Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CLvt3Xmofq9T1b7I2wtaXJQeOcc.roa
File:                     CLvt3Xmofq9T1b7I2wtaXJQeOcc.roa (raw, json)
Hash identifier:          Nh51XX1GoFc5Lfd5l05FSS0bMyIH9fEVDMJ9J/oTjrs=
Subject key identifier:   08:BB:ED:DD:79:A8:7E:AF:53:D5:BE:C8:DB:0B:5A:5C:94:1E:39:C7
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0185E48AEA34E2980C9013BFFCDEFD80E80C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CLvt3Xmofq9T1b7I2wtaXJQeOcc.roa
Signing time:             Tue 24 Jan 2023 16:09:47 +0000
ROA not before:           Tue 24 Jan 2023 16:09:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210426
IP address blocks:        2a0e:97c0:5e0::/44 maxlen: 48
                          2a0e:97c0:5ee::/48 maxlen: 48
                          2a0e:b107:17e4::/48 maxlen: 48
                          2a0e:b107:17e9::/48 maxlen: 48
                          2a0e:97c0:5ec::/48 maxlen: 48
                          2a0e:b107:17ee::/48 maxlen: 48
                          2a0e:97c0:5e7::/48 maxlen: 48
                          2a0e:97c0:5e2::/48 maxlen: 48
                          2a0e:b107:17e0::/44 maxlen: 48
                          2a0e:b107:17e2::/48 maxlen: 48
                          2a0e:97c0:5eb::/48 maxlen: 48
                          2a0e:b107:17e7::/48 maxlen: 48
                          2a0e:97c0:5e6::/48 maxlen: 48
                          2a0e:b107:17ec::/48 maxlen: 48
                          2a0e:97c0:5e9::/48 maxlen: 48
                          2a0e:97c0:5e4::/48 maxlen: 48
                          2a0e:b107:17e0::/48 maxlen: 48
                          2a0e:97c0:5ed::/48 maxlen: 48
                          2a0e:b107:17e5::/48 maxlen: 48
                          2a0e:97c0:5e8::/48 maxlen: 48
                          2a0e:b107:17ea::/48 maxlen: 48
                          2a0e:97c0:5e3::/48 maxlen: 48
                          2a0e:b107:17ef::/48 maxlen: 48
                          2a0e:97c0:5e1::/48 maxlen: 48
                          2a0e:b107:17e3::/48 maxlen: 48
                          2a0e:b107:17e8::/48 maxlen: 48
                          2a0e:97c0:5e5::/48 maxlen: 48
                          2a0e:b107:17ed::/48 maxlen: 48
                          2a0e:97c0:5e0::/48 maxlen: 48
                          2a0e:b107:17e1::/48 maxlen: 48
                          2a0e:b107:17e6::/48 maxlen: 48
                          2a0e:97c0:5ef::/48 maxlen: 48
                          2a0e:b107:17eb::/48 maxlen: 48
                          2a0e:97c0:5ea::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e4:8a:ea:34:e2:98:0c:90:13:bf:fc:de:fd:80:e8:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan 24 16:09:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=08bbeddd79a87eaf53d5bec8db0b5a5c941e39c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:9f:7d:1a:2a:fb:7e:10:95:66:de:a1:91:18:
                    3b:f9:a9:5e:c2:27:5b:91:a3:bc:02:d5:80:6b:62:
                    47:6b:b4:50:7f:e5:29:d9:d8:91:fb:95:ba:df:6b:
                    b6:f8:bc:d1:00:85:68:f0:d0:78:f1:b5:e7:18:98:
                    94:8c:11:06:e5:8d:e1:f5:72:37:03:e3:96:50:e8:
                    1d:36:55:2d:fd:c7:09:f0:a5:40:8c:58:61:9f:81:
