Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BmZGST8RCREGTROxgJ2VvNJbLmg.roa
File:                     BmZGST8RCREGTROxgJ2VvNJbLmg.roa (raw, json)
Hash identifier:          pk32624DA9iT1ilKHm6GvHEJyPHZpYb3TDFNTjI9684=
Subject key identifier:   06:66:46:49:3F:11:09:11:06:4D:13:B1:80:9D:95:BC:D2:5B:2E:68
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E778178014EF45A73603140E344B46
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BmZGST8RCREGTROxgJ2VvNJbLmg.roa
Signing time:             Mon 02 Jan 2023 05:14:55 +0000
ROA not before:           Mon 02 Jan 2023 05:14:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31798
IP address blocks:        2a0e:b107:2a0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Mon 23 Jan 2023 10:50:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:78:17:80:14:ef:45:a7:36:03:14:0e:34:4b:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:14:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=066646493f110911064d13b1809d95bcd25b2e68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:05:64:9d:a0:83:f0:34:d9:3d:75:3b:22:7b:
                    7f:b2:de:b5:d0:22:3b:c3:a4:11:e8:32:f0:41:2b:
                    cf:64:cd:f7:ee:4a:e9:84:28:84:c7:5f:21:c0:e6:
                    91:b1:c0:89:6f:26:02:48:4c:7f:5b:83:a3:99:95:
                    cb:84:db:a8:a2:61:30:26:11:d3:5e:42:43:43:16:
                    a4:78:e8:61:0b:1b:59:f2:66:ba:c8:1c:58:e7:eb:
                    0c:a2:7e:e2:a1:ea:69:1c:af:1e:12:ca:bc:e1:58:
                    72:ec:40:2d:42:d3:22:3c:d6:f5:59:30:78:2a:80:
                    a8:07:51:ae:46:5f:e7:a2:6d:84:8b:e3:4d:0e:c8:
                    6f:31:1e:8e:dd:62:96:96:f0:a1:7c:44:b9:c3:51:
                    a4:67:c8:33:a1:af:e4:2f:9f:b4:45:a4:fe:04:e2:
                    58:56:89:b8:78:da:70:76:02:b1:f3:3e:20:7b:8e:
                    d0:d0:f3:b0:a5:87:74:20:0f:83:23:9b:4f:e9:84:
                    6d:64:90:50:1f:5c:cc:a9:71:b7:ed:4d:05:56:d7:
                    0a:72:83:0a:e8:79:09:d6:6e:64:94:1c:8b:68:c4:
                    e8:ed:ba:bf:e2:05:42:b0:c7:75:ce:e1:ae:54:7d:
                    f3:e5:54:b3:67:8e:ca:51:d2:20:a5:7f:31:90:b5:
                    37:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:66:46:49:3F:11:09:11:06:4D:13:B1:80:9D:95:BC:D2:5B:2E:68
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BmZGST8RCREGTROxgJ2VvNJbLmg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:2a0::/44

    Signature Algorithm: sha256WithRSAEncryption
         2d:7e:e2:54:73:40:77:f6:cf:b1:db:47:cf:fc:75:8b:e4:b2:
         0c:08:08:cf:b8:49:03:39:0c:c8:c1:58:96:3c:de:2f:4e:a4:
         a4:73:a5:eb:22:13:e7:a4:74:b1:6b:f1:6a:4f:93:57:b7:c4:
         8b:21:fd:77:cc:66:11:3d:2d:81:4c:1e:f4:cb:80:9e:da:ca:
         71:b4:88:e7:54:92:b1:01:d4:17:84:e5:be:b2:02:f0:91:d3:
         8b:ba:2e:b3:23:c7:bc:69:48:6b:47:aa:6f:30:7f:81:c9:cf:
         03:0d:b1:8c:50:d2:e1:72:25:0a:b0:a5:81:c2:86:16:7e:e2:
         d1:73:c3:9c:97:58:69:ed:d3:6f:31:b5:e3:70:2b:13:3c:3c:
         9f:79:e0:47:0a:75:58:3c:3b:10:fc:72:62:a2:1d:1c:d8:49:
         41:2e:6f:a2:8a:18:ca:04:e3:51:77:fd:11:37:8b:99:fd:17:
         70:33:7b:0f:b7:ac:8e:93:1a:7c:f1:f1:e9:cd:af:89:c0:2c:
         c8:3a:55:78:8b:38:f4:ae:36:76:5f:ea:47:c9:63:e5:cd:ae:
         94:db:c5:ec:36:95:4f:36:ea:d8:8c:a0:47:82:04:3c:9d:9d:
         aa:1d:f4:15:45:f3:f7:5f:26:8f:a1:95:57:14:0a:25:5b:77:
         9f:7b:7d:6f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw53gXgBTvRac2AxQONEtGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjY2NDY0OTNmMTEwOTExMDY0ZDEzYjE4MDlkOTViY2QyNWIyZTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogVknaCD8DTZPXU7Int/st610CI7
w6QR6DLwQSvPZM337krphCiEx18hwOaRscCJbyYCSEx/W4OjmZXLhNuoomEwJhHT
XkJDQxakeOhhCxtZ8ma6yBxY5+sMon7ioeppHK8eEsq84Vhy7EAtQtMiPNb1WTB4
KoCoB1GuRl/nom2Ei+NNDshvMR6O3WKWlvChfES5w1GkZ8gzoa/kL5+0RaT+BOJY
Vom4eNpwdgKx8z4ge47Q0POwpYd0IA+DI5tP6YRtZJBQH1zMqXG37U0FVtcKcoMK
6HkJ1m5klByLaMTo7bq/4gVCsMd1zuGuVH3z5VSzZ47KUdIgpX8xkLU3HwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAZmRkk/EQkRBk0TsYCdlbzSWy5oMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQm1aR1NUOFJDUkVHVFJPeGdKMlZ2TkpiTG1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBwKg
MA0GCSqGSIb3DQEBCwUAA4IBAQAtfuJUc0B39s+x20fP/HWL5LIMCAjPuEkDOQzI
wViWPN4vTqSkc6XrIhPnpHSxa/FqT5NXt8SLIf13zGYRPS2BTB70y4Ce2spxtIjn
VJKxAdQXhOW+sgLwkdOLui6zI8e8aUhrR6pvMH+Byc8DDbGMUNLhciUKsKWBwoYW
fuLRc8Ocl1hp7dNvMbXjcCsTPDyfeeBHCnVYPDsQ/HJioh0c2ElBLm+iihjKBONR
d/0RN4uZ/RdwM3sPt6yOkxp88fHpza+JwCzIOlV4izj0rjZ2X+pHyWPlza6U28Xs
NpVPNurYjKBHggQ8nZ2qHfQVRfP3XyaPoZVXFAolW3efe31v
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:56 2024 by rpki-client on console-ams.rpki-client.org