Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2IPNw95WqejlLGzbvTva1J6b9rs.roa
File:                     2IPNw95WqejlLGzbvTva1J6b9rs.roa (raw, json)
Hash identifier:          fdiNlM1czMvGM7qRJvBx51D1xTkz0xrHLId63KM4lNE=
Subject key identifier:   D8:83:CD:C3:DE:56:A9:E8:E5:2C:6C:DB:BD:3B:DA:D4:9E:9B:F6:BB
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018CC9BCD7E63F51F33403A8E740623794E5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2IPNw95WqejlLGzbvTva1J6b9rs.roa
Signing time:             Tue 02 Jan 2024 10:34:05 +0000
ROA not before:           Tue 02 Jan 2024 10:34:05 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60939
IP address blocks:        2a0e:97c4:13c::/48 maxlen: 48
                          2a0e:97c4:13c::/46 maxlen: 48

Validation:               Failed, certificate revoked on Wed 28 Feb 2024 23:51:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:d7:e6:3f:51:f3:34:03:a8:e7:40:62:37:94:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 10:34:05 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d883cdc3de56a9e8e52c6cdbbd3bdad49e9bf6bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:e0:ee:c6:b8:a7:1d:90:5f:bf:24:ed:a2:0a:
                    fa:06:aa:df:49:ca:67:0e:cb:fb:12:ba:d5:27:9f:
                    79:94:71:4c:ad:50:12:4b:52:50:0e:11:23:8a:93:
                    74:48:86:ce:50:77:24:86:29:8f:be:f1:f1:39:8f:
                    7a:b5:b2:4f:e7:a4:0d:1d:4d:e1:4d:eb:45:e3:cb:
                    6e:d8:ed:d3:c0:af:66:ad:bb:88:48:f5:9f:a5:a1:
                    6d:0a:cc:73:25:65:0f:8c:40:04:34:0a:7e:b7:85:
                    fe:a9:3d:94:57:8a:51:06:0c:23:d1:b4:9b:81:e0:
                    4f:89:4b:a4:dc:02:63:be:c7:0a:4c:ad:23:83:56:
                    2c:7f:1e:49:ee:10:b9:bf:c2:72:2a:35:c2:70:59:
                    9e:a2:64:91:7f:18:41:53:b3:7a:5b:aa:a5:75:a6:
                    ce:cd:ac:ba:12:7c:b8:f9:68:a9:9c:9c:72:fd:11:
                    2a:fd:ae:b9:35:b6:ec:0f:0e:02:ba:02:9d:fc:92:
                    31:f9:74:96:b7:a6:73:d9:c9:9f:b3:79:fd:8a:1d:
                    0d:4c:3e:aa:d5:62:56:ee:0c:69:47:58:aa:86:4b:
                    6a:1c:a0:bb:78:c6:b0:7a:37:e0:fb:b3:da:43:cf:
                    28:2b:f9:6e:92:4a:23:8c:cf:53:b4:bd:4d:e5:d9:
                    34:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:83:CD:C3:DE:56:A9:E8:E5:2C:6C:DB:BD:3B:DA:D4:9E:9B:F6:BB
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2IPNw95WqejlLGzbvTva1J6b9rs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c4:13c::/46

    Signature Algorithm: sha256WithRSAEncryption
         b5:64:f9:25:fd:a9:b3:41:4a:43:0a:f2:35:dd:da:55:f6:d8:
         ef:17:41:ba:49:13:6b:be:75:81:f0:90:e8:d8:2d:27:b2:c6:
         42:7c:80:8a:6a:04:99:a9:22:44:b9:f5:59:2c:b5:e0:42:0a:
         67:55:f9:9d:01:17:03:9b:4c:17:49:1f:df:07:c4:7a:67:3b:
         5f:5e:e2:af:e5:15:9c:8c:47:79:f7:e2:20:a2:40:b0:94:c4:
         2e:18:c9:61:9b:88:2a:13:22:59:d0:3f:84:91:5a:a1:6b:14:
         ea:bb:fb:2a:36:45:9b:12:59:61:85:7e:2e:e8:22:7e:6d:8f:
         2c:74:15:ac:26:63:1a:fd:ad:df:12:2b:c3:16:48:31:a6:8c:
         65:56:e2:c4:ff:ec:cb:74:74:9a:1e:a4:36:3c:3f:8f:e3:f9:
         c1:99:60:cc:11:c6:f9:ff:8f:10:e6:57:95:6e:1b:6b:22:4f:
         f4:9f:8a:f2:38:26:55:e6:d7:db:39:2b:b4:83:43:d0:3b:6f:
         aa:c0:bb:92:48:63:a6:d4:d5:68:34:d8:b8:39:d0:3e:5c:51:
         43:8f:d1:ee:d9:67:fc:56:a0:b6:6c:60:ca:b0:d9:38:d6:eb:
         f2:d2:ab:18:5f:2f:fa:1f:0b:2a:cb:af:71:c3:00:63:66:15:
         b5:47:a8:fd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvNfmP1HzNAOo50BiN5TlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODgzY2RjM2RlNTZhOWU4ZTUyYzZjZGJiZDNiZGFkNDllOWJmNmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+DuxrinHZBfvyTtogr6BqrfScpn
Dsv7ErrVJ595lHFMrVASS1JQDhEjipN0SIbOUHckhimPvvHxOY96tbJP56QNHU3h
TetF48tu2O3TwK9mrbuISPWfpaFtCsxzJWUPjEAENAp+t4X+qT2UV4pRBgwj0bSb
geBPiUuk3AJjvscKTK0jg1Ysfx5J7hC5v8JyKjXCcFmeomSRfxhBU7N6W6qldabO
zay6Eny4+WipnJxy/REq/a65NbbsDw4CugKd/JIx+XSWt6Zz2cmfs3n9ih0NTD6q
1WJW7gxpR1iqhktqHKC7eMawejfg+7PaQ88oK/lukkojjM9TtL1N5dk0cwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNiDzcPeVqno5Sxs27072tSem/a7MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMklQTnc5NVdxZWpsTEd6YnZUdmExSjZiOXJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKg6XxAE8
MA0GCSqGSIb3DQEBCwUAA4IBAQC1ZPkl/amzQUpDCvI13dpV9tjvF0G6SRNrvnWB
8JDo2C0nssZCfICKagSZqSJEufVZLLXgQgpnVfmdARcDm0wXSR/fB8R6ZztfXuKv
5RWcjEd59+IgokCwlMQuGMlhm4gqEyJZ0D+EkVqhaxTqu/sqNkWbEllhhX4u6CJ+
bY8sdBWsJmMa/a3fEivDFkgxpoxlVuLE/+zLdHSaHqQ2PD+P4/nBmWDMEcb5/48Q
5leVbhtrIk/0n4ryOCZV5tfbOSu0g0PQO2+qwLuSSGOm1NVoNNi4OdA+XFFDj9Hu
2Wf8VqC2bGDKsNk41uvy0qsYXy/6Hwsqy69xwwBjZhW1R6j9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:21 2024 by rpki-client on console-fra.rpki-client.org