Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SF4uQp-HkRlku1BtlJ8C1uWTipA.roa
File:                     SF4uQp-HkRlku1BtlJ8C1uWTipA.roa (raw, json)
Hash identifier:          jnDi0vjfI9SBgi7PrlIH/uWyxAsYz8Cp+LVUhebK6YE=
Subject key identifier:   48:5E:2E:42:9F:87:91:19:64:BB:50:6D:94:9F:02:D6:E5:93:8A:90
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018D87FA7A620B91BFD04B3D4D9EE8175AC2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SF4uQp-HkRlku1BtlJ8C1uWTipA.roa
Signing time:             Thu 08 Feb 2024 09:09:15 +0000
ROA not before:           Thu 08 Feb 2024 09:09:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     198316
IP address blocks:        2a0e:b107:1a61::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 08 Feb 2024 12:05:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:87:fa:7a:62:0b:91:bf:d0:4b:3d:4d:9e:e8:17:5a:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Feb  8 09:09:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=485e2e429f87911964bb506d949f02d6e5938a90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:f8:da:7e:04:3f:ec:fb:a9:78:f1:49:86:a2:
                    55:e8:3a:56:b8:df:52:5d:5e:99:6d:e9:d1:b9:01:
                    65:7b:7e:b7:8d:75:c9:e2:aa:c4:c3:81:0d:0e:97:
                    d2:59:68:90:6d:1b:50:3c:7f:cc:88:d0:9d:47:b3:
                    27:6d:8d:61:6f:b9:9a:cb:b1:32:f8:a1:7c:b0:da:
                    ee:5a:a3:27:69:eb:a7:34:f7:8f:04:72:93:6a:bd:
                    1d:93:e1:4b:3d:a3:0b:1c:14:9f:ef:36:52:53:80:
                    cc:41:19:c3:5d:82:54:38:5a:e6:6f:c9:e2:59:f0:
                    a2:4c:3e:a2:07:e3:75:02:88:42:7b:5e:81:9f:61:
                    e7:ff:ac:e3:1b:94:4b:90:5e:d4:31:9f:06:d1:2e:
                    36:e2:55:e2:7d:a1:4d:1f:47:09:70:37:d0:5b:0b:
                    12:27:ea:86:96:05:d2:99:ec:56:b7:d9:9b:a8:d1:
                    56:17:26:b0:72:12:e0:bc:58:3e:20:c0:db:4f:31:
                    18:6b:5a:df:8f:5b:72:49:27:7c:60:5e:88:a9:8a:
                    ae:99:84:fb:fe:13:95:11:56:f7:8b:07:56:74:43:
                    39:bf:67:fb:c7:01:c2:72:2e:92:0a:96:30:91:ea:
                    3a:da:22:dd:fe:26:6e:1b:ca:88:b1:ee:ee:35:f8:
                    a1:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:5E:2E:42:9F:87:91:19:64:BB:50:6D:94:9F:02:D6:E5:93:8A:90
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SF4uQp-HkRlku1BtlJ8C1uWTipA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:1a61::/48

    Signature Algorithm: sha256WithRSAEncryption
         30:c8:c7:3a:19:be:19:15:32:88:fa:71:cd:7a:72:74:f0:92:
         5e:6c:54:8c:be:da:d9:ee:90:b1:98:d5:be:f9:00:1c:ca:15:
         99:56:a7:7c:40:dd:80:70:16:a7:1b:04:d0:ca:63:79:b2:45:
         05:04:1e:69:36:c9:93:c4:90:45:2b:bb:bc:a6:9f:be:9d:65:
         63:d5:1f:85:3c:85:b6:e3:c6:9f:cf:ea:da:7f:99:81:6e:0f:
         a8:2e:d2:a5:37:6c:6f:96:29:ac:a3:9c:84:ab:2a:11:b5:56:
         e3:54:08:81:4e:81:19:a0:8f:d7:73:99:48:18:9b:62:fb:93:
         4a:87:6a:ee:b4:7f:ff:67:ab:84:c6:5f:a4:c6:16:02:f9:fc:
         f0:49:c1:9d:6e:73:6c:ac:8f:40:60:07:2a:cb:db:95:ed:cf:
         ba:df:58:3f:9b:39:31:ff:d6:4c:7e:41:3b:dc:97:62:38:48:
         df:c3:f3:c3:f0:b3:df:e6:dd:42:ce:9f:e7:33:b9:e7:27:51:
         9a:61:31:ab:93:87:8c:bb:20:c8:13:9b:3f:cc:8c:5a:b2:bf:
         57:98:02:17:e7:6c:1c:40:11:97:7c:51:16:e8:dd:1c:98:05:
         e4:72:17:2f:30:e2:3b:3a:59:2f:bf:4a:88:0f:94:e6:c3:3e:
         62:bf:9c:cc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2H+npiC5G/0Es9TZ7oF1rCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjA4MDkwOTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODVlMmU0MjlmODc5MTE5NjRiYjUwNmQ5NDlmMDJkNmU1OTM4YTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvjafgQ/7PupePFJhqJV6DpWuN9S
XV6ZbenRuQFle363jXXJ4qrEw4ENDpfSWWiQbRtQPH/MiNCdR7MnbY1hb7may7Ey
+KF8sNruWqMnaeunNPePBHKTar0dk+FLPaMLHBSf7zZSU4DMQRnDXYJUOFrmb8ni
WfCiTD6iB+N1AohCe16Bn2Hn/6zjG5RLkF7UMZ8G0S424lXifaFNH0cJcDfQWwsS
J+qGlgXSmexWt9mbqNFWFyawchLgvFg+IMDbTzEYa1rfj1tySSd8YF6IqYqumYT7
/hOVEVb3iwdWdEM5v2f7xwHCci6SCpYwkeo62iLd/iZuG8qIse7uNfihjwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEheLkKfh5EZZLtQbZSfAtblk4qQMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvU0Y0dVFwLUhrUmxrdTFCdGxKOEMxdVdUaXBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBxph
MA0GCSqGSIb3DQEBCwUAA4IBAQAwyMc6Gb4ZFTKI+nHNenJ08JJebFSMvtrZ7pCx
mNW++QAcyhWZVqd8QN2AcBanGwTQymN5skUFBB5pNsmTxJBFK7u8pp++nWVj1R+F
PIW248afz+raf5mBbg+oLtKlN2xvlimso5yEqyoRtVbjVAiBToEZoI/Xc5lIGJti
+5NKh2rutH//Z6uExl+kxhYC+fzwScGdbnNsrI9AYAcqy9uV7c+631g/mzkx/9ZM
fkE73JdiOEjfw/PD8LPf5t1Czp/nM7nnJ1GaYTGrk4eMuyDIE5s/zIxasr9XmAIX
52wcQBGXfFEW6N0cmAXkchcvMOI7Olkvv0qID5Tmwz5iv5zM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:31 2024 by rpki-client on console-fra.rpki-client.org