Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9xzYQVYwiqnNNpWeMviuXVINzeU.roa
File:                     9xzYQVYwiqnNNpWeMviuXVINzeU.roa (raw, json)
Hash identifier:          ENGXioABRutvBCFYPWMQ3e1JBUKpXYvIFFOKGxzL/Oo=
Subject key identifier:   F7:1C:D8:41:56:30:8A:A9:CD:36:95:9E:32:F8:AE:5D:52:0D:CD:E5
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0185E48AE8A052A030D9940A14DEA1D1704E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9xzYQVYwiqnNNpWeMviuXVINzeU.roa
Signing time:             Tue 24 Jan 2023 16:09:46 +0000
ROA not before:           Tue 24 Jan 2023 16:09:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209861
IP address blocks:        2a0e:b107:f0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e4:8a:e8:a0:52:a0:30:d9:94:0a:14:de:a1:d1:70:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan 24 16:09:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f71cd84156308aa9cd36959e32f8ae5d520dcde5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:17:61:f1:74:c5:00:28:7e:86:6c:db:92:5e:
                    5b:64:3d:c7:c4:a1:f2:cc:85:71:b5:c4:51:b2:86:
                    af:ca:b0:15:10:73:41:12:4c:bc:08:44:45:17:1e:
                    62:a2:dc:1a:2f:66:f5:12:74:81:15:37:61:aa:63:
                    c7:49:9f:8e:60:52:0e:50:60:c6:56:e3:66:45:56:
                    00:92:24:c4:1a:7b:54:5e:97:ee:f0:a9:0a:40:ff:
                    fe:29:63:64:0d:4f:35:c8:2d:ee:cf:b2:40:6e:eb:
                    ae:59:a4:21:14:0f:96:9a:61:07:c1:db:2c:66:bd:
                    86:52:f2:7f:fe:74:f2:b3:79:76:c0:31:ad:cd:fc:
                    3c:46:30:b2:bb:ca:57:79:77:bf:2c:32:76:4b:b7:
                    d4:fe:f0:88:75:23:15:a6:c2:e6:74:8f:d9:b5:69:
                    27:93:0c:5d:f1:69:b3:42:4c:13:c5:95:0c:0d:7b:
                    56:c6:2d:13:f7:d8:df:2d:44:88:bd:19:78:18:4e:
                    69:bf:17:98:d3:0b:77:69:53:50:ae:2b:07:84:e4:
                    25:f1:40:10:7a:c2:57:39:ba:53:32:d5:ab:66:b3:
                    e3:1b:f2:58:91:9b:54:fe:7d:45:4d:ce:5d:fa:37:
                    2b:fb:58:4e:d7:d3:89:66:fa:23:8c:d1:b1:b8:93:
                    4b:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:1C:D8:41:56:30:8A:A9:CD:36:95:9E:32:F8:AE:5D:52:0D:CD:E5
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9xzYQVYwiqnNNpWeMviuXVINzeU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:f0::/44

    Signature Algorithm: sha256WithRSAEncryption
         02:8d:5f:be:f5:d2:9d:44:58:4b:b2:07:1b:35:3a:25:be:74:
         38:e3:79:d3:0a:42:1b:e9:93:a5:ce:f1:74:a5:84:ec:67:af:
         2e:bd:e7:d2:e4:ad:40:7a:31:98:ce:05:70:16:c2:cf:73:4d:
         45:8c:08:bb:db:5d:ac:59:16:36:cd:f7:a4:d5:e5:94:09:2f:
         3a:c3:ef:b5:99:b9:4b:48:3a:8e:28:e5:a7:d1:c2:9c:14:66:
         77:03:74:6e:50:12:c8:b6:7a:fb:0d:27:ca:fd:81:eb:1c:83:
         5e:1d:5a:a9:9c:f4:7e:ab:a6:af:88:2c:1f:d4:b0:c6:d5:09:
         4b:25:9f:fa:22:63:06:be:2c:aa:1e:dd:83:fe:f9:d8:52:eb:
         d9:e2:15:92:81:a2:bd:e3:53:70:fb:98:cd:de:2c:27:c1:0f:
         bf:d0:3d:c1:47:bb:2c:b9:4a:df:e1:47:b1:6a:df:bc:32:ab:
         59:a3:ce:3e:39:70:30:a2:70:14:87:7a:3e:c9:ec:47:18:5e:
         69:6b:2a:40:4b:5a:f7:da:db:a3:6d:36:84:55:e6:cc:ce:83:
         03:93:c3:33:0f:74:93:45:fe:82:54:d6:28:cb:82:52:aa:21:
         fe:df:b3:4a:0b:6e:78:cd:c3:f1:71:1f:7c:33:45:22:14:88:
         65:4a:d3:2a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkiuigUqAw2ZQKFN6h0XBOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzFjZDg0MTU2MzA4YWE5Y2QzNjk1OWUzMmY4YWU1ZDUyMGRjZGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRdh8XTFACh+hmzbkl5bZD3HxKHy
zIVxtcRRsoavyrAVEHNBEky8CERFFx5iotwaL2b1EnSBFTdhqmPHSZ+OYFIOUGDG
VuNmRVYAkiTEGntUXpfu8KkKQP/+KWNkDU81yC3uz7JAbuuuWaQhFA+WmmEHwdss
Zr2GUvJ//nTys3l2wDGtzfw8RjCyu8pXeXe/LDJ2S7fU/vCIdSMVpsLmdI/ZtWkn
kwxd8WmzQkwTxZUMDXtWxi0T99jfLUSIvRl4GE5pvxeY0wt3aVNQrisHhOQl8UAQ
esJXObpTMtWrZrPjG/JYkZtU/n1FTc5d+jcr+1hO19OJZvojjNGxuJNLyQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPcc2EFWMIqpzTaVnjL4rl1SDc3lMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOXh6WVFWWXdpcW5OTnBXZU12aXVYVklOemVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBwDw
MA0GCSqGSIb3DQEBCwUAA4IBAQACjV++9dKdRFhLsgcbNTolvnQ443nTCkIb6ZOl
zvF0pYTsZ68uvefS5K1AejGYzgVwFsLPc01FjAi7212sWRY2zfek1eWUCS86w++1
mblLSDqOKOWn0cKcFGZ3A3RuUBLItnr7DSfK/YHrHINeHVqpnPR+q6aviCwf1LDG
1QlLJZ/6ImMGviyqHt2D/vnYUuvZ4hWSgaK941Nw+5jN3iwnwQ+/0D3BR7ssuUrf
4Uexat+8MqtZo84+OXAwonAUh3o+yexHGF5paypAS1r32tujbTaEVebMzoMDk8Mz
D3STRf6CVNYoy4JSqiH+37NKC254zcPxcR98M0UiFIhlStMq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:26 2024 by rpki-client on console-fra.rpki-client.org