Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Sgh72up5p6WfweWina8-_KijAvk.roa
File:                     Sgh72up5p6WfweWina8-_KijAvk.roa (raw, json)
Hash identifier:          yeGEsHHXEh9Kv738lTaAMnrRYNeqivcwbHVkJ6GApmE=
Subject key identifier:   4A:08:7B:DA:EA:79:A7:A5:9F:C1:E5:A2:9D:AF:3E:FC:A8:A3:02:F9
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018B107598CF536F9EADB61162C4930125DE
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Sgh72up5p6WfweWina8-_KijAvk.roa
Signing time:             Sun 08 Oct 2023 18:03:44 +0000
ROA not before:           Sun 08 Oct 2023 18:03:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200160
IP address blocks:        2a0e:b107:660::/44 maxlen: 48
                          2a0e:b107:1d60::/44 maxlen: 48
                          2a0e:b107:1e00::/44 maxlen: 48
                          2a0e:b107:600::/44 maxlen: 48
                          2a0e:b107:5e0::/44 maxlen: 48
                          2a0e:b107:800::/44 maxlen: 48
                          2a0e:b107:690::/44 maxlen: 48
                          2a0e:b107:5f0::/44 maxlen: 48
                          2a0e:b107:ad0::/44 maxlen: 48
                          2a0e:b107:2150::/44 maxlen: 48
                          2a0e:b107:5d0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Sun 08 Oct 2023 18:22:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:10:75:98:cf:53:6f:9e:ad:b6:11:62:c4:93:01:25:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Oct  8 18:03:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4a087bdaea79a7a59fc1e5a29daf3efca8a302f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:91:1f:86:06:22:71:60:00:e4:a2:0a:01:7d:
                    3c:d8:34:79:df:5c:7f:9a:14:00:10:ea:f1:5b:ce:
                    8a:08:48:3a:24:6d:ba:b3:33:78:88:67:2c:cf:26:
                    df:de:a9:90:55:e3:a4:6f:6e:2e:26:fd:44:a6:84:
                    f2:e8:aa:bd:5a:ed:d8:05:2c:1f:9f:b9:8d:e7:7c:
                    0a:20:43:f2:81:10:85:58:3c:5e:c8:ca:b2:b6:43:
                    1d:4a:cc:67:51:b0:aa:1d:4c:ea:6e:27:8e:64:37:
                    eb:0d:41:3d:db:8f:66:e1:9a:6a:11:82:32:bb:cf:
                    79:3f:c2:bc:de:0e:fc:ab:f2:43:a7:3a:4e:d8:a3:
                    be:5d:32:8b:a6:38:dc:87:61:fe:ba:11:90:46:82:
                    26:a2:b0:c7:40:aa:16:21:90:fb:0c:b6:5a:22:b9:
                    59:a6:5c:10:51:2d:a5:43:3a:18:37:37:81:aa:be:
                    b1:30:37:99:77:dd:d8:6c:e7:8f:5c:b8:6f:da:04:
                    62:34:e5:be:c6:18:35:9f:a6:9f:d6:7c:4a:d9:8c:
                    2e:26:fa:a3:5e:60:5e:ab:d8:1d:63:79:fe:18:b7:
                    82:52:45:8c:63:60:a1:74:b4:55:01:06:1a:18:e3:
                    ba:ea:de:fa:eb:17:6c:cb:90:16:80:d5:3d:49:b9:
                    ac:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:08:7B:DA:EA:79:A7:A5:9F:C1:E5:A2:9D:AF:3E:FC:A8:A3:02:F9
