Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Oh_M8QvfLcrEHyPc2lx4B4nsmrU.roa
File:                     Oh_M8QvfLcrEHyPc2lx4B4nsmrU.roa (raw, json)
Hash identifier:          sDIQs4DIqsUJw814JtpOhqzDeI2yWt07lFsafkyDb0g=
Subject key identifier:   3A:1F:CC:F1:0B:DF:2D:CA:C4:1F:23:DC:DA:5C:78:07:89:EC:9A:B5
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E81410583B760D1215D9772B41D53D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Oh_M8QvfLcrEHyPc2lx4B4nsmrU.roa
Signing time:             Mon 02 Jan 2023 05:15:35 +0000
ROA not before:           Mon 02 Jan 2023 05:15:35 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212173
IP address blocks:        2a0e:b107:1d40::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e8:14:10:58:3b:76:0d:12:15:d9:77:2b:41:d5:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:35 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3a1fccf10bdf2dcac41f23dcda5c780789ec9ab5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:bb:50:7e:a7:cd:96:d8:2a:79:65:d9:ed:b5:
                    dd:ff:9c:37:92:27:16:93:94:6c:88:0c:64:08:3c:
                    3c:59:c6:6e:6b:65:74:67:18:c7:03:d3:47:61:c3:
                    cb:32:13:ad:0e:91:8f:1c:b3:c9:9c:4b:6a:cc:ae:
                    6a:12:86:9b:cc:31:7a:be:0c:77:cf:74:d5:b4:55:
                    23:29:e5:db:45:da:e2:1d:ec:bb:20:77:c6:51:93:
                    60:45:59:d5:5b:03:86:2c:3f:a9:ad:bc:20:15:9e:
                    a6:b3:c4:3c:af:d7:4b:a7:25:5d:55:44:35:d9:5d:
                    01:f3:98:01:a2:46:71:77:5c:af:85:93:7e:25:b0:
                    b1:f9:ca:53:01:03:54:e4:3d:56:c7:d8:ef:cd:bd:
                    78:61:65:1c:e5:68:f4:ef:d2:c3:b3:a3:0c:86:37:
                    19:da:df:0c:e9:28:0c:eb:5b:d3:19:e8:e8:19:b7:
                    b6:93:58:e5:5c:11:b3:c9:50:b4:c1:fe:81:dc:6e:
                    e5:bc:de:e4:c6:07:24:b4:40:83:24:e4:60:c6:5c:
                    02:f3:85:45:7d:db:f0:97:59:31:5e:e0:6a:a6:15:
                    57:f0:5b:63:9d:cc:5d:27:b9:58:a2:ad:41:0b:3c:
                    10:ea:0b:ed:63:be:6d:5f:b2:30:49:8d:18:51:28:
                    a4:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:1F:CC:F1:0B:DF:2D:CA:C4:1F:23:DC:DA:5C:78:07:89:EC:9A:B5
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Oh_M8QvfLcrEHyPc2lx4B4nsmrU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:1d40::/48

    Signature Algorithm: sha256WithRSAEncryption
         7c:0d:63:28:44:16:c9:91:9b:33:cd:79:d0:77:1a:b9:a2:25:
         cf:ce:f8:92:b8:0f:ed:24:2a:de:33:cd:50:6c:21:cd:3f:9a:
         ce:25:d1:48:41:2a:02:40:2f:e3:df:12:70:5a:f1:c6:88:92:
         74:1a:64:f2:72:85:90:38:bf:77:64:d9:54:49:c7:21:44:2b:
         71:9c:de:c5:ba:1f:b3:2b:95:f6:ea:c9:99:fc:ef:61:ee:24:
         d0:79:62:9d:a7:5d:07:05:5b:70:ef:73:08:b1:58:9c:85:93:
         6d:d8:14:38:53:ed:ab:54:d2:3e:db:b8:8c:35:e9:5a:4e:24:
         6a:fd:8c:06:7a:d7:dc:e9:31:ec:82:7a:6f:3b:67:de:db:87:
         4d:03:2f:5b:68:71:9f:66:67:17:b3:11:74:9f:fa:31:8b:ca:
         3c:21:7c:4c:bb:58:e8:3e:86:ec:6a:53:b6:25:39:35:e7:ba:
         d2:be:66:a8:2b:01:80:74:57:7b:1f:bd:96:8a:d5:77:37:72:
         d9:76:10:1b:f9:7f:b9:94:dc:9c:f2:55:d9:7e:75:7b:44:3b:
         3e:ed:82:1b:d9:e0:18:1d:84:00:dd:ab:40:2d:b5:aa:f5:94:
         1e:a3:31:b2:92:cc:43:f5:f8:f0:d6:f7:3a:47:23:bc:54:69:
         47:18:38:d6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw6BQQWDt2DRIV2XcrQdU9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTFmY2NmMTBiZGYyZGNhYzQxZjIzZGNkYTVjNzgwNzg5ZWM5YWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLtQfqfNltgqeWXZ7bXd/5w3kicW
k5RsiAxkCDw8WcZua2V0ZxjHA9NHYcPLMhOtDpGPHLPJnEtqzK5qEoabzDF6vgx3
z3TVtFUjKeXbRdriHey7IHfGUZNgRVnVWwOGLD+prbwgFZ6ms8Q8r9dLpyVdVUQ1
2V0B85gBokZxd1yvhZN+JbCx+cpTAQNU5D1Wx9jvzb14YWUc5Wj079LDs6MMhjcZ
2t8M6SgM61vTGejoGbe2k1jlXBGzyVC0wf6B3G7lvN7kxgcktECDJORgxlwC84VF
fdvwl1kxXuBqphVX8FtjncxdJ7lYoq1BCzwQ6gvtY75tX7IwSY0YUSikgQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDofzPEL3y3KxB8j3NpceAeJ7Jq1MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvT2hfTThRdmZMY3JFSHlQYzJseDRCNG5zbXJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBx1A
MA0GCSqGSIb3DQEBCwUAA4IBAQB8DWMoRBbJkZszzXnQdxq5oiXPzviSuA/tJCre
M81QbCHNP5rOJdFIQSoCQC/j3xJwWvHGiJJ0GmTycoWQOL93ZNlUScchRCtxnN7F
uh+zK5X26smZ/O9h7iTQeWKdp10HBVtw73MIsVichZNt2BQ4U+2rVNI+27iMNela
TiRq/YwGetfc6THsgnpvO2fe24dNAy9baHGfZmcXsxF0n/oxi8o8IXxMu1joPobs
alO2JTk157rSvmaoKwGAdFd7H72WitV3N3LZdhAb+X+5lNyc8lXZfnV7RDs+7YIb
2eAYHYQA3atALbWq9ZQeozGyksxD9fjw1vc6RyO8VGlHGDjW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:30 2024 by rpki-client on console-fra.rpki-client.org