Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TABJOv4aPPNz1Ljx4HcmDoVS-9E.roa
File:                     TABJOv4aPPNz1Ljx4HcmDoVS-9E.roa (raw, json)
Hash identifier:          okAejK210ktQnsJC9QFBbHGO1uFan4oMaFLqcnVJr6g=
Subject key identifier:   4C:00:49:3A:FE:1A:3C:F3:73:D4:B8:F1:E0:77:26:0E:85:52:FB:D1
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E78A701C1E3084D41B29C3B1254301
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TABJOv4aPPNz1Ljx4HcmDoVS-9E.roa
Signing time:             Mon 02 Jan 2023 05:15:00 +0000
ROA not before:           Mon 02 Jan 2023 05:15:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58133
IP address blocks:        2a09:4c2:2f::/48 maxlen: 48
                          2a10:2f00:123::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 09 Mar 2023 06:20:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:8a:70:1c:1e:30:84:d4:1b:29:c3:b1:25:43:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4c00493afe1a3cf373d4b8f1e077260e8552fbd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:c9:cb:94:ce:fd:ad:b7:46:96:ee:92:b4:06:
                    09:10:35:8c:8a:46:b3:b8:1d:04:93:ec:27:3c:1b:
                    7f:19:8e:f4:c0:cd:19:90:f9:57:1a:aa:08:e6:cd:
                    e1:a9:b6:3a:dd:ba:90:0b:57:74:e1:22:48:f6:b6:
                    3a:0b:f3:67:b7:84:31:65:1d:09:4e:9f:42:c9:e6:
                    23:75:cb:a8:8d:12:6b:13:e6:a3:ac:d8:d9:44:11:
                    a3:76:83:8b:f5:11:9d:9b:65:36:e4:02:01:04:8d:
                    ab:9e:85:4c:1b:b3:ed:89:75:cf:11:a0:9c:d3:29:
                    7e:07:73:0a:3d:9b:b1:ca:b5:c6:0a:69:94:f0:68:
                    fd:a7:21:0c:cb:a5:8b:1c:9b:8f:5c:64:78:e0:bb:
                    84:ff:c7:da:04:05:63:be:3d:1d:5d:d8:82:06:d1:
                    1e:1c:ab:0a:be:fc:84:4e:17:90:06:08:da:67:f4:
                    60:89:ee:36:09:53:75:5a:6c:d8:4f:cd:6c:f0:49:
                    49:83:dc:1e:d6:1b:3b:15:95:a3:cf:3a:f4:99:cd:
                    28:7d:16:5e:c6:45:1e:1c:e2:09:2b:68:af:d5:c6:
                    9f:b5:1e:f6:d6:6a:21:1b:50:33:44:73:d9:89:00:
                    0e:22:6d:fc:72:95:8b:3f:bc:7f:dd:1b:85:23:36:
                    2d:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:00:49:3A:FE:1A:3C:F3:73:D4:B8:F1:E0:77:26:0E:85:52:FB:D1
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TABJOv4aPPNz1Ljx4HcmDoVS-9E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:4c2:2f::/48
                  2a10:2f00:123::/48

    Signature Algorithm: sha256WithRSAEncryption
         b4:8b:1a:2c:ae:8e:d3:25:3b:51:59:a9:67:d5:7e:8c:87:87:
         35:ec:a8:79:3e:f9:43:83:61:56:10:b0:a3:ca:7e:67:cc:33:
         48:fe:a0:66:ba:fd:ef:6c:6e:43:4b:5f:44:6b:f1:29:29:01:
         7b:b2:ce:56:88:98:ea:59:30:af:c1:77:03:bd:67:e7:1f:57:
         10:66:8e:5e:97:9c:45:d4:d9:11:bc:68:e7:2c:26:0a:f0:64:
         27:f6:53:e5:e0:18:5c:75:2e:21:b9:fb:e3:23:5f:2d:78:fe:
         99:d5:b2:51:c9:11:35:78:39:36:a0:6f:5d:85:ac:75:fc:a6:
         da:20:51:5a:d2:82:a5:0d:01:8c:01:cc:ee:66:ce:4a:ce:e2:
         26:54:88:c6:2c:16:59:58:d9:97:13:8a:47:2e:44:26:2f:bc:
         68:e9:4d:39:ed:2e:8e:f6:04:a7:ea:d4:44:b3:16:eb:40:61:
         ba:cf:65:8e:42:f7:87:27:8a:14:46:e1:55:cb:dd:67:38:fb:
         9e:f6:59:eb:25:34:6d:34:56:06:f1:88:03:92:26:41:b4:a7:
         d8:03:70:d4:55:00:c0:b3:6f:72:48:09:04:9c:34:c7:c4:8d:
         be:f7:1c:12:cb:a1:e4:71:82:40:2a:17:98:e7:08:7c:cd:07:
         40:47:b2:79
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw54pwHB4whNQbKcOxJUMBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzAwNDkzYWZlMWEzY2YzNzNkNGI4ZjFlMDc3MjYwZTg1NTJmYmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8nLlM79rbdGlu6StAYJEDWMikaz
uB0Ek+wnPBt/GY70wM0ZkPlXGqoI5s3hqbY63bqQC1d04SJI9rY6C/Nnt4QxZR0J
Tp9CyeYjdcuojRJrE+ajrNjZRBGjdoOL9RGdm2U25AIBBI2rnoVMG7PtiXXPEaCc
0yl+B3MKPZuxyrXGCmmU8Gj9pyEMy6WLHJuPXGR44LuE/8faBAVjvj0dXdiCBtEe
HKsKvvyETheQBgjaZ/Rgie42CVN1WmzYT81s8ElJg9we1hs7FZWjzzr0mc0ofRZe
xkUeHOIJK2iv1caftR721mohG1AzRHPZiQAOIm38cpWLP7x/3RuFIzYt8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEwASTr+Gjzzc9S48eB3Jg6FUvvRMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVEFCSk92NGFQUE56MUxqeDRIY21Eb1ZTLTlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgkEwgAv
AwcAKhAvAAEjMA0GCSqGSIb3DQEBCwUAA4IBAQC0ixosro7TJTtRWaln1X6Mh4c1
7Kh5PvlDg2FWELCjyn5nzDNI/qBmuv3vbG5DS19Ea/EpKQF7ss5WiJjqWTCvwXcD
vWfnH1cQZo5el5xF1NkRvGjnLCYK8GQn9lPl4BhcdS4hufvjI18teP6Z1bJRyRE1
eDk2oG9dhax1/KbaIFFa0oKlDQGMAczuZs5KzuImVIjGLBZZWNmXE4pHLkQmL7xo
6U057S6O9gSn6tREsxbrQGG6z2WOQveHJ4oURuFVy91nOPue9lnrJTRtNFYG8YgD
kiZBtKfYA3DUVQDAs29ySAkEnDTHxI2+9xwSy6HkcYJAKheY5wh8zQdAR7J5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:32 2024 by rpki-client on console-fra.rpki-client.org