Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/T2Vq_I3kLnVgPnkF38VpwCdaueI.roa
File:                     T2Vq_I3kLnVgPnkF38VpwCdaueI.roa (raw, json)
Hash identifier:          o9adAqVdY2c4fOntOHcp9/qv/x3DqfEe6TDyxR+LJ3c=
Subject key identifier:   4F:65:6A:FC:8D:E4:2E:75:60:3E:79:05:DF:C5:69:C0:27:5A:B9:E2
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E78C645E338042DBA4824118DD9B2E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/T2Vq_I3kLnVgPnkF38VpwCdaueI.roa
Signing time:             Mon 02 Jan 2023 05:15:00 +0000
ROA not before:           Mon 02 Jan 2023 05:15:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59936
IP address blocks:        2a0e:97c0:40e::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Jun 2023 20:08:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:8c:64:5e:33:80:42:db:a4:82:41:18:dd:9b:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4f656afc8de42e75603e7905dfc569c0275ab9e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:7f:3a:76:96:07:4a:3d:aa:8a:5e:f7:18:b6:
                    5e:a3:e2:e4:c4:00:34:88:5b:93:ad:1b:1e:77:06:
                    70:c8:96:c9:2d:ab:b8:8d:e4:22:cb:5d:19:c8:bf:
                    10:48:33:43:18:b4:3e:83:81:21:d9:ac:60:11:34:
                    51:9f:1a:2a:a5:ca:93:6a:fb:c3:be:f3:aa:9c:54:
                    bc:f4:05:af:a3:fc:f8:42:ba:99:1f:50:3d:9d:ba:
                    d2:69:50:57:6f:c7:fe:60:1c:5d:fd:52:66:12:2b:
                    54:50:1b:7e:2e:7f:95:74:a6:8d:ad:02:5a:d4:bf:
                    87:3d:8a:a2:1b:8b:78:cc:cb:9a:57:2d:e8:0b:b1:
                    95:4a:49:14:cd:77:03:6d:36:f1:4e:b6:2e:6c:ec:
                    bf:42:41:f9:87:06:db:0b:64:06:df:c6:a3:3f:7e:
                    95:70:07:58:7e:16:35:8b:d8:ef:87:fb:59:74:39:
                    7d:70:bf:6f:1c:72:63:d7:56:7b:57:77:50:e1:cf:
                    85:bb:d4:f3:f2:4e:c0:57:45:9f:0c:4e:61:46:b4:
                    fa:20:c1:cb:a8:02:85:05:53:30:7e:55:85:ab:36:
                    bc:1b:a6:cb:02:01:e9:50:20:39:dd:dc:8a:5b:8e:
                    79:b7:89:55:90:98:df:5d:3a:41:66:96:0a:bf:3f:
                    dc:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:65:6A:FC:8D:E4:2E:75:60:3E:79:05:DF:C5:69:C0:27:5A:B9:E2
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/T2Vq_I3kLnVgPnkF38VpwCdaueI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:40e::/48

    Signature Algorithm: sha256WithRSAEncryption
         70:58:1b:99:d8:90:1a:98:1d:e2:1a:6f:fa:ec:2b:5f:de:03:
         02:66:67:96:c2:b6:5a:fb:dd:97:65:84:82:9f:1e:55:ef:ad:
         30:62:7c:7f:0a:25:8d:5e:55:92:68:e7:fb:6b:fb:6a:7e:4e:
         e4:55:66:82:39:ea:c9:52:3f:4a:26:04:eb:43:e7:68:55:ec:
         85:67:6f:af:97:79:d9:57:fb:47:a7:21:45:70:1d:13:36:a1:
         85:91:7e:f2:1e:26:13:df:4f:67:56:2e:07:43:5f:dd:ad:95:
         2b:b2:74:f1:f6:d6:1a:a4:89:62:f7:0f:6e:b7:09:eb:76:0f:
         d9:86:bf:38:bc:00:f8:d5:d2:40:fc:76:08:3d:66:1f:1c:aa:
         9f:c3:5a:83:04:a1:ba:ca:52:de:27:ac:be:ae:4f:9c:8e:ed:
         e2:d4:0e:ba:dd:96:fb:7d:24:71:1e:08:8d:0b:be:89:cb:aa:
         6c:d8:70:3d:16:59:c9:67:b5:fb:f9:c1:96:14:96:55:ce:41:
         09:91:9c:59:01:d5:4a:f7:99:e9:52:c2:37:c0:a7:36:91:8f:
         34:80:a8:02:21:b8:e1:20:c6:e4:50:b3:a7:37:23:4c:52:7a:
         27:95:87:a5:07:8b:e7:13:43:52:e2:3f:2a:7b:39:ba:1b:e7:
         ca:f8:14:b8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw54xkXjOAQtukgkEY3ZsuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjY1NmFmYzhkZTQyZTc1NjAzZTc5MDVkZmM1NjljMDI3NWFiOWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6X86dpYHSj2qil73GLZeo+LkxAA0
iFuTrRsedwZwyJbJLau4jeQiy10ZyL8QSDNDGLQ+g4Eh2axgETRRnxoqpcqTavvD
vvOqnFS89AWvo/z4QrqZH1A9nbrSaVBXb8f+YBxd/VJmEitUUBt+Ln+VdKaNrQJa
1L+HPYqiG4t4zMuaVy3oC7GVSkkUzXcDbTbxTrYubOy/QkH5hwbbC2QG38ajP36V
cAdYfhY1i9jvh/tZdDl9cL9vHHJj11Z7V3dQ4c+Fu9Tz8k7AV0WfDE5hRrT6IMHL
qAKFBVMwflWFqza8G6bLAgHpUCA53dyKW455t4lVkJjfXTpBZpYKvz/c6QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE9lavyN5C51YD55Bd/FacAnWrniMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVDJWcV9JM2tMblZnUG5rRjM4VnB3Q2RhdWVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6XwAQO
MA0GCSqGSIb3DQEBCwUAA4IBAQBwWBuZ2JAamB3iGm/67Ctf3gMCZmeWwrZa+92X
ZYSCnx5V760wYnx/CiWNXlWSaOf7a/tqfk7kVWaCOerJUj9KJgTrQ+doVeyFZ2+v
l3nZV/tHpyFFcB0TNqGFkX7yHiYT309nVi4HQ1/drZUrsnTx9tYapIli9w9utwnr
dg/Zhr84vAD41dJA/HYIPWYfHKqfw1qDBKG6ylLeJ6y+rk+cju3i1A663Zb7fSRx
HgiNC76Jy6ps2HA9FlnJZ7X7+cGWFJZVzkEJkZxZAdVK95npUsI3wKc2kY80gKgC
IbjhIMbkULOnNyNMUnonlYelB4vnE0NS4j8qezm6G+fK+BS4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:03 2024 by rpki-client on console-ams.rpki-client.org