Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KcJDxEU2OAiQIm4BZrP4q-iYdx0.roa
File:                     KcJDxEU2OAiQIm4BZrP4q-iYdx0.roa (raw, json)
Hash identifier:          HlBShnWT3dgBPElILR4fyXABSiWV9Symq/65HzxcS6I=
Subject key identifier:   29:C2:43:C4:45:36:38:08:90:22:6E:01:66:B3:F8:AB:E8:98:77:1D
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       01887665E4B5E576EA6183FAEE7747656A82
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KcJDxEU2OAiQIm4BZrP4q-iYdx0.roa
Signing time:             Thu 01 Jun 2023 09:59:29 +0000
ROA not before:           Thu 01 Jun 2023 09:59:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199340
IP address blocks:        2a0e:b107:fa0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:76:65:e4:b5:e5:76:ea:61:83:fa:ee:77:47:65:6a:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jun  1 09:59:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=29c243c44536380890226e0166b3f8abe898771d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:1e:0f:94:ef:bf:f4:c1:2d:bb:e4:7d:d9:5e:
                    88:94:62:dc:e9:ba:6c:7e:4c:a5:b4:60:e6:1c:7b:
                    65:2f:e6:e7:78:fc:af:21:a1:74:8c:eb:c8:30:7a:
                    c3:f8:a3:72:11:62:e9:57:34:58:a0:2f:d5:90:c3:
                    c9:8f:5c:2f:dc:15:8f:71:24:04:fe:f8:f2:22:6c:
                    f1:4b:a8:34:2b:57:a9:2c:52:fb:08:9d:ce:b5:8e:
                    9b:c0:2a:0c:d3:63:9a:7f:43:fb:8e:c5:05:a2:bb:
                    e8:8c:51:c0:00:20:6f:8a:d7:20:d7:f8:d8:3f:72:
                    3d:27:8c:a1:17:5b:0c:4b:6c:10:b6:19:3e:da:ea:
                    3c:e3:31:ae:5b:73:a1:a3:3c:0b:cd:e5:01:f7:ae:
                    02:a3:5d:d2:94:a5:0f:ce:23:56:91:07:01:38:bd:
                    7a:47:0a:e6:22:2b:cc:73:9b:23:58:59:9b:40:15:
                    b3:e8:09:25:f5:a2:01:91:56:14:80:cd:53:26:6a:
                    fd:b1:09:51:c1:fe:e3:c0:bb:f8:0d:52:02:9d:10:
                    3e:04:6b:4a:7c:4a:17:c8:f7:58:3b:be:f2:6a:29:
                    b0:97:d2:1b:60:b6:4b:35:88:bf:43:9a:9c:e7:d7:
                    87:22:0e:ab:b5:71:16:55:65:d3:e9:51:0f:d3:9e:
                    73:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:C2:43:C4:45:36:38:08:90:22:6E:01:66:B3:F8:AB:E8:98:77:1D
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KcJDxEU2OAiQIm4BZrP4q-iYdx0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:fa0::/44

    Signature Algorithm: sha256WithRSAEncryption
         c7:0c:a9:cb:22:59:e6:62:ff:aa:e8:ca:5e:b5:51:84:8d:77:
         8f:2a:df:00:c4:d2:43:ba:60:c0:2b:22:81:2f:b4:67:46:c2:
         3a:6e:f1:1a:0e:15:c0:b9:b3:b0:a7:5f:7d:19:8d:50:ce:62:
         f6:31:f3:3f:1c:df:9d:f1:24:0d:cc:e7:40:f2:ed:50:98:12:
         d0:ab:8b:cb:34:d9:52:40:df:e2:3a:1b:22:4c:1d:4a:ff:8a:
         85:09:c7:16:05:a7:7a:31:99:db:dc:53:45:de:d6:eb:9b:2b:
         8e:09:b0:0d:4d:4a:c7:38:d9:1a:eb:cc:aa:a7:e5:03:1b:13:
         93:50:fa:74:09:75:9f:80:76:50:bc:24:21:50:70:fd:ce:ef:
         fb:bd:02:0a:75:d5:e1:84:0b:62:a9:6e:15:95:82:3b:c9:61:
         e3:e6:55:fe:d8:66:1a:1a:69:a2:a6:2e:86:49:c7:de:62:5e:
         60:6a:19:7e:e9:67:96:b6:4c:96:99:77:18:e1:f0:63:93:09:
         08:a8:2b:bf:59:ce:a3:b9:08:d9:63:cd:2d:b5:7a:61:6c:30:
         92:8e:aa:99:d7:9a:bf:28:fc:4f:98:fa:a6:48:91:ea:67:0b:
         12:15:ac:27:25:76:6f:41:ef:ec:7c:71:6c:43:ff:c0:b6:2b:
         9f:99:a5:49
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYh2ZeS15XbqYYP67ndHZWqCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNjAxMDk1OTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWMyNDNjNDQ1MzYzODA4OTAyMjZlMDE2NmIzZjhhYmU4OTg3NzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAox4PlO+/9MEtu+R92V6IlGLc6bps
fkyltGDmHHtlL+bnePyvIaF0jOvIMHrD+KNyEWLpVzRYoC/VkMPJj1wv3BWPcSQE
/vjyImzxS6g0K1epLFL7CJ3OtY6bwCoM02Oaf0P7jsUForvojFHAACBvitcg1/jY
P3I9J4yhF1sMS2wQthk+2uo84zGuW3OhozwLzeUB964Co13SlKUPziNWkQcBOL16
RwrmIivMc5sjWFmbQBWz6Akl9aIBkVYUgM1TJmr9sQlRwf7jwLv4DVICnRA+BGtK
fEoXyPdYO77yaimwl9IbYLZLNYi/Q5qc59eHIg6rtXEWVWXT6VEP055zTwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCnCQ8RFNjgIkCJuAWaz+KvomHcdMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvS2NKRHhFVTJPQWlRSW00QlpyUDRxLWlZZHgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBw+g
MA0GCSqGSIb3DQEBCwUAA4IBAQDHDKnLIlnmYv+q6MpetVGEjXePKt8AxNJDumDA
KyKBL7RnRsI6bvEaDhXAubOwp199GY1QzmL2MfM/HN+d8SQNzOdA8u1QmBLQq4vL
NNlSQN/iOhsiTB1K/4qFCccWBad6MZnb3FNF3tbrmyuOCbANTUrHONka68yqp+UD
GxOTUPp0CXWfgHZQvCQhUHD9zu/7vQIKddXhhAtiqW4VlYI7yWHj5lX+2GYaGmmi
pi6GScfeYl5gahl+6WeWtkyWmXcY4fBjkwkIqCu/Wc6juQjZY80ttXphbDCSjqqZ
15q/KPxPmPqmSJHqZwsSFawnJXZvQe/sfHFsQ//AtiufmaVJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:29 2024 by rpki-client on console-fra.rpki-client.org