Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0ilpNcqGuQODJLe_6FyBi_uCrJs.roa
File:                     0ilpNcqGuQODJLe_6FyBi_uCrJs.roa (raw, json)
Hash identifier:          oVqegdQc3MiOUSdnIv8Q6puaJ3/tlenO/zFDNx39pSM=
Subject key identifier:   D2:29:69:35:CA:86:B9:03:83:24:B7:BF:E8:5C:81:8B:FB:82:AC:9B
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018CC9BD193B5AA940B4445F72A37612EBF2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0ilpNcqGuQODJLe_6FyBi_uCrJs.roa
Signing time:             Tue 02 Jan 2024 10:34:22 +0000
ROA not before:           Tue 02 Jan 2024 10:34:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     208753
IP address blocks:        2a0e:b107:380::/48 maxlen: 48
                          2a0e:b107:382::/48 maxlen: 48
                          2a0e:b107:384::/48 maxlen: 48
                          2a0e:b107:383::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sun 02 Jun 2024 14:21:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bd:19:3b:5a:a9:40:b4:44:5f:72:a3:76:12:eb:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 10:34:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d2296935ca86b9038324b7bfe85c818bfb82ac9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:36:9a:3e:d0:5d:45:68:2c:14:da:45:c3:21:
                    61:99:02:7b:39:45:65:f4:31:72:7c:e3:a5:46:9e:
                    9d:66:4d:6e:4a:56:3a:ed:5f:0a:54:a9:69:9e:8b:
                    87:02:6b:b4:a3:24:8d:42:17:f8:d0:85:8f:14:57:
                    82:cb:64:50:79:52:12:a0:65:17:88:26:15:a4:9f:
                    17:8a:b4:58:1b:9b:87:db:65:3e:51:d4:90:cd:84:
                    05:70:70:33:26:2c:c1:a7:39:fd:8c:73:b3:c1:35:
                    d0:a6:58:95:2b:99:3c:c2:26:25:30:63:b7:65:7d:
                    31:c3:43:64:b5:dc:1f:03:3b:b3:68:7e:15:52:28:
                    f3:d0:1e:7c:74:0a:71:d3:c2:a8:56:81:21:e9:2c:
                    29:2c:fa:72:aa:a7:53:94:a9:9b:70:26:79:d8:9d:
                    88:9f:d4:7c:cc:f8:fb:d7:47:31:0c:da:02:ec:00:
                    40:c4:8c:ae:ea:b6:ca:cf:9e:b2:2b:19:1e:27:f6:
                    c9:9d:3e:ad:e2:b9:a2:7e:13:2e:1b:95:bc:50:d8:
                    f8:ea:76:be:84:73:c5:e1:85:75:09:97:22:a5:af:
                    f6:5d:02:98:d5:0c:5f:7f:7d:41:28:af:ce:39:ef:
                    5a:b5:a8:98:9d:94:ad:32:ba:dc:21:88:f4:7f:1a:
                    b0:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:29:69:35:CA:86:B9:03:83:24:B7:BF:E8:5C:81:8B:FB:82:AC:9B
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0ilpNcqGuQODJLe_6FyBi_uCrJs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:380::/48
                  2a0e:b107:382::-2a0e:b107:384:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         28:43:9c:89:c7:62:4b:fa:39:16:0b:36:7f:cb:ae:5a:e2:57:
         f1:9b:6f:d6:2f:bf:20:0c:0a:35:93:8a:4f:2a:e6:88:e5:04:
         ba:6f:8b:b1:3d:56:ad:47:e2:4d:67:b8:21:29:4f:99:bd:16:
         78:32:86:3f:34:d6:bb:54:81:f1:a3:b5:d1:42:7c:f6:b0:54:
         01:ed:40:be:f2:ad:48:06:79:21:6c:52:c3:66:49:18:fb:d4:
         c0:84:c3:96:a4:de:aa:13:94:25:82:ab:90:4d:57:1b:0d:6e:
         56:ea:da:ed:6e:13:28:6a:87:1f:1a:ec:b0:24:5c:38:8b:02:
         56:41:1c:de:b3:e5:f1:f8:1f:c7:ea:43:04:54:f4:9e:17:bf:
         e4:f3:17:de:1a:3a:65:a4:62:b6:76:1b:17:2f:41:87:14:3b:
         65:67:72:4a:67:63:0e:74:3e:e1:67:75:77:92:36:0c:a2:31:
         ba:56:49:25:90:3d:dc:7a:59:8a:bb:23:5e:fa:60:b9:96:c9:
         f9:7b:fd:21:fc:7e:85:cf:17:88:14:5d:9e:00:e1:51:e7:e4:
         82:dc:2c:45:51:91:33:26:c1:19:fc:82:9c:8a:69:7a:9b:02:
         4a:33:58:a7:d9:03:41:c5:f4:2e:27:72:40:6b:d8:9d:85:cb:
         ac:2a:a9:f9
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzJvRk7WqlAtERfcqN2EuvyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjI5NjkzNWNhODZiOTAzODMyNGI3YmZlODVjODE4YmZiODJhYzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTaaPtBdRWgsFNpFwyFhmQJ7OUVl
9DFyfOOlRp6dZk1uSlY67V8KVKlpnouHAmu0oySNQhf40IWPFFeCy2RQeVISoGUX
iCYVpJ8XirRYG5uH22U+UdSQzYQFcHAzJizBpzn9jHOzwTXQpliVK5k8wiYlMGO3
ZX0xw0NktdwfAzuzaH4VUijz0B58dApx08KoVoEh6SwpLPpyqqdTlKmbcCZ52J2I
n9R8zPj710cxDNoC7ABAxIyu6rbKz56yKxkeJ/bJnT6t4rmifhMuG5W8UNj46na+
hHPF4YV1CZcipa/2XQKY1Qxff31BKK/OOe9ataiYnZStMrrcIYj0fxqwnQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNIpaTXKhrkDgyS3v+hcgYv7gqybMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMGlscE5jcUd1UU9ESkxlXzZGeUJpX3VDckpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcAKg6xBwOA
MBIDBwEqDrEHA4IDBwAqDrEHA4QwDQYJKoZIhvcNAQELBQADggEBAChDnInHYkv6
ORYLNn/LrlriV/Gbb9YvvyAMCjWTik8q5ojlBLpvi7E9Vq1H4k1nuCEpT5m9Fngy
hj801rtUgfGjtdFCfPawVAHtQL7yrUgGeSFsUsNmSRj71MCEw5ak3qoTlCWCq5BN
VxsNblbq2u1uEyhqhx8a7LAkXDiLAlZBHN6z5fH4H8fqQwRU9J4Xv+TzF94aOmWk
YrZ2GxcvQYcUO2VnckpnYw50PuFndXeSNgyiMbpWSSWQPdx6WYq7I176YLmWyfl7
/SH8foXPF4gUXZ4A4VHn5ILcLEVRkTMmwRn8gpyKaXqbAkozWKfZA0HF9C4nckBr
2J2Fy6wqqfk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:51 2024 by rpki-client on console-ams.rpki-client.org