Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MDXJ-f4A7qnFNrADSuXFVrZGUhg.roa
File:                     MDXJ-f4A7qnFNrADSuXFVrZGUhg.roa (raw, json)
Hash identifier:          gGShfNbOJyKN2H/1REO02LqP5kguxde2kjd17k9oac0=
Subject key identifier:   30:35:C9:F9:FE:00:EE:A9:C5:36:B0:03:4A:E5:C5:56:B6:46:52:18
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E7BB95D846A9190B91631CCA2E3297
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MDXJ-f4A7qnFNrADSuXFVrZGUhg.roa
Signing time:             Mon 02 Jan 2023 05:15:13 +0000
ROA not before:           Mon 02 Jan 2023 05:15:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204611
IP address blocks:        2a0e:b107:19cd::/48 maxlen: 48
                          2a0e:b107:1b9b::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:bb:95:d8:46:a9:19:0b:91:63:1c:ca:2e:32:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3035c9f9fe00eea9c536b0034ae5c556b6465218
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:77:e1:11:64:ef:7a:88:f8:ca:a2:0e:6b:0e:
                    27:f4:8a:2d:02:0d:a8:c8:30:d8:39:c1:10:67:70:
                    57:01:92:78:80:a2:e9:74:8e:a5:4a:78:c4:57:2c:
                    12:5c:84:cb:43:73:a2:03:33:40:e5:d2:12:6d:1b:
                    b2:48:b2:11:c0:6a:bd:d3:cd:86:9c:7d:19:c4:59:
                    79:66:1d:10:24:3c:78:ec:e0:c0:55:5f:38:14:89:
                    1b:46:14:81:87:2f:4c:1b:e7:b2:ad:f6:0f:d3:10:
                    20:4f:df:7f:02:0e:77:77:7d:b8:49:ca:6a:24:f1:
                    a0:be:b4:a7:c5:ac:a3:29:2d:12:c9:0f:e8:ed:da:
                    ac:76:c9:96:e2:82:6a:37:a1:f4:ee:0e:a3:95:0b:
                    b8:2e:9c:8f:9b:67:f7:60:44:d8:61:7e:ce:b9:bb:
                    44:5e:f1:a6:98:b6:7f:3e:80:c3:28:d6:f2:55:a8:
                    4a:01:ca:a0:28:11:e0:a9:58:05:1c:37:9d:af:0e:
                    e9:c2:9e:92:e7:7e:d8:da:5e:2e:24:4d:c7:a3:6b:
                    cb:e3:a2:30:0d:ca:73:50:44:23:c0:e6:6d:ee:44:
                    b7:e7:67:ff:fd:98:f4:fd:ea:4e:dd:ea:72:7a:ee:
                    de:29:e3:62:1c:9b:d3:ab:b7:42:51:d8:c6:69:09:
                    b9:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:35:C9:F9:FE:00:EE:A9:C5:36:B0:03:4A:E5:C5:56:B6:46:52:18
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MDXJ-f4A7qnFNrADSuXFVrZGUhg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:19cd::/48
                  2a0e:b107:1b9b::/48

    Signature Algorithm: sha256WithRSAEncryption
         5d:65:a9:17:08:7c:8b:6b:c4:cc:0f:11:aa:b8:87:c0:51:f8:
         2d:4d:40:fe:f2:a8:93:23:45:b2:b9:4c:52:c6:18:3a:1e:2a:
         90:b6:cb:bc:dd:54:c9:7e:ca:3b:e8:c1:bc:de:54:62:97:d6:
         04:f2:ba:0d:b5:67:29:19:e6:af:34:ca:ca:e8:7a:50:76:12:
         08:1b:0f:45:89:48:82:2e:5e:f5:7e:12:a7:74:4d:c1:0f:8b:
         58:7c:41:a0:51:6c:be:b1:6d:af:f2:e1:2d:a6:e1:a7:d9:b1:
         d7:15:d0:cc:37:a2:47:6d:27:12:19:cd:1f:ee:d8:65:e9:11:
         e9:71:e6:d0:e1:78:20:c5:77:c9:57:9a:3e:03:ab:3c:81:d0:
         72:1d:48:f2:78:1a:14:e8:98:21:da:ae:ae:bb:0a:1f:91:b0:
         c8:b9:e4:68:f9:da:a8:e3:61:37:3d:44:d1:b2:48:21:56:9b:
         4a:89:c1:ad:8c:fa:6e:e0:03:17:62:91:42:13:b8:98:8b:09:
         e0:b9:7c:5c:89:93:8e:9b:3a:c6:27:f9:13:b9:24:40:21:9c:
         8b:fd:f9:ac:2b:52:f7:aa:4d:6c:12:dc:80:93:ec:a9:c3:82:
         50:63:7c:0e:65:58:3f:ca:5b:a6:3a:8f:02:aa:15:ee:89:f8:
         72:f8:02:d8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw57uV2EapGQuRYxzKLjKXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDM1YzlmOWZlMDBlZWE5YzUzNmIwMDM0YWU1YzU1NmI2NDY1MjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnfhEWTveoj4yqIOaw4n9IotAg2o
yDDYOcEQZ3BXAZJ4gKLpdI6lSnjEVywSXITLQ3OiAzNA5dISbRuySLIRwGq9082G
nH0ZxFl5Zh0QJDx47ODAVV84FIkbRhSBhy9MG+eyrfYP0xAgT99/Ag53d324Scpq
JPGgvrSnxayjKS0SyQ/o7dqsdsmW4oJqN6H07g6jlQu4LpyPm2f3YETYYX7OubtE
XvGmmLZ/PoDDKNbyVahKAcqgKBHgqVgFHDedrw7pwp6S537Y2l4uJE3Ho2vL46Iw
DcpzUEQjwOZt7kS352f//Zj0/epO3epyeu7eKeNiHJvTq7dCUdjGaQm5nQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDA1yfn+AO6pxTawA0rlxVa2RlIYMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTURYSi1mNEE3cW5GTnJBRFN1WEZWclpHVWhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBxnN
AwcAKg6xBxubMA0GCSqGSIb3DQEBCwUAA4IBAQBdZakXCHyLa8TMDxGquIfAUfgt
TUD+8qiTI0WyuUxSxhg6HiqQtsu83VTJfso76MG83lRil9YE8roNtWcpGeavNMrK
6HpQdhIIGw9FiUiCLl71fhKndE3BD4tYfEGgUWy+sW2v8uEtpuGn2bHXFdDMN6JH
bScSGc0f7thl6RHpcebQ4XggxXfJV5o+A6s8gdByHUjyeBoU6Jgh2q6uuwofkbDI
ueRo+dqo42E3PUTRskghVptKicGtjPpu4AMXYpFCE7iYiwnguXxciZOOmzrGJ/kT
uSRAIZyL/fmsK1L3qk1sEtyAk+ypw4JQY3wOZVg/ylumOo8CqhXuifhy+ALY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:30 2024 by rpki-client on console-fra.rpki-client.org