Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0gnylnbGszXInh5f7lxWrgkdNOo.roa
File:                     0gnylnbGszXInh5f7lxWrgkdNOo.roa (raw, json)
Hash identifier:          +eIhEdMOA7Tipx83A2AVvHZn6MugIEF6OmM29cU23Ls=
Subject key identifier:   D2:09:F2:96:76:C6:B3:35:C8:9E:1E:5F:EE:5C:56:AE:09:1D:34:EA
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018CC9BCD6B2B50666C3A1F94DE9FAA55D8C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0gnylnbGszXInh5f7lxWrgkdNOo.roa
Signing time:             Tue 02 Jan 2024 10:34:05 +0000
ROA not before:           Tue 02 Jan 2024 10:34:05 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     58336
IP address blocks:        2a0e:97c0:550::/44 maxlen: 48
                          2a0e:b107:16b0::/44 maxlen: 48
                          2a10:cc44:100::/44 maxlen: 48
                          2a10:cc42:120::/44 maxlen: 48
                          2a10:cc42:130::/44 maxlen: 48

Validation:               Failed, certificate revoked on Sat 14 Sep 2024 07:22:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:d6:b2:b5:06:66:c3:a1:f9:4d:e9:fa:a5:5d:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 10:34:05 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d209f29676c6b335c89e1e5fee5c56ae091d34ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:d5:ee:2e:7e:47:03:f9:01:23:18:4b:c0:97:
                    cf:d6:29:74:d0:17:2a:0d:7d:c6:5e:4c:81:41:b4:
                    26:94:0a:2f:4f:5c:b1:2f:25:80:36:81:d4:66:1c:
                    84:a9:40:8a:dc:f5:3d:2f:a3:36:30:be:e8:02:fe:
                    75:ad:a1:35:96:a1:80:9e:96:f6:ac:11:62:66:97:
                    d2:3d:9c:aa:e5:88:ec:b6:4f:72:d1:95:29:ba:15:
                    16:b4:76:78:6a:0a:8a:41:15:b8:34:f6:14:c9:4b:
                    3b:2a:5d:25:65:c6:a5:ea:5b:59:b6:84:91:51:b0:
                    bd:d5:76:a6:14:fa:2e:1b:8f:6a:70:a7:14:d1:a5:
                    d5:71:53:0f:d3:c2:27:7a:ab:b1:b9:4f:28:d5:9b:
                    51:6e:2f:a8:da:20:35:c6:9c:7c:e0:de:a5:5f:87:
                    fd:e5:1d:35:c2:04:e0:76:3b:3b:bd:6c:03:54:12:
                    c6:4b:da:ee:32:cc:e5:5c:3d:83:81:28:6e:7e:35:
                    cc:31:24:86:74:36:f8:40:16:bb:5b:64:aa:d7:48:
                    5a:89:6d:fc:c7:2b:77:aa:8a:c8:f6:97:57:a3:b7:
                    97:99:44:41:2f:35:5e:72:ca:3f:f2:2c:3e:84:87:
                    76:b5:0f:b4:48:54:b8:03:75:3e:79:e7:c3:58:c5:
                    ac:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:09:F2:96:76:C6:B3:35:C8:9E:1E:5F:EE:5C:56:AE:09:1D:34:EA
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0gnylnbGszXInh5f7lxWrgkdNOo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:550::/44
                  2a0e:b107:16b0::/44
                  2a10:cc42:120::/43
                  2a10:cc44:100::/44

    Signature Algorithm: sha256WithRSAEncryption
         9f:70:97:46:2d:30:07:35:c7:73:e6:0e:6c:40:d8:5f:04:02:
         8f:0c:1e:e7:5f:0a:dc:89:f2:cd:2c:dc:8f:fb:ea:72:1f:a8:
         f7:5e:c2:9c:2f:25:d4:9d:97:b2:31:cd:9e:c3:af:6c:ff:8c:
         cf:64:49:6e:eb:8d:08:63:17:0e:bf:77:7d:88:0f:39:b5:12:
         b1:d4:4a:41:3d:04:50:7b:0a:36:bd:58:69:d6:69:f1:f1:29:
         29:cc:0a:4d:a2:33:a1:92:40:87:af:1b:70:e9:a8:47:b9:02:
         f1:42:39:ba:89:4e:fc:b8:4b:d5:da:2f:52:36:72:db:89:36:
         40:b3:ef:ab:06:7b:2c:8b:5f:53:b9:1e:d6:b5:d7:0b:77:63:
         b7:cd:d6:b7:76:de:14:93:30:82:b1:74:c6:19:a9:68:bb:1a:
         70:92:2f:6a:19:70:1d:03:1a:35:2d:b3:a3:f4:c7:f6:c1:26:
         9c:52:e1:2e:ad:4c:e9:b3:ad:7f:c6:7c:06:22:7d:ce:3e:bc:
         ee:e0:b2:f9:4d:52:e7:b5:f3:53:71:91:f8:a3:6e:72:5f:29:
         a6:26:91:e5:27:09:54:d1:c4:1d:de:50:4a:34:fb:b2:1d:03:
         32:1b:73:43:00:e9:8f:bf:f2:08:5e:05:3c:48:58:71:d0:1c:
         57:6d:0d:3d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzJvNaytQZmw6H5Ten6pV2MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjA5ZjI5Njc2YzZiMzM1Yzg5ZTFlNWZlZTVjNTZhZTA5MWQzNGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9XuLn5HA/kBIxhLwJfP1il00Bcq
DX3GXkyBQbQmlAovT1yxLyWANoHUZhyEqUCK3PU9L6M2ML7oAv51raE1lqGAnpb2
rBFiZpfSPZyq5Yjstk9y0ZUpuhUWtHZ4agqKQRW4NPYUyUs7Kl0lZcal6ltZtoSR
UbC91XamFPouG49qcKcU0aXVcVMP08InequxuU8o1ZtRbi+o2iA1xpx84N6lX4f9
5R01wgTgdjs7vWwDVBLGS9ruMszlXD2DgShufjXMMSSGdDb4QBa7W2Sq10haiW38
xyt3qorI9pdXo7eXmURBLzVecso/8iw+hId2tQ+0SFS4A3U+eefDWMWsFQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNIJ8pZ2xrM1yJ4eX+5cVq4JHTTqMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMGdueWxuYkdzelhJbmg1ZjdseFdyZ2tkTk9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcEKg6XwAVQ
AwcEKg6xBxawAwcFKhDMQgEgAwcEKhDMRAEAMA0GCSqGSIb3DQEBCwUAA4IBAQCf
cJdGLTAHNcdz5g5sQNhfBAKPDB7nXwrcifLNLNyP++pyH6j3XsKcLyXUnZeyMc2e
w69s/4zPZElu640IYxcOv3d9iA85tRKx1EpBPQRQewo2vVhp1mnx8SkpzApNojOh
kkCHrxtw6ahHuQLxQjm6iU78uEvV2i9SNnLbiTZAs++rBnssi19TuR7WtdcLd2O3
zda3dt4UkzCCsXTGGalouxpwki9qGXAdAxo1LbOj9Mf2wSacUuEurUzps61/xnwG
In3OPrzu4LL5TVLntfNTcZH4o25yXymmJpHlJwlU0cQd3lBKNPuyHQMyG3NDAOmP
v/IIXgU8SFhx0BxXbQ09
-----END CERTIFICATE-----
Generated at Sat Sep 14 08:29:06 2024 by rpki-client on console-fra.rpki-client.org