Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OshLXLVN9KFnko1hSewb4rNLhr4.roa
File:                     OshLXLVN9KFnko1hSewb4rNLhr4.roa (raw, json)
Hash identifier:          UhPFgNNz4xpwzC4L6BWeNpwtg1LK4rL+PobND+t/ID0=
Subject key identifier:   3A:C8:4B:5C:B5:4D:F4:A1:67:92:8D:61:49:EC:1B:E2:B3:4B:86:BE
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E81CFC6704E78F42AD95952562DCC1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OshLXLVN9KFnko1hSewb4rNLhr4.roa
Signing time:             Mon 02 Jan 2023 05:15:37 +0000
ROA not before:           Mon 02 Jan 2023 05:15:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212767
IP address blocks:        2a0e:b107:cc8::/48 maxlen: 48
                          2a10:2f00:14a::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e8:1c:fc:67:04:e7:8f:42:ad:95:95:25:62:dc:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3ac84b5cb54df4a167928d6149ec1be2b34b86be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:15:e1:e3:13:fc:5b:37:82:28:ba:7b:f7:de:
                    af:07:c0:37:45:f9:b8:b2:89:eb:d1:08:50:02:cb:
                    21:f0:6e:a2:2d:22:2b:d4:61:30:da:ed:0e:07:38:
                    e8:03:e5:53:08:bf:01:c7:d4:74:64:e2:49:a6:8c:
                    94:2e:d6:c1:1f:ad:a7:79:12:43:08:36:50:5b:6e:
                    fd:5d:3a:88:3b:47:79:d3:25:c0:f5:b5:ef:4c:37:
                    04:06:42:60:95:78:08:f3:2f:dd:03:80:ed:6b:05:
                    f5:d6:30:3f:fa:4c:cb:4d:72:19:38:ec:8a:57:4a:
                    9f:6e:1b:fc:8a:1a:93:4a:da:32:7f:60:27:80:69:
                    61:49:a0:ce:15:8b:5d:1e:36:66:99:82:b8:56:3a:
                    29:a2:e4:fd:ac:58:be:cf:43:c6:0a:a7:a7:81:7c:
                    73:e2:8d:4d:2f:82:81:6f:21:cc:94:5c:17:c2:7a:
                    eb:9c:63:5c:87:ce:6d:88:f8:6a:fd:ec:7f:b0:73:
                    8c:4d:2a:d8:ed:a0:1c:42:84:df:b8:4d:d8:5d:16:
                    db:19:e4:bc:f6:78:9a:13:e1:5e:64:22:29:6b:04:
                    49:53:cf:fe:6f:1b:f0:f9:ea:a3:9a:e2:60:6c:de:
                    5a:2b:81:61:3b:5f:5c:0a:40:ab:2f:23:e6:a3:34:
                    e6:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:C8:4B:5C:B5:4D:F4:A1:67:92:8D:61:49:EC:1B:E2:B3:4B:86:BE
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OshLXLVN9KFnko1hSewb4rNLhr4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:cc8::/48
                  2a10:2f00:14a::/48

    Signature Algorithm: sha256WithRSAEncryption
         0c:b8:b5:9c:0d:f3:5d:b1:ab:26:82:ce:d7:08:1d:ff:58:12:
         4b:03:50:1f:97:47:75:62:7e:58:05:e5:2f:49:67:03:6d:09:
         aa:50:2f:2c:1c:78:cb:9e:ec:4d:2b:d1:70:69:0c:1b:a6:19:
         dc:2a:6e:12:f9:c2:b5:2c:a6:e0:8d:42:91:85:d5:c9:d7:3a:
         1f:9f:d0:b2:fe:62:04:8c:29:52:4f:70:9a:ff:cd:f5:82:05:
         3b:1f:ab:3e:34:47:0e:88:36:70:41:11:2d:c0:60:76:aa:f6:
         ff:fc:08:a7:8b:c3:2b:58:44:d9:53:89:e1:18:2a:81:89:a5:
         a2:de:25:70:d4:06:48:f7:9f:a3:1f:3b:87:60:2d:9b:37:05:
         03:d2:6a:75:67:1a:0a:32:0a:a0:23:ed:1f:a5:f7:f0:7a:5b:
         d6:62:1b:f0:18:2f:88:34:63:1b:c7:2a:dc:ab:30:e9:d0:24:
         d3:cd:5e:07:5e:eb:ad:f3:bf:a7:cf:5f:ec:cf:a0:20:21:47:
         91:00:0a:1b:ec:0d:89:40:f1:24:79:56:42:ea:cd:6a:21:b8:
         10:b3:93:83:fd:2d:15:0c:f0:94:6b:35:7b:6c:ae:8d:65:05:
         1b:6c:56:ca:8d:ed:17:65:fb:fb:ff:88:9c:a1:01:57:40:97:
         27:2e:9a:01
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw6Bz8ZwTnj0KtlZUlYtzBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWM4NGI1Y2I1NGRmNGExNjc5MjhkNjE0OWVjMWJlMmIzNGI4NmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRXh4xP8WzeCKLp7996vB8A3Rfm4
sonr0QhQAssh8G6iLSIr1GEw2u0OBzjoA+VTCL8Bx9R0ZOJJpoyULtbBH62neRJD
CDZQW279XTqIO0d50yXA9bXvTDcEBkJglXgI8y/dA4DtawX11jA/+kzLTXIZOOyK
V0qfbhv8ihqTStoyf2AngGlhSaDOFYtdHjZmmYK4VjopouT9rFi+z0PGCqengXxz
4o1NL4KBbyHMlFwXwnrrnGNch85tiPhq/ex/sHOMTSrY7aAcQoTfuE3YXRbbGeS8
9niaE+FeZCIpawRJU8/+bxvw+eqjmuJgbN5aK4FhO19cCkCrLyPmozTmUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDrIS1y1TfShZ5KNYUnsG+KzS4a+MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvT3NoTFhMVk45S0Zua28xaFNld2I0ck5MaHI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBwzI
AwcAKhAvAAFKMA0GCSqGSIb3DQEBCwUAA4IBAQAMuLWcDfNdsasmgs7XCB3/WBJL
A1Afl0d1Yn5YBeUvSWcDbQmqUC8sHHjLnuxNK9FwaQwbphncKm4S+cK1LKbgjUKR
hdXJ1zofn9Cy/mIEjClST3Ca/831ggU7H6s+NEcOiDZwQREtwGB2qvb//Aini8Mr
WETZU4nhGCqBiaWi3iVw1AZI95+jHzuHYC2bNwUD0mp1ZxoKMgqgI+0fpffwelvW
YhvwGC+INGMbxyrcqzDp0CTTzV4HXuut87+nz1/sz6AgIUeRAAob7A2JQPEkeVZC
6s1qIbgQs5OD/S0VDPCUazV7bK6NZQUbbFbKje0XZfv7/4icoQFXQJcnLpoB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:31 2024 by rpki-client on console-fra.rpki-client.org