Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4y8kMNIQnl0_S28iqX6em_tlcVM.roa
File:                     4y8kMNIQnl0_S28iqX6em_tlcVM.roa (raw, json)
Hash identifier:          BOF28jWXTkVzRJJvvGDgm2/aepIt18i709Bi7LdtFUg=
Subject key identifier:   E3:2F:24:30:D2:10:9E:5D:3F:4B:6F:22:A9:7E:9E:9B:FB:65:71:53
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E7BA205E0E8A0EF7922E8B96A86A78
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4y8kMNIQnl0_S28iqX6em_tlcVM.roa
Signing time:             Mon 02 Jan 2023 05:15:12 +0000
ROA not before:           Mon 02 Jan 2023 05:15:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204406
IP address blocks:        2a0e:b107:1b94::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:ba:20:5e:0e:8a:0e:f7:92:2e:8b:96:a8:6a:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e32f2430d2109e5d3f4b6f22a97e9e9bfb657153
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:c7:e4:96:b5:d0:be:17:8b:ee:ae:5d:86:d7:
                    c7:1e:2d:45:88:1f:fc:a8:e4:ef:67:78:1a:16:e0:
                    f2:88:fa:bf:99:3d:88:60:fb:bb:67:82:d2:0d:2e:
                    42:93:4d:3f:9e:ae:7d:33:dd:9d:30:ec:f9:62:e6:
                    39:92:33:d1:62:86:1c:a8:94:59:f1:ce:d0:a5:62:
                    6c:fe:51:0f:b8:bb:7e:69:ed:7d:64:91:b1:3e:1d:
                    78:ab:27:38:68:0f:96:aa:f3:f6:50:0c:16:4e:56:
                    24:f0:c2:c0:3d:cc:06:92:95:3f:10:1e:f5:b5:d5:
                    e9:56:5a:ad:03:88:ab:43:87:94:c3:6b:5d:3c:3b:
                    1f:50:3a:62:c5:a2:58:59:3d:64:06:59:cf:d2:e2:
                    ac:0b:29:f7:cf:0a:fb:55:13:2d:d3:3b:e1:7b:63:
                    d7:92:4c:7e:e4:1e:7d:52:fc:ca:78:f3:c7:fd:d4:
                    cd:d7:4a:8e:0b:1b:7c:ad:9f:40:6b:d8:78:8b:66:
                    b6:ac:f1:be:b7:ee:04:fb:4f:f5:61:25:b8:a0:60:
                    cc:6c:ad:02:d2:46:3c:91:9e:4e:4c:63:40:65:ef:
                    dd:6e:b8:9f:4d:7e:d4:fd:ff:94:b4:b9:30:e7:a7:
                    98:06:42:2c:31:08:46:42:de:53:80:96:61:c1:d4:
                    f2:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:2F:24:30:D2:10:9E:5D:3F:4B:6F:22:A9:7E:9E:9B:FB:65:71:53
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4y8kMNIQnl0_S28iqX6em_tlcVM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:1b94::/48

    Signature Algorithm: sha256WithRSAEncryption
         24:81:40:75:c3:79:df:9d:cb:1c:da:80:fe:86:4e:29:80:f6:
         5f:dc:6a:36:77:16:ce:6d:55:00:ac:b7:3e:7a:1b:bd:d3:12:
         29:3f:57:62:a0:60:f9:83:94:44:fc:d3:ba:72:86:02:d8:cf:
         6c:49:25:f1:9a:7c:81:dd:da:a2:7b:57:ac:ff:74:da:50:a7:
         10:72:2e:5f:df:52:59:44:bf:4c:5c:86:0c:21:8d:66:48:1a:
         65:a6:f4:19:6b:39:6d:ec:f6:27:15:a6:71:0f:ed:0e:72:ac:
         70:88:c8:13:de:6f:11:e2:b3:ba:47:dd:02:62:02:39:93:7f:
         74:2f:2a:11:4a:49:9b:cb:b0:a9:ad:66:05:16:5f:c6:cb:3f:
         c0:2f:70:41:a3:a7:9e:26:66:b6:11:99:1d:87:64:3b:d0:79:
         2c:70:de:f0:f9:a9:92:07:7c:07:81:65:2f:98:17:b4:25:96:
         0c:c5:00:86:c2:7f:bb:a8:89:0d:bf:b8:c7:e6:f4:84:7f:a6:
         33:c9:10:b7:6c:02:e9:9a:cd:48:0d:bf:d1:ca:20:7f:5b:b5:
         08:37:e6:88:0d:39:9c:ee:3e:40:0a:e2:9b:41:81:8a:75:fa:
         13:42:61:e6:0a:03:3b:72:9d:b5:a6:87:d7:d7:ed:4f:2c:ac:
         8d:41:7b:2b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw57ogXg6KDveSLouWqGp4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzJmMjQzMGQyMTA5ZTVkM2Y0YjZmMjJhOTdlOWU5YmZiNjU3MTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcfklrXQvheL7q5dhtfHHi1FiB/8
qOTvZ3gaFuDyiPq/mT2IYPu7Z4LSDS5Ck00/nq59M92dMOz5YuY5kjPRYoYcqJRZ
8c7QpWJs/lEPuLt+ae19ZJGxPh14qyc4aA+WqvP2UAwWTlYk8MLAPcwGkpU/EB71
tdXpVlqtA4irQ4eUw2tdPDsfUDpixaJYWT1kBlnP0uKsCyn3zwr7VRMt0zvhe2PX
kkx+5B59UvzKePPH/dTN10qOCxt8rZ9Aa9h4i2a2rPG+t+4E+0/1YSW4oGDMbK0C
0kY8kZ5OTGNAZe/dbrifTX7U/f+UtLkw56eYBkIsMQhGQt5TgJZhwdTyuQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOMvJDDSEJ5dP0tvIql+npv7ZXFTMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNHk4a01OSVFubDBfUzI4aXFYNmVtX3RsY1ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBxuU
MA0GCSqGSIb3DQEBCwUAA4IBAQAkgUB1w3nfncsc2oD+hk4pgPZf3Go2dxbObVUA
rLc+ehu90xIpP1dioGD5g5RE/NO6coYC2M9sSSXxmnyB3dqie1es/3TaUKcQci5f
31JZRL9MXIYMIY1mSBplpvQZazlt7PYnFaZxD+0OcqxwiMgT3m8R4rO6R90CYgI5
k390LyoRSkmby7CprWYFFl/Gyz/AL3BBo6eeJma2EZkdh2Q70HkscN7w+amSB3wH
gWUvmBe0JZYMxQCGwn+7qIkNv7jH5vSEf6YzyRC3bALpms1IDb/RyiB/W7UIN+aI
DTmc7j5ACuKbQYGKdfoTQmHmCgM7cp21pofX1+1PLKyNQXsr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:53 2024 by rpki-client on console-ams.rpki-client.org