Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9JZtBlTIyndvpECnpWy2a2SEGMY.roa
File:                     9JZtBlTIyndvpECnpWy2a2SEGMY.roa (raw, json)
Hash identifier:          80zBABAXgck8lTcr5uUrk6uDggfib99T/dqe0t0iT3U=
Subject key identifier:   F4:96:6D:06:54:C8:CA:77:6F:A4:40:A7:A5:6C:B6:6B:64:84:18:C6
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018A15255E772D94063FA40728CFC6B6EB3C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9JZtBlTIyndvpECnpWy2a2SEGMY.roa
Signing time:             Sun 20 Aug 2023 22:51:25 +0000
ROA not before:           Sun 20 Aug 2023 22:51:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41720
IP address blocks:        2a0e:97c0:cc0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:15:25:5e:77:2d:94:06:3f:a4:07:28:cf:c6:b6:eb:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Aug 20 22:51:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f4966d0654c8ca776fa440a7a56cb66b648418c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:0b:22:e9:c0:cc:50:05:80:77:48:01:08:42:
                    e3:2d:6c:47:d4:1a:87:f0:72:85:3f:10:2f:e6:f4:
                    55:26:11:e4:3f:15:56:13:38:9b:62:c1:9f:fa:2c:
                    8f:d4:4e:c8:3b:4c:da:97:7e:e5:d8:16:cc:d1:a4:
                    ee:f5:b9:1c:fc:1e:dc:cc:37:4c:3a:42:38:13:c7:
                    d6:55:94:5b:5c:d9:31:a6:2b:b2:a5:ba:dd:f0:f2:
                    f4:28:8b:c4:d2:b3:e1:a9:da:96:cc:4b:21:00:55:
                    00:be:dc:91:33:dd:29:14:81:6a:6c:dc:7b:9c:d1:
                    ea:e8:e7:65:ce:af:db:20:f2:0b:eb:fe:65:94:05:
                    91:25:0b:ef:38:11:cc:7a:4c:57:29:d6:4b:0c:35:
                    e6:a7:ca:f3:dc:9a:0b:05:f3:bb:8c:f6:da:4b:86:
                    bc:b6:3c:ea:53:bb:c8:91:78:aa:c9:bb:83:6f:86:
                    b4:24:fe:67:d9:8b:81:df:68:0f:c2:45:f5:ce:6c:
                    69:85:b7:e1:9b:4c:11:1a:db:89:6f:53:9d:4b:2e:
                    b9:ac:0e:c1:1e:7a:13:28:36:75:19:dd:d4:49:7f:
                    cc:3d:81:61:ea:11:cb:41:af:c0:82:9c:f0:00:a5:
                    78:90:ec:b5:73:b8:10:59:e3:c7:9b:02:9e:bc:11:
                    bc:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:96:6D:06:54:C8:CA:77:6F:A4:40:A7:A5:6C:B6:6B:64:84:18:C6
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9JZtBlTIyndvpECnpWy2a2SEGMY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:cc0::/44

    Signature Algorithm: sha256WithRSAEncryption
         a9:d2:be:6c:b1:17:46:2e:bd:48:10:48:17:eb:de:45:99:41:
         4b:f5:fe:a8:87:9c:ea:a8:37:73:14:79:2d:ab:d1:a1:22:44:
         2c:7f:ec:cc:42:ce:18:e2:ae:26:fa:37:37:ff:8b:0a:0c:c8:
         15:34:15:73:97:3e:42:f1:4d:af:05:d8:cc:9a:5f:67:25:dc:
         fb:ec:f3:24:ae:b9:c4:b6:23:e0:5d:6c:7b:80:71:81:55:46:
         92:62:a5:3a:01:40:41:cc:55:6d:50:40:41:4a:99:ff:ec:9f:
         4f:30:8d:9f:a4:02:92:33:6c:57:0a:e4:0a:7a:53:0d:89:b7:
         1f:12:15:ae:db:b1:82:e6:de:2a:ce:90:26:aa:d5:5e:4d:22:
         1b:c2:7a:7d:ec:6b:4e:b4:df:a4:9b:bc:11:69:78:dd:97:f7:
         71:bd:6d:33:6f:67:34:e3:42:10:f4:74:cb:fb:f0:6d:2c:50:
         0b:17:9e:b8:85:a3:29:14:0f:1d:1e:e4:30:91:ad:df:5a:97:
         fe:3b:38:2d:60:52:33:5a:b5:18:a5:4b:21:e7:4e:6e:fd:92:
         d7:2b:fd:bf:2e:0c:2c:76:9a:e8:f2:ec:25:38:98:7e:38:52:
         59:57:b7:b3:7d:64:e0:44:19:b5:03:c1:ec:74:b4:4d:58:0b:
         36:a9:3f:ca
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYoVJV53LZQGP6QHKM/Gtus8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwODIwMjI1MTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDk2NmQwNjU0YzhjYTc3NmZhNDQwYTdhNTZjYjY2YjY0ODQxOGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAsi6cDMUAWAd0gBCELjLWxH1BqH
8HKFPxAv5vRVJhHkPxVWEzibYsGf+iyP1E7IO0zal37l2BbM0aTu9bkc/B7czDdM
OkI4E8fWVZRbXNkxpiuypbrd8PL0KIvE0rPhqdqWzEshAFUAvtyRM90pFIFqbNx7
nNHq6Odlzq/bIPIL6/5llAWRJQvvOBHMekxXKdZLDDXmp8rz3JoLBfO7jPbaS4a8
tjzqU7vIkXiqybuDb4a0JP5n2YuB32gPwkX1zmxphbfhm0wRGtuJb1OdSy65rA7B
HnoTKDZ1Gd3USX/MPYFh6hHLQa/AgpzwAKV4kOy1c7gQWePHmwKevBG8lQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPSWbQZUyMp3b6RAp6VstmtkhBjGMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOUpadEJsVEl5bmR2cEVDbnBXeTJhMlNFR01ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAzA
MA0GCSqGSIb3DQEBCwUAA4IBAQCp0r5ssRdGLr1IEEgX695FmUFL9f6oh5zqqDdz
FHktq9GhIkQsf+zMQs4Y4q4m+jc3/4sKDMgVNBVzlz5C8U2vBdjMml9nJdz77PMk
rrnEtiPgXWx7gHGBVUaSYqU6AUBBzFVtUEBBSpn/7J9PMI2fpAKSM2xXCuQKelMN
ibcfEhWu27GC5t4qzpAmqtVeTSIbwnp97GtOtN+km7wRaXjdl/dxvW0zb2c040IQ
9HTL+/BtLFALF564haMpFA8dHuQwka3fWpf+OzgtYFIzWrUYpUsh505u/ZLXK/2/
Lgwsdpro8uwlOJh+OFJZV7ezfWTgRBm1A8HsdLRNWAs2qT/K
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:55 2024 by rpki-client on console-ams.rpki-client.org