Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3rY8HNN02Y9ZgFL2d-A5QW6KwJQ.roa
File:                     3rY8HNN02Y9ZgFL2d-A5QW6KwJQ.roa (raw, json)
Hash identifier:          66yyNlgIWDaIPsSJEjpI1LxOVWanN7MjyBNAfDb5ROI=
Subject key identifier:   DE:B6:3C:1C:D3:74:D9:8F:59:80:52:F6:77:E0:39:41:6E:8A:C0:94
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E7BF16A920198916F12DBD2F32B38F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3rY8HNN02Y9ZgFL2d-A5QW6KwJQ.roa
Signing time:             Mon 02 Jan 2023 05:15:14 +0000
ROA not before:           Mon 02 Jan 2023 05:15:14 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204778
IP address blocks:        2a0e:97c0:b33::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:bf:16:a9:20:19:89:16:f1:2d:bd:2f:32:b3:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:14 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=deb63c1cd374d98f598052f677e039416e8ac094
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:b6:f3:bd:98:e3:ee:2c:35:3c:3e:fa:9f:23:
                    77:54:36:f8:a4:36:78:7b:44:d9:7c:c6:c2:5e:53:
                    b1:c9:bc:6f:16:33:de:61:f4:bd:7a:14:df:e5:5a:
                    ec:41:98:93:01:61:41:df:54:20:9b:d6:48:d7:2f:
                    3c:7f:b2:c3:13:70:f4:ef:9e:cf:65:86:f4:32:2b:
                    34:9f:72:cb:cc:5c:5d:3e:85:85:fd:af:a7:6e:0d:
                    61:f2:1e:6f:37:18:8b:7e:c2:e7:ce:9c:04:62:f5:
                    4e:ab:75:40:e8:4f:3b:b3:c1:34:b5:af:70:28:f9:
                    1a:c7:90:1a:72:30:b7:e9:e5:2e:86:ea:31:79:c5:
                    8b:89:22:1a:a1:3b:1f:44:b7:1e:65:9e:4a:19:e7:
                    a9:bb:80:c6:af:97:ba:27:6c:ec:aa:e5:f1:34:61:
                    3a:33:32:b2:94:67:85:e5:54:bb:f6:2c:cf:a6:fa:
                    93:da:58:2a:db:14:c9:53:8b:5d:f3:05:90:1f:76:
                    4a:b7:66:5a:90:48:2e:ad:27:eb:f7:ce:bf:92:8f:
                    b7:3c:64:c5:3d:63:01:ff:db:13:53:72:6d:ab:c8:
                    4a:10:2f:f9:ae:39:aa:26:69:c9:75:00:b3:3d:7b:
                    1a:04:1e:2e:9a:5e:d5:38:31:19:ff:85:d8:5f:0c:
                    b0:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:B6:3C:1C:D3:74:D9:8F:59:80:52:F6:77:E0:39:41:6E:8A:C0:94
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3rY8HNN02Y9ZgFL2d-A5QW6KwJQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:b33::/48

    Signature Algorithm: sha256WithRSAEncryption
         72:4d:de:01:27:22:dc:14:13:6c:fa:8c:69:d7:37:ad:fc:02:
         8d:fb:ea:e2:8b:4f:2b:d8:f8:00:a4:a2:ea:c0:13:35:0f:2b:
         95:99:ec:9e:37:62:bf:d4:9a:be:23:4b:3b:02:47:82:a5:ce:
         54:e4:61:1c:53:28:3b:f3:8f:e8:22:c5:96:d3:98:66:6a:58:
         c0:32:84:af:4a:0a:e5:80:94:8b:ba:ab:74:2a:f5:7b:d3:0c:
         8d:f0:4a:99:6e:16:74:4f:e1:86:4d:e9:34:e4:72:9c:64:5b:
         b6:63:3e:f9:26:98:1a:c1:ae:27:05:2f:ff:8b:2e:dd:4f:0f:
         88:81:ee:b2:31:b9:04:6c:fd:05:1e:2c:e9:5f:aa:ea:cd:5d:
         47:ab:48:1a:c8:c0:0b:a7:ce:de:21:dc:5d:c0:1d:6c:cc:7a:
         9b:92:9f:29:77:25:39:55:51:89:87:0d:4e:3d:45:db:09:9d:
         3f:72:45:28:65:d1:3c:fe:1d:a0:94:59:52:51:af:02:d7:2c:
         5d:b3:78:28:49:c9:c0:cc:f8:e7:eb:6f:68:ee:ba:9e:89:f8:
         8a:7d:f6:91:cb:4c:c9:fe:35:38:ff:5a:de:7c:8c:01:08:c1:
         2a:3d:6d:b8:73:1d:cf:bf:78:24:9c:32:59:a8:42:f8:26:b8:
         fb:12:d5:0e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw578WqSAZiRbxLb0vMrOPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWI2M2MxY2QzNzRkOThmNTk4MDUyZjY3N2UwMzk0MTZlOGFjMDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7bzvZjj7iw1PD76nyN3VDb4pDZ4
e0TZfMbCXlOxybxvFjPeYfS9ehTf5VrsQZiTAWFB31Qgm9ZI1y88f7LDE3D0757P
ZYb0Mis0n3LLzFxdPoWF/a+nbg1h8h5vNxiLfsLnzpwEYvVOq3VA6E87s8E0ta9w
KPkax5AacjC36eUuhuoxecWLiSIaoTsfRLceZZ5KGeepu4DGr5e6J2zsquXxNGE6
MzKylGeF5VS79izPpvqT2lgq2xTJU4td8wWQH3ZKt2ZakEgurSfr986/ko+3PGTF
PWMB/9sTU3Jtq8hKEC/5rjmqJmnJdQCzPXsaBB4uml7VODEZ/4XYXwywLwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN62PBzTdNmPWYBS9nfgOUFuisCUMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvM3JZOEhOTjAyWTlaZ0ZMMmQtQTVRVzZLd0pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6XwAsz
MA0GCSqGSIb3DQEBCwUAA4IBAQByTd4BJyLcFBNs+oxp1zet/AKN++rii08r2PgA
pKLqwBM1DyuVmeyeN2K/1Jq+I0s7AkeCpc5U5GEcUyg784/oIsWW05hmaljAMoSv
SgrlgJSLuqt0KvV70wyN8EqZbhZ0T+GGTek05HKcZFu2Yz75Jpgawa4nBS//iy7d
Tw+Ige6yMbkEbP0FHizpX6rqzV1Hq0gayMALp87eIdxdwB1szHqbkp8pdyU5VVGJ
hw1OPUXbCZ0/ckUoZdE8/h2glFlSUa8C1yxds3goScnAzPjn629o7rqeifiKffaR
y0zJ/jU4/1refIwBCMEqPW24cx3Pv3gknDJZqEL4Jrj7EtUO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:53 2024 by rpki-client on console-ams.rpki-client.org