Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3Nm1hHK9uyeKIrIQtsXqAcYhDZE.roa
File:                     3Nm1hHK9uyeKIrIQtsXqAcYhDZE.roa (raw, json)
Hash identifier:          tc+HynnWEOvfc1wLYnxD69a8640jTJcWUYi0QWScb0Y=
Subject key identifier:   DC:D9:B5:84:72:BD:BB:27:8A:22:B2:10:B6:C5:EA:01:C6:21:0D:91
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       01861FFD2A148129CCB39F391355F5A21A42
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3Nm1hHK9uyeKIrIQtsXqAcYhDZE.roa
Signing time:             Sun 05 Feb 2023 05:12:10 +0000
ROA not before:           Sun 05 Feb 2023 05:12:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208690
IP address blocks:        2a0e:97c0:6d0::/44 maxlen: 48
                          2a0e:b107:1770::/44 maxlen: 48

Validation:               Failed, certificate revoked on Wed 05 Apr 2023 09:34:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:1f:fd:2a:14:81:29:cc:b3:9f:39:13:55:f5:a2:1a:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Feb  5 05:12:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dcd9b58472bdbb278a22b210b6c5ea01c6210d91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:b4:44:cd:23:dc:96:b1:be:a0:6e:d7:11:dc:
                    ca:56:7f:07:dc:9e:fc:ba:26:a6:f3:9c:49:90:a4:
                    da:3d:eb:30:da:1a:3f:81:58:63:35:fa:9d:8c:ed:
                    d3:5a:e2:69:38:97:6b:7d:f5:43:81:e5:8a:46:a8:
                    28:0b:e3:04:d1:db:10:fe:73:2e:f0:62:87:a2:ed:
                    8f:e1:42:e5:65:a5:48:2c:b3:5d:f5:c8:8b:09:89:
                    0a:48:43:8c:40:99:2d:d0:cf:39:b6:a4:74:50:80:
                    f6:af:15:1a:a7:17:fa:cc:a8:cc:19:d3:e6:02:72:
                    17:86:0d:db:a6:19:1f:6e:99:7f:12:17:cb:fa:0c:
                    14:dd:45:40:b2:de:f9:69:3d:6c:44:15:a3:81:80:
                    9e:8f:b6:77:ca:a1:76:a0:50:e2:c3:d7:6d:5a:e5:
                    0c:a7:b3:62:c5:dc:ef:4d:4d:f9:bf:a2:0d:3c:4b:
                    f7:77:cf:7f:c6:82:93:1d:22:7d:db:b8:56:29:ce:
                    10:41:14:4b:c9:36:55:13:83:4d:01:21:98:78:f0:
                    7f:f7:27:aa:a5:21:60:ee:23:80:a9:cd:e2:54:fc:
                    c5:0f:18:f7:e7:e4:9a:59:74:c9:db:b2:1b:0b:7e:
                    b2:05:86:7d:3a:d6:c2:41:e5:c1:1b:16:2c:09:83:
                    b3:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:D9:B5:84:72:BD:BB:27:8A:22:B2:10:B6:C5:EA:01:C6:21:0D:91
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3Nm1hHK9uyeKIrIQtsXqAcYhDZE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:6d0::/44
                  2a0e:b107:1770::/44

    Signature Algorithm: sha256WithRSAEncryption
         8a:ce:5a:2e:48:89:d1:8b:b2:32:41:16:7a:84:39:5a:97:df:
         48:44:4f:73:f6:57:79:e5:17:e9:bb:5f:c8:bb:cb:85:e0:ed:
         2e:24:5c:db:55:ac:78:6d:60:1d:ac:28:34:9b:ae:f6:83:cd:
         28:c4:88:c5:87:94:72:dd:f0:21:13:e4:84:c7:08:7e:3e:4f:
         6d:87:ac:85:60:8d:73:51:e7:b6:dd:15:28:9d:2a:ae:b5:5a:
         d7:13:78:e3:1b:71:cd:9e:34:26:08:ee:c9:fb:5a:d3:e8:b7:
         52:1d:44:f3:e1:d9:f1:66:af:d5:e9:55:47:d5:42:15:53:45:
         45:d5:17:bf:bb:00:60:ae:22:c6:ad:84:a5:af:13:54:22:1c:
         15:fb:2b:c1:44:1f:0f:ad:13:d2:2d:52:a7:83:9e:6d:e4:1b:
         0a:0c:a4:be:d2:21:39:82:2b:bb:f9:2d:d8:56:48:32:78:b1:
         45:51:be:5b:4f:1b:96:fe:2d:13:fb:ae:1d:12:9e:38:fe:40:
         50:17:c6:f3:87:1d:5a:43:a5:93:56:f8:81:0d:da:62:ae:e6:
         85:8d:8f:20:fb:d9:aa:ea:a8:9d:58:b3:d4:6a:c0:04:32:78:
         3a:52:78:e3:b6:1e:fe:67:d9:9c:11:10:54:c6:b0:22:dc:9c:
         68:3a:20:fb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYf/SoUgSnMs585E1X1ohpCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMjA1MDUxMjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2Q5YjU4NDcyYmRiYjI3OGEyMmIyMTBiNmM1ZWEwMWM2MjEwZDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrREzSPclrG+oG7XEdzKVn8H3J78
uiam85xJkKTaPesw2ho/gVhjNfqdjO3TWuJpOJdrffVDgeWKRqgoC+ME0dsQ/nMu
8GKHou2P4ULlZaVILLNd9ciLCYkKSEOMQJkt0M85tqR0UID2rxUapxf6zKjMGdPm
AnIXhg3bphkfbpl/EhfL+gwU3UVAst75aT1sRBWjgYCej7Z3yqF2oFDiw9dtWuUM
p7NixdzvTU35v6INPEv3d89/xoKTHSJ927hWKc4QQRRLyTZVE4NNASGYePB/9yeq
pSFg7iOAqc3iVPzFDxj35+SaWXTJ27IbC36yBYZ9OtbCQeXBGxYsCYOzXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNzZtYRyvbsniiKyELbF6gHGIQ2RMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvM05tMWhISzl1eWVLSXJJUXRzWHFBY1loRFpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAbQ
AwcEKg6xBxdwMA0GCSqGSIb3DQEBCwUAA4IBAQCKzlouSInRi7IyQRZ6hDlal99I
RE9z9ld55Rfpu1/Iu8uF4O0uJFzbVax4bWAdrCg0m672g80oxIjFh5Ry3fAhE+SE
xwh+Pk9th6yFYI1zUee23RUonSqutVrXE3jjG3HNnjQmCO7J+1rT6LdSHUTz4dnx
Zq/V6VVH1UIVU0VF1Re/uwBgriLGrYSlrxNUIhwV+yvBRB8PrRPSLVKng55t5BsK
DKS+0iE5giu7+S3YVkgyeLFFUb5bTxuW/i0T+64dEp44/kBQF8bzhx1aQ6WTVviB
DdpiruaFjY8g+9mq6qidWLPUasAEMng6Unjjth7+Z9mcERBUxrAi3JxoOiD7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:22 2024 by rpki-client on console-fra.rpki-client.org