Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9vLkoOoLc56d0XSkjX_YzjuViBU.roa
File:                     9vLkoOoLc56d0XSkjX_YzjuViBU.roa (raw, json)
Hash identifier:          yAjdXZshajPTyWMebxTnB78v9fl+QLZEsrOgmnyAlJU=
Subject key identifier:   F6:F2:E4:A0:EA:0B:73:9E:9D:D1:74:A4:8D:7F:D8:CE:3B:95:88:15
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018AF965F899B9D4AA31A3CCCC4282B8965B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9vLkoOoLc56d0XSkjX_YzjuViBU.roa
Signing time:             Wed 04 Oct 2023 06:35:24 +0000
ROA not before:           Wed 04 Oct 2023 06:35:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        2a0e:b107:1870::/48 maxlen: 48
                          2a0c:3b87:ff00::/40 maxlen: 48
                          2a10:ccc3:ccc2::/48 maxlen: 48
                          2a0e:b107:9f4::/48 maxlen: 48
                          2a0c:3b87:ffff::/48 maxlen: 48
                          2a0e:97c0:791::/48 maxlen: 48
                          2a0e:b107:1b9e::/48 maxlen: 48
                          2a10:ccc3:ccce::/48 maxlen: 48
                          2a0e:97c4:ac00::/38 maxlen: 48
                          2a0e:97c0:792::/48 maxlen: 48
                          2a0e:b107:5d0::/44 maxlen: 48
                          2a0e:97c0:750::/48 maxlen: 48
                          2a0e:b107:df2::/48 maxlen: 48
                          2a10:ccc7:9000::/38 maxlen: 48
                          2a0e:b107:9f6::/48 maxlen: 48
                          2a0e:97c0:76f::/48 maxlen: 48
                          2a0e:b107:278b::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sun 08 Oct 2023 18:02:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:f9:65:f8:99:b9:d4:aa:31:a3:cc:cc:42:82:b8:96:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Oct  4 06:35:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f6f2e4a0ea0b739e9dd174a48d7fd8ce3b958815
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:d4:a0:9e:2e:67:9c:9a:5d:b1:63:be:e3:e4:
                    b5:c4:30:b6:50:d2:f7:01:b6:f8:83:63:2b:59:c2:
                    d3:f4:cb:15:15:3d:89:e4:fd:5c:0f:85:cb:c1:39:
                    0a:37:a4:60:84:aa:ea:63:d3:4a:7f:23:11:73:ca:
                    95:ce:44:1e:cb:23:8a:d7:9d:76:6f:7e:13:ab:48:
                    67:77:1a:78:0f:37:db:fa:af:ad:56:79:36:c5:9e:
                    a2:9c:9c:7c:99:3c:a4:e7:9d:27:e9:57:0a:88:55:
                    81:3e:f9:d0:5d:e7:85:55:a8:f4:a9:cb:6d:70:a3:
                    ab:18:f3:66:4d:ae:1f:85:92:6d:4a:85:34:30:e6:
                    ce:ed:e8:1f:e3:c7:da:e0:0c:cd:83:71:b4:47:07:
                    c4:6f:04:f8:72:0a:47:53:1b:8c:0e:ba:e4:55:d6:
                    ed:b8:e9:08:cc:13:60:98:42:ad:d2:df:00:75:40:
                    b6:be:53:cb:e8:0b:54:89:e7:e6:c9:a3:76:ac:20:
                    c0:4d:c4:52:34:30:a2:a9:b4:e6:0d:15:59:2c:32:
                    db:c4:a0:ab:86:b0:9b:45:f7:73:e0:41:83:98:6b:
                    21:c9:4f:fd:35:72:8a:e2:c1:54:f8:95:b1:79:5b:
                    d6:a9:3c:da:b4:17:8d:73:3e:4a:f4:91:9a:24:e4:
                    86:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:F2:E4:A0:EA:0B:73:9E:9D:D1:74:A4:8D:7F:D8:CE:3B:95:88:15
