Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AdQnsyY2PNWP8xsso0tg8wv5kJA.roa
File:                     AdQnsyY2PNWP8xsso0tg8wv5kJA.roa (raw, json)
Hash identifier:          0waxCTGG24CRWqgXkVO1YzeNF/eh1JW9m7ZuSKX0sTs=
Subject key identifier:   01:D4:27:B3:26:36:3C:D5:8F:F3:1B:2C:A3:4B:60:F3:0B:F9:90:90
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0185E48ABE80F343E75595DC6B5B35D680FC
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AdQnsyY2PNWP8xsso0tg8wv5kJA.roa
Signing time:             Tue 24 Jan 2023 16:09:36 +0000
ROA not before:           Tue 24 Jan 2023 16:09:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47422
IP address blocks:        2a0e:b107:5f0::/44 maxlen: 48
                          2a0e:b107:620::/44 maxlen: 48

Validation:               Failed, certificate revoked on Wed 25 Jan 2023 00:11:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e4:8a:be:80:f3:43:e7:55:95:dc:6b:5b:35:d6:80:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan 24 16:09:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=01d427b326363cd58ff31b2ca34b60f30bf99090
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:09:01:1b:93:cb:04:9f:0e:57:91:3a:52:e3:
                    2e:48:7f:4c:eb:d7:65:50:7c:83:82:14:61:23:1b:
                    be:7f:1a:a6:cb:23:9e:09:f2:e2:17:b0:c2:13:91:
                    60:94:75:9d:b0:f1:12:13:80:af:1b:72:ac:44:15:
                    85:07:25:ed:dd:a4:55:5d:02:10:02:76:8b:83:d2:
                    db:a3:3e:be:15:c2:34:8e:86:26:85:74:3c:38:77:
                    5e:ea:05:f9:84:92:8c:d1:26:f7:44:15:56:08:0c:
                    42:f4:91:b8:04:7d:8b:59:a8:f2:ce:d8:cf:2d:ea:
                    fa:d8:ba:04:bd:77:e9:98:59:7b:c9:2e:32:45:e7:
                    73:8e:58:fc:72:ad:08:10:34:61:89:84:e7:33:b5:
                    c6:ea:44:69:60:12:d8:12:7f:c5:f3:58:68:25:f4:
                    06:81:99:fd:57:9e:44:97:e3:36:c3:71:65:ae:d7:
                    5a:01:ce:b8:e0:c6:5d:4c:65:21:dd:34:f7:ac:08:
                    69:fd:90:c5:2f:8b:e5:ab:38:00:1c:de:d3:5c:35:
                    73:47:f0:b4:95:3e:2a:4d:2a:5b:d5:c8:4a:31:2e:
                    20:85:3e:84:06:bd:a0:57:fb:25:37:9a:84:3c:0e:
                    a2:7b:d5:5a:be:f8:da:c1:9b:b9:0f:94:04:3d:e0:
                    b1:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:D4:27:B3:26:36:3C:D5:8F:F3:1B:2C:A3:4B:60:F3:0B:F9:90:90
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AdQnsyY2PNWP8xsso0tg8wv5kJA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:5f0::/44
                  2a0e:b107:620::/44

    Signature Algorithm: sha256WithRSAEncryption
         18:7a:1e:bf:33:18:86:6a:a8:2e:54:4a:fa:8a:78:bc:b3:d8:
         af:99:9a:58:ea:28:61:65:a5:49:f5:d9:32:73:62:60:a5:95:
         bf:53:bf:d9:68:e7:ba:d1:3d:66:66:46:9c:87:7b:48:71:6c:
         6d:18:1b:b8:5e:02:7f:f6:4b:91:ed:a4:ac:23:83:e7:d5:e3:
         2d:a7:0e:55:76:a5:2e:ea:54:4f:8c:e0:3f:10:dc:e1:02:0e:
         d9:e2:e9:fd:75:08:05:2d:d5:10:b7:d0:39:93:8d:45:f4:b9:
         d7:12:13:49:77:18:08:71:a4:72:00:c9:5f:99:02:8c:6a:e8:
         29:8e:c8:ee:7b:2c:99:92:89:fa:58:49:45:c7:7d:ba:8a:04:
         dc:00:d1:3b:4d:a6:5f:05:27:ab:45:8e:6e:06:b5:7f:ed:ec:
         90:73:f1:7f:c9:b7:5a:4c:ca:25:06:c6:a3:24:5e:64:53:ee:
         3c:59:18:0c:66:b9:4d:36:17:27:65:7b:c7:a4:af:af:1e:7c:
         22:d1:2e:ce:04:d8:fb:ae:fd:5f:82:26:4a:63:ee:c2:9a:9b:
         7e:b4:32:2f:5a:3d:6d:95:32:65:dd:4e:81:80:19:b3:7b:44:
         e7:76:76:d0:aa:6e:1b:8a:4c:48:4e:ef:4a:d5:38:ee:92:4c:
         5e:91:97:59
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXkir6A80PnVZXca1s11oD8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWQ0MjdiMzI2MzYzY2Q1OGZmMzFiMmNhMzRiNjBmMzBiZjk5MDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAkBG5PLBJ8OV5E6UuMuSH9M69dl
UHyDghRhIxu+fxqmyyOeCfLiF7DCE5FglHWdsPESE4CvG3KsRBWFByXt3aRVXQIQ
AnaLg9Lboz6+FcI0joYmhXQ8OHde6gX5hJKM0Sb3RBVWCAxC9JG4BH2LWajyztjP
Ler62LoEvXfpmFl7yS4yRedzjlj8cq0IEDRhiYTnM7XG6kRpYBLYEn/F81hoJfQG
gZn9V55El+M2w3FlrtdaAc644MZdTGUh3TT3rAhp/ZDFL4vlqzgAHN7TXDVzR/C0
lT4qTSpb1chKMS4ghT6EBr2gV/slN5qEPA6ie9VavvjawZu5D5QEPeCxEQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAHUJ7MmNjzVj/MbLKNLYPML+ZCQMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQWRRbnN5WTJQTldQOHhzc28wdGc4d3Y1a0pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBwXw
AwcEKg6xBwYgMA0GCSqGSIb3DQEBCwUAA4IBAQAYeh6/MxiGaqguVEr6ini8s9iv
mZpY6ihhZaVJ9dkyc2JgpZW/U7/ZaOe60T1mZkach3tIcWxtGBu4XgJ/9kuR7aSs
I4Pn1eMtpw5VdqUu6lRPjOA/ENzhAg7Z4un9dQgFLdUQt9A5k41F9LnXEhNJdxgI
caRyAMlfmQKMaugpjsjueyyZkon6WElFx326igTcANE7TaZfBSerRY5uBrV/7eyQ
c/F/ybdaTMolBsajJF5kU+48WRgMZrlNNhcnZXvHpK+vHnwi0S7OBNj7rv1fgiZK
Y+7Cmpt+tDIvWj1tlTJl3U6BgBmze0TndnbQqm4bikxITu9K1TjukkxekZdZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:27 2024 by rpki-client on console-fra.rpki-client.org