Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CE8EBOh7Z0Oa99000aHHyFwVAbg.roa
File:                     CE8EBOh7Z0Oa99000aHHyFwVAbg.roa (raw, json)
Hash identifier:          KfRWENrRYf5ak0RZ8c0qTh3Ydb4X+tjp1WYhmsyPScM=
Subject key identifier:   08:4F:04:04:E8:7B:67:43:9A:F7:DD:34:D1:A1:C7:C8:5C:15:01:B8
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018637E1C6EC7B04F7C70DBD312875890603
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CE8EBOh7Z0Oa99000aHHyFwVAbg.roa
Signing time:             Thu 09 Feb 2023 20:33:08 +0000
ROA not before:           Thu 09 Feb 2023 20:33:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199956
IP address blocks:        2a0e:97c0:850::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 14 Mar 2023 00:25:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:37:e1:c6:ec:7b:04:f7:c7:0d:bd:31:28:75:89:06:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Feb  9 20:33:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=084f0404e87b67439af7dd34d1a1c7c85c1501b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:4d:29:61:8a:82:a5:78:dd:81:2e:ce:d4:71:
                    25:a4:e5:9e:1f:f8:f7:22:62:9b:cb:c8:af:6f:81:
                    fa:b9:08:fd:3c:9f:c4:b2:a1:da:52:20:52:52:20:
                    e0:d6:5b:e3:62:ee:88:e0:8c:24:6e:82:27:60:ba:
                    77:5d:6b:69:ca:2f:55:9f:45:bc:07:ea:be:58:c5:
                    dd:10:6e:5b:57:d7:3d:c7:63:79:a5:72:38:8b:cb:
                    9a:e8:9d:9e:09:4a:a4:18:14:5b:83:ec:4a:7b:3f:
                    4b:f5:f1:d8:e1:c8:c5:4e:ba:c7:4c:86:a6:b0:ba:
                    42:7f:5f:63:e0:9a:3d:be:93:d6:8f:7f:da:f7:9c:
                    44:eb:c6:fe:db:b7:9e:47:ba:4f:d0:bd:91:df:3c:
                    46:9e:ed:75:d5:b6:5a:38:da:82:ef:2b:a3:94:af:
                    d1:9d:f1:2b:a3:62:e8:6b:c5:12:5c:1d:1d:cd:28:
                    7b:d1:e8:3e:1f:15:cf:5f:94:79:41:6b:cb:57:09:
                    b2:01:02:0b:9f:80:da:c5:ca:ee:73:98:b6:fd:c7:
                    68:a0:b2:23:56:23:ff:4a:ad:20:80:c4:a4:2f:25:
                    2d:cf:f4:6f:f1:0b:97:d1:c9:6d:e3:7a:9c:c6:04:
                    44:a2:d0:9f:50:19:41:51:24:d2:b4:a1:eb:61:54:
                    a6:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:4F:04:04:E8:7B:67:43:9A:F7:DD:34:D1:A1:C7:C8:5C:15:01:B8
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CE8EBOh7Z0Oa99000aHHyFwVAbg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:850::/44

    Signature Algorithm: sha256WithRSAEncryption
         0f:89:54:25:da:28:4e:e9:23:a1:9d:e4:7e:e5:5c:fb:f0:13:
         55:37:11:9b:13:e8:ce:2f:84:5f:68:ce:b9:66:8c:d4:ca:67:
         53:d8:25:46:5a:2e:51:21:51:74:67:d2:e0:21:e0:b6:ae:6f:
         a8:d8:5a:ed:93:94:f8:e8:51:7b:db:88:7a:6d:8f:ce:5d:e8:
         3c:34:f0:c0:5e:89:87:e6:ee:88:5c:5f:3f:a6:29:b5:ab:57:
         a1:d2:ad:17:02:eb:95:de:fa:3c:a5:ab:5a:40:f5:dc:6e:98:
         ec:b5:7c:99:c4:bc:6d:f7:4c:72:95:56:09:4b:e2:0f:bd:fb:
         5a:32:9b:32:09:ce:4b:15:5c:21:62:9b:4e:2f:54:f9:24:4f:
         bd:a7:65:9b:b3:3e:f8:bc:d9:c3:e6:28:87:8b:94:69:61:9e:
         b0:fe:b0:1f:35:2c:a9:c3:2f:5f:63:97:68:30:ce:d3:0a:21:
         12:69:57:06:10:be:d3:18:05:2a:b9:09:8c:ce:f5:d6:e5:2e:
         4a:8f:80:54:a0:e6:77:cd:52:6a:8c:f0:11:09:b4:a0:b0:18:
         41:10:1f:54:85:a5:01:64:16:06:16:97:f1:03:29:21:fc:25:
         dc:25:c3:31:78:bc:f0:65:f2:3c:41:15:42:f9:94:58:f0:c4:
         34:f7:36:8f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYY34cbsewT3xw29MSh1iQYDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMjA5MjAzMzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODRmMDQwNGU4N2I2NzQzOWFmN2RkMzRkMWExYzdjODVjMTUwMWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh00pYYqCpXjdgS7O1HElpOWeH/j3
ImKby8ivb4H6uQj9PJ/EsqHaUiBSUiDg1lvjYu6I4IwkboInYLp3XWtpyi9Vn0W8
B+q+WMXdEG5bV9c9x2N5pXI4i8ua6J2eCUqkGBRbg+xKez9L9fHY4cjFTrrHTIam
sLpCf19j4Jo9vpPWj3/a95xE68b+27eeR7pP0L2R3zxGnu111bZaONqC7yujlK/R
nfEro2Loa8USXB0dzSh70eg+HxXPX5R5QWvLVwmyAQILn4Daxcruc5i2/cdooLIj
ViP/Sq0ggMSkLyUtz/Rv8QuX0clt43qcxgREotCfUBlBUSTStKHrYVSm6wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAhPBAToe2dDmvfdNNGhx8hcFQG4MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQ0U4RUJPaDdaME9hOTkwMDBhSEh5RndWQWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAhQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAPiVQl2ihO6SOhneR+5Vz78BNVNxGbE+jOL4Rf
aM65ZozUymdT2CVGWi5RIVF0Z9LgIeC2rm+o2Frtk5T46FF724h6bY/OXeg8NPDA
XomH5u6IXF8/pim1q1eh0q0XAuuV3vo8pataQPXcbpjstXyZxLxt90xylVYJS+IP
vftaMpsyCc5LFVwhYptOL1T5JE+9p2Wbsz74vNnD5iiHi5RpYZ6w/rAfNSypwy9f
Y5doMM7TCiESaVcGEL7TGAUquQmMzvXW5S5Kj4BUoOZ3zVJqjPARCbSgsBhBEB9U
haUBZBYGFpfxAykh/CXcJcMxeLzwZfI8QRVC+ZRY8MQ09zaP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:27 2024 by rpki-client on console-fra.rpki-client.org