Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2RhQGtB73pQE30P_Snea-gEs5qE.roa
File:                     2RhQGtB73pQE30P_Snea-gEs5qE.roa (raw, json)
Hash identifier:          2+vtjju2e+B73pjXvHQCQ+7MCPVVFem7CURQMPyxHgs=
Subject key identifier:   D9:18:50:1A:D0:7B:DE:94:04:DF:43:FF:4A:77:9A:FA:01:2C:E6:A1
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E79AB2A85D82ED650443BE6E268A3C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2RhQGtB73pQE30P_Snea-gEs5qE.roa
Signing time:             Mon 02 Jan 2023 05:15:04 +0000
ROA not before:           Mon 02 Jan 2023 05:15:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     142597
IP address blocks:        2a0e:b107:15aa::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:9a:b2:a8:5d:82:ed:65:04:43:be:6e:26:8a:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d918501ad07bde9404df43ff4a779afa012ce6a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:32:f6:2d:fc:7b:5d:78:d0:77:93:ff:ff:cc:
                    77:2e:fc:1e:b2:29:90:58:a1:ab:31:e4:a2:ae:d4:
                    ff:d6:3c:85:4a:6b:4c:2e:52:e2:20:2c:84:9d:f6:
                    4c:6b:03:d8:91:49:64:7e:46:fb:27:60:23:c9:c1:
                    97:20:06:a8:0e:3d:e5:28:f5:02:97:f9:5b:e8:64:
                    92:e9:85:23:b2:8c:7f:f2:88:0b:0a:9e:a7:68:57:
                    40:72:68:85:d3:64:6d:a5:45:a3:74:ce:07:ba:a5:
                    6f:36:ac:65:6d:ed:4f:c6:5b:51:1d:ad:f8:75:10:
                    38:d3:70:84:39:ed:5b:0d:11:22:6a:e0:46:55:08:
                    4b:b1:ad:66:d4:e7:f8:36:f6:5a:6f:06:00:80:d4:
                    05:90:b9:c3:ef:88:2b:85:86:67:ab:7c:62:c0:a9:
                    c6:e9:37:34:3b:0e:11:a1:49:6a:c7:f0:4d:19:b3:
                    20:8a:d6:cf:ca:3e:22:31:42:d5:90:cd:0e:85:f8:
                    ac:4d:01:1c:c8:cb:6c:ce:17:c1:dd:6e:a1:20:57:
                    4e:eb:96:5b:59:80:6c:75:fe:d9:bd:d6:5c:66:83:
                    42:4d:ed:36:7b:7c:31:38:76:1a:d4:ee:3c:17:78:
                    6b:24:9f:27:f3:64:6f:a9:6d:f8:f2:db:e9:dd:80:
                    07:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:18:50:1A:D0:7B:DE:94:04:DF:43:FF:4A:77:9A:FA:01:2C:E6:A1
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2RhQGtB73pQE30P_Snea-gEs5qE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:15aa::/48

    Signature Algorithm: sha256WithRSAEncryption
         3b:83:ce:cb:5a:4a:af:5b:3a:3b:b1:b8:77:ae:97:0d:54:66:
         83:07:48:8d:7b:48:08:65:3e:e8:c3:9f:ab:b7:c0:b0:95:a3:
         fc:d1:0d:42:cf:de:44:1b:3e:d9:8e:9d:b1:e0:f0:46:4e:ae:
         a9:c5:36:86:46:59:53:fb:ac:c1:a1:ea:72:4a:89:5e:1c:1e:
         82:7a:9f:15:e1:e9:92:19:dd:fb:55:fb:2c:f2:83:db:eb:9d:
         6e:62:d9:e3:df:27:34:d6:42:2a:11:2a:b0:fa:5d:5c:22:5a:
         63:bf:fe:99:d8:31:c6:2b:49:00:d1:33:d2:8e:55:65:23:5b:
         5e:0d:6d:b0:89:45:22:70:28:44:21:fa:4e:dc:ab:98:88:47:
         7b:ba:87:64:49:81:6b:37:3e:ff:7f:a9:8e:91:13:e7:43:99:
         66:c3:a8:8b:de:af:eb:71:8b:64:e2:03:4e:ab:99:7d:4a:7f:
         6c:6f:9d:a5:76:9f:ff:38:d7:a4:86:db:76:4f:07:eb:7e:08:
         67:83:d1:c0:a4:5b:5b:69:a3:82:c3:9a:5b:87:86:b5:c1:86:
         96:f8:46:06:e9:0b:a8:44:a8:52:8c:1e:7d:37:f1:59:46:87:
         69:e6:e3:f5:37:a1:b0:a1:cd:70:99:b7:5c:2c:5f:c2:6e:e1:
         ae:63:3c:7b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw55qyqF2C7WUEQ75uJoo8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTE4NTAxYWQwN2JkZTk0MDRkZjQzZmY0YTc3OWFmYTAxMmNlNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDL2Lfx7XXjQd5P//8x3LvwesimQ
WKGrMeSirtT/1jyFSmtMLlLiICyEnfZMawPYkUlkfkb7J2AjycGXIAaoDj3lKPUC
l/lb6GSS6YUjsox/8ogLCp6naFdAcmiF02RtpUWjdM4HuqVvNqxlbe1PxltRHa34
dRA403CEOe1bDREiauBGVQhLsa1m1Of4NvZabwYAgNQFkLnD74grhYZnq3xiwKnG
6Tc0Ow4RoUlqx/BNGbMgitbPyj4iMULVkM0OhfisTQEcyMtszhfB3W6hIFdO65Zb
WYBsdf7ZvdZcZoNCTe02e3wxOHYa1O48F3hrJJ8n82RvqW348tvp3YAHDwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNkYUBrQe96UBN9D/0p3mvoBLOahMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMlJoUUd0QjczcFFFMzBQX1NuZWEtZ0VzNXFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBxWq
MA0GCSqGSIb3DQEBCwUAA4IBAQA7g87LWkqvWzo7sbh3rpcNVGaDB0iNe0gIZT7o
w5+rt8CwlaP80Q1Cz95EGz7Zjp2x4PBGTq6pxTaGRllT+6zBoepySoleHB6Cep8V
4emSGd37Vfss8oPb651uYtnj3yc01kIqESqw+l1cIlpjv/6Z2DHGK0kA0TPSjlVl
I1teDW2wiUUicChEIfpO3KuYiEd7uodkSYFrNz7/f6mOkRPnQ5lmw6iL3q/rcYtk
4gNOq5l9Sn9sb52ldp//ONekhtt2Twfrfghng9HApFtbaaOCw5pbh4a1wYaW+EYG
6QuoRKhSjB59N/FZRodp5uP1N6Gwoc1wmbdcLF/CbuGuYzx7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:21 2024 by rpki-client on console-fra.rpki-client.org