Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2GQPJlIsFntN5SwDhz8-NastisA.roa
File:                     2GQPJlIsFntN5SwDhz8-NastisA.roa (raw, json)
Hash identifier:          WpHZLER3qyGZ+pgVBHgZXqm3u7NbhWJlcRWTcqZkPnc=
Subject key identifier:   D8:64:0F:26:52:2C:16:7B:4D:E5:2C:03:87:3F:3E:35:AB:2D:8A:C0
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0185E48AF21488278FF75C9CEEC6C7F7EA06
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2GQPJlIsFntN5SwDhz8-NastisA.roa
Signing time:             Tue 24 Jan 2023 16:09:49 +0000
ROA not before:           Tue 24 Jan 2023 16:09:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211168
IP address blocks:        2a0e:b107:13d6::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e4:8a:f2:14:88:27:8f:f7:5c:9c:ee:c6:c7:f7:ea:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan 24 16:09:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d8640f26522c167b4de52c03873f3e35ab2d8ac0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:c5:37:c9:34:9b:73:4b:dd:16:3e:99:fe:e0:
                    a2:5a:05:69:90:4b:53:bd:da:5f:63:89:d0:36:e9:
                    13:7d:f3:73:54:4c:59:36:f8:43:03:54:89:f1:04:
                    31:b5:60:0f:7a:bd:70:30:79:4f:40:3c:37:71:08:
                    45:34:9a:63:cd:a2:ca:fc:0f:5b:20:6f:b6:88:be:
                    3f:5e:c1:23:77:4e:50:de:c6:6c:c3:79:24:f2:20:
                    67:70:c3:a1:40:d7:f9:0d:d8:54:af:22:d1:4e:fe:
                    be:77:63:34:db:65:bf:2b:6e:cc:cd:2f:9e:9e:e9:
                    7e:68:4a:af:b1:7c:46:3d:91:5b:73:98:8d:fd:d2:
                    90:4f:32:6a:32:3c:2a:e7:3f:f1:28:86:e3:ee:a1:
                    a3:2d:12:83:12:ee:d7:0d:47:7e:b3:7e:c2:6d:fb:
                    c5:24:69:8d:07:30:d9:02:4e:c3:1d:79:11:4b:77:
                    0f:3e:3b:71:42:e8:0a:20:f7:37:e0:f9:e9:13:8e:
                    af:09:30:c1:53:12:2a:6f:e5:1d:94:f9:8a:7e:26:
                    df:55:58:14:d5:52:1a:74:83:32:e0:39:8e:a6:fd:
                    97:87:09:ca:58:55:ec:0b:e6:39:b3:0e:72:32:f9:
                    04:84:d9:6c:2c:72:b2:f9:e5:44:5f:26:ea:a2:99:
                    47:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:64:0F:26:52:2C:16:7B:4D:E5:2C:03:87:3F:3E:35:AB:2D:8A:C0
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2GQPJlIsFntN5SwDhz8-NastisA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:13d6::/48

    Signature Algorithm: sha256WithRSAEncryption
         4e:ed:ff:1c:c8:a6:2e:8b:7a:c5:fb:19:87:20:85:33:00:78:
         29:4a:e0:4d:d8:50:f8:d9:76:94:1d:76:5c:bf:55:da:04:c8:
         38:00:b5:e1:ae:36:63:75:7f:c9:cf:d0:46:85:39:eb:30:73:
         dd:88:22:99:d2:04:92:04:e3:ce:3d:42:30:87:93:e6:3c:25:
         87:28:b9:6b:07:3b:7f:44:69:aa:67:3c:d4:f8:12:18:11:06:
         62:30:d6:d9:e0:c1:0e:a0:82:d6:9d:66:69:70:9b:4c:b7:75:
         f5:89:34:1b:63:0f:65:20:28:47:8b:99:71:ce:46:99:14:8a:
         99:c0:79:9f:4e:15:1f:3b:7c:4a:32:a0:85:71:0a:76:5e:1e:
         b2:d5:16:6b:3e:02:28:b6:c8:1b:ee:76:e2:db:da:d9:69:32:
         64:ad:24:c6:77:04:80:d6:ef:65:98:2a:b0:29:e3:f7:4a:a3:
         71:da:f1:0b:86:5b:15:38:61:ff:98:09:c9:00:7e:1e:f6:8a:
         e6:8e:ac:c5:d5:52:8d:3c:fd:3b:71:87:ff:c1:5f:f3:93:fc:
         30:0e:82:a7:15:dd:9a:eb:8b:67:1f:b4:d9:63:fb:86:62:ef:
         99:95:dc:f2:b9:d6:13:62:87:00:5e:e6:ea:4f:dc:51:a9:ea:
         44:a1:65:c0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkivIUiCeP91yc7sbH9+oGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODY0MGYyNjUyMmMxNjdiNGRlNTJjMDM4NzNmM2UzNWFiMmQ4YWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsU3yTSbc0vdFj6Z/uCiWgVpkEtT
vdpfY4nQNukTffNzVExZNvhDA1SJ8QQxtWAPer1wMHlPQDw3cQhFNJpjzaLK/A9b
IG+2iL4/XsEjd05Q3sZsw3kk8iBncMOhQNf5DdhUryLRTv6+d2M022W/K27MzS+e
nul+aEqvsXxGPZFbc5iN/dKQTzJqMjwq5z/xKIbj7qGjLRKDEu7XDUd+s37CbfvF
JGmNBzDZAk7DHXkRS3cPPjtxQugKIPc34PnpE46vCTDBUxIqb+UdlPmKfibfVVgU
1VIadIMy4DmOpv2XhwnKWFXsC+Y5sw5yMvkEhNlsLHKy+eVEXybqoplHtwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNhkDyZSLBZ7TeUsA4c/PjWrLYrAMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMkdRUEpsSXNGbnRONVN3RGh6OC1OYXN0aXNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBxPW
MA0GCSqGSIb3DQEBCwUAA4IBAQBO7f8cyKYui3rF+xmHIIUzAHgpSuBN2FD42XaU
HXZcv1XaBMg4ALXhrjZjdX/Jz9BGhTnrMHPdiCKZ0gSSBOPOPUIwh5PmPCWHKLlr
Bzt/RGmqZzzU+BIYEQZiMNbZ4MEOoILWnWZpcJtMt3X1iTQbYw9lIChHi5lxzkaZ
FIqZwHmfThUfO3xKMqCFcQp2Xh6y1RZrPgIotsgb7nbi29rZaTJkrSTGdwSA1u9l
mCqwKeP3SqNx2vELhlsVOGH/mAnJAH4e9ormjqzF1VKNPP07cYf/wV/zk/wwDoKn
Fd2a64tnH7TZY/uGYu+ZldzyudYTYocAXubqT9xRqepEoWXA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:52 2024 by rpki-client on console-ams.rpki-client.org