Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7USkLr2aH8AhKBbgHp383IDW01Q.roa
File:                     7USkLr2aH8AhKBbgHp383IDW01Q.roa (raw, json)
Hash identifier:          puZWQ33IHKYVGGPVAdr3I0ab+oAfvxCnr3VlLOpTOkk=
Subject key identifier:   ED:44:A4:2E:BD:9A:1F:C0:21:28:16:E0:1E:9D:FC:DC:80:D6:D3:54
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E7A8828C010EB7A50E029663CDC630
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7USkLr2aH8AhKBbgHp383IDW01Q.roa
Signing time:             Mon 02 Jan 2023 05:15:08 +0000
ROA not before:           Mon 02 Jan 2023 05:15:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202336
IP address blocks:        2a0e:97c0:c30::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:a8:82:8c:01:0e:b7:a5:0e:02:96:63:cd:c6:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ed44a42ebd9a1fc0212816e01e9dfcdc80d6d354
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:81:05:cc:68:92:31:1d:94:97:2c:2d:2d:3b:
                    56:10:9e:c9:11:a2:06:08:14:df:ea:0f:5e:0d:38:
                    0c:6a:f8:bf:fc:91:5b:82:c6:db:c3:73:c7:c7:f9:
                    29:1e:6a:7e:76:54:98:d0:1c:67:f7:25:fe:26:3b:
                    05:98:de:3b:9d:b0:8a:fa:a3:67:06:f6:81:30:16:
                    e8:a4:47:89:82:b7:a0:19:8d:97:18:db:50:16:f3:
                    79:51:49:6d:83:bb:45:86:ad:f5:fc:78:29:00:51:
                    72:34:3c:cf:c7:38:c5:50:32:a4:03:a9:e0:40:24:
                    26:7c:16:ad:70:bd:ef:81:db:32:48:8b:9d:e1:eb:
                    40:c0:c3:02:f4:ab:27:89:b3:fd:a3:a3:06:df:25:
                    b7:23:30:fd:8d:65:81:15:f6:b1:df:10:54:c6:85:
                    9b:3b:6d:0c:51:98:cf:a4:0b:da:f9:9f:68:04:a2:
                    0c:4f:92:a5:c6:39:9a:4a:2d:52:c5:ec:15:ae:e8:
                    c2:80:d3:6c:4f:0a:a2:ef:e3:dc:28:88:d2:85:35:
                    35:4a:b3:79:1c:85:3f:67:7a:08:b2:01:7a:9f:88:
                    65:d1:7c:2b:b4:03:46:67:0b:17:55:c8:0b:95:dc:
                    da:2d:a6:4b:d3:a9:a2:6a:56:87:26:d7:fc:ae:c6:
                    56:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:44:A4:2E:BD:9A:1F:C0:21:28:16:E0:1E:9D:FC:DC:80:D6:D3:54
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7USkLr2aH8AhKBbgHp383IDW01Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:c30::/44

    Signature Algorithm: sha256WithRSAEncryption
         5a:d7:bf:e5:94:0c:be:88:aa:9c:84:14:e1:46:76:68:96:e9:
         f9:ee:34:62:47:0e:bb:de:0e:ea:e9:9a:03:26:f2:63:ff:02:
         d2:64:da:3f:cc:48:2c:10:14:a9:ea:56:68:c4:c0:62:45:26:
         da:ed:51:e4:10:53:b2:b8:2c:f0:11:3c:03:51:31:eb:5e:7f:
         39:95:3b:fb:3c:e3:05:40:9e:f4:4f:d1:a6:87:79:91:4e:5b:
         5f:f0:67:c6:7d:51:5e:ea:21:2d:7d:32:ef:b1:ec:81:25:57:
         bc:fa:16:8f:fc:35:fb:b8:1c:e9:c6:bd:29:06:7f:b4:3f:1c:
         f9:77:5f:c9:6d:80:5f:e1:6d:27:80:23:23:37:84:90:35:74:
         42:2f:be:e6:a5:cf:ac:23:eb:7a:56:99:2e:aa:08:55:38:e6:
         8f:b8:88:fa:73:1b:ba:60:5d:75:5a:ef:39:1f:a1:e9:42:1e:
         a8:e4:f4:31:52:b3:9f:f4:f8:ec:b2:1b:f3:10:2b:03:9b:a5:
         66:6a:24:e3:9c:2d:c6:8e:2d:b4:7e:e4:95:2a:ac:28:cd:d3:
         f1:51:c8:96:76:b4:f7:2f:6f:f7:53:ad:f4:d4:c2:d4:c1:70:
         39:a7:c5:fc:c7:01:c7:41:f9:2e:67:bf:b1:ba:c3:20:ff:df:
         26:00:8d:07
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw56iCjAEOt6UOApZjzcYwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDQ0YTQyZWJkOWExZmMwMjEyODE2ZTAxZTlkZmNkYzgwZDZkMzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYEFzGiSMR2UlywtLTtWEJ7JEaIG
CBTf6g9eDTgMavi//JFbgsbbw3PHx/kpHmp+dlSY0Bxn9yX+JjsFmN47nbCK+qNn
BvaBMBbopEeJgregGY2XGNtQFvN5UUltg7tFhq31/HgpAFFyNDzPxzjFUDKkA6ng
QCQmfBatcL3vgdsySIud4etAwMMC9KsnibP9o6MG3yW3IzD9jWWBFfax3xBUxoWb
O20MUZjPpAva+Z9oBKIMT5KlxjmaSi1SxewVrujCgNNsTwqi7+PcKIjShTU1SrN5
HIU/Z3oIsgF6n4hl0XwrtANGZwsXVcgLldzaLaZL06mialaHJtf8rsZWdQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFO1EpC69mh/AISgW4B6d/NyA1tNUMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvN1VTa0xyMmFIOEFoS0JiZ0hwMzgzSURXMDFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAww
MA0GCSqGSIb3DQEBCwUAA4IBAQBa17/llAy+iKqchBThRnZolun57jRiRw673g7q
6ZoDJvJj/wLSZNo/zEgsEBSp6lZoxMBiRSba7VHkEFOyuCzwETwDUTHrXn85lTv7
POMFQJ70T9Gmh3mRTltf8GfGfVFe6iEtfTLvseyBJVe8+haP/DX7uBzpxr0pBn+0
Pxz5d1/JbYBf4W0ngCMjN4SQNXRCL77mpc+sI+t6VpkuqghVOOaPuIj6cxu6YF11
Wu85H6HpQh6o5PQxUrOf9PjsshvzECsDm6VmaiTjnC3Gji20fuSVKqwozdPxUciW
drT3L2/3U6301MLUwXA5p8X8xwHHQfkuZ7+xusMg/98mAI0H
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:55 2024 by rpki-client on console-ams.rpki-client.org