Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/T5IqcokucUHnkU1xT93YhC-xI1A.roa
File:                     T5IqcokucUHnkU1xT93YhC-xI1A.roa (raw, json)
Hash identifier:          lD1Oth3C1zd1mhkkRZFJm8edPUDHqLM4PkEv9t85+S0=
Subject key identifier:   4F:92:2A:72:89:2E:71:41:E7:91:4D:71:4F:DD:D8:84:2F:B1:23:50
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0187FA255DA8FC94751C78193D7AC049A41F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/T5IqcokucUHnkU1xT93YhC-xI1A.roa
Signing time:             Mon 08 May 2023 06:56:05 +0000
ROA not before:           Mon 08 May 2023 06:56:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207466
IP address blocks:        2a0e:b107:770::/44 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:fa:25:5d:a8:fc:94:75:1c:78:19:3d:7a:c0:49:a4:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: May  8 06:56:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4f922a72892e7141e7914d714fddd8842fb12350
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:c2:c7:c9:77:cc:93:ca:fe:7a:92:a1:33:fc:
                    e6:51:f7:1b:2a:87:e5:d3:ce:00:26:21:0e:ff:0c:
                    b1:98:88:32:3c:f4:53:aa:22:b5:6c:c3:30:1b:4a:
                    56:48:ab:0d:2c:62:97:0b:f1:bf:5f:ae:13:1a:18:
                    59:fc:5d:25:e4:9d:d3:cf:57:86:80:b9:1c:fd:bf:
                    36:38:7f:e0:b3:60:17:4e:5d:e1:94:9b:ae:18:6e:
                    dd:17:cc:fe:66:80:00:24:b3:01:5a:64:99:2d:ce:
                    20:94:5e:d0:1e:09:2a:fa:aa:89:30:4b:0e:18:3f:
                    30:a7:f0:0e:88:7a:d6:65:1e:eb:e7:a6:49:b1:04:
                    48:1c:03:6d:5a:88:57:ff:08:54:34:53:a1:4b:fe:
                    2f:1c:e8:03:ba:52:c2:6f:88:13:ea:31:7b:ab:7f:
                    00:29:a5:36:64:23:63:45:1b:16:02:d9:51:c5:70:
                    08:ab:18:e3:15:18:1a:8b:a8:df:90:ed:e5:46:1b:
                    e0:f2:d5:a2:f3:05:8d:3a:ec:4a:6b:dc:9b:1e:53:
                    ea:6e:39:41:4f:c0:f4:c6:2f:b3:12:aa:07:85:6c:
                    c9:5c:e6:9b:1d:48:eb:d8:ee:4b:45:c5:9d:13:03:
                    92:cd:80:bc:61:93:20:3d:18:28:a9:36:2a:be:71:
                    c7:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:92:2A:72:89:2E:71:41:E7:91:4D:71:4F:DD:D8:84:2F:B1:23:50
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/T5IqcokucUHnkU1xT93YhC-xI1A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:770::/44

    Signature Algorithm: sha256WithRSAEncryption
         19:a8:f2:91:68:af:3b:eb:42:6c:39:e0:73:40:1c:69:ae:d6:
         41:db:00:4d:d9:a1:03:a7:32:ea:87:21:82:86:d6:b9:20:47:
         44:a7:bc:39:5a:e5:46:84:7b:26:6c:b0:80:20:1d:9d:35:4e:
         ea:43:90:e1:15:9f:d5:73:91:d4:8d:9b:e4:93:b9:7d:2a:d1:
         88:d9:92:41:af:c5:e2:db:a7:85:39:a7:27:ad:7c:ef:78:5a:
         9c:48:67:d6:f5:77:c4:97:22:46:c9:2e:8a:70:f2:3a:d9:30:
         09:e8:b8:16:d1:78:20:fa:57:66:de:a0:dd:12:43:bd:47:c4:
         bf:c2:fa:3a:9d:21:38:be:31:84:15:29:dd:7c:75:c1:29:43:
         86:e1:1d:3d:73:52:bc:41:26:76:0d:06:c3:65:8b:a9:22:b0:
         07:c3:7a:47:f2:b0:e8:7c:3e:ee:c1:a8:2b:2b:ef:94:85:63:
         fb:eb:b1:05:6b:24:48:3e:25:a4:76:dd:00:66:f1:07:7c:3a:
         11:5a:1b:e3:bf:67:aa:cf:76:53:fb:87:99:82:6d:3e:80:97:
         5d:b3:9a:a0:07:a3:fb:ea:53:cc:57:6d:41:9d:34:51:87:d7:
         f4:ea:b9:33:98:4f:3a:f2:57:7b:fc:ea:39:40:65:dd:a1:1f:
         b6:3a:ce:f5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYf6JV2o/JR1HHgZPXrASaQfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNTA4MDY1NjA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjkyMmE3Mjg5MmU3MTQxZTc5MTRkNzE0ZmRkZDg4NDJmYjEyMzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisLHyXfMk8r+epKhM/zmUfcbKofl
084AJiEO/wyxmIgyPPRTqiK1bMMwG0pWSKsNLGKXC/G/X64TGhhZ/F0l5J3Tz1eG
gLkc/b82OH/gs2AXTl3hlJuuGG7dF8z+ZoAAJLMBWmSZLc4glF7QHgkq+qqJMEsO
GD8wp/AOiHrWZR7r56ZJsQRIHANtWohX/whUNFOhS/4vHOgDulLCb4gT6jF7q38A
KaU2ZCNjRRsWAtlRxXAIqxjjFRgai6jfkO3lRhvg8tWi8wWNOuxKa9ybHlPqbjlB
T8D0xi+zEqoHhWzJXOabHUjr2O5LRcWdEwOSzYC8YZMgPRgoqTYqvnHH4wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE+SKnKJLnFB55FNcU/d2IQvsSNQMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVDVJcWNva3VjVUhua1UxeFQ5M1loQy14STFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBwdw
MA0GCSqGSIb3DQEBCwUAA4IBAQAZqPKRaK8760JsOeBzQBxprtZB2wBN2aEDpzLq
hyGChta5IEdEp7w5WuVGhHsmbLCAIB2dNU7qQ5DhFZ/Vc5HUjZvkk7l9KtGI2ZJB
r8Xi26eFOacnrXzveFqcSGfW9XfElyJGyS6KcPI62TAJ6LgW0Xgg+ldm3qDdEkO9
R8S/wvo6nSE4vjGEFSndfHXBKUOG4R09c1K8QSZ2DQbDZYupIrAHw3pH8rDofD7u
wagrK++UhWP767EFayRIPiWkdt0AZvEHfDoRWhvjv2eqz3ZT+4eZgm0+gJdds5qg
B6P76lPMV21BnTRRh9f06rkzmE868ld7/Oo5QGXdoR+2Os71
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:31 2024 by rpki-client on console-fra.rpki-client.org