Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Ne6rP-Z-Tv3akvgYVybQbAGa2Gk.roa
File:                     Ne6rP-Z-Tv3akvgYVybQbAGa2Gk.roa (raw, json)
Hash identifier:          CQFmy9m/HlibBv/3GORAwVFSs60dcIyYbVPgUr4i23o=
Subject key identifier:   35:EE:AB:3F:E6:7E:4E:FD:DA:92:F8:18:57:26:D0:6C:01:9A:D8:69
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018CC9BD30AB5F96FD9AE4ACFD24E0006100
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Ne6rP-Z-Tv3akvgYVybQbAGa2Gk.roa
Signing time:             Tue 02 Jan 2024 10:34:28 +0000
ROA not before:           Tue 02 Jan 2024 10:34:28 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211063
IP address blocks:        2a0e:97c0:480::/44 maxlen: 48
                          2a0e:97c0:480::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 28 Mar 2024 00:15:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bd:30:ab:5f:96:fd:9a:e4:ac:fd:24:e0:00:61:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 10:34:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=35eeab3fe67e4efdda92f8185726d06c019ad869
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:ff:d8:9e:ba:ad:49:67:8c:b2:66:db:2e:a0:
                    11:b1:22:a1:7d:91:19:f8:e7:6b:5e:92:22:f3:06:
                    51:71:0a:ce:6e:a3:51:b0:29:16:1e:35:37:33:e6:
                    a4:61:14:aa:ee:7a:80:00:77:e2:bd:19:1d:92:64:
                    10:96:98:23:61:d1:5f:98:9f:5f:1c:60:df:24:9f:
                    69:58:c3:21:61:7a:a8:a6:b3:95:c5:70:7c:ae:3d:
                    16:4e:9a:6c:53:dc:9d:28:90:00:62:73:c4:3c:43:
                    84:11:ed:53:ea:ca:15:65:ef:fb:d0:cd:11:68:79:
                    37:c8:ba:4f:e6:05:bc:aa:45:a8:7d:42:8e:60:18:
                    bb:05:20:29:cf:15:a3:bc:69:77:78:c3:8d:c1:da:
                    46:2f:97:31:26:58:40:5d:6c:b3:7c:76:48:25:f4:
                    2b:28:aa:2a:db:94:07:5b:e2:93:6d:5f:fb:83:66:
                    e6:3d:b6:f4:53:c5:56:3b:d9:b3:3e:24:bb:a9:01:
                    12:54:35:a2:5f:b7:6c:de:e7:1a:f9:77:8d:57:f3:
                    ce:f4:dd:75:10:31:31:07:90:0e:61:7c:b4:ab:54:
                    f5:6a:6c:46:15:f0:3e:11:b5:6c:0e:87:d3:e8:66:
                    f3:6c:96:53:63:86:7d:6e:82:61:4f:57:8d:04:48:
                    b2:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:EE:AB:3F:E6:7E:4E:FD:DA:92:F8:18:57:26:D0:6C:01:9A:D8:69
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Ne6rP-Z-Tv3akvgYVybQbAGa2Gk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:480::/44

    Signature Algorithm: sha256WithRSAEncryption
         2f:0b:28:d3:b4:6f:c9:0f:15:56:25:26:2c:5f:c7:61:13:6e:
         ad:27:36:d9:56:22:0b:f5:5b:64:86:a6:ec:ff:21:9e:c8:b7:
         3d:35:dc:b9:3d:37:75:89:d2:d4:af:3f:44:ed:61:30:11:80:
         b7:b5:08:1e:b7:fb:67:e2:72:55:50:af:7c:6c:06:7f:36:df:
         e8:bb:51:09:f6:0b:37:c6:c8:85:e2:1c:b9:f6:c5:bd:c4:d5:
         73:a4:89:35:a7:6f:6b:86:d4:31:1d:86:d2:f2:0e:10:5a:43:
         de:99:be:cd:df:a2:1c:53:e1:1f:a5:a4:b6:5d:f5:b0:60:05:
         53:23:49:77:94:eb:59:77:b8:aa:bb:93:75:e4:d3:6d:1d:cb:
         f9:30:6a:b3:2f:af:75:61:c6:97:d6:0e:97:60:3a:b0:45:0d:
         cd:ec:60:fc:e6:ad:9c:33:af:c8:ba:6d:d3:4d:75:31:e1:e1:
         63:b4:0f:4b:20:f5:dd:4d:93:18:a7:b8:89:11:68:69:1c:39:
         35:26:e3:19:83:7a:68:bc:ce:94:8d:01:36:03:85:80:2d:fe:
         e9:6f:29:84:90:6d:8f:ae:ba:26:87:99:ff:dd:b8:39:eb:b9:
         96:35:73:2f:77:6c:44:40:11:25:80:84:00:68:7d:4a:4a:4a:
         65:bf:1e:5f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvTCrX5b9muSs/STgAGEAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWVlYWIzZmU2N2U0ZWZkZGE5MmY4MTg1NzI2ZDA2YzAxOWFkODY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj//YnrqtSWeMsmbbLqARsSKhfZEZ
+OdrXpIi8wZRcQrObqNRsCkWHjU3M+akYRSq7nqAAHfivRkdkmQQlpgjYdFfmJ9f
HGDfJJ9pWMMhYXqoprOVxXB8rj0WTppsU9ydKJAAYnPEPEOEEe1T6soVZe/70M0R
aHk3yLpP5gW8qkWofUKOYBi7BSApzxWjvGl3eMONwdpGL5cxJlhAXWyzfHZIJfQr
KKoq25QHW+KTbV/7g2bmPbb0U8VWO9mzPiS7qQESVDWiX7ds3uca+XeNV/PO9N11
EDExB5AOYXy0q1T1amxGFfA+EbVsDofT6GbzbJZTY4Z9boJhT1eNBEiyrQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDXuqz/mfk792pL4GFcm0GwBmthpMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTmU2clAtWi1UdjNha3ZnWVZ5YlFiQUdhMkdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwASA
MA0GCSqGSIb3DQEBCwUAA4IBAQAvCyjTtG/JDxVWJSYsX8dhE26tJzbZViIL9Vtk
hqbs/yGeyLc9Ndy5PTd1idLUrz9E7WEwEYC3tQget/tn4nJVUK98bAZ/Nt/ou1EJ
9gs3xsiF4hy59sW9xNVzpIk1p29rhtQxHYbS8g4QWkPemb7N36IcU+EfpaS2XfWw
YAVTI0l3lOtZd7iqu5N15NNtHcv5MGqzL691YcaX1g6XYDqwRQ3N7GD85q2cM6/I
um3TTXUx4eFjtA9LIPXdTZMYp7iJEWhpHDk1JuMZg3povM6UjQE2A4WALf7pbymE
kG2Prromh5n/3bg567mWNXMvd2xEQBElgIQAaH1KSkplvx5f
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:01 2024 by rpki-client on console-ams.rpki-client.org