Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4oGuDsUSIDhQMcYm2kumdJJ-1ZU.roa
File:                     4oGuDsUSIDhQMcYm2kumdJJ-1ZU.roa (raw, json)
Hash identifier:          BmYpcOhPKvkiceUmW/XU71uCPBZnUxbCcZNEYlpDo2Q=
Subject key identifier:   E2:81:AE:0E:C5:12:20:38:50:31:C6:26:DA:4B:A6:74:92:7E:D5:95
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E80AD3C9FEA3431A6605B8277C7727
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4oGuDsUSIDhQMcYm2kumdJJ-1ZU.roa
Signing time:             Mon 02 Jan 2023 05:15:33 +0000
ROA not before:           Mon 02 Jan 2023 05:15:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211640
IP address blocks:        2a10:2f00:168::/48 maxlen: 48
                          2a0e:b107:ea8::/46 maxlen: 48

Validation:               Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e8:0a:d3:c9:fe:a3:43:1a:66:05:b8:27:7c:77:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e281ae0ec51220385031c626da4ba674927ed595
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:3c:f9:40:af:91:85:d2:fb:64:9e:57:bc:ef:
                    22:19:8c:7a:f1:68:4e:b8:ab:23:93:6f:23:97:df:
                    10:54:84:2f:3e:37:7d:db:9c:71:cb:cd:d8:41:2e:
                    b8:56:af:95:a3:dd:9c:8a:d6:4d:0f:82:10:c4:45:
                    3b:fc:cf:3f:f7:7e:68:4b:eb:de:e6:2d:2d:c7:9e:
                    a7:24:25:d3:60:5d:a3:a0:62:6e:94:31:77:32:d9:
                    5e:2e:56:fa:c3:ce:a1:93:7d:fd:85:8b:0f:68:c1:
                    bf:20:d5:0e:1e:78:b7:23:3a:27:d7:94:66:7e:ab:
                    de:ec:05:53:e7:c3:f1:05:12:46:b2:7e:4f:45:12:
                    da:63:fd:c5:4e:3e:5a:26:86:79:49:49:3d:03:9a:
                    21:a8:97:c6:5b:2c:ed:c6:c6:a9:49:2e:e4:51:58:
                    95:46:db:88:ee:5f:c7:cf:50:bb:d9:62:60:02:d3:
                    67:d0:fc:b1:75:b7:70:cb:8e:3b:8b:09:28:98:32:
                    5f:47:aa:67:43:c4:66:c9:25:53:0c:02:b4:f3:24:
                    90:90:f0:d5:da:4b:78:d1:a4:a0:55:f3:84:ef:5f:
                    f3:a4:7c:b5:90:b4:d4:63:3e:9b:8b:44:56:cc:0a:
                    4b:8e:56:61:55:cc:b7:d4:78:38:a5:a4:0c:f7:ed:
                    5c:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:81:AE:0E:C5:12:20:38:50:31:C6:26:DA:4B:A6:74:92:7E:D5:95
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4oGuDsUSIDhQMcYm2kumdJJ-1ZU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:ea8::/46
                  2a10:2f00:168::/48

    Signature Algorithm: sha256WithRSAEncryption
         61:b2:60:02:94:af:70:16:66:5f:12:85:4f:c3:7d:3c:5a:66:
         bf:ef:7f:2b:c2:13:ed:f7:17:98:37:b2:dc:98:4c:f2:71:9d:
         95:bc:8f:33:59:41:d0:fc:5b:74:74:52:20:4b:ea:34:8e:7e:
         dd:56:54:92:a5:82:61:09:aa:95:c4:36:fb:72:05:57:e4:8f:
         97:ed:14:8a:a9:2d:6e:bc:50:a6:a7:27:b3:91:84:89:59:dc:
         b3:75:75:b2:86:83:41:38:67:94:3c:aa:74:89:d3:3a:31:56:
         55:40:e8:81:ff:2e:de:10:db:36:8a:76:c2:ae:bf:f8:28:a0:
         75:ae:ae:1b:06:22:47:b5:36:84:dc:e6:53:fe:af:59:28:b4:
         e9:b2:e7:59:78:56:2e:a9:51:98:69:ca:bc:0f:81:10:32:5d:
         7d:4b:cf:bb:87:39:07:31:3c:72:3f:28:61:cf:46:0f:96:33:
         e2:9e:01:fd:37:a3:69:48:09:95:0f:49:77:82:f4:21:35:36:
         78:fb:77:d9:b0:a1:e6:19:2f:8c:85:74:0f:cd:d3:91:5e:43:
         34:88:2a:0d:f4:15:2a:dc:7c:96:d5:70:fa:3e:76:7c:52:ff:
         1c:6f:6e:85:0c:43:8f:fa:9d:12:bc:c0:a0:f6:7f:08:e8:1b:
         0e:73:b7:63
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw6ArTyf6jQxpmBbgnfHcnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjgxYWUwZWM1MTIyMDM4NTAzMWM2MjZkYTRiYTY3NDkyN2VkNTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTz5QK+RhdL7ZJ5XvO8iGYx68WhO
uKsjk28jl98QVIQvPjd925xxy83YQS64Vq+Vo92citZND4IQxEU7/M8/935oS+ve
5i0tx56nJCXTYF2joGJulDF3MtleLlb6w86hk339hYsPaMG/INUOHni3Izon15Rm
fqve7AVT58PxBRJGsn5PRRLaY/3FTj5aJoZ5SUk9A5ohqJfGWyztxsapSS7kUViV
RtuI7l/Hz1C72WJgAtNn0Pyxdbdwy447iwkomDJfR6pnQ8RmySVTDAK08ySQkPDV
2kt40aSgVfOE71/zpHy1kLTUYz6bi0RWzApLjlZhVcy31Hg4paQM9+1cbQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOKBrg7FEiA4UDHGJtpLpnSSftWVMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNG9HdURzVVNJRGhRTWNZbTJrdW1kSkotMVpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcCKg6xBw6o
AwcAKhAvAAFoMA0GCSqGSIb3DQEBCwUAA4IBAQBhsmAClK9wFmZfEoVPw308Wma/
738rwhPt9xeYN7LcmEzycZ2VvI8zWUHQ/Ft0dFIgS+o0jn7dVlSSpYJhCaqVxDb7
cgVX5I+X7RSKqS1uvFCmpyezkYSJWdyzdXWyhoNBOGeUPKp0idM6MVZVQOiB/y7e
ENs2inbCrr/4KKB1rq4bBiJHtTaE3OZT/q9ZKLTpsudZeFYuqVGYacq8D4EQMl19
S8+7hzkHMTxyPyhhz0YPljPingH9N6NpSAmVD0l3gvQhNTZ4+3fZsKHmGS+MhXQP
zdORXkM0iCoN9BUq3HyW1XD6PnZ8Uv8cb26FDEOP+p0SvMCg9n8I6BsOc7dj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:53 2024 by rpki-client on console-ams.rpki-client.org