ZHYS3OBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFQNVZuOXRhdGlVRXNCUlgzUmtkaExjNEVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS82ZTk4MDQtOGEwNy00MjM4LWI5ZDEt
MWZhNTIyYTA1Nzk1LzEvOUczdHV5TDA2bjVNR2U4VXFVQ3I4a0EzdXQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS82ZTk4MDQtOGEwNy00MjM4LWI5ZDEtMWZhNTIyYTA1Nzk1
LzEvUzFQNVZuOXRhdGlVRXNCUlgzUmtkaExjNEVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhOKADAN
BgkqhkiG9w0BAQsFAAOCAQEAbhPy2qcKoaOzRGlg43YH0TAlZRNy2NI6AZYv9vpg
pSXnHbVsDdYo8U2VW/+XJlJMXlwk3EGdRN8f3WZJ86Ma+t0K8VtM9Y4EYi5v9y8s
Bamn8Ld0FEAOvIJGblN6xrq41wRGmhvH3gTCmQvXHnhdIsgu+BfO5FA06F9o3uEM
R3H5vT46GO7PVf6ap0KtstkdrPMGFpf9SbP4o3jWY2n1PCTfTlC6ZbGWUguxU/Rf
wEy6Qjhaq+ta0Dm8SBhmajW5uA4eD8+VmrL3Q9L5lPW2S0XAzO5u2WkrFqWoYdNL
xNHEVRKk5Sj9jOpzlKn3+Ky4H2kYpXdhejAA5cCKJCBiVg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:39 2024 by rpki-client on console-ams.rpki-client.org