Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/K96miv_iNep08AWQYImmI04a3GE.roa
File:                     K96miv_iNep08AWQYImmI04a3GE.roa (raw, json)
Hash identifier:          kjzUn8ic989F6bHQU2KipQNqkei6ZkmNsTtFRkP7iw4=
Subject key identifier:   2B:DE:A6:8A:FF:E2:35:EA:74:F0:05:90:60:89:A6:23:4E:1A:DC:61
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E7805158936F7E3EFE7FDDC64EB1D9
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/K96miv_iNep08AWQYImmI04a3GE.roa
Signing time:             Mon 02 Jan 2023 05:14:57 +0000
ROA not before:           Mon 02 Jan 2023 05:14:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47447
IP address blocks:        2a0e:97c0:4d1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 19 Dec 2023 15:02:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:80:51:58:93:6f:7e:3e:fe:7f:dd:c6:4e:b1:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:14:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2bdea68affe235ea74f005906089a6234e1adc61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:1c:06:fb:8d:67:4a:97:78:c8:77:cb:67:0a:
                    e4:c1:5e:21:5b:db:24:fb:44:cf:57:eb:ae:00:e3:
                    2e:65:57:2e:32:ec:d5:97:1b:6d:17:9a:5e:64:c6:
                    75:9d:cf:c5:c0:ae:e9:1b:fe:e2:62:18:02:db:66:
                    5e:2f:fa:5a:22:60:38:73:05:7b:a5:66:2b:38:1d:
                    8f:a7:c8:d8:f6:92:b0:11:14:a7:f4:4d:ac:ae:3c:
                    89:97:61:21:91:37:ae:7f:92:96:73:23:fb:4d:25:
                    b3:a4:51:aa:d2:7d:1c:fb:6a:a4:26:20:27:1a:f8:
                    cc:a0:cb:ef:46:f9:3c:b9:63:70:2d:41:6a:3c:08:
                    1f:75:3f:88:4c:cb:a9:01:11:34:24:8a:ae:82:e2:
                    5d:e1:2a:51:22:89:a9:24:7e:1d:2f:af:2e:64:70:
                    53:72:0f:10:e3:90:41:73:97:a5:71:4c:f2:74:db:
                    dd:e6:cc:80:15:c2:28:0e:a6:6f:45:39:64:bd:69:
                    8a:45:2f:eb:86:ec:12:58:4a:d1:2a:b8:0b:03:ae:
                    28:08:db:9b:f4:b5:91:a6:93:0c:5f:bb:d7:0a:f9:
                    ee:fe:7a:fb:68:57:ec:7a:fb:4c:b3:07:3a:bd:54:
                    c5:4f:6c:b3:7c:5a:d2:cf:8a:4f:e9:d6:a6:df:64:
                    ab:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:DE:A6:8A:FF:E2:35:EA:74:F0:05:90:60:89:A6:23:4E:1A:DC:61
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/K96miv_iNep08AWQYImmI04a3GE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:4d1::/48

    Signature Algorithm: sha256WithRSAEncryption
         81:16:f2:cd:0e:84:46:da:be:5a:c0:51:66:93:cd:59:b7:4f:
         8c:a2:c6:a6:a7:38:7e:aa:e8:b9:65:86:7c:14:c6:e8:ef:b4:
         5d:67:66:db:df:1f:ab:35:25:f7:ee:6a:f8:62:02:04:4a:ee:
         b1:4a:c5:e9:8d:e7:2e:a7:90:2f:5b:61:c3:28:5d:d1:2a:ea:
         d5:7d:cf:08:3a:7a:d9:1e:ab:f7:21:26:4c:c0:da:30:e2:f2:
         09:a1:36:bc:66:ca:87:4f:03:31:dc:d6:e2:d9:31:e5:46:09:
         e8:f5:f3:24:ea:56:41:4e:f4:12:b0:df:e9:6d:c9:bc:08:c1:
         8f:38:e7:dc:2f:89:6a:b8:1b:36:db:fd:9c:52:b4:e9:71:5b:
         ef:dc:bc:50:ef:14:73:61:19:80:af:bd:fa:0a:8d:b4:b1:e1:
         9b:76:af:44:c7:03:e9:09:87:5a:b5:29:26:11:66:ac:17:60:
         b4:4f:31:9f:26:9f:db:b1:40:31:13:ed:a7:66:4b:c5:22:e7:
         73:eb:4c:be:5b:6e:c1:b9:17:cb:82:d2:18:44:3b:7b:aa:3f:
         bd:65:a6:fa:40:2d:74:35:14:e2:7e:83:18:48:65:74:2b:26:
         f6:6d:3b:f5:f6:8c:18:26:9b:d5:c9:e3:43:be:bc:c5:cb:ca:
         ef:88:a0:07
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw54BRWJNvfj7+f93GTrHZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmRlYTY4YWZmZTIzNWVhNzRmMDA1OTA2MDg5YTYyMzRlMWFkYzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRwG+41nSpd4yHfLZwrkwV4hW9sk
+0TPV+uuAOMuZVcuMuzVlxttF5peZMZ1nc/FwK7pG/7iYhgC22ZeL/paImA4cwV7
pWYrOB2Pp8jY9pKwERSn9E2srjyJl2EhkTeuf5KWcyP7TSWzpFGq0n0c+2qkJiAn
GvjMoMvvRvk8uWNwLUFqPAgfdT+ITMupARE0JIquguJd4SpRIompJH4dL68uZHBT
cg8Q45BBc5elcUzydNvd5syAFcIoDqZvRTlkvWmKRS/rhuwSWErRKrgLA64oCNub
9LWRppMMX7vXCvnu/nr7aFfsevtMswc6vVTFT2yzfFrSz4pP6dam32SrOwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCvepor/4jXqdPAFkGCJpiNOGtxhMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSzk2bWl2X2lOZXAwOEFXUVlJbW1JMDRhM0dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6XwATR
MA0GCSqGSIb3DQEBCwUAA4IBAQCBFvLNDoRG2r5awFFmk81Zt0+Mosampzh+qui5
ZYZ8FMbo77RdZ2bb3x+rNSX37mr4YgIESu6xSsXpjecup5AvW2HDKF3RKurVfc8I
OnrZHqv3ISZMwNow4vIJoTa8ZsqHTwMx3Nbi2THlRgno9fMk6lZBTvQSsN/pbcm8
CMGPOOfcL4lquBs22/2cUrTpcVvv3LxQ7xRzYRmAr736Co20seGbdq9ExwPpCYda
tSkmEWasF2C0TzGfJp/bsUAxE+2nZkvFIudz60y+W27BuRfLgtIYRDt7qj+9Zab6
QC10NRTifoMYSGV0Kyb2bTv19owYJpvVyeNDvrzFy8rviKAH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:29 2024 by rpki-client on console-fra.rpki-client.org