Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QMXlE2WzBGOIDnmZvW4WnhLMXk4.roa
File:                     QMXlE2WzBGOIDnmZvW4WnhLMXk4.roa (raw, json)
Hash identifier:          K9hxvP7UzThENSnT3CT3aNmwM9l1cRha/jv19Jj9TtM=
Subject key identifier:   40:C5:E5:13:65:B3:04:63:88:0E:79:99:BD:6E:16:9E:12:CC:5E:4E
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E7ED86A0A9AE9CB857EC096EB99815
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QMXlE2WzBGOIDnmZvW4WnhLMXk4.roa
Signing time:             Mon 02 Jan 2023 05:15:25 +0000
ROA not before:           Mon 02 Jan 2023 05:15:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210617
IP address blocks:        2a0e:97c0:5a0::/48 maxlen: 48
                          2a0e:97c0:5a1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 22 Feb 2023 17:45:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:ed:86:a0:a9:ae:9c:b8:57:ec:09:6e:b9:98:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=40c5e51365b30463880e7999bd6e169e12cc5e4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:ad:ba:c4:f7:56:c1:a6:1d:eb:48:5f:e2:61:
                    18:5e:75:4b:24:eb:4d:2b:9e:24:bd:71:39:5e:b6:
                    b1:a7:20:23:ed:c4:fe:46:e5:52:99:29:a8:e6:bf:
                    45:51:f6:9b:40:ac:3e:87:96:83:19:97:6a:48:d2:
                    52:9c:ab:17:9e:27:ba:09:13:a6:e3:87:34:df:d9:
                    dc:28:d4:94:0d:37:56:06:61:96:e4:cb:2d:f9:5e:
                    13:ba:49:e6:ca:ef:16:4b:e3:5a:0a:57:07:c0:49:
                    86:8d:30:97:40:09:cc:d6:4f:14:6f:82:54:df:69:
                    a3:97:6b:96:d0:93:74:a1:6a:2d:8f:7a:d9:d5:bc:
                    ca:c3:3a:9c:11:8a:f3:a7:1c:56:8f:a6:55:6a:53:
                    76:68:43:e0:41:41:5c:19:b2:34:f4:cb:4b:de:b6:
                    50:f4:83:5f:bc:b7:8f:fa:9e:6d:c6:81:73:30:be:
                    b7:25:9b:53:e5:c7:c7:16:59:d3:ad:80:c4:37:28:
                    1c:38:14:50:5b:d1:c8:20:29:e0:c9:f5:e5:cf:8b:
                    5b:54:4b:d3:97:fc:d1:74:7a:2d:6f:18:8d:54:30:
                    1a:76:19:4e:7d:d4:7e:7d:c9:a2:c3:6e:21:49:11:
                    71:2c:9b:b5:01:8a:77:c8:57:6a:99:72:2c:02:c5:
                    ff:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:C5:E5:13:65:B3:04:63:88:0E:79:99:BD:6E:16:9E:12:CC:5E:4E
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QMXlE2WzBGOIDnmZvW4WnhLMXk4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:5a0::/47

    Signature Algorithm: sha256WithRSAEncryption
         75:a8:40:cb:7d:17:1b:ba:4f:1f:c2:8a:05:85:ec:98:d4:fa:
         29:47:d9:53:ec:cc:d3:13:03:0a:12:16:c0:b4:0f:fc:dd:15:
         73:30:05:27:8f:99:98:9f:cc:da:48:5c:52:41:62:e1:00:a1:
         06:0b:ae:f7:b8:db:27:fb:b0:c9:82:a8:f7:f1:ec:b6:e8:16:
         f3:fe:fd:45:95:e3:5e:83:77:fd:3b:b8:f3:8f:bc:7f:66:89:
         1a:be:b5:48:2e:8d:e5:3f:84:4b:9c:d9:31:f8:7a:59:4d:1e:
         cb:d2:ca:6b:8a:ed:4a:29:8d:b5:46:fc:1f:cb:af:f1:ba:9f:
         04:3a:bf:d6:2f:cb:d7:15:1d:2b:2c:82:41:bd:54:5a:27:1e:
         9f:3e:31:b5:77:16:76:a7:6b:4b:c0:24:6b:b3:f2:31:be:53:
         12:0a:49:1e:6f:ce:76:9b:00:fc:4d:62:49:bd:35:e3:ae:78:
         17:7f:88:5e:a0:45:5e:6f:ee:01:02:c2:d7:4b:2b:ca:98:cb:
         02:f7:63:ea:63:4f:2c:02:ea:7b:d7:44:2b:ff:39:5e:50:4f:
         5e:85:31:89:a4:a7:c6:48:66:1d:25:4b:10:24:ca:bd:0a:b9:
         b9:54:08:1d:52:ff:e0:0c:70:45:bc:26:b7:b2:26:30:4d:94:
         82:2f:ce:b3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw5+2GoKmunLhX7AluuZgVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGM1ZTUxMzY1YjMwNDYzODgwZTc5OTliZDZlMTY5ZTEyY2M1ZTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnq26xPdWwaYd60hf4mEYXnVLJOtN
K54kvXE5XraxpyAj7cT+RuVSmSmo5r9FUfabQKw+h5aDGZdqSNJSnKsXnie6CROm
44c039ncKNSUDTdWBmGW5Mst+V4Tuknmyu8WS+NaClcHwEmGjTCXQAnM1k8Ub4JU
32mjl2uW0JN0oWotj3rZ1bzKwzqcEYrzpxxWj6ZValN2aEPgQUFcGbI09MtL3rZQ
9INfvLeP+p5txoFzML63JZtT5cfHFlnTrYDENygcOBRQW9HIICngyfXlz4tbVEvT
l/zRdHotbxiNVDAadhlOfdR+fcmiw24hSRFxLJu1AYp3yFdqmXIsAsX/cQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEDF5RNlswRjiA55mb1uFp4SzF5OMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUU1YbEUyV3pCR09JRG5tWnZXNFduaExNWGs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKg6XwAWg
MA0GCSqGSIb3DQEBCwUAA4IBAQB1qEDLfRcbuk8fwooFheyY1PopR9lT7MzTEwMK
EhbAtA/83RVzMAUnj5mYn8zaSFxSQWLhAKEGC673uNsn+7DJgqj38ey26Bbz/v1F
leNeg3f9O7jzj7x/ZokavrVILo3lP4RLnNkx+HpZTR7L0spriu1KKY21Rvwfy6/x
up8EOr/WL8vXFR0rLIJBvVRaJx6fPjG1dxZ2p2tLwCRrs/IxvlMSCkkeb852mwD8
TWJJvTXjrngXf4heoEVeb+4BAsLXSyvKmMsC92PqY08sAup710Qr/zleUE9ehTGJ
pKfGSGYdJUsQJMq9Crm5VAgdUv/gDHBFvCa3siYwTZSCL86z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:31 2024 by rpki-client on console-fra.rpki-client.org