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9vLkoOoLc56d0XSkjX_YzjuViBU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:3b87:ff00::/40
                  2a0e:97c0:750::/48
                  2a0e:97c0:76f::/48
                  2a0e:97c0:791::-2a0e:97c0:792:ffff:ffff:ffff:ffff:ffff
                  2a0e:97c4:ac00::/38
                  2a0e:b107:5d0::/44
                  2a0e:b107:9f4::/48
                  2a0e:b107:9f6::/48
                  2a0e:b107:df2::/48
                  2a0e:b107:1870::/48
                  2a0e:b107:1b9e::/48
                  2a0e:b107:278b::/48
                  2a10:ccc3:ccc2::/48
                  2a10:ccc3:ccce::/48
                  2a10:ccc7:9000::/38

    Signature Algorithm: sha256WithRSAEncryption
         80:b6:07:22:8c:60:6c:83:d4:ef:f7:f5:b6:99:b1:9d:35:11:
         c2:06:81:90:06:77:64:1e:a5:f0:73:e5:0a:48:01:42:6c:2d:
         30:b4:67:41:e2:00:69:96:b2:2a:bc:5d:45:04:97:15:8d:c4:
         b8:fb:da:d7:80:02:dc:f5:61:75:fd:f8:78:f2:0c:50:1d:2d:
         04:56:e3:e5:60:c2:0b:e6:18:c1:99:94:62:d4:45:df:2c:a0:
         e5:da:9f:70:63:ec:22:d1:74:79:36:52:82:6e:70:59:4d:8e:
         53:22:9c:f9:32:a6:76:44:5b:87:fa:76:f3:81:96:48:53:80:
         92:e6:e3:1f:92:ca:dd:c5:e7:eb:46:cb:a5:15:7c:52:73:7b:
         d8:e1:5e:5b:76:90:2c:e7:d9:1b:ba:25:65:44:f4:08:c4:f0:
         de:00:e4:c7:e4:10:de:c6:a9:bf:18:39:d1:0f:d8:cc:af:8e:
         62:d3:b5:47:7a:2c:68:6e:62:e6:c4:fb:6f:f8:1c:a0:80:5b:
         47:cc:fe:6b:d2:17:c1:56:82:c6:ed:2b:ce:75:44:2e:fe:e4:
         5e:9c:59:b2:7e:47:16:07:e0:35:0a:d0:b4:d3:ae:43:5b:89:
         20:eb:db:56:e9:4e:5b:5d:30:e8:9e:80:8b:34:2f:44:ae:99:
         88:4b:15:aa
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAYr5ZfiZudSqMaPMzEKCuJZbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMDA0MDYzNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmYyZTRhMGVhMGI3MzllOWRkMTc0YTQ4ZDdmZDhjZTNiOTU4ODE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutSgni5nnJpdsWO+4+S1xDC2UNL3
Abb4g2MrWcLT9MsVFT2J5P1cD4XLwTkKN6RghKrqY9NKfyMRc8qVzkQeyyOK1512
b34Tq0hndxp4Dzfb+q+tVnk2xZ6inJx8mTyk550n6VcKiFWBPvnQXeeFVaj0qctt
cKOrGPNmTa4fhZJtSoU0MObO7egf48fa4AzNg3G0RwfEbwT4cgpHUxuMDrrkVdbt
uOkIzBNgmEKt0t8AdUC2vlPL6AtUiefmyaN2rCDATcRSNDCiqbTmDRVZLDLbxKCr
hrCbRfdz4EGDmGshyU/9NXKK4sFU+JWxeVvWqTzatBeNcz5K9JGaJOSGpwIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFPby5KDqC3OendF0pI1/2M47lYgVMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOXZMa29Pb0xjNTZkMFhTa2pYX1l6anVWaUJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBlgQCAAIwgY8DBgAq
DDuH/wMHACoOl8AHUAMHACoOl8AHbzASAwcAKg6XwAeRAwcAKg6XwAeSAwYCKg6X
xKwDBwQqDrEHBdADBwAqDrEHCfQDBwAqDrEHCfYDBwAqDrEHDfIDBwAqDrEHGHAD
BwAqDrEHG54DBwAqDrEHJ4sDBwAqEMzDzMIDBwAqEMzDzM4DBgIqEMzHkDANBgkq
hkiG9w0BAQsFAAOCAQEAgLYHIoxgbIPU7/f1tpmxnTURwgaBkAZ3ZB6l8HPlCkgB
QmwtMLRnQeIAaZayKrxdRQSXFY3EuPva14AC3PVhdf34ePIMUB0tBFbj5WDCC+YY
wZmUYtRF3yyg5dqfcGPsItF0eTZSgm5wWU2OUyKc+TKmdkRbh/p284GWSFOAkubj
H5LK3cXn60bLpRV8UnN72OFeW3aQLOfZG7olZUT0CMTw3gDkx+QQ3sapvxg50Q/Y
zK+OYtO1R3osaG5i5sT7b/gcoIBbR8z+a9IXwVaCxu0rznVELv7kXpxZsn5HFgfg
NQrQtNOuQ1uJIOvbVulOW10w6J6AizQvRK6ZiEsVqg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:23 2024 by rpki-client on console-fra.rpki-client.org