Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OwxXwiA-L05xMPvmfktZcS-ghi8.roa
File:                     OwxXwiA-L05xMPvmfktZcS-ghi8.roa (raw, json)
Hash identifier:          8vVI9WTvEjriBSpFL4KqSAE9OOTBBGONON1lhzn9e1s=
Subject key identifier:   3B:0C:57:C2:20:3E:2F:4E:71:30:FB:E6:7E:4B:59:71:2F:A0:86:2F
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018AC73B29499709343A5E781B15AEB66230
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OwxXwiA-L05xMPvmfktZcS-ghi8.roa
Signing time:             Sun 24 Sep 2023 12:47:37 +0000
ROA not before:           Sun 24 Sep 2023 12:47:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205043
IP address blocks:        2a0e:97c0:b10::/44 maxlen: 48
                          2a0e:97c7::/40 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:c7:3b:29:49:97:09:34:3a:5e:78:1b:15:ae:b6:62:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Sep 24 12:47:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3b0c57c2203e2f4e7130fbe67e4b59712fa0862f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:b0:5b:a5:bb:b9:c2:a4:87:76:e8:21:a0:aa:
                    54:2e:08:fb:95:11:af:17:ac:bf:e9:2e:a3:55:1d:
                    d9:bd:74:76:d6:25:f8:bb:7f:0c:d8:15:5e:8d:30:
                    ef:82:b9:f6:66:f9:25:95:d6:5d:80:20:f5:10:b0:
                    ad:10:bb:c1:37:a7:55:d1:01:9b:2b:b9:9f:84:33:
                    9c:ae:85:08:0c:55:ec:b0:be:8e:a3:9c:92:bf:35:
                    02:b4:40:48:ef:83:4d:c4:da:15:02:51:14:11:07:
                    3f:fe:9f:74:8c:cd:c3:7b:6c:12:b4:c8:fd:d4:fd:
                    fc:18:c1:c3:66:0d:e6:8e:4b:4f:07:c9:b1:08:26:
                    b3:4c:62:98:d8:db:ec:43:fa:ed:92:31:63:58:ad:
                    8a:74:f2:5a:9b:32:c3:64:1c:6c:be:f0:1e:cc:e6:
                    f2:30:c0:71:ed:b1:3e:13:e2:5a:b4:e1:d5:09:65:
                    db:96:6b:8e:ae:80:22:7f:6c:49:65:43:3a:39:01:
                    ce:29:ee:58:ae:27:2c:00:ef:2f:97:b6:2b:88:ac:
                    61:9a:2f:7b:61:60:d6:5c:ae:af:ca:80:13:e4:a9:
                    7d:78:0b:dc:7e:9a:d7:67:9c:ae:d6:9d:73:2e:ec:
                    f2:fb:3e:f8:05:df:64:35:72:e3:7c:36:de:5d:fe:
                    5d:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:0C:57:C2:20:3E:2F:4E:71:30:FB:E6:7E:4B:59:71:2F:A0:86:2F
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OwxXwiA-L05xMPvmfktZcS-ghi8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:b10::/44
                  2a0e:97c7::/40

    Signature Algorithm: sha256WithRSAEncryption
         13:1d:9a:14:22:08:2e:c1:81:f8:26:56:0e:08:93:3e:04:e9:
         fd:d2:51:12:c0:f7:22:5b:8c:98:78:f7:72:1d:a8:cf:54:6a:
         66:62:ab:12:59:54:0c:e7:88:90:a0:bb:47:1a:8c:0c:be:cc:
         e0:1e:da:37:39:27:79:06:d1:de:ad:8b:bf:5e:54:b2:e6:f0:
         d9:29:a8:38:84:7a:ab:55:86:a1:d3:06:92:fb:a9:2e:7f:84:
         a8:93:5f:01:7f:1f:ba:26:48:c4:ff:1b:c1:fe:83:49:3f:aa:
         af:df:7e:c3:dd:64:2d:43:fa:d5:9d:51:10:5c:7b:88:c3:38:
         8f:24:94:53:e1:a4:02:a3:10:3c:cb:b3:37:59:96:ea:97:0e:
         77:91:f7:67:89:1e:1e:ea:28:e0:0d:c6:bd:24:df:2e:8e:1a:
         ec:d6:96:93:9f:dd:33:4a:f1:9f:ee:a4:d3:e5:fc:00:bb:c5:
         02:f0:2e:51:a1:46:6e:a2:12:04:95:7a:ca:f1:42:73:8a:cf:
         71:3a:94:ed:57:9d:6e:15:ae:42:10:51:c1:fd:b7:fb:fc:7a:
         aa:2e:36:7a:e1:05:27:78:f8:e9:72:42:d7:da:e5:8a:36:b4:
         df:74:e1:0d:c7:3c:ea:60:f7:fe:3c:e4:41:62:91:54:6c:aa:
         cc:af:2b:56
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYrHOylJlwk0Ol54GxWutmIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwOTI0MTI0NzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjBjNTdjMjIwM2UyZjRlNzEzMGZiZTY3ZTRiNTk3MTJmYTA4NjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLBbpbu5wqSHdughoKpULgj7lRGv
F6y/6S6jVR3ZvXR21iX4u38M2BVejTDvgrn2ZvklldZdgCD1ELCtELvBN6dV0QGb
K7mfhDOcroUIDFXssL6Oo5ySvzUCtEBI74NNxNoVAlEUEQc//p90jM3De2wStMj9
1P38GMHDZg3mjktPB8mxCCazTGKY2NvsQ/rtkjFjWK2KdPJamzLDZBxsvvAezOby
MMBx7bE+E+JatOHVCWXblmuOroAif2xJZUM6OQHOKe5YricsAO8vl7YriKxhmi97
YWDWXK6vyoAT5Kl9eAvcfprXZ5yu1p1zLuzy+z74Bd9kNXLjfDbeXf5dxQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFDsMV8IgPi9OcTD75n5LWXEvoIYvMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvT3d4WHdpQS1MMDV4TVB2bWZrdFpjUy1naGk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcEKg6XwAsQ
AwYAKg6XxwAwDQYJKoZIhvcNAQELBQADggEBABMdmhQiCC7BgfgmVg4Ikz4E6f3S
URLA9yJbjJh493IdqM9UamZiqxJZVAzniJCgu0cajAy+zOAe2jc5J3kG0d6ti79e
VLLm8NkpqDiEeqtVhqHTBpL7qS5/hKiTXwF/H7omSMT/G8H+g0k/qq/ffsPdZC1D
+tWdURBce4jDOI8klFPhpAKjEDzLszdZluqXDneR92eJHh7qKOANxr0k3y6OGuzW
lpOf3TNK8Z/upNPl/AC7xQLwLlGhRm6iEgSVesrxQnOKz3E6lO1XnW4VrkIQUcH9
t/v8eqouNnrhBSd4+OlyQtfa5Yo2tN904Q3HPOpg9/485EFikVRsqsyvK1Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:31 2024 by rpki-client on console-fra.rpki-client.org