Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/J7RPoT5V5zZz6-px9cALIjjw3-o.roa
File:                     J7RPoT5V5zZz6-px9cALIjjw3-o.roa (raw, json)
Hash identifier:          48GLMo/c00osOxgrNnMZjQHn0+hKvhiImpo3nb85DR4=
Subject key identifier:   27:B4:4F:A1:3E:55:E7:36:73:EB:EA:71:F5:C0:0B:22:38:F0:DF:EA
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0185E48AF0F2218AAF07C41118C1E4313C21
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/J7RPoT5V5zZz6-px9cALIjjw3-o.roa
Signing time:             Tue 24 Jan 2023 16:09:48 +0000
ROA not before:           Tue 24 Jan 2023 16:09:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211013
IP address blocks:        2a0e:b107:1580::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e4:8a:f0:f2:21:8a:af:07:c4:11:18:c1:e4:31:3c:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan 24 16:09:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=27b44fa13e55e73673ebea71f5c00b2238f0dfea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:d6:e3:f5:69:b1:d6:78:30:87:07:84:a2:93:
                    dc:03:61:26:32:4f:fc:07:8f:ff:3d:70:ad:79:1c:
                    ba:0e:bd:2c:ed:dd:be:50:32:44:a9:3c:f5:de:4f:
                    80:bf:cd:98:ef:c9:c0:26:84:1d:b7:a6:50:69:a6:
                    0e:d8:36:29:c6:e4:b6:56:79:bc:55:81:0c:9d:04:
                    8a:e7:26:f8:e0:12:ba:3b:c3:bf:49:0b:dd:c8:f2:
                    9e:1e:d3:db:fb:b5:ff:33:72:90:ef:ef:f4:9b:27:
                    d9:f9:4c:20:c9:24:cf:2b:dc:19:07:f2:5d:8a:5b:
                    ce:77:98:3a:25:d1:d0:f8:ce:0f:4b:b3:bb:59:73:
                    d6:d6:7b:5b:96:b9:cb:6b:66:ae:c1:46:fb:65:51:
                    68:cf:ca:5c:7e:9d:4b:77:2f:5a:a9:c5:b6:d6:fb:
                    5c:d6:8c:89:7f:b1:1c:dd:8d:6d:1d:87:f1:c8:9e:
                    7a:bd:d8:42:0d:83:bc:4d:06:c8:d4:ee:f5:2d:8d:
                    89:1b:8c:8b:68:0d:54:6a:90:40:8e:e0:a5:8f:4b:
                    67:26:50:57:b8:09:e9:a9:f7:e8:11:06:cb:ff:6c:
                    67:6c:c1:12:0b:2c:4d:00:6c:3c:4d:3b:fd:87:f4:
                    fc:6e:69:66:91:b8:60:96:e1:96:c9:8b:fa:cd:32:
                    a8:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:B4:4F:A1:3E:55:E7:36:73:EB:EA:71:F5:C0:0B:22:38:F0:DF:EA
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/J7RPoT5V5zZz6-px9cALIjjw3-o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:1580::/48

    Signature Algorithm: sha256WithRSAEncryption
         48:2b:ff:6c:9f:22:1f:22:76:17:a1:d1:da:ef:d2:c1:04:31:
         34:66:1f:68:cd:64:ab:87:e9:6c:4a:bf:85:4f:31:85:fe:97:
         00:be:b1:81:3f:93:f4:66:8b:ee:d6:44:72:45:8d:ea:f9:a7:
         d4:a7:31:e7:13:c0:20:7b:91:cb:d7:83:0b:fd:78:d0:d3:f2:
         d6:4c:db:8e:7b:41:0d:c3:5f:11:c1:80:b1:c1:23:38:4e:8f:
         54:c1:ed:4f:ee:8d:b6:f4:75:03:c9:71:04:40:4a:3a:d3:a8:
         0a:11:53:2d:0a:c5:9c:ba:29:c3:ac:42:ba:87:55:70:03:d4:
         94:bf:e9:39:7b:6b:1d:fa:2d:82:97:f3:0e:07:84:5d:84:0d:
         27:4f:30:c2:4e:f9:32:17:5e:08:dc:8a:95:ad:c1:74:7b:b6:
         df:01:fc:e3:4e:14:99:45:23:37:e9:a7:4b:a0:4f:d8:db:a4:
         53:ee:17:69:51:49:78:d4:da:d5:9e:15:78:8a:17:c1:bd:87:
         b7:74:64:35:e5:9f:0a:3c:db:a9:df:3a:0f:ec:7d:c8:96:3b:
         d7:22:84:c1:f4:a3:4d:b0:bc:0a:f8:31:98:ab:c7:69:ed:50:
         2c:a0:6f:38:c3:ec:b9:6e:16:94:db:18:58:1b:ea:fd:35:79:
         b8:70:ff:9a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkivDyIYqvB8QRGMHkMTwhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2I0NGZhMTNlNTVlNzM2NzNlYmVhNzFmNWMwMGIyMjM4ZjBkZmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldbj9Wmx1ngwhweEopPcA2EmMk/8
B4//PXCteRy6Dr0s7d2+UDJEqTz13k+Av82Y78nAJoQdt6ZQaaYO2DYpxuS2Vnm8
VYEMnQSK5yb44BK6O8O/SQvdyPKeHtPb+7X/M3KQ7+/0myfZ+UwgySTPK9wZB/Jd
ilvOd5g6JdHQ+M4PS7O7WXPW1ntblrnLa2auwUb7ZVFoz8pcfp1Ldy9aqcW21vtc
1oyJf7Ec3Y1tHYfxyJ56vdhCDYO8TQbI1O71LY2JG4yLaA1UapBAjuClj0tnJlBX
uAnpqffoEQbL/2xnbMESCyxNAGw8TTv9h/T8bmlmkbhgluGWyYv6zTKoZQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCe0T6E+Vec2c+vqcfXACyI48N/qMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSjdSUG9UNVY1elp6Ni1weDljQUxJamp3My1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBxWA
MA0GCSqGSIb3DQEBCwUAA4IBAQBIK/9snyIfInYXodHa79LBBDE0Zh9ozWSrh+ls
Sr+FTzGF/pcAvrGBP5P0Zovu1kRyRY3q+afUpzHnE8Age5HL14ML/XjQ0/LWTNuO
e0ENw18RwYCxwSM4To9Uwe1P7o229HUDyXEEQEo606gKEVMtCsWcuinDrEK6h1Vw
A9SUv+k5e2sd+i2Cl/MOB4RdhA0nTzDCTvkyF14I3IqVrcF0e7bfAfzjThSZRSM3
6adLoE/Y26RT7hdpUUl41NrVnhV4ihfBvYe3dGQ15Z8KPNup3zoP7H3IljvXIoTB
9KNNsLwK+DGYq8dp7VAsoG84w+y5bhaU2xhYG+r9NXm4cP+a
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:29 2024 by rpki-client on console-fra.rpki-client.org