Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9TtJv4jyYZOKplYNPe6Rmw_0pVo.roa
File:                     9TtJv4jyYZOKplYNPe6Rmw_0pVo.roa (raw, json)
Hash identifier:          jzInfJwRgYxdUI75G800r7KEzzK2LYhx9Jc+dcsQXAA=
Subject key identifier:   F5:3B:49:BF:88:F2:61:93:8A:A6:56:0D:3D:EE:91:9B:0F:F4:A5:5A
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018BF1D30D10A225862BA5129FB1B3B5FFA7
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9TtJv4jyYZOKplYNPe6Rmw_0pVo.roa
Signing time:             Tue 21 Nov 2023 12:20:22 +0000
ROA not before:           Tue 21 Nov 2023 12:20:22 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     215975
IP address blocks:        2a0e:97c0:e20::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:f1:d3:0d:10:a2:25:86:2b:a5:12:9f:b1:b3:b5:ff:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Nov 21 12:20:22 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f53b49bf88f261938aa6560d3dee919b0ff4a55a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:70:52:cb:8c:da:e7:b3:fc:b6:9a:cb:9b:65:
                    fd:01:ce:c4:a0:e5:4c:c0:4f:c1:24:82:82:ea:fb:
                    1f:ec:f8:e9:57:1f:82:2c:50:43:4a:d6:69:7c:1e:
                    55:b5:03:69:db:66:4b:b4:f5:24:9c:3b:09:97:fa:
                    7f:2a:71:b2:bb:6f:0b:0d:26:40:59:92:d3:af:d3:
                    d6:99:d4:ac:31:7b:f9:97:a4:e2:61:b5:0a:81:16:
                    a2:02:d9:68:cb:40:51:ac:9d:b7:ba:4d:00:21:8d:
                    c8:35:75:65:1d:4e:7a:74:de:f1:45:19:18:03:d3:
                    cb:af:ef:dc:b0:ae:57:03:bd:3f:97:7c:37:c2:b9:
                    8d:af:81:76:42:cb:39:67:f8:b5:3d:84:0e:de:b9:
                    cb:83:45:94:d7:0d:4b:0c:ac:1b:43:bc:9e:de:2f:
                    2e:8c:c9:d9:fc:2f:21:4f:a5:6b:a5:10:71:30:91:
                    87:d9:5d:66:b5:3a:5c:09:9d:c5:4e:46:d2:fc:96:
                    0b:67:5b:ad:7d:f9:93:8c:24:56:bc:1a:73:37:71:
                    4d:05:9a:88:b5:d4:54:e8:a7:72:d9:e4:c4:1f:61:
                    09:09:85:fa:dc:05:ff:85:a0:79:73:d1:d0:e7:55:
                    0b:21:e2:75:8a:ec:d6:2a:4a:f6:ff:76:95:04:c9:
                    8e:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:3B:49:BF:88:F2:61:93:8A:A6:56:0D:3D:EE:91:9B:0F:F4:A5:5A
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9TtJv4jyYZOKplYNPe6Rmw_0pVo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:e20::/44

    Signature Algorithm: sha256WithRSAEncryption
         c6:ab:e9:94:7f:d9:9e:c4:4c:01:07:1f:2c:96:c7:31:63:08:
         3e:8b:f5:86:9e:07:c5:29:a6:e7:20:2d:1d:14:1b:f2:b4:f4:
         90:8f:5d:df:a6:0a:a5:9a:20:8e:ec:72:a8:d1:7c:64:f3:8d:
         52:dc:b5:68:74:8e:1f:4a:ab:61:f6:84:81:c3:e1:fd:3a:ac:
         16:00:fb:72:a9:cc:e4:32:71:03:1f:7d:55:1a:d3:81:a7:d2:
         09:5c:bd:5e:09:60:46:08:85:ab:b5:a1:de:6f:a7:1e:ab:6f:
         bc:4b:1c:35:4b:74:a7:12:0a:8b:98:9a:b7:3c:f1:54:8c:24:
         44:e1:3f:03:de:f6:d7:4e:0f:c4:c1:1b:3a:22:c5:88:17:73:
         f0:fc:bf:72:5b:e4:db:65:c9:d5:42:1c:ef:2a:21:2b:73:36:
         9e:1d:0d:da:d4:62:f6:73:84:91:86:3c:22:59:12:7c:fb:5c:
         28:f0:a5:af:cf:72:65:93:c3:ad:57:6a:bb:d6:a1:2c:be:ff:
         f0:74:50:cb:6f:28:04:50:ef:5e:14:49:76:5b:ae:5b:2d:22:
         49:29:76:b7:bd:dc:52:dc:df:7e:60:2e:e6:d1:0f:92:de:f6:
         89:2d:28:c6:6e:96:44:da:e7:71:2c:e8:2e:12:61:6f:50:75:
         37:e4:91:65
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYvx0w0QoiWGK6USn7Gztf+nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMTIxMTIyMDIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTNiNDliZjg4ZjI2MTkzOGFhNjU2MGQzZGVlOTE5YjBmZjRhNTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHBSy4za57P8tprLm2X9Ac7EoOVM
wE/BJIKC6vsf7PjpVx+CLFBDStZpfB5VtQNp22ZLtPUknDsJl/p/KnGyu28LDSZA
WZLTr9PWmdSsMXv5l6TiYbUKgRaiAtloy0BRrJ23uk0AIY3INXVlHU56dN7xRRkY
A9PLr+/csK5XA70/l3w3wrmNr4F2Qss5Z/i1PYQO3rnLg0WU1w1LDKwbQ7ye3i8u
jMnZ/C8hT6VrpRBxMJGH2V1mtTpcCZ3FTkbS/JYLZ1utffmTjCRWvBpzN3FNBZqI
tdRU6Kdy2eTEH2EJCYX63AX/haB5c9HQ51ULIeJ1iuzWKkr2/3aVBMmOMwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPU7Sb+I8mGTiqZWDT3ukZsP9KVaMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOVR0SnY0anlZWk9LcGxZTlBlNlJtd18wcFZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwA4g
MA0GCSqGSIb3DQEBCwUAA4IBAQDGq+mUf9mexEwBBx8slscxYwg+i/WGngfFKabn
IC0dFBvytPSQj13fpgqlmiCO7HKo0Xxk841S3LVodI4fSqth9oSBw+H9OqwWAPty
qczkMnEDH31VGtOBp9IJXL1eCWBGCIWrtaHeb6ceq2+8Sxw1S3SnEgqLmJq3PPFU
jCRE4T8D3vbXTg/EwRs6IsWIF3Pw/L9yW+TbZcnVQhzvKiErczaeHQ3a1GL2c4SR
hjwiWRJ8+1wo8KWvz3Jlk8OtV2q71qEsvv/wdFDLbygEUO9eFEl2W65bLSJJKXa3
vdxS3N9+YC7m0Q+S3vaJLSjGbpZE2udxLOguEmFvUHU35JFl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:23 2024 by rpki-client on console-fra.rpki-client.org