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Sgh72up5p6WfweWina8-_KijAvk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:5d0::-2a0e:b107:60f:ffff:ffff:ffff:ffff:ffff
                  2a0e:b107:660::/44
                  2a0e:b107:690::/44
                  2a0e:b107:800::/44
                  2a0e:b107:ad0::/44
                  2a0e:b107:1d60::/44
                  2a0e:b107:1e00::/44
                  2a0e:b107:2150::/44

    Signature Algorithm: sha256WithRSAEncryption
         54:e6:77:63:d3:fd:0f:f0:42:30:f7:30:cd:b1:23:a6:c7:70:
         2d:0e:37:46:31:7a:ab:1f:af:62:f0:7c:03:82:59:91:19:86:
         ca:ed:33:33:4a:a3:5e:78:95:af:0f:b0:5e:ff:a7:e3:b9:ce:
         ba:bd:a8:dd:3e:10:dc:36:c4:e3:fd:48:68:12:aa:9b:c0:8b:
         64:b4:4b:66:8d:fd:f9:f3:64:c0:b4:a6:9d:03:be:75:16:35:
         7e:9e:5b:17:84:cc:29:86:e5:21:30:fb:74:ec:de:91:a0:b1:
         7b:81:8a:36:83:3e:56:ec:f3:80:ad:1a:e7:3a:b0:36:85:31:
         9b:0e:cf:74:f5:09:72:52:28:08:0b:2c:2d:3d:1f:03:52:61:
         20:ec:bb:97:76:3c:bf:2c:40:8f:8e:83:cd:22:37:7e:98:1b:
         a3:73:9c:06:29:64:e8:90:14:fd:a7:26:96:1a:ee:8e:57:1c:
         41:28:54:87:3a:e5:96:68:42:ff:3a:77:34:c2:d7:72:d1:e9:
         a1:02:fe:87:85:af:f8:81:36:f5:30:83:e2:5d:d3:db:b7:66:
         bf:ef:40:8a:60:04:a9:a7:13:2a:cb:38:10:9f:08:ab:c5:32:
         ec:dd:64:7e:65:c6:26:90:a9:2a:d6:b1:45:78:f7:9d:d6:b3:
         3f:78:a8:ae
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYsQdZjPU2+erbYRYsSTASXeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMDA4MTgwMzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTA4N2JkYWVhNzlhN2E1OWZjMWU1YTI5ZGFmM2VmY2E4YTMwMmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZEfhgYicWAA5KIKAX082DR531x/
mhQAEOrxW86KCEg6JG26szN4iGcszybf3qmQVeOkb24uJv1EpoTy6Kq9Wu3YBSwf
n7mN53wKIEPygRCFWDxeyMqytkMdSsxnUbCqHUzqbieOZDfrDUE9249m4ZpqEYIy
u895P8K83g78q/JDpzpO2KO+XTKLpjjch2H+uhGQRoImorDHQKoWIZD7DLZaIrlZ
plwQUS2lQzoYNzeBqr6xMDeZd93YbOePXLhv2gRiNOW+xhg1n6af1nxK2YwuJvqj
XmBeq9gdY3n+GLeCUkWMY2ChdLRVAQYaGOO66t766xdsy5AWgNU9SbmsMwIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFEoIe9rqeaeln8Hlop2vPvyoowL5MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvU2doNzJ1cDVwNldmd2VXaW5hOC1fS2lqQXZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBZBAIAAjBTMBIDBwQqDrEH
BdADBwQqDrEHBgADBwQqDrEHBmADBwQqDrEHBpADBwQqDrEHCAADBwQqDrEHCtAD
BwQqDrEHHWADBwQqDrEHHgADBwQqDrEHIVAwDQYJKoZIhvcNAQELBQADggEBAFTm
d2PT/Q/wQjD3MM2xI6bHcC0ON0Yxeqsfr2LwfAOCWZEZhsrtMzNKo154la8PsF7/
p+O5zrq9qN0+ENw2xOP9SGgSqpvAi2S0S2aN/fnzZMC0pp0DvnUWNX6eWxeEzCmG
5SEw+3Ts3pGgsXuBijaDPlbs84CtGuc6sDaFMZsOz3T1CXJSKAgLLC09HwNSYSDs
u5d2PL8sQI+Og80iN36YG6NznAYpZOiQFP2nJpYa7o5XHEEoVIc65ZZoQv86dzTC
13LR6aEC/oeFr/iBNvUwg+Jd09u3Zr/vQIpgBKmnEyrLOBCfCKvFMuzdZH5lxiaQ
qSrWsUV4953Wsz94qK4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:31 2024 by rpki-client on console-fra.rpki-client.org