Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/UCzxG4VimJ2qgcBD5J7xzx1s6lw.roa
File:                     UCzxG4VimJ2qgcBD5J7xzx1s6lw.roa (raw, json)
Hash identifier:          fj8ZR3ZeK0mKHr01B35/XuOXZTXEGdLcbi5P9G3w1B0=
Subject key identifier:   50:2C:F1:1B:85:62:98:9D:AA:81:C0:43:E4:9E:F1:CF:1D:6C:EA:5C
Certificate issuer:       /CN=7d965ea6b39c22aec2ad2d4d4c0a3a313df1defa
Certificate serial:       018611F044EF9D8E46DC0B44691E2458DA05
Authority key identifier: 7D:96:5E:A6:B3:9C:22:AE:C2:AD:2D:4D:4C:0A:3A:31:3D:F1:DE:FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fZZeprOcIq7CrS1NTAo6MT3x3vo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/UCzxG4VimJ2qgcBD5J7xzx1s6lw.roa
Signing time:             Thu 02 Feb 2023 11:43:24 +0000
ROA not before:           Thu 02 Feb 2023 11:43:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207175
IP address blocks:        2a13:79c0:ff00::/40 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:11:f0:44:ef:9d:8e:46:dc:0b:44:69:1e:24:58:da:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d965ea6b39c22aec2ad2d4d4c0a3a313df1defa
        Validity
            Not Before: Feb  2 11:43:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=502cf11b8562989daa81c043e49ef1cf1d6cea5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:49:89:0c:c2:6c:a7:41:89:98:7e:6a:eb:5d:
                    3d:5f:97:bd:6a:84:66:fc:41:d8:d4:38:b9:3f:43:
                    62:dc:23:72:fb:ef:5d:b7:b8:32:b2:1a:95:8a:8c:
                    4f:d4:89:98:d9:4d:db:9c:9a:c3:25:f4:32:e1:b7:
                    ab:b7:b3:79:fc:e0:cc:59:90:c2:c5:34:5a:30:51:
                    bf:25:d4:92:99:b0:3e:f3:fd:58:75:37:e0:e9:d4:
                    6c:37:49:00:ad:07:c9:59:5d:97:ca:4e:76:7f:54:
                    9e:01:fb:04:db:40:38:96:d7:19:80:dc:60:a7:0f:
                    36:40:1b:f6:d0:03:9e:88:4f:b3:8a:6d:eb:34:b9:
                    6c:22:79:1b:a7:70:b2:49:f4:de:3b:07:96:1c:21:
                    18:d7:91:fd:16:71:ca:b2:53:86:54:2b:3d:08:75:
                    15:60:f2:03:3f:d4:35:7c:b3:cd:f5:6c:f0:a8:ad:
                    a5:2e:28:3e:2e:69:fb:46:e2:b4:69:ba:69:01:9a:
                    0d:ed:b4:1b:7f:22:3e:bb:1f:03:f7:50:a2:7b:7e:
                    d4:de:53:f9:62:26:70:c7:95:22:69:33:28:84:cd:
                    51:0b:b6:9d:39:c7:b5:49:3e:13:c7:d4:f2:27:fd:
                    2e:83:34:2d:08:ac:10:60:ce:00:20:3b:09:76:16:
                    fb:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:2C:F1:1B:85:62:98:9D:AA:81:C0:43:E4:9E:F1:CF:1D:6C:EA:5C
            X509v3 Authority Key Identifier:
                keyid:7D:96:5E:A6:B3:9C:22:AE:C2:AD:2D:4D:4C:0A:3A:31:3D:F1:DE:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fZZeprOcIq7CrS1NTAo6MT3x3vo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/UCzxG4VimJ2qgcBD5J7xzx1s6lw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/fZZeprOcIq7CrS1NTAo6MT3x3vo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:79c0:ff00::/40

