Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4CpKEHxndTdw5oLKNo94O3CbEJU.roa
File:                     4CpKEHxndTdw5oLKNo94O3CbEJU.roa (raw, json)
Hash identifier:          dBRkgAjz9P9bKuTv1sOmbhNTSTspsXP53DLCR4HZQYQ=
Subject key identifier:   E0:2A:4A:10:7C:67:75:37:70:E6:82:CA:36:8F:78:3B:70:9B:10:95
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0185A4A7E98E0FCFBDFA0562321973D71EA6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4CpKEHxndTdw5oLKNo94O3CbEJU.roa
Signing time:             Thu 12 Jan 2023 06:25:45 +0000
ROA not before:           Thu 12 Jan 2023 06:25:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        2a0e:b107:19a0::/48 maxlen: 48
                          2a0e:b107:13b::/48 maxlen: 48

Validation:               Failed, certificate revoked on Fri 13 Jan 2023 02:50:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:a4:a7:e9:8e:0f:cf:bd:fa:05:62:32:19:73:d7:1e:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan 12 06:25:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e02a4a107c67753770e682ca368f783b709b1095
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:03:e8:b3:0f:67:98:22:96:02:cd:84:43:45:
                    b3:8d:cd:88:8a:8f:f2:33:d6:31:fb:fe:aa:4c:d1:
                    bc:d8:4a:8c:fa:5d:02:c6:52:63:0d:63:fc:77:46:
                    fe:2d:04:f8:f8:70:f8:e1:48:20:5c:12:51:ef:fd:
                    6d:ba:b7:27:25:00:ed:f2:ae:bb:b4:71:a2:69:29:
                    6d:bc:b7:d8:19:8d:7d:2b:92:fa:00:fe:72:f4:26:
                    f1:99:97:0f:3d:b3:d9:99:b8:01:ae:d9:fc:31:10:
                    2d:8e:bc:d4:d3:9c:a7:d8:43:f7:c8:c5:08:98:da:
                    eb:4f:09:66:cf:f1:4c:8b:dd:e2:19:78:b9:9d:cb:
                    ff:cd:a8:21:41:d7:46:90:86:4b:ef:1b:66:29:4e:
                    d9:92:36:2b:1a:b4:db:6b:0c:a2:0f:31:90:25:fa:
                    ca:4a:d9:7e:4c:cd:e1:ed:7d:8b:1f:c0:46:95:39:
                    74:3b:38:65:fa:53:17:db:71:be:67:88:70:82:67:
                    ff:54:c0:30:72:5f:e1:49:9d:0e:3a:9a:9c:b8:bd:
                    43:dc:97:f1:c0:a9:f0:04:7c:47:9b:71:43:8e:45:
                    7f:9b:61:d8:48:33:fd:54:12:a4:a2:e6:a2:34:3a:
                    6f:1f:71:5c:52:86:ec:d2:0d:cc:a9:eb:ff:8a:72:
                    71:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:2A:4A:10:7C:67:75:37:70:E6:82:CA:36:8F:78:3B:70:9B:10:95
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4CpKEHxndTdw5oLKNo94O3CbEJU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:13b::/48
                  2a0e:b107:19a0::/48

    Signature Algorithm: sha256WithRSAEncryption
         3e:01:4b:72:84:f2:f0:30:06:29:a7:f3:36:ed:4a:d5:e1:9d:
         80:f8:2b:29:b8:77:67:ed:ab:45:41:c9:c9:4b:68:52:dd:57:
         ba:cc:22:1f:e0:8c:26:e7:24:c7:c8:dd:0b:12:d0:bb:83:07:
         e0:7e:c3:5a:e0:2c:1b:42:1f:55:07:b0:fd:70:5a:e9:5c:f1:
         6e:6f:70:5d:b3:77:b6:cb:97:61:b3:08:c7:74:94:29:68:a2:
         b8:22:da:ca:a6:d4:6f:42:6a:5a:b7:d7:54:fa:44:ad:54:02:
         24:73:a8:21:d1:72:6f:13:d3:03:c7:32:80:b9:85:4a:b7:9a:
         53:65:d1:d1:70:61:63:81:db:e9:8c:9f:11:f8:e4:42:9c:f2:
         6a:bb:10:87:da:50:f9:15:7a:88:0d:fd:02:a1:f6:d3:e7:8b:
         92:22:c9:c4:60:2c:b8:54:7c:f0:98:df:92:cc:73:68:ea:5d:
         40:86:04:5f:4f:65:09:13:8b:fc:f2:ee:f8:7e:17:03:f6:18:
         55:d9:a7:e7:90:2b:a7:f0:9d:bb:a7:9c:62:7b:cc:92:45:d9:
         43:8e:92:b3:dc:9b:95:0c:01:5b:fa:e2:c3:9a:ca:f9:a2:bb:
         ce:aa:6d:05:31:a6:c0:01:44:45:77:d2:5c:4e:b4:6e:e5:d8:
         c1:55:9d:5d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYWkp+mOD8+9+gViMhlz1x6mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTEyMDYyNTQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDJhNGExMDdjNjc3NTM3NzBlNjgyY2EzNjhmNzgzYjcwOWIxMDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQPosw9nmCKWAs2EQ0Wzjc2Iio/y
M9Yx+/6qTNG82EqM+l0CxlJjDWP8d0b+LQT4+HD44UggXBJR7/1turcnJQDt8q67
tHGiaSltvLfYGY19K5L6AP5y9CbxmZcPPbPZmbgBrtn8MRAtjrzU05yn2EP3yMUI
mNrrTwlmz/FMi93iGXi5ncv/zaghQddGkIZL7xtmKU7ZkjYrGrTbawyiDzGQJfrK
Stl+TM3h7X2LH8BGlTl0Ozhl+lMX23G+Z4hwgmf/VMAwcl/hSZ0OOpqcuL1D3Jfx
wKnwBHxHm3FDjkV/m2HYSDP9VBKkouaiNDpvH3FcUobs0g3Mqev/inJx2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOAqShB8Z3U3cOaCyjaPeDtwmxCVMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNENwS0VIeG5kVGR3NW9MS05vOTRPM0NiRUpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBwE7
AwcAKg6xBxmgMA0GCSqGSIb3DQEBCwUAA4IBAQA+AUtyhPLwMAYpp/M27UrV4Z2A
+CspuHdn7atFQcnJS2hS3Ve6zCIf4Iwm5yTHyN0LEtC7gwfgfsNa4CwbQh9VB7D9
cFrpXPFub3Bds3e2y5dhswjHdJQpaKK4ItrKptRvQmpat9dU+kStVAIkc6gh0XJv
E9MDxzKAuYVKt5pTZdHRcGFjgdvpjJ8R+ORCnPJquxCH2lD5FXqIDf0CofbT54uS
IsnEYCy4VHzwmN+SzHNo6l1AhgRfT2UJE4v88u74fhcD9hhV2afnkCun8J27p5xi
e8ySRdlDjpKz3JuVDAFb+uLDmsr5orvOqm0FMabAAURFd9JcTrRu5djBVZ1d
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:53 2024 by rpki-client on console-ams.rpki-client.org