Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CI3iSs_hzr5bqzdEfK667pXfcL8.roa
File:                     CI3iSs_hzr5bqzdEfK667pXfcL8.roa (raw, json)
Hash identifier:          0UYg4s70iVJIMkRPMP40+hLAPeetVsRdV5u1KRTL2Is=
Subject key identifier:   08:8D:E2:4A:CF:E1:CE:BE:5B:AB:37:44:7C:AE:BA:EE:95:DF:70:BF
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       01867A79F4E6987714DE403661E5C97808CA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CI3iSs_hzr5bqzdEfK667pXfcL8.roa
Signing time:             Wed 22 Feb 2023 18:54:18 +0000
ROA not before:           Wed 22 Feb 2023 18:54:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200949
IP address blocks:        2a0e:b107:11b0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Fri 03 Mar 2023 11:55:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:7a:79:f4:e6:98:77:14:de:40:36:61:e5:c9:78:08:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Feb 22 18:54:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=088de24acfe1cebe5bab37447caebaee95df70bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:de:b3:37:33:e6:a4:79:c3:99:05:ee:16:09:
                    0c:dc:b5:2a:d4:dd:87:41:61:dc:c6:56:8f:8c:e0:
                    89:20:3a:db:39:57:48:4a:30:04:ae:95:ca:37:c5:
                    18:0c:db:8c:3b:77:0a:50:44:de:42:90:93:53:eb:
                    34:ea:ad:f2:1c:43:fb:92:ad:99:ff:9e:0a:57:c2:
                    cf:9a:2a:47:a6:96:68:98:56:43:35:fb:51:5d:bc:
                    5a:aa:ea:ab:2b:67:ee:3d:50:79:6d:fe:aa:61:d5:
                    2e:58:57:93:e9:c4:75:cf:26:43:3b:c0:86:86:70:
                    e2:30:56:5a:06:72:3d:51:35:8b:eb:10:a1:6d:31:
                    f4:4c:fc:67:a7:73:69:ee:c0:18:eb:ad:0f:97:a6:
                    11:cd:2d:7f:66:29:c0:42:5d:34:78:b2:b2:06:be:
                    fe:1d:c3:be:79:95:4b:53:f1:6e:c9:10:d6:f2:17:
                    d4:8f:1b:ad:c2:dd:54:f8:c4:17:ba:fc:24:d0:55:
                    3a:db:ad:41:41:97:a9:c1:92:85:be:41:96:f6:bf:
                    d8:60:95:2e:b5:77:0e:bc:b4:5a:23:19:b8:2a:c4:
                    ed:b2:4d:66:a1:dd:e5:cd:ec:0e:3c:32:0c:97:af:
                    e4:29:76:17:8d:b2:32:ca:8d:67:97:72:06:b3:2f:
                    70:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:8D:E2:4A:CF:E1:CE:BE:5B:AB:37:44:7C:AE:BA:EE:95:DF:70:BF
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CI3iSs_hzr5bqzdEfK667pXfcL8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:11b0::/44

    Signature Algorithm: sha256WithRSAEncryption
         ba:42:8b:98:56:a9:8e:12:78:80:b2:df:29:d7:98:73:4c:32:
         fa:a9:8a:72:ac:74:f9:30:f5:3b:ef:6e:b8:5e:f7:20:eb:a6:
         e0:80:4e:cb:14:b5:2b:f1:c8:c9:8f:01:92:cd:2c:ab:fb:89:
         88:d4:69:ea:eb:bf:46:ba:30:52:a7:25:64:db:bf:b9:74:37:
         3a:6b:5b:5e:f7:ab:8f:9f:08:79:10:ac:47:81:13:4d:87:86:
         fa:cf:21:1a:66:df:3b:75:18:d2:dc:26:d4:61:c1:1c:d5:1f:
         06:45:1e:00:56:f7:5f:21:4c:f3:45:d8:43:e2:ec:43:d2:9a:
         b8:0b:d8:da:e6:b8:c0:d2:75:9b:26:68:c3:14:a7:65:80:ca:
         06:72:f0:24:5a:5f:51:79:1a:e1:a4:e4:ba:3e:37:ff:fd:f5:
         8d:c4:d8:be:1f:ec:60:1b:87:6e:9d:5e:82:97:1b:e0:72:e2:
         56:10:36:75:4c:41:23:c6:6e:67:b5:fa:fb:4f:66:26:d8:7a:
         ac:c5:b9:f6:89:a7:31:5c:76:d6:fa:55:92:33:a3:88:db:77:
         17:02:6f:0b:29:c0:1d:b2:d1:c2:a7:fb:18:c3:87:f8:24:81:
         b2:3c:12:ec:20:bb:de:94:e6:37:a6:07:89:06:09:3a:23:e7:
         42:ae:2d:77
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYZ6efTmmHcU3kA2YeXJeAjKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMjIyMTg1NDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODhkZTI0YWNmZTFjZWJlNWJhYjM3NDQ3Y2FlYmFlZTk1ZGY3MGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjd6zNzPmpHnDmQXuFgkM3LUq1N2H
QWHcxlaPjOCJIDrbOVdISjAErpXKN8UYDNuMO3cKUETeQpCTU+s06q3yHEP7kq2Z
/54KV8LPmipHppZomFZDNftRXbxaquqrK2fuPVB5bf6qYdUuWFeT6cR1zyZDO8CG
hnDiMFZaBnI9UTWL6xChbTH0TPxnp3Np7sAY660Pl6YRzS1/ZinAQl00eLKyBr7+
HcO+eZVLU/FuyRDW8hfUjxutwt1U+MQXuvwk0FU6261BQZepwZKFvkGW9r/YYJUu
tXcOvLRaIxm4KsTtsk1mod3lzewOPDIMl6/kKXYXjbIyyo1nl3IGsy9wSwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAiN4krP4c6+W6s3RHyuuu6V33C/MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQ0kzaVNzX2h6cjVicXpkRWZLNjY3cFhmY0w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxGw
MA0GCSqGSIb3DQEBCwUAA4IBAQC6QouYVqmOEniAst8p15hzTDL6qYpyrHT5MPU7
7264Xvcg66bggE7LFLUr8cjJjwGSzSyr+4mI1Gnq679GujBSpyVk27+5dDc6a1te
96uPnwh5EKxHgRNNh4b6zyEaZt87dRjS3CbUYcEc1R8GRR4AVvdfIUzzRdhD4uxD
0pq4C9ja5rjA0nWbJmjDFKdlgMoGcvAkWl9ReRrhpOS6Pjf//fWNxNi+H+xgG4du
nV6ClxvgcuJWEDZ1TEEjxm5ntfr7T2Ym2Hqsxbn2iacxXHbW+lWSM6OI23cXAm8L
KcAdstHCp/sYw4f4JIGyPBLsILvelOY3pgeJBgk6I+dCri13
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:27 2024 by rpki-client on console-fra.rpki-client.org