                    b1:aa:c3:45:a9:9d:b7:5f:1c:9c:98:7e:36:cd:2b:
                    9f:a2:8d:5c:e8:09:43:c1:7b:7e:ea:f6:7e:b7:83:
                    dc:e4:f4:b6:ce:8e:e9:38:dd:62:2c:a1:d1:35:b0:
                    2b:92:9a:4c:f7:8b:e1:d4:c5:92:62:1c:3d:7e:4a:
                    f0:35:b3:4e:0d:18:5b:57:3d:98:95:af:5e:e2:4d:
                    b2:d1:3c:61:ff:11:1d:e6:70:bb:0b:60:cc:83:11:
                    fc:1b:ca:49:7c:73:ba:f9:c3:1f:25:f1:16:43:fa:
                    5a:9f:d5:6a:ff:95:1f:01:3b:25:f7:81:ee:23:79:
                    40:b2:c3:25:8c:19:c9:6a:28:2f:81:85:3b:d8:45:
                    90:32:4e:b8:82:c3:71:17:8c:8d:ee:34:91:e3:ca:
                    bd:7f:52:54:61:6f:ec:bc:76:ad:9b:bb:cc:9e:61:
                    53:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:BB:ED:DD:79:A8:7E:AF:53:D5:BE:C8:DB:0B:5A:5C:94:1E:39:C7
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CLvt3Xmofq9T1b7I2wtaXJQeOcc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:5e0::/44
                  2a0e:b107:17e0::/44

    Signature Algorithm: sha256WithRSAEncryption
         8c:f0:45:9c:fc:7d:23:e2:76:b8:20:c5:2d:09:24:66:29:00:
         d9:aa:ff:6d:49:9f:f1:6c:e3:8c:6f:d7:64:82:87:b5:ad:d7:
         6f:09:9f:b3:87:19:f4:88:14:29:9f:e9:02:c7:15:e5:16:92:
         d5:05:d8:23:ed:5c:d8:06:09:41:bf:f9:05:bb:f8:cf:89:4b:
         32:aa:db:5d:4e:86:47:b6:8e:17:4f:d9:f4:2e:b5:f4:36:40:
         c0:e0:79:00:2d:92:a9:b3:00:19:50:ae:7f:f0:de:01:31:bf:
         52:d4:64:ae:b8:d6:e2:b5:d5:5c:e1:e0:c0:63:bd:22:cd:e8:
         a1:fc:ff:36:e3:f4:e9:f8:ba:2f:69:6a:82:a9:7c:9c:8e:1c:
         18:42:3c:fe:36:e5:ed:b4:1e:3b:5b:b7:86:fe:c2:38:52:19:
         88:22:fd:db:84:9e:d4:f6:49:27:51:3e:a7:ff:65:5b:c9:9a:
         bc:06:a8:98:dc:a9:55:f4:ef:49:ab:84:ad:9f:d3:03:58:bd:
         23:32:9b:a8:79:ef:dd:ba:db:87:14:89:ab:ed:2a:6f:c7:5d:
         7e:75:5d:e3:da:c3:fe:d3:b6:26:c0:eb:8a:c8:b5:9b:84:7d:
         f1:8c:2d:3e:dc:73:71:04:d9:96:af:01:f1:76:d1:8a:55:c3:
         cc:04:cf:a5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXkiuo04pgMkBO//N79gOgMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGJiZWRkZDc5YTg3ZWFmNTNkNWJlYzhkYjBiNWE1Yzk0MWUzOWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJ99Gir7fhCVZt6hkRg7+alewidb
kaO8AtWAa2JHa7RQf+Up2diR+5W632u2+LzRAIVo8NB48bXnGJiUjBEG5Y3h9XI3
A+OWUOgdNlUt/ccJ8KVAjFhhn4GxqsNFqZ23XxycmH42zSufoo1c6AlDwXt+6vZ+
t4Pc5PS2zo7pON1iLKHRNbArkppM94vh1MWSYhw9fkrwNbNODRhbVz2Yla9e4k2y
0Txh/xEd5nC7C2DMgxH8G8pJfHO6+cMfJfEWQ/pan9Vq/5UfATsl94HuI3lAssMl
jBnJaigvgYU72EWQMk64gsNxF4yN7jSR48q9f1JUYW/svHatm7vMnmFTXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAi77d15qH6vU9W+yNsLWlyUHjnHMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQ0x2dDNYbW9mcTlUMWI3STJ3dGFYSlFlT2NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAXg
AwcEKg6xBxfgMA0GCSqGSIb3DQEBCwUAA4IBAQCM8EWc/H0j4na4IMUtCSRmKQDZ
qv9tSZ/xbOOMb9dkgoe1rddvCZ+zhxn0iBQpn+kCxxXlFpLVBdgj7VzYBglBv/kF
u/jPiUsyqttdToZHto4XT9n0LrX0NkDA4HkALZKpswAZUK5/8N4BMb9S1GSuuNbi
tdVc4eDAY70izeih/P824/Tp+LovaWqCqXycjhwYQjz+NuXttB47W7eG/sI4UhmI
Iv3bhJ7U9kknUT6n/2VbyZq8BqiY3KlV9O9Jq4Stn9MDWL0jMpuoee/dutuHFImr
7Spvx11+dV3j2sP+07YmwOuKyLWbhH3xjC0+3HNxBNmWrwHxdtGKVcPMBM+l
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:27 2024 by rpki-client on console-fra.rpki-client.org