Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1O-BoK5e2C--NHkH4uS9cx5k3Wk.roa
File:                     1O-BoK5e2C--NHkH4uS9cx5k3Wk.roa (raw, json)
Hash identifier:          YkszEJSI92UziQRyTPo+YZLEP/p3c0VzvKi2cNdEksQ=
Subject key identifier:   D4:EF:81:A0:AE:5E:D8:2F:BE:34:79:07:E2:E4:BD:73:1E:64:DD:69
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018BEBC50D9BFB2FED8356DAF79DD6C773E7
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1O-BoK5e2C--NHkH4uS9cx5k3Wk.roa
Signing time:             Mon 20 Nov 2023 08:07:21 +0000
ROA not before:           Mon 20 Nov 2023 08:07:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203899
IP address blocks:        2a0e:b107:1b20::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:eb:c5:0d:9b:fb:2f:ed:83:56:da:f7:9d:d6:c7:73:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Nov 20 08:07:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d4ef81a0ae5ed82fbe347907e2e4bd731e64dd69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:d8:6d:6b:1b:67:e3:48:5c:1d:7d:b3:56:08:
                    87:ef:7e:51:28:c3:d2:24:a2:37:18:a2:f2:17:48:
                    a5:99:bf:a6:f3:2e:9d:86:78:4d:02:cb:81:c6:79:
                    44:e3:54:fc:03:41:5f:e8:36:5d:32:cf:44:96:13:
                    8c:e8:7b:c9:34:1a:b5:6a:e1:ca:cd:4f:7c:c9:32:
                    35:f9:ed:2b:6e:4b:aa:7f:a2:cf:98:e0:0e:c9:6f:
                    2e:dd:08:1d:7a:ef:13:52:10:88:62:f9:c5:0b:57:
                    c5:74:b3:35:55:49:4f:87:c6:35:9e:4a:d7:44:66:
                    ac:3a:41:93:c4:42:b5:f3:59:b4:f1:a7:95:29:06:
                    9a:9b:6d:49:03:a2:c4:a4:d0:e2:e7:9e:7c:2f:dd:
                    d1:ef:72:a5:0d:31:38:c7:c4:4f:cc:3b:5d:72:b7:
                    3c:58:82:a7:7a:e1:ae:8f:5d:29:a6:4d:21:a2:81:
                    75:c9:1f:c2:62:a6:bd:4e:db:ec:71:c8:25:c8:df:
                    21:29:58:4f:ac:90:1c:70:46:9d:57:f7:eb:50:d4:
                    35:19:7e:3b:de:64:84:ef:3a:c0:d2:fa:82:65:1f:
                    d5:86:b8:0b:67:55:43:b8:08:0d:91:a5:d4:97:ea:
                    66:27:7d:44:4d:b3:78:72:2a:1d:2d:9a:af:cf:1f:
                    99:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:EF:81:A0:AE:5E:D8:2F:BE:34:79:07:E2:E4:BD:73:1E:64:DD:69
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1O-BoK5e2C--NHkH4uS9cx5k3Wk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:1b20::/44

    Signature Algorithm: sha256WithRSAEncryption
         28:a5:c8:e7:7e:58:e8:2e:fa:53:ef:73:59:f8:af:63:d0:3e:
         2c:81:cf:24:bf:93:ed:bc:f9:4d:df:19:4e:d7:0c:98:48:8e:
         ba:66:39:0e:7c:e2:3d:77:38:07:f8:56:ca:39:8b:44:d5:cf:
         c3:05:27:92:ca:71:5a:69:55:2e:83:63:9f:88:22:a9:10:1d:
         d5:79:c5:78:9a:11:43:62:b9:2b:7a:22:3a:62:d1:72:27:a1:
         6e:c6:0b:4c:fd:91:ac:32:50:1f:82:44:1b:9d:24:14:0c:a8:
         3b:9d:13:68:89:99:e6:8c:74:1e:b1:ba:11:4e:2f:14:ce:ff:
         20:0a:a7:70:83:18:60:c4:d5:15:55:18:05:a4:24:c8:07:ed:
         5b:9a:f2:2e:4e:00:81:eb:f9:16:d0:5f:31:ed:f7:f9:2c:df:
         48:79:f1:17:b5:11:46:f8:d1:ec:7f:8f:15:56:f0:c4:36:ea:
         fe:9d:e7:b1:5f:b3:e1:d9:78:61:e4:b6:3d:ee:7d:04:22:3c:
         d9:5f:59:af:0b:7e:9e:94:d1:38:82:ba:50:7c:32:c7:d4:09:
         99:03:40:89:90:2e:c2:fc:c4:49:3f:62:1a:c3:d8:80:ad:2b:
         78:3e:ee:9f:59:41:22:f8:1d:96:9e:bf:6f:b1:00:c1:53:cc:
         67:09:c0:f0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYvrxQ2b+y/tg1ba953Wx3PnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMTIwMDgwNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGVmODFhMGFlNWVkODJmYmUzNDc5MDdlMmU0YmQ3MzFlNjRkZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9htaxtn40hcHX2zVgiH735RKMPS
JKI3GKLyF0ilmb+m8y6dhnhNAsuBxnlE41T8A0Ff6DZdMs9ElhOM6HvJNBq1auHK
zU98yTI1+e0rbkuqf6LPmOAOyW8u3Qgdeu8TUhCIYvnFC1fFdLM1VUlPh8Y1nkrX
RGasOkGTxEK181m08aeVKQaam21JA6LEpNDi5558L93R73KlDTE4x8RPzDtdcrc8
WIKneuGuj10ppk0hooF1yR/CYqa9TtvsccglyN8hKVhPrJAccEadV/frUNQ1GX47
3mSE7zrA0vqCZR/VhrgLZ1VDuAgNkaXUl+pmJ31ETbN4ciodLZqvzx+Z9wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNTvgaCuXtgvvjR5B+LkvXMeZN1pMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMU8tQm9LNWUyQy0tTkhrSDR1UzljeDVrM1drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxsg
MA0GCSqGSIb3DQEBCwUAA4IBAQAopcjnfljoLvpT73NZ+K9j0D4sgc8kv5PtvPlN
3xlO1wyYSI66ZjkOfOI9dzgH+FbKOYtE1c/DBSeSynFaaVUug2OfiCKpEB3VecV4
mhFDYrkreiI6YtFyJ6FuxgtM/ZGsMlAfgkQbnSQUDKg7nRNoiZnmjHQesboRTi8U
zv8gCqdwgxhgxNUVVRgFpCTIB+1bmvIuTgCB6/kW0F8x7ff5LN9IefEXtRFG+NHs
f48VVvDENur+neexX7Ph2Xhh5LY97n0EIjzZX1mvC36elNE4grpQfDLH1AmZA0CJ
kC7C/MRJP2Iaw9iArSt4Pu6fWUEi+B2Wnr9vsQDBU8xnCcDw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:52 2024 by rpki-client on console-ams.rpki-client.org