Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Rj8thvDcIuGv18SEdHQsid8GVIU.roa
File:                     Rj8thvDcIuGv18SEdHQsid8GVIU.roa (raw, json)
Hash identifier:          hRxxmgfeWas1vChNgJacadTsjNAl+Q2X92M3UWTZ+wM=
Subject key identifier:   46:3F:2D:86:F0:DC:22:E1:AF:D7:C4:84:74:74:2C:89:DF:06:54:85
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       01895EDF75522006497FF82F001455780A4F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Rj8thvDcIuGv18SEdHQsid8GVIU.roa
Signing time:             Sun 16 Jul 2023 13:24:10 +0000
ROA not before:           Sun 16 Jul 2023 13:24:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5687
IP address blocks:        2a0e:b107:2130::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:5e:df:75:52:20:06:49:7f:f8:2f:00:14:55:78:0a:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jul 16 13:24:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=463f2d86f0dc22e1afd7c48474742c89df065485
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:0e:4a:5c:6f:01:0f:32:2a:3f:a4:b8:47:40:
                    90:ff:3c:e5:4d:04:ad:26:c6:d3:5f:74:58:73:ea:
                    6b:b2:54:bc:75:3a:07:41:3b:7e:ec:40:0e:d6:e8:
                    20:6e:28:e5:05:38:7f:5e:e6:59:c3:63:46:24:c6:
                    11:84:e3:30:99:4b:a8:8c:f1:40:2e:5e:1c:d9:10:
                    94:15:2a:af:41:d9:0b:63:69:77:14:a5:7c:99:0e:
                    43:55:68:ca:cb:c7:c1:b1:a7:e6:92:69:11:a6:21:
                    da:57:9a:76:68:10:23:27:54:e7:5f:e0:c6:4d:b1:
                    78:10:1a:c7:3d:ee:22:8a:22:8e:60:0c:d4:fd:97:
                    9b:2b:44:72:e4:cd:2f:4c:41:23:6e:76:f9:fa:21:
                    18:95:71:c1:eb:e8:f2:f6:94:f7:7b:34:fc:54:8a:
                    13:87:28:88:d8:d6:55:9f:e1:1b:e0:20:f6:b0:e4:
                    6d:2e:da:6e:58:20:c2:f5:75:54:01:c3:35:3d:6d:
                    df:78:6f:76:63:ff:3a:07:96:5d:6c:1d:2f:b1:32:
                    e6:1a:97:5b:4b:78:b0:40:62:e2:08:75:66:95:c0:
                    4a:3c:78:6e:bd:9f:e5:dc:5b:b0:83:9a:2a:42:b4:
                    2f:85:06:dc:c7:45:9b:e2:94:8c:5c:14:1e:27:78:
                    e0:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:3F:2D:86:F0:DC:22:E1:AF:D7:C4:84:74:74:2C:89:DF:06:54:85
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Rj8thvDcIuGv18SEdHQsid8GVIU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:2130::/44

    Signature Algorithm: sha256WithRSAEncryption
         99:75:92:64:8a:14:0c:e9:51:e1:d0:aa:f7:1d:80:73:b2:e7:
         96:cd:39:f0:2e:10:0c:b8:cc:98:2e:a2:16:9e:2c:5c:42:44:
         72:b7:f4:bb:9c:ef:e5:c0:f9:82:bc:99:03:53:dd:34:26:6d:
         63:f8:5a:34:b0:a9:e2:5d:9b:3b:ea:e2:9c:22:00:fa:0f:af:
         38:b4:a7:0f:2e:76:7b:4c:2a:6a:54:1b:75:05:c1:f6:57:55:
         c3:59:fe:27:8f:60:84:d2:d4:f2:6f:57:cb:60:d5:4d:ea:66:
         96:9b:63:76:91:06:e4:ac:18:49:2a:91:8b:49:f5:8a:a3:84:
         80:4d:f5:7a:78:dc:b9:38:6a:5b:c4:68:95:5f:39:82:0f:59:
         a0:ee:18:58:27:0a:64:d7:cf:91:43:39:b8:e6:56:21:f5:a5:
         f2:f2:37:78:77:3e:96:59:cc:84:e9:48:25:90:c8:91:e8:a9:
         06:cc:f6:dc:0c:d9:02:cd:0b:b6:db:77:45:d4:5b:df:17:35:
         51:86:3a:c6:c6:d1:ec:c1:30:a8:7c:9c:35:ae:24:ae:dc:09:
         8f:a6:7e:39:f6:97:5a:b4:99:aa:f0:d5:ff:a1:15:6b:0a:7c:
         a5:68:e3:f8:6e:e0:86:b2:70:53:07:7f:3a:07:06:e5:64:dd:
         05:6d:4d:2a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYle33VSIAZJf/gvABRVeApPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNzE2MTMyNDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjNmMmQ4NmYwZGMyMmUxYWZkN2M0ODQ3NDc0MmM4OWRmMDY1NDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmg5KXG8BDzIqP6S4R0CQ/zzlTQSt
JsbTX3RYc+prslS8dToHQTt+7EAO1uggbijlBTh/XuZZw2NGJMYRhOMwmUuojPFA
Ll4c2RCUFSqvQdkLY2l3FKV8mQ5DVWjKy8fBsafmkmkRpiHaV5p2aBAjJ1TnX+DG
TbF4EBrHPe4iiiKOYAzU/ZebK0Ry5M0vTEEjbnb5+iEYlXHB6+jy9pT3ezT8VIoT
hyiI2NZVn+Eb4CD2sORtLtpuWCDC9XVUAcM1PW3feG92Y/86B5ZdbB0vsTLmGpdb
S3iwQGLiCHVmlcBKPHhuvZ/l3Fuwg5oqQrQvhQbcx0Wb4pSMXBQeJ3jgxQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEY/LYbw3CLhr9fEhHR0LInfBlSFMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUmo4dGh2RGNJdUd2MThTRWRIUXNpZDhHVklVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xByEw
MA0GCSqGSIb3DQEBCwUAA4IBAQCZdZJkihQM6VHh0Kr3HYBzsueWzTnwLhAMuMyY
LqIWnixcQkRyt/S7nO/lwPmCvJkDU900Jm1j+Fo0sKniXZs76uKcIgD6D684tKcP
LnZ7TCpqVBt1BcH2V1XDWf4nj2CE0tTyb1fLYNVN6maWm2N2kQbkrBhJKpGLSfWK
o4SATfV6eNy5OGpbxGiVXzmCD1mg7hhYJwpk18+RQzm45lYh9aXy8jd4dz6WWcyE
6UglkMiR6KkGzPbcDNkCzQu223dF1FvfFzVRhjrGxtHswTCofJw1riSu3AmPpn45
9pdatJmq8NX/oRVrCnylaOP4buCGsnBTB386BwblZN0FbU0q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:03 2024 by rpki-client on console-ams.rpki-client.org