Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8W9R4XhwjMWvGVKynEZ0Ku7sxAg.roa
File:                     8W9R4XhwjMWvGVKynEZ0Ku7sxAg.roa (raw, json)
Hash identifier:          g4O6Fvy8mg3Le9gEDhptJgpgm3biNjNPtoL30eyg914=
Subject key identifier:   F1:6F:51:E1:78:70:8C:C5:AF:19:52:B2:9C:46:74:2A:EE:EC:C4:08
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E7FFE7F898061D957739B819E8FCFB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8W9R4XhwjMWvGVKynEZ0Ku7sxAg.roa
Signing time:             Mon 02 Jan 2023 05:15:30 +0000
ROA not before:           Mon 02 Jan 2023 05:15:30 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211284
IP address blocks:        2a0e:b107:13e0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:ff:e7:f8:98:06:1d:95:77:39:b8:19:e8:fc:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:30 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f16f51e178708cc5af1952b29c46742aeeecc408
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:23:e4:a5:a4:3f:e5:c7:fe:a3:20:ef:5a:ad:
                    93:13:79:94:33:79:3a:26:f5:82:e5:83:6e:ab:1a:
                    d5:1c:b4:ac:50:0b:c7:d4:ad:f5:61:8f:58:59:18:
                    90:5d:38:d2:79:e4:cf:1f:45:20:4a:67:12:e3:ce:
                    05:c8:6f:cc:1e:19:9b:0d:fa:51:52:ec:83:0d:a3:
                    18:1d:03:34:0d:af:46:e3:ee:29:d8:51:c6:38:da:
                    3f:b9:8a:05:2c:90:2c:01:63:17:fe:2a:7d:58:27:
                    49:33:19:6f:7e:11:0e:6e:08:d8:b5:5d:44:3e:dc:
                    1b:7e:2c:1d:28:19:65:be:6c:05:db:09:2d:b5:a6:
                    7f:48:35:40:61:fc:c9:bf:78:aa:11:c9:f2:e8:a6:
                    b0:e1:b5:35:e7:c7:44:78:e4:45:5b:e7:f8:61:2f:
                    36:ee:0a:c3:fc:8f:7e:a3:79:46:db:23:08:f9:1c:
                    54:ed:e9:1f:32:49:9e:80:23:21:d0:09:5a:4f:a3:
                    34:91:07:6a:14:5f:2c:27:8f:5c:56:0c:7a:eb:85:
                    85:ee:f1:dc:88:1e:82:ac:ec:3a:0b:da:d0:11:49:
                    e6:2c:d5:0a:96:99:33:85:66:e7:dc:6a:2f:25:2e:
                    6b:3e:23:6b:5d:2b:20:7c:68:cb:80:b4:c2:7d:74:
                    4b:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:6F:51:E1:78:70:8C:C5:AF:19:52:B2:9C:46:74:2A:EE:EC:C4:08
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8W9R4XhwjMWvGVKynEZ0Ku7sxAg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:13e0::/44

    Signature Algorithm: sha256WithRSAEncryption
         cb:51:3c:13:14:c4:6b:78:1a:df:a8:dc:98:93:7f:42:8a:8f:
         1d:3c:f0:1a:96:6d:92:88:32:90:81:c8:0b:63:37:a8:dd:92:
         9d:40:93:6a:b9:1f:04:cc:cc:57:bc:93:85:10:fe:e1:4c:c1:
         31:86:64:6b:67:c6:ef:0d:33:ab:25:98:bc:a7:38:a0:98:93:
         38:96:02:29:e9:8f:f5:71:59:40:11:01:eb:c6:a1:4f:6e:e9:
         4a:62:61:aa:f2:55:2e:b1:5a:38:3e:9d:cb:22:d3:01:6b:fd:
         2a:5f:42:a5:01:c1:49:35:f0:26:01:6d:b4:78:4d:0c:14:f3:
         bf:a9:5d:ee:44:42:52:bd:d2:6a:af:64:e2:d5:87:53:42:5b:
         8a:ea:b5:b6:9b:fc:8c:65:ca:d5:de:69:a6:58:f6:c3:00:d4:
         e5:54:be:1b:bc:aa:9e:f3:d7:c6:66:5c:e3:64:e7:05:62:a2:
         88:c4:4e:dc:92:d8:d1:9c:73:14:8a:ff:42:6d:ac:37:b7:de:
         44:41:32:b8:96:1b:15:9f:e4:67:60:98:3f:93:c7:3c:34:12:
         89:6b:f7:f7:f8:52:71:bc:37:95:55:f2:ca:96:c7:fb:2d:1b:
         af:78:c4:51:b4:93:43:67:13:81:16:85:bf:bc:3c:21:f9:48:
         4d:04:9b:f8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw5//n+JgGHZV3ObgZ6Pz7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTZmNTFlMTc4NzA4Y2M1YWYxOTUyYjI5YzQ2NzQyYWVlZWNjNDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCPkpaQ/5cf+oyDvWq2TE3mUM3k6
JvWC5YNuqxrVHLSsUAvH1K31YY9YWRiQXTjSeeTPH0UgSmcS484FyG/MHhmbDfpR
UuyDDaMYHQM0Da9G4+4p2FHGONo/uYoFLJAsAWMX/ip9WCdJMxlvfhEObgjYtV1E
PtwbfiwdKBllvmwF2wkttaZ/SDVAYfzJv3iqEcny6Kaw4bU158dEeORFW+f4YS82
7grD/I9+o3lG2yMI+RxU7ekfMkmegCMh0AlaT6M0kQdqFF8sJ49cVgx664WF7vHc
iB6CrOw6C9rQEUnmLNUKlpkzhWbn3GovJS5rPiNrXSsgfGjLgLTCfXRLSwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPFvUeF4cIzFrxlSspxGdCru7MQIMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOFc5UjRYaHdqTVd2R1ZLeW5FWjBLdTdzeEFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxPg
MA0GCSqGSIb3DQEBCwUAA4IBAQDLUTwTFMRreBrfqNyYk39Cio8dPPAalm2SiDKQ
gcgLYzeo3ZKdQJNquR8EzMxXvJOFEP7hTMExhmRrZ8bvDTOrJZi8pzigmJM4lgIp
6Y/1cVlAEQHrxqFPbulKYmGq8lUusVo4Pp3LItMBa/0qX0KlAcFJNfAmAW20eE0M
FPO/qV3uREJSvdJqr2Ti1YdTQluK6rW2m/yMZcrV3mmmWPbDANTlVL4bvKqe89fG
ZlzjZOcFYqKIxE7cktjRnHMUiv9Cbaw3t95EQTK4lhsVn+RnYJg/k8c8NBKJa/f3
+FJxvDeVVfLKlsf7LRuveMRRtJNDZxOBFoW/vDwh+UhNBJv4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:23 2024 by rpki-client on console-fra.rpki-client.org