    Signature Algorithm: sha256WithRSAEncryption
         62:1e:26:fc:29:96:90:83:55:34:86:1d:b5:da:f0:f7:23:31:
         17:a8:9d:e0:a2:a3:cb:b5:1e:cd:5e:df:6c:1c:60:c7:68:74:
         de:71:42:56:d0:da:82:00:d9:63:c5:ec:3a:4d:ca:28:96:9d:
         9e:b4:21:10:8f:e1:fe:44:42:2a:0f:41:4b:3d:61:0f:e1:7b:
         06:2d:97:12:e8:43:86:9c:77:1e:8b:90:65:c7:a0:6a:1e:c5:
         7c:55:c1:ff:41:99:a4:36:e9:cf:8c:5e:da:0d:df:f1:dc:29:
         e1:65:68:53:d6:7f:67:47:41:93:59:a1:2c:0a:06:67:73:3d:
         0a:86:ed:b4:9c:ca:f1:ee:84:ca:31:b9:5b:c4:dd:1a:d2:05:
         36:0c:02:47:ec:35:5d:a5:a1:49:b6:7e:0b:09:cf:73:11:b4:
         2c:c2:f0:e9:f5:09:49:f2:7b:bf:63:af:ad:15:c4:8d:43:52:
         2d:35:73:b3:57:cb:ef:f4:21:74:1c:54:94:8e:55:b5:93:c3:
         6a:75:8d:d7:a7:d3:14:17:30:6d:57:9a:7b:14:ab:03:94:b6:
         36:37:93:d6:8c:ce:30:4c:76:74:dc:d0:00:ca:bb:48:49:9e:
         1c:93:c4:17:72:c5:bd:74:67:73:78:77:aa:7e:8d:1c:f3:eb:
         d9:89:f3:ab
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYYR8ETvnY5G3AtEaR4kWNoFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkOTY1ZWE2YjM5YzIyYWVjMmFkMmQ0ZDRjMGEzYTMxM2Rm
MWRlZmEwHhcNMjMwMjAyMTE0MzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDJjZjExYjg1NjI5ODlkYWE4MWMwNDNlNDllZjFjZjFkNmNlYTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEmJDMJsp0GJmH5q6109X5e9aoRm
/EHY1Di5P0Ni3CNy++9dt7gyshqVioxP1ImY2U3bnJrDJfQy4bert7N5/ODMWZDC
xTRaMFG/JdSSmbA+8/1YdTfg6dRsN0kArQfJWV2Xyk52f1SeAfsE20A4ltcZgNxg
pw82QBv20AOeiE+zim3rNLlsInkbp3CySfTeOweWHCEY15H9FnHKslOGVCs9CHUV
YPIDP9Q1fLPN9WzwqK2lLig+Lmn7RuK0abppAZoN7bQbfyI+ux8D91Cie37U3lP5
YiZwx5UiaTMohM1RC7adOce1ST4Tx9TyJ/0ugzQtCKwQYM4AIDsJdhb79QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFAs8RuFYpidqoHAQ+Se8c8dbOpcMB8GA1UdIwQY
MBaAFH2WXqaznCKuwq0tTUwKOjE98d76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlpaZXByT2NJcTdDclMxTlRBbzZNVDN4M3ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kYmIyMmItMmExYS00NzYyLWEwZjct
MzJmNWE5NTA3NzMxLzEvVUN6eEc0VmltSjJxZ2NCRDVKN3h6eDFzNmx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kYmIyMmItMmExYS00NzYyLWEwZjctMzJmNWE5NTA3NzMx
LzEvZlpaZXByT2NJcTdDclMxTlRBbzZNVDN4M3ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhN5wP8w
DQYJKoZIhvcNAQELBQADggEBAGIeJvwplpCDVTSGHbXa8PcjMReoneCio8u1Hs1e
32wcYMdodN5xQlbQ2oIA2WPF7DpNyiiWnZ60IRCP4f5EQioPQUs9YQ/hewYtlxLo
Q4acdx6LkGXHoGoexXxVwf9BmaQ26c+MXtoN3/HcKeFlaFPWf2dHQZNZoSwKBmdz
PQqG7bScyvHuhMoxuVvE3RrSBTYMAkfsNV2loUm2fgsJz3MRtCzC8On1CUnye79j
r60VxI1DUi01c7NXy+/0IXQcVJSOVbWTw2p1jden0xQXMG1XmnsUqwOUtjY3k9aM
zjBMdnTc0ADKu0hJnhyTxBdyxb10Z3N4d6p+jRzz69mJ86s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:43 2024 by rpki-client on console-ams.rpki-client.org