Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Oq9_bOGbRMILkdckEnywQLKvK-s.roa
File:                     Oq9_bOGbRMILkdckEnywQLKvK-s.roa (raw, json)
Hash identifier:          fOfkPz5UORm3SQ4xKQhJvaNSeZ9+yngjMwjBMtjay9I=
Subject key identifier:   3A:AF:7F:6C:E1:9B:44:C2:0B:91:D7:24:12:7C:B0:40:B2:AF:2B:EB
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018CC9BD12ECCB64C879C498CF592908DCB0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Oq9_bOGbRMILkdckEnywQLKvK-s.roa
Signing time:             Tue 02 Jan 2024 10:34:20 +0000
ROA not before:           Tue 02 Jan 2024 10:34:20 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     207466
IP address blocks:        2a0e:b107:770::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 09 Jan 2024 22:36:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bd:12:ec:cb:64:c8:79:c4:98:cf:59:29:08:dc:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 10:34:20 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3aaf7f6ce19b44c20b91d724127cb040b2af2beb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:9d:17:54:c7:4f:f0:9f:c9:88:01:46:47:a4:
                    41:12:4f:da:15:fb:23:91:fd:27:c6:91:16:99:35:
                    ce:28:4f:a6:69:8c:48:9f:62:aa:27:3d:6e:fa:df:
                    b6:8b:c3:bf:df:41:d4:be:be:93:a5:e3:62:b3:70:
                    f6:63:a6:bd:ac:7c:ec:8c:b4:42:f8:94:61:c5:d0:
                    54:13:55:cf:7a:f0:8b:a1:81:2a:23:ed:c2:90:82:
                    b5:93:ab:2f:53:98:02:f3:d1:ef:43:11:f1:86:0a:
                    f1:18:66:4b:49:8a:73:07:a2:c0:52:36:a1:8f:29:
                    6e:b9:12:95:d3:b4:ab:d3:cb:c2:3a:a6:3d:26:6a:
                    77:a4:15:63:be:89:80:cd:a4:31:7d:17:f5:4d:55:
                    30:6b:b1:7a:b3:6f:47:bc:65:6b:59:4a:a7:47:ac:
                    2c:eb:5f:d3:fd:93:22:2c:50:64:e0:c9:5e:07:7e:
                    ff:53:50:6d:8a:b6:c5:74:6f:49:d4:c9:9c:fe:f8:
                    3b:7b:31:ed:50:d1:86:24:49:82:2a:21:07:04:48:
                    e6:b9:74:c6:f6:d2:39:27:90:ad:c3:cf:da:74:7d:
                    19:71:c7:60:bf:0d:fb:57:8a:ff:7e:78:6f:51:0f:
                    5a:3a:1f:3c:31:f0:c4:8c:d3:07:5f:73:91:b1:ad:
                    f2:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:AF:7F:6C:E1:9B:44:C2:0B:91:D7:24:12:7C:B0:40:B2:AF:2B:EB
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Oq9_bOGbRMILkdckEnywQLKvK-s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:770::/44

    Signature Algorithm: sha256WithRSAEncryption
         4d:9f:66:94:79:01:4d:f5:86:a9:cb:9c:b4:fb:da:7a:e7:c0:
         18:dd:f7:ca:5f:c7:b3:c6:af:e3:f2:30:36:79:85:03:b6:b3:
         8d:92:9b:01:bb:b4:3d:bc:8a:b1:a3:62:94:b8:68:43:12:ee:
         1e:30:7b:43:4c:d4:8f:16:9b:af:d8:e9:d3:20:bb:06:35:27:
         59:c6:9f:25:c1:71:71:04:21:35:8e:71:c5:7d:94:da:59:54:
         35:98:30:72:04:0d:28:bd:9a:2e:67:37:d9:4f:22:1f:6d:38:
         fc:01:76:8b:41:2b:f9:f9:bb:bc:ad:44:7a:4f:b0:f0:b0:d2:
         6c:9f:92:86:8c:63:94:78:18:32:cb:ea:8c:25:e6:f8:a5:cb:
         34:51:4d:7b:f9:f0:38:0a:31:dc:e0:7d:5f:b5:a2:ae:a0:70:
         bf:5d:c4:a2:8f:f5:9a:43:28:b8:6e:24:12:5f:ca:af:05:20:
         b6:5a:b8:bb:e6:3b:cf:48:b2:b4:e9:90:c1:76:d9:a8:c4:99:
         dd:2e:af:6b:17:16:f3:52:85:1b:4d:14:3c:c9:ef:77:67:d0:
         ba:1c:53:f9:ff:bb:e6:17:06:d6:9e:85:1e:f1:3b:c8:f9:6a:
         d2:8a:a0:7e:3b:d8:da:f6:11:10:96:cf:a5:a0:10:8b:f0:f4:
         00:83:84:fd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvRLsy2TIecSYz1kpCNywMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWFmN2Y2Y2UxOWI0NGMyMGI5MWQ3MjQxMjdjYjA0MGIyYWYyYmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJ0XVMdP8J/JiAFGR6RBEk/aFfsj
kf0nxpEWmTXOKE+maYxIn2KqJz1u+t+2i8O/30HUvr6TpeNis3D2Y6a9rHzsjLRC
+JRhxdBUE1XPevCLoYEqI+3CkIK1k6svU5gC89HvQxHxhgrxGGZLSYpzB6LAUjah
jyluuRKV07Sr08vCOqY9Jmp3pBVjvomAzaQxfRf1TVUwa7F6s29HvGVrWUqnR6ws
61/T/ZMiLFBk4MleB37/U1BtirbFdG9J1Mmc/vg7ezHtUNGGJEmCKiEHBEjmuXTG
9tI5J5Ctw8/adH0Zccdgvw37V4r/fnhvUQ9aOh88MfDEjNMHX3ORsa3yEwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDqvf2zhm0TCC5HXJBJ8sECyryvrMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvT3E5X2JPR2JSTUlMa2Rja0VueXdRTEt2Sy1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBwdw
MA0GCSqGSIb3DQEBCwUAA4IBAQBNn2aUeQFN9Yapy5y0+9p658AY3ffKX8ezxq/j
8jA2eYUDtrONkpsBu7Q9vIqxo2KUuGhDEu4eMHtDTNSPFpuv2OnTILsGNSdZxp8l
wXFxBCE1jnHFfZTaWVQ1mDByBA0ovZouZzfZTyIfbTj8AXaLQSv5+bu8rUR6T7Dw
sNJsn5KGjGOUeBgyy+qMJeb4pcs0UU17+fA4CjHc4H1ftaKuoHC/XcSij/WaQyi4
biQSX8qvBSC2Wri75jvPSLK06ZDBdtmoxJndLq9rFxbzUoUbTRQ8ye93Z9C6HFP5
/7vmFwbWnoUe8TvI+WrSiqB+O9ja9hEQls+loBCL8PQAg4T9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:02 2024 by rpki-client on console-ams.rpki-client.org