Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/A2Dm99Ghv5Zb35iYPdy1IidDFJs.roa
File:                     A2Dm99Ghv5Zb35iYPdy1IidDFJs.roa (raw, json)
Hash identifier:          4NZPnm+HO1XEo55t9kvjKDYf9RWX3xskk/LZzULkLx8=
Subject key identifier:   03:60:E6:F7:D1:A1:BF:96:5B:DF:98:98:3D:DC:B5:22:27:43:14:9B
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0186CCA42554CF8AD0971D1D60C3DDE27644
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/A2Dm99Ghv5Zb35iYPdy1IidDFJs.roa
Signing time:             Fri 10 Mar 2023 17:49:14 +0000
ROA not before:           Fri 10 Mar 2023 17:49:14 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210397
IP address blocks:        2a0e:97c0:780::/48 maxlen: 48
                          2a0e:97c0:781::/48 maxlen: 48
                          2a0e:97c0:78f::/48 maxlen: 48
                          2a0e:97c0:78a::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 13 Mar 2023 13:18:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:cc:a4:25:54:cf:8a:d0:97:1d:1d:60:c3:dd:e2:76:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Mar 10 17:49:14 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0360e6f7d1a1bf965bdf98983ddcb5222743149b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:0f:42:d6:7a:9e:9a:71:f5:54:55:dd:ba:b4:
                    e4:6b:67:ff:7c:11:8a:a8:33:63:45:b9:29:6c:3c:
                    e8:ad:b5:85:ba:a3:5a:53:ea:44:e0:dc:8f:11:70:
                    f1:5b:0a:b4:9b:ab:1c:ac:92:4f:a6:fa:39:eb:f8:
                    96:44:1a:88:c8:4d:10:da:9e:63:e4:6c:14:19:04:
                    bc:9a:03:f2:2c:38:fc:19:fc:13:ff:7c:3e:42:92:
                    51:d2:c0:bc:48:99:4f:d0:2f:7e:bf:63:ea:b0:92:
                    0c:41:56:f8:76:28:12:16:a2:54:a8:31:c3:61:ec:
                    45:90:b8:f3:48:51:95:2a:49:e8:d3:60:6b:e4:df:
                    3c:77:4a:d0:a2:b7:57:71:11:2b:e6:25:e0:e2:67:
                    07:b1:6c:5d:e0:46:73:02:e7:bd:d6:1a:48:e8:dc:
                    0e:bf:5d:3c:22:7f:46:1c:ac:4a:c5:03:e5:60:11:
                    d9:c6:14:85:b4:66:3b:04:f8:56:13:11:fe:fa:9e:
                    6d:46:6d:33:06:b2:fc:6c:26:f3:fe:46:ad:79:f7:
                    57:76:9a:2c:ee:cb:d4:11:20:6e:41:34:29:93:4a:
                    e2:47:db:3f:dc:66:72:2d:07:78:5a:bc:d9:e7:d9:
                    e7:6b:86:d3:4d:81:52:a1:62:5b:2e:fe:80:56:ad:
                    55:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:60:E6:F7:D1:A1:BF:96:5B:DF:98:98:3D:DC:B5:22:27:43:14:9B
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/A2Dm99Ghv5Zb35iYPdy1IidDFJs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:780::/47
                  2a0e:97c0:78a::/48
                  2a0e:97c0:78f::/48

    Signature Algorithm: sha256WithRSAEncryption
         64:15:55:dc:9c:89:c9:9f:ad:e8:0e:db:08:39:22:41:33:47:
         33:92:8a:ea:95:87:34:3d:30:e3:db:af:49:81:b7:bd:78:32:
         09:37:32:cf:b3:a3:12:65:c1:54:1c:35:cd:6d:12:f0:43:f7:
         95:90:55:7e:aa:4d:29:36:11:de:50:15:3d:42:5a:30:d0:a0:
         ec:0a:89:f5:d7:21:f2:d0:59:a1:46:5a:da:25:9f:62:04:37:
         92:08:65:24:b4:1b:49:91:1c:1e:2a:b8:e7:da:be:7b:69:db:
         bb:82:23:24:0b:24:92:d8:4d:1a:14:98:cd:28:a3:e2:22:cb:
         bc:53:13:ea:40:3a:41:55:68:73:c0:3f:f1:1d:d4:50:3e:a8:
         28:f4:97:69:6b:ef:cf:11:c4:dc:ca:72:c5:0b:75:ed:b0:50:
         e3:7a:b7:c2:04:fd:3e:37:6d:6d:99:00:67:4d:41:58:b5:2f:
         a0:65:f0:91:36:5b:0d:bf:58:7f:02:e9:0c:f4:24:61:7a:4d:
         81:de:f8:0c:78:9f:b6:83:b3:48:9b:8a:57:d8:e8:97:19:a8:
         1d:76:cb:60:5e:5b:5d:0e:a9:24:c1:68:f2:ff:05:35:68:0e:
         77:69:3b:8d:07:75:ef:9b:0f:ca:26:6a:ba:8e:9f:76:ad:20:
         ff:c7:05:89
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYbMpCVUz4rQlx0dYMPd4nZEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMzEwMTc0OTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzYwZTZmN2QxYTFiZjk2NWJkZjk4OTgzZGRjYjUyMjI3NDMxNDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxw9C1nqemnH1VFXdurTka2f/fBGK
qDNjRbkpbDzorbWFuqNaU+pE4NyPEXDxWwq0m6scrJJPpvo56/iWRBqIyE0Q2p5j
5GwUGQS8mgPyLDj8GfwT/3w+QpJR0sC8SJlP0C9+v2PqsJIMQVb4digSFqJUqDHD
YexFkLjzSFGVKkno02Br5N88d0rQordXcREr5iXg4mcHsWxd4EZzAue91hpI6NwO
v108In9GHKxKxQPlYBHZxhSFtGY7BPhWExH++p5tRm0zBrL8bCbz/katefdXdpos
7svUESBuQTQpk0riR9s/3GZyLQd4WrzZ59nna4bTTYFSoWJbLv6AVq1VPQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFANg5vfRob+WW9+YmD3ctSInQxSbMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQTJEbTk5R2h2NVpiMzVpWVBkeTFJaWRERkpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcBKg6XwAeA
AwcAKg6XwAeKAwcAKg6XwAePMA0GCSqGSIb3DQEBCwUAA4IBAQBkFVXcnInJn63o
DtsIOSJBM0czkorqlYc0PTDj269Jgbe9eDIJNzLPs6MSZcFUHDXNbRLwQ/eVkFV+
qk0pNhHeUBU9Qlow0KDsCon11yHy0FmhRlraJZ9iBDeSCGUktBtJkRweKrjn2r57
adu7giMkCySS2E0aFJjNKKPiIsu8UxPqQDpBVWhzwD/xHdRQPqgo9Jdpa+/PEcTc
ynLFC3XtsFDjerfCBP0+N21tmQBnTUFYtS+gZfCRNlsNv1h/AukM9CRhek2B3vgM
eJ+2g7NIm4pX2OiXGagddstgXltdDqkkwWjy/wU1aA53aTuNB3Xvmw/KJmq6jp92
rSD/xwWJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:56 2024 by rpki-client on console-ams.rpki-client.org