Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/quhbcg1BQC2MQjxBof0dbs2z5ag.roa
File:                     quhbcg1BQC2MQjxBof0dbs2z5ag.roa (raw, json)
Hash identifier:          1+vmLisxL1CQt67VmAC/Lrceh7wIohVwVdc0ERgVidA=
Subject key identifier:   AA:E8:5B:72:0D:41:40:2D:8C:42:3C:41:A1:FD:1D:6E:CD:B3:E5:A8
Certificate issuer:       /CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Certificate serial:       018579CB44567DEEBA53CD5356D140958B1D
Authority key identifier: 36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/quhbcg1BQC2MQjxBof0dbs2z5ag.roa
Signing time:             Tue 03 Jan 2023 22:40:42 +0000
ROA not before:           Tue 03 Jan 2023 22:40:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7018
IP address blocks:        2a13:3f80::/32 maxlen: 32

Validation:               Failed, certificate revoked on Sat 11 Mar 2023 12:12:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:79:cb:44:56:7d:ee:ba:53:cd:53:56:d1:40:95:8b:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
        Validity
            Not Before: Jan  3 22:40:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aae85b720d41402d8c423c41a1fd1d6ecdb3e5a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:16:c8:66:6e:59:0d:d4:67:55:16:b4:d9:55:
                    87:54:0f:05:ed:69:e0:32:7f:a2:9e:ea:53:1c:9a:
                    df:84:9e:3e:7f:d5:c8:4e:a6:70:1a:d1:c6:c8:87:
                    14:2d:24:b4:85:aa:bd:f9:3b:07:17:4b:c5:ff:2c:
                    e4:cb:d3:4d:5e:91:d8:10:6a:63:4b:8a:55:40:7c:
                    95:85:c2:e8:21:20:a5:95:7c:98:53:22:fa:bf:51:
                    bc:a5:87:56:a6:d9:62:3f:2f:41:de:be:de:d2:a6:
                    34:00:a5:e8:39:a6:cb:59:91:38:87:42:10:12:52:
                    44:e8:8f:b2:e9:97:3d:2a:3d:09:ac:8c:49:42:7f:
                    67:3f:b5:09:5c:59:98:b2:da:0a:4a:10:69:b1:10:
                    5a:9f:dc:e2:7c:cf:eb:fc:3a:ca:e9:2e:ee:1a:ee:
                    5d:f0:1a:16:f8:4d:e0:36:5f:03:48:8a:4c:ca:48:
                    05:f6:3c:9e:8e:06:e2:16:ab:0d:d1:6a:08:fa:5d:
                    e6:97:59:ec:3e:71:e4:e4:2c:cb:b5:e3:dd:4b:1c:
                    f2:93:e3:f4:08:a5:00:f8:be:b9:6f:bf:10:14:bb:
                    0e:34:8e:63:55:ee:7e:c6:c7:96:52:6e:0c:82:3e:
                    9e:9a:42:c4:0b:1b:31:b8:93:c7:97:30:e1:c5:ff:
                    7d:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:E8:5B:72:0D:41:40:2D:8C:42:3C:41:A1:FD:1D:6E:CD:B3:E5:A8
            X509v3 Authority Key Identifier:
                keyid:36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/quhbcg1BQC2MQjxBof0dbs2z5ag.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:3f80::/32

    Signature Algorithm: sha256WithRSAEncryption
         7f:41:c4:7e:2c:86:0a:37:71:55:1d:13:6b:31:60:aa:58:0a:
         8f:51:3b:05:ba:36:5b:b9:52:49:de:f6:12:c0:c3:30:d2:13:
         a4:c6:6b:5e:a0:6c:d3:8b:44:31:fb:59:f3:0f:23:d0:76:e3:
         33:17:c0:76:6f:47:5c:00:7c:ec:ef:dc:69:a6:72:ce:fa:d7:
         f6:ef:82:0b:bd:c4:99:23:98:aa:c5:ba:83:81:c6:3e:23:e2:
         6f:0c:dd:27:77:3f:1d:63:68:a5:12:ee:19:fe:83:bb:77:d0:
         8f:48:c7:f9:dd:44:b7:81:f0:e8:5e:e0:b9:ce:08:29:47:e3:
         b2:52:1c:e4:16:b8:1e:71:37:7a:76:e5:b9:40:90:53:7e:e5:
         72:28:71:49:41:c6:43:91:99:6c:ef:33:6d:bd:e8:db:d2:6c:
         6e:ce:fc:22:7f:ec:76:07:08:34:ed:20:71:a4:57:b3:88:83:
         f1:c9:f9:b1:d2:b7:80:a8:de:07:e1:5b:bc:bb:0a:c9:3d:76:
         38:35:8b:c2:cc:a1:11:dc:02:47:29:2a:ee:1c:c0:10:81:a3:
         90:92:19:c8:81:d7:bd:14:53:0e:fe:3b:44:23:12:be:13:07:
         21:ff:51:95:94:e2:3f:7c:5e:f8:04:14:44:de:6c:12:76:c5:
         23:0f:eb:5c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYV5y0RWfe66U81TVtFAlYsdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjJmYzJmOGFkOGIwMDgzNTdkYmU2ZjAxOTU5NjBjOWRl
NjFiZDUwHhcNMjMwMTAzMjI0MDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWU4NWI3MjBkNDE0MDJkOGM0MjNjNDFhMWZkMWQ2ZWNkYjNlNWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBbIZm5ZDdRnVRa02VWHVA8F7Wng
Mn+inupTHJrfhJ4+f9XITqZwGtHGyIcULSS0haq9+TsHF0vF/yzky9NNXpHYEGpj
S4pVQHyVhcLoISCllXyYUyL6v1G8pYdWptliPy9B3r7e0qY0AKXoOabLWZE4h0IQ
ElJE6I+y6Zc9Kj0JrIxJQn9nP7UJXFmYstoKShBpsRBan9zifM/r/DrK6S7uGu5d
8BoW+E3gNl8DSIpMykgF9jyejgbiFqsN0WoI+l3ml1nsPnHk5CzLtePdSxzyk+P0
CKUA+L65b78QFLsONI5jVe5+xseWUm4Mgj6emkLECxsxuJPHlzDhxf99IwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKroW3INQUAtjEI8QaH9HW7Ns+WoMB8GA1UdIwQY
MBaAFDYi/C+K2LAINX2+bwGVlgyd5hvVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmIt
MDg4MzVkZmY2YzRmLzEvcXVoYmNnMUJRQzJNUWp4Qm9mMGRiczJ6NWFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmItMDg4MzVkZmY2YzRm
LzEvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhM/gDAN
BgkqhkiG9w0BAQsFAAOCAQEAf0HEfiyGCjdxVR0TazFgqlgKj1E7Bbo2W7lSSd72
EsDDMNITpMZrXqBs04tEMftZ8w8j0HbjMxfAdm9HXAB87O/caaZyzvrX9u+CC73E
mSOYqsW6g4HGPiPibwzdJ3c/HWNopRLuGf6Du3fQj0jH+d1Et4Hw6F7guc4IKUfj
slIc5Ba4HnE3enbluUCQU37lcihxSUHGQ5GZbO8zbb3o29Jsbs78In/sdgcINO0g
caRXs4iD8cn5sdK3gKjeB+FbvLsKyT12ODWLwsyhEdwCRykq7hzAEIGjkJIZyIHX
vRRTDv47RCMSvhMHIf9RlZTiP3xe+AQURN5sEnbFIw/rXA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:11 2024 by rpki-client on console-ams.rpki-client.org