Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/Ud5i6suY_GtkQsMks1yjZHB4mME.roa
File:                     Ud5i6suY_GtkQsMks1yjZHB4mME.roa (raw, json)
Hash identifier:          8RX+T05DsPromj0fMlstap6ALaa/IXxCz3dOylcp+VI=
Subject key identifier:   51:DE:62:EA:CB:98:FC:6B:64:42:C3:24:B3:5C:A3:64:70:78:98:C1
Certificate issuer:       /CN=7d965ea6b39c22aec2ad2d4d4c0a3a313df1defa
Certificate serial:       0185CA2AF6328FC05A4A489BD1111C424CFF
Authority key identifier: 7D:96:5E:A6:B3:9C:22:AE:C2:AD:2D:4D:4C:0A:3A:31:3D:F1:DE:FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fZZeprOcIq7CrS1NTAo6MT3x3vo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/Ud5i6suY_GtkQsMks1yjZHB4mME.roa
Signing time:             Thu 19 Jan 2023 13:14:51 +0000
ROA not before:           Thu 19 Jan 2023 13:14:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207175
IP address blocks:        2a13:79c0:ff00::/40 maxlen: 40

Validation:               Failed, certificate revoked on Thu 02 Feb 2023 11:43:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:ca:2a:f6:32:8f:c0:5a:4a:48:9b:d1:11:1c:42:4c:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d965ea6b39c22aec2ad2d4d4c0a3a313df1defa
        Validity
            Not Before: Jan 19 13:14:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=51de62eacb98fc6b6442c324b35ca364707898c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:75:2e:78:39:b6:49:ca:52:9f:0b:58:f8:87:
                    66:16:17:0b:15:27:a6:35:a3:3f:96:e6:d7:6f:e4:
                    21:fc:36:9d:36:69:aa:ae:67:a0:2b:15:6d:d9:2e:
                    96:ac:40:21:d3:16:df:c5:71:86:fa:3e:e7:a1:cb:
                    cd:93:c9:78:d4:ef:19:62:32:a6:7e:01:7a:60:fb:
                    8a:55:28:ca:31:ee:8d:1e:f4:72:8e:f3:40:59:59:
                    f0:e2:bd:c8:0d:d2:fb:e5:b7:2c:32:59:3f:4e:97:
                    e2:17:d9:f1:62:bb:10:f2:49:d5:ed:22:1a:b4:02:
                    39:0d:cf:62:28:dc:d7:ab:f9:8b:21:d1:be:17:2d:
                    62:b3:6b:08:41:fe:0f:4b:24:6e:0b:a9:9b:d6:e0:
                    cc:e7:84:3a:b8:88:86:16:eb:ee:ce:f3:16:13:ca:
                    33:6d:46:48:4d:94:13:cd:ca:cb:14:83:e7:39:9e:
                    8a:a2:ae:d6:c7:63:9d:9d:cb:f7:c9:37:d4:ba:a7:
                    66:a1:df:9a:72:12:8e:53:67:fe:73:e2:61:2a:35:
                    2e:f2:5d:7a:f1:c5:ea:a0:0b:30:02:d3:bc:56:80:
                    17:83:8f:67:d7:b9:b4:24:79:16:f8:77:29:a5:55:
                    14:26:0b:8a:53:37:aa:0b:92:99:3f:99:93:42:93:
                    46:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:DE:62:EA:CB:98:FC:6B:64:42:C3:24:B3:5C:A3:64:70:78:98:C1
            X509v3 Authority Key Identifier:
                keyid:7D:96:5E:A6:B3:9C:22:AE:C2:AD:2D:4D:4C:0A:3A:31:3D:F1:DE:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fZZeprOcIq7CrS1NTAo6MT3x3vo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/Ud5i6suY_GtkQsMks1yjZHB4mME.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/fZZeprOcIq7CrS1NTAo6MT3x3vo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:79c0:ff00::/40

