Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9k7bI02EmgRiddw0nKr7bXs_dzo.roa
File:                     9k7bI02EmgRiddw0nKr7bXs_dzo.roa (raw, json)
Hash identifier:          9f1nVF6kvfNmeej3mqU2AOSpyP5DHd/j8NbIL+eMBXM=
Subject key identifier:   F6:4E:DB:23:4D:84:9A:04:62:75:DC:34:9C:AA:FB:6D:7B:3F:77:3A
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       01859AD30C248072AF9AF562B66CDC90C02F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9k7bI02EmgRiddw0nKr7bXs_dzo.roa
Signing time:             Tue 10 Jan 2023 08:36:40 +0000
ROA not before:           Tue 10 Jan 2023 08:36:40 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31898
IP address blocks:        2a0e:b107:f50::/44 maxlen: 48

Validation:               Failed, certificate revoked on Mon 23 Jan 2023 10:50:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:9a:d3:0c:24:80:72:af:9a:f5:62:b6:6c:dc:90:c0:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan 10 08:36:40 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f64edb234d849a046275dc349caafb6d7b3f773a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:c0:52:23:fd:4e:08:02:39:6c:16:c1:ff:fc:
                    6a:f4:34:5f:65:e5:f7:d6:1c:6d:5a:e8:92:93:7c:
                    98:3b:86:e6:fd:da:0d:b5:d9:b8:07:63:09:b0:82:
                    1c:f5:b6:ac:05:8a:53:bc:cf:38:27:43:2d:77:ea:
                    1b:a3:dd:90:85:7d:e5:16:57:59:ee:c7:00:77:7e:
                    71:5b:d2:53:4e:e6:f2:34:a5:c3:58:13:09:82:fe:
                    cd:d2:1e:94:b1:0b:00:7c:77:e0:1b:5f:24:96:0c:
                    40:9c:87:a5:96:77:09:9c:83:1f:9d:1c:00:7e:ec:
                    a2:3c:cd:89:f3:f9:0b:86:ba:2f:e6:90:69:85:95:
                    77:1a:34:b7:1f:4e:87:a8:66:c8:3c:9f:ac:61:71:
                    4e:9a:0c:dc:2d:a8:6d:3e:b0:22:e3:af:87:04:67:
                    fb:12:76:24:fd:7a:6d:41:f6:c5:91:11:ef:7a:2c:
                    40:b7:6a:b8:45:5c:8e:a2:e0:a9:0d:28:6f:03:3f:
                    18:c4:cf:f8:59:60:4a:5d:53:bc:a9:06:ae:b4:7a:
                    33:cf:23:a4:38:36:c4:d7:05:f5:cb:da:e6:6a:6e:
                    b7:ab:1f:82:c2:c8:76:24:e5:3d:6b:25:08:5e:23:
                    2a:6d:15:21:11:de:97:a4:dd:4a:1b:7e:f0:17:d2:
                    22:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:4E:DB:23:4D:84:9A:04:62:75:DC:34:9C:AA:FB:6D:7B:3F:77:3A
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9k7bI02EmgRiddw0nKr7bXs_dzo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:f50::/44

    Signature Algorithm: sha256WithRSAEncryption
         21:13:4b:9d:38:64:6a:cd:96:13:cb:dd:e9:15:cd:c7:67:c9:
         4d:37:43:a1:84:2e:54:9e:1f:ec:9f:7d:ef:e6:a6:77:f3:3b:
         1b:b3:31:57:0c:45:3e:6b:4f:e9:51:ee:e1:6c:d1:5e:bc:41:
         10:c5:ab:fd:8a:ce:22:61:ee:cf:d3:fe:61:4e:52:ed:28:ed:
         8d:c9:bc:b3:ce:9d:23:61:28:09:42:16:32:4b:50:b7:ce:46:
         6d:33:98:5f:6b:e0:55:3f:a2:87:22:9c:2a:ca:68:5b:5a:7c:
         b7:56:4a:22:bc:b6:36:b0:07:c7:2f:7e:2e:3e:b4:1a:cc:9d:
         72:80:02:df:18:e8:8e:86:f1:51:31:3d:ec:57:23:dc:fe:bb:
         28:c9:8a:6a:b0:b2:ad:7f:22:52:97:86:b1:8c:49:29:9b:02:
         cf:11:a1:af:66:4d:f4:ac:cb:d7:69:e0:d3:c4:27:69:31:7f:
         ab:4d:44:43:2e:4f:6c:e0:ed:00:e4:06:e0:51:43:7a:89:bc:
         61:11:98:80:d0:a7:d6:b0:73:3a:f9:32:6d:27:cd:58:c9:9d:
         b5:dc:b2:38:cd:0e:c7:ac:38:dc:39:a1:b0:0f:37:8e:4e:7d:
         d2:6e:79:dc:71:e9:1e:f4:62:bd:04:90:8a:61:29:23:e6:1b:
         58:8b:96:f1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYWa0wwkgHKvmvVitmzckMAvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTEwMDgzNjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjRlZGIyMzRkODQ5YTA0NjI3NWRjMzQ5Y2FhZmI2ZDdiM2Y3NzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosBSI/1OCAI5bBbB//xq9DRfZeX3
1hxtWuiSk3yYO4bm/doNtdm4B2MJsIIc9basBYpTvM84J0Mtd+obo92QhX3lFldZ
7scAd35xW9JTTubyNKXDWBMJgv7N0h6UsQsAfHfgG18klgxAnIellncJnIMfnRwA
fuyiPM2J8/kLhrov5pBphZV3GjS3H06HqGbIPJ+sYXFOmgzcLahtPrAi46+HBGf7
EnYk/XptQfbFkRHveixAt2q4RVyOouCpDShvAz8YxM/4WWBKXVO8qQautHozzyOk
ODbE1wX1y9rmam63qx+Cwsh2JOU9ayUIXiMqbRUhEd6XpN1KG37wF9IioQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPZO2yNNhJoEYnXcNJyq+217P3c6MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOWs3YkkwMkVtZ1JpZGR3MG5LcjdiWHNfZHpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBw9Q
MA0GCSqGSIb3DQEBCwUAA4IBAQAhE0udOGRqzZYTy93pFc3HZ8lNN0OhhC5Unh/s
n33v5qZ38zsbszFXDEU+a0/pUe7hbNFevEEQxav9is4iYe7P0/5hTlLtKO2Nybyz
zp0jYSgJQhYyS1C3zkZtM5hfa+BVP6KHIpwqymhbWny3VkoivLY2sAfHL34uPrQa
zJ1ygALfGOiOhvFRMT3sVyPc/rsoyYpqsLKtfyJSl4axjEkpmwLPEaGvZk30rMvX
aeDTxCdpMX+rTURDLk9s4O0A5AbgUUN6ibxhEZiA0KfWsHM6+TJtJ81YyZ213LI4
zQ7HrDjcOaGwDzeOTn3Sbnncceke9GK9BJCKYSkj5htYi5bx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:23 2024 by rpki-client on console-fra.rpki-client.org