Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-3j0yROnHCmWnFMrJvqwKfp95H4.roa
File:                     1-3j0yROnHCmWnFMrJvqwKfp95H4.roa (raw, json)
Hash identifier:          AUhyLRgR2q/BJhvK931giAns4cz5WUY2D4sqrWW/UYs=
Subject key identifier:   FB:78:F4:C9:13:A7:1C:29:96:9C:53:2B:26:FA:B0:29:FA:7D:E4:7E
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018839CB4E5AD458EE52C3F236CEB5E277BC
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-3j0yROnHCmWnFMrJvqwKfp95H4.roa
Signing time:             Sat 20 May 2023 15:33:25 +0000
ROA not before:           Sat 20 May 2023 15:33:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207705
IP address blocks:        2a0e:b107:1950::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:39:cb:4e:5a:d4:58:ee:52:c3:f2:36:ce:b5:e2:77:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: May 20 15:33:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fb78f4c913a71c29969c532b26fab029fa7de47e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:05:53:f1:05:df:20:28:60:42:a4:7f:9e:b9:
                    7a:13:a7:85:e8:65:26:42:13:65:af:3c:77:c7:70:
                    28:f1:5d:d2:a7:96:7d:78:41:cd:ab:8d:65:6b:bb:
                    81:fc:34:77:4c:cb:9a:ee:72:50:bd:a2:58:b6:08:
                    6c:76:eb:ef:52:99:14:94:a3:cb:f3:b2:c4:b4:4c:
                    1f:21:cc:5b:8c:14:31:04:58:78:a5:55:e9:6f:3a:
                    1e:e9:fc:1f:bb:87:19:e1:75:41:c8:6c:39:af:30:
                    5b:74:3a:58:f7:ff:bb:62:fc:e1:27:6c:ab:56:0f:
                    6f:53:2b:36:da:0e:ea:e2:af:a4:56:57:7b:bd:19:
                    54:5d:75:9e:03:e3:34:07:ff:7c:1f:7f:72:90:93:
                    89:31:ae:7b:b5:3e:7f:fb:44:e3:88:60:50:2f:67:
                    d3:dd:9e:2c:11:f5:cc:92:34:74:1b:a4:65:c4:7f:
                    93:51:5e:45:cc:58:50:a1:02:1c:02:e0:00:e7:7b:
                    37:1a:55:6c:b2:ac:28:cb:1c:54:57:9a:24:71:6f:
                    db:5a:76:20:84:62:99:45:07:58:16:c6:90:d1:81:
                    a6:28:34:60:ff:3f:f5:69:87:ab:b0:89:dd:9f:e2:
                    ad:e5:23:7d:23:85:e6:6f:79:26:fb:2c:5c:f1:ff:
                    d8:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:78:F4:C9:13:A7:1C:29:96:9C:53:2B:26:FA:B0:29:FA:7D:E4:7E
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-3j0yROnHCmWnFMrJvqwKfp95H4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:1950::/44

    Signature Algorithm: sha256WithRSAEncryption
         bd:26:fe:eb:cb:43:93:7e:59:0a:21:c2:0d:67:ec:6f:fa:dd:
         6f:17:77:b6:5e:7e:c5:75:aa:08:bc:00:40:9f:bc:3f:26:73:
         3c:7c:8a:d5:91:d9:0a:84:5c:63:8c:34:f2:66:3f:1b:b2:1a:
         6c:5e:88:0a:02:02:d7:e6:2b:c1:0a:4f:e2:71:0a:2e:e1:80:
         b0:b0:26:64:be:39:f6:84:91:55:4f:5e:0d:95:85:b3:3c:ef:
         05:43:9f:00:f0:eb:7f:96:c4:a1:13:dc:4a:6e:d0:dd:0f:c3:
         4a:75:36:94:33:d8:b8:f9:88:ac:34:3c:78:16:ff:bc:0d:de:
         f2:ea:a6:fc:bd:97:f9:62:d8:19:d4:e1:b6:15:ea:e0:6f:f1:
         d0:28:32:6c:fb:1c:0f:6e:29:24:42:9b:93:aa:99:7a:e8:67:
         aa:33:59:df:73:1d:13:ad:5c:8d:71:c4:00:fa:86:42:2e:dd:
         68:fc:b3:f6:2f:9a:09:47:f8:14:05:86:de:fb:db:b7:3b:66:
         59:f7:22:bf:cd:a8:f6:80:54:cc:bd:69:10:1b:94:8a:d5:b0:
         dc:f2:c8:03:c8:76:37:9c:99:90:ac:91:ce:76:1f:fe:d9:c5:
         b3:f6:e5:05:1e:b1:d1:03:cc:d0:5d:66:20:73:16:ac:be:97:
         5a:2c:16:25
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYg5y05a1FjuUsPyNs614ne8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNTIwMTUzMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjc4ZjRjOTEzYTcxYzI5OTY5YzUzMmIyNmZhYjAyOWZhN2RlNDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQVT8QXfIChgQqR/nrl6E6eF6GUm
QhNlrzx3x3Ao8V3Sp5Z9eEHNq41la7uB/DR3TMua7nJQvaJYtghsduvvUpkUlKPL
87LEtEwfIcxbjBQxBFh4pVXpbzoe6fwfu4cZ4XVByGw5rzBbdDpY9/+7YvzhJ2yr
Vg9vUys22g7q4q+kVld7vRlUXXWeA+M0B/98H39ykJOJMa57tT5/+0TjiGBQL2fT
3Z4sEfXMkjR0G6RlxH+TUV5FzFhQoQIcAuAA53s3GlVssqwoyxxUV5okcW/bWnYg
hGKZRQdYFsaQ0YGmKDRg/z/1aYersIndn+Kt5SN9I4Xmb3km+yxc8f/YdQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPt49MkTpxwplpxTKyb6sCn6feR+MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMS0zajB5Uk9uSENtV25GTXJKdnF3S2ZwOTVINC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZh
NS8xL1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOsQcZ
UDANBgkqhkiG9w0BAQsFAAOCAQEAvSb+68tDk35ZCiHCDWfsb/rdbxd3tl5+xXWq
CLwAQJ+8PyZzPHyK1ZHZCoRcY4w08mY/G7IabF6ICgIC1+YrwQpP4nEKLuGAsLAm
ZL459oSRVU9eDZWFszzvBUOfAPDrf5bEoRPcSm7Q3Q/DSnU2lDPYuPmIrDQ8eBb/
vA3e8uqm/L2X+WLYGdThthXq4G/x0CgybPscD24pJEKbk6qZeuhnqjNZ33MdE61c
jXHEAPqGQi7daPyz9i+aCUf4FAWG3vvbtztmWfciv82o9oBUzL1pEBuUitWw3PLI
A8h2N5yZkKyRznYf/tnFs/blBR6x0QPM0F1mIHMWrL6XWiwWJQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:21 2024 by rpki-client on console-fra.rpki-client.org