    Signature Algorithm: sha256WithRSAEncryption
         a1:0c:e0:c0:fb:44:f7:4f:67:ab:6b:ff:84:d8:64:ec:87:1d:
         82:ed:a9:98:67:cd:24:a0:e2:a4:c5:ca:53:6f:eb:3d:03:41:
         f6:18:8b:9d:87:60:2d:77:7d:52:04:53:73:9f:bd:cc:05:0c:
         8a:b0:fc:ec:b3:49:e2:f2:17:41:80:36:75:3a:23:5d:8e:c5:
         ff:1a:cb:b4:3a:a0:98:31:67:7d:f0:c0:45:89:ed:c9:00:b4:
         cd:d5:34:23:df:d8:0f:4a:65:ee:16:0c:64:84:5f:70:31:0f:
         52:e4:22:3b:e4:78:2e:9b:ff:16:68:9c:90:76:03:d0:a7:33:
         18:46:43:4a:fe:f7:af:e4:e1:68:37:84:c1:74:25:84:03:77:
         17:32:a8:b6:b7:61:2f:b2:e1:db:44:e3:c2:a7:c7:19:19:d6:
         55:01:c2:c1:ed:fa:c0:a1:4a:92:4c:41:f9:6a:10:ef:f8:85:
         a1:5e:f5:34:d3:b3:63:70:ed:eb:76:84:6c:3c:38:8f:95:64:
         67:be:44:d8:7f:44:38:d0:1a:e3:de:33:88:67:0e:8a:a5:50:
         80:55:03:3c:d1:f5:41:68:6f:bc:ae:72:f7:02:b7:21:df:ff:
         44:dc:16:4b:5b:4e:ae:fc:c1:6a:ba:d9:4b:da:5c:75:8a:8c:
         14:bd:9c:ce
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYXKKvYyj8BaSkib0REcQkz/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkOTY1ZWE2YjM5YzIyYWVjMmFkMmQ0ZDRjMGEzYTMxM2Rm
MWRlZmEwHhcNMjMwMTE5MTMxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWRlNjJlYWNiOThmYzZiNjQ0MmMzMjRiMzVjYTM2NDcwNzg5OGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnUueDm2ScpSnwtY+IdmFhcLFSem
NaM/lubXb+Qh/DadNmmqrmegKxVt2S6WrEAh0xbfxXGG+j7nocvNk8l41O8ZYjKm
fgF6YPuKVSjKMe6NHvRyjvNAWVnw4r3IDdL75bcsMlk/TpfiF9nxYrsQ8knV7SIa
tAI5Dc9iKNzXq/mLIdG+Fy1is2sIQf4PSyRuC6mb1uDM54Q6uIiGFuvuzvMWE8oz
bUZITZQTzcrLFIPnOZ6Koq7Wx2Odncv3yTfUuqdmod+achKOU2f+c+JhKjUu8l16
8cXqoAswAtO8VoAXg49n17m0JHkW+HcppVUUJguKUzeqC5KZP5mTQpNG2QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFHeYurLmPxrZELDJLNco2RweJjBMB8GA1UdIwQY
MBaAFH2WXqaznCKuwq0tTUwKOjE98d76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlpaZXByT2NJcTdDclMxTlRBbzZNVDN4M3ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kYmIyMmItMmExYS00NzYyLWEwZjct
MzJmNWE5NTA3NzMxLzEvVWQ1aTZzdVlfR3RrUXNNa3MxeWpaSEI0bU1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kYmIyMmItMmExYS00NzYyLWEwZjctMzJmNWE5NTA3NzMx
LzEvZlpaZXByT2NJcTdDclMxTlRBbzZNVDN4M3ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhN5wP8w
DQYJKoZIhvcNAQELBQADggEBAKEM4MD7RPdPZ6tr/4TYZOyHHYLtqZhnzSSg4qTF
ylNv6z0DQfYYi52HYC13fVIEU3OfvcwFDIqw/OyzSeLyF0GANnU6I12Oxf8ay7Q6
oJgxZ33wwEWJ7ckAtM3VNCPf2A9KZe4WDGSEX3AxD1LkIjvkeC6b/xZonJB2A9Cn
MxhGQ0r+96/k4Wg3hMF0JYQDdxcyqLa3YS+y4dtE48KnxxkZ1lUBwsHt+sChSpJM
QflqEO/4haFe9TTTs2Nw7et2hGw8OI+VZGe+RNh/RDjQGuPeM4hnDoqlUIBVAzzR
9UFob7yucvcCtyHf/0TcFktbTq78wWq62UvaXHWKjBS9nM4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:37 2024 by rpki-client on console-fra.rpki-client.org