Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0Y9kfQQTPVPri-OrXxpu7jRX4ZI.roa
File:                     0Y9kfQQTPVPri-OrXxpu7jRX4ZI.roa (raw, json)
Hash identifier:          G+ultw1oHdMDgN8dR5ysPlv5DQbbMI1nCJ9kUAcvHk8=
Subject key identifier:   D1:8F:64:7D:04:13:3D:53:EB:8B:E3:AB:5F:1A:6E:EE:34:57:E1:92
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E785586974530DABDE988FC06091BE
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0Y9kfQQTPVPri-OrXxpu7jRX4ZI.roa
Signing time:             Mon 02 Jan 2023 05:14:59 +0000
ROA not before:           Mon 02 Jan 2023 05:14:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51939
IP address blocks:        2a0e:97c0:5c0::/44 maxlen: 48
                          2a0e:97c0:5c0::/48 maxlen: 48
                          2a0e:97c0:5c1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Fri 17 Feb 2023 04:36:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:85:58:69:74:53:0d:ab:de:98:8f:c0:60:91:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:14:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d18f647d04133d53eb8be3ab5f1a6eee3457e192
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:55:78:15:5a:a1:63:65:f3:50:44:f0:1b:75:
                    9c:23:ef:86:71:cf:4b:7e:e1:62:3b:c7:74:2a:8a:
                    cb:84:87:f1:0d:5a:2a:a5:dc:83:c5:c1:31:0b:4a:
                    78:d6:0e:a3:d5:cd:74:38:18:1b:f8:34:11:e0:cc:
                    31:bd:e0:41:bb:2f:65:d1:f8:43:57:c8:17:5f:89:
                    cb:7d:7b:0b:23:6b:ef:dc:34:7f:1a:61:69:94:21:
                    80:2c:15:aa:b3:f0:12:d9:79:5c:b4:de:12:35:f7:
                    71:3d:eb:61:e8:63:ba:ec:29:b3:aa:81:09:a0:46:
                    f0:c0:49:4c:26:82:c1:59:20:61:48:dc:95:3f:46:
                    83:f5:80:53:cf:29:ca:d4:41:a4:a5:cc:9f:dd:d2:
                    94:4d:85:47:46:3d:68:a8:6d:2c:81:7b:81:c4:ae:
                    e1:d5:ab:a4:7a:c3:26:44:74:40:b4:9e:8b:1e:4a:
                    88:d6:61:6e:c7:1c:b8:17:c4:ee:ed:0c:c1:77:70:
                    89:58:07:8d:e8:3b:2e:32:c5:d8:7c:9b:f8:83:60:
                    0a:96:5d:d1:47:60:21:ae:8b:89:dc:1b:d9:fc:31:
                    94:87:18:8c:92:24:78:f4:f5:e7:eb:b5:ca:31:cb:
                    6b:6a:b8:e8:d9:ca:8f:9c:bc:fa:e1:34:ae:a7:c0:
                    c7:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:8F:64:7D:04:13:3D:53:EB:8B:E3:AB:5F:1A:6E:EE:34:57:E1:92
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0Y9kfQQTPVPri-OrXxpu7jRX4ZI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:5c0::/44

    Signature Algorithm: sha256WithRSAEncryption
         65:c6:85:0f:a2:6e:1f:a4:bf:1b:7d:58:3b:d0:db:0a:82:e3:
         49:74:b3:7e:1a:b7:ee:92:ac:90:e0:12:44:ae:9c:0d:28:07:
         12:1d:c7:bf:44:19:e3:4e:7f:89:7e:99:e5:35:6d:a5:32:09:
         d9:dd:3e:23:ec:7b:61:a1:5b:aa:9e:fe:4e:1c:33:11:73:be:
         cf:20:6b:f9:d0:f0:13:06:ff:14:a4:36:b4:8c:b4:9d:dd:ef:
         62:47:17:51:46:d4:d0:ee:3b:12:eb:e0:11:e3:41:b0:57:a9:
         e1:c4:28:8a:b1:a4:6b:ef:a7:5e:69:5e:b7:4c:e2:63:2f:f4:
         ed:88:03:47:9c:b5:4d:29:0d:50:2d:e7:e1:7b:ef:d3:0a:4f:
         9f:4b:b3:24:3e:1b:52:ac:e1:8c:2b:77:f5:7e:5c:fd:eb:6e:
         72:9e:d8:5e:be:71:05:0a:b0:b8:96:22:8e:e1:3c:47:45:d9:
         81:86:70:ac:4c:d7:16:24:c8:0d:3b:f7:c0:23:19:96:34:59:
         b6:0e:71:8a:25:4b:67:48:df:b4:c0:f6:de:f3:b5:76:2b:70:
         d6:15:5b:76:ae:1c:12:0b:70:9c:c0:95:b4:24:63:03:a4:24:
         4e:6a:c6:ee:72:be:f4:8b:d0:8d:d0:96:a5:58:34:12:47:6f:
         3b:a9:b0:d7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw54VYaXRTDavemI/AYJG+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMThmNjQ3ZDA0MTMzZDUzZWI4YmUzYWI1ZjFhNmVlZTM0NTdlMTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlV4FVqhY2XzUETwG3WcI++Gcc9L
fuFiO8d0KorLhIfxDVoqpdyDxcExC0p41g6j1c10OBgb+DQR4MwxveBBuy9l0fhD
V8gXX4nLfXsLI2vv3DR/GmFplCGALBWqs/AS2XlctN4SNfdxPeth6GO67CmzqoEJ
oEbwwElMJoLBWSBhSNyVP0aD9YBTzynK1EGkpcyf3dKUTYVHRj1oqG0sgXuBxK7h
1aukesMmRHRAtJ6LHkqI1mFuxxy4F8Tu7QzBd3CJWAeN6DsuMsXYfJv4g2AKll3R
R2AhrouJ3BvZ/DGUhxiMkiR49PXn67XKMctrarjo2cqPnLz64TSup8DHBQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNGPZH0EEz1T64vjq18abu40V+GSMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMFk5a2ZRUVRQVlByaS1Pclh4cHU3alJYNFpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAXA
MA0GCSqGSIb3DQEBCwUAA4IBAQBlxoUPom4fpL8bfVg70NsKguNJdLN+GrfukqyQ
4BJErpwNKAcSHce/RBnjTn+JfpnlNW2lMgnZ3T4j7HthoVuqnv5OHDMRc77PIGv5
0PATBv8UpDa0jLSd3e9iRxdRRtTQ7jsS6+AR40GwV6nhxCiKsaRr76deaV63TOJj
L/TtiANHnLVNKQ1QLefhe+/TCk+fS7MkPhtSrOGMK3f1flz9625ynthevnEFCrC4
liKO4TxHRdmBhnCsTNcWJMgNO/fAIxmWNFm2DnGKJUtnSN+0wPbe87V2K3DWFVt2
rhwSC3CcwJW0JGMDpCROasbucr70i9CN0JalWDQSR287qbDX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:21 2024 by rpki-client on console-fra.rpki-client.org