Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TD-0T9rt8Kqv3Rpy3-Hpmdf88-U.roa
File:                     TD-0T9rt8Kqv3Rpy3-Hpmdf88-U.roa (raw, json)
Hash identifier:          x4jhMzyQWu/hWkCAU3ckuNholtXTK8Sz/nrfuwo1ZwU=
Subject key identifier:   4C:3F:B4:4F:DA:ED:F0:AA:AF:DD:1A:72:DF:E1:E9:99:D7:FC:F3:E5
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018B41D96081C73954EE95C5C6BD20D4BB8F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TD-0T9rt8Kqv3Rpy3-Hpmdf88-U.roa
Signing time:             Wed 18 Oct 2023 08:14:06 +0000
ROA not before:           Wed 18 Oct 2023 08:14:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     138685
IP address blocks:        2a0e:b107:768::/45 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:41:d9:60:81:c7:39:54:ee:95:c5:c6:bd:20:d4:bb:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Oct 18 08:14:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4c3fb44fdaedf0aaafdd1a72dfe1e999d7fcf3e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:d6:1f:26:b3:94:46:3e:4c:06:67:ad:17:53:
                    30:e8:09:5b:7d:ae:0b:a6:bb:f9:60:c7:1d:77:7f:
                    04:04:43:07:73:3a:97:82:69:7e:27:bc:8c:35:12:
                    2b:5b:df:86:fc:df:34:b9:15:14:fb:19:15:4c:41:
                    05:25:6a:da:ef:4c:13:01:bd:b2:12:3e:bf:f5:a6:
                    20:5c:f8:cc:87:8d:29:1e:3d:9b:fd:f4:2b:5b:df:
                    ff:d4:31:82:a6:51:af:77:59:cb:4a:4a:fd:40:99:
                    9f:e7:15:ab:f0:37:b3:46:b7:dc:8a:15:7f:15:80:
                    27:aa:5a:e6:48:d7:21:bd:7f:e8:82:0e:10:2e:30:
                    23:81:37:bc:31:d6:b4:13:15:7b:7c:2d:0d:af:e2:
                    6a:91:86:3a:8e:69:cf:57:37:c0:64:ab:1c:09:a4:
                    03:b9:dd:19:86:2f:a8:de:72:09:f3:d1:2d:8a:f5:
                    34:5f:7f:23:f0:70:6d:72:6c:f2:7a:54:01:b6:c4:
                    82:4c:26:8c:15:b0:82:c5:02:a1:dc:21:78:8d:04:
                    af:4d:2e:ba:b2:b7:b0:c4:63:3e:af:ca:6a:8a:f7:
                    80:f3:2c:1a:62:6f:17:56:46:af:88:42:58:5d:79:
                    62:07:71:62:9d:16:48:07:04:da:e5:47:20:5e:a3:
                    27:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:3F:B4:4F:DA:ED:F0:AA:AF:DD:1A:72:DF:E1:E9:99:D7:FC:F3:E5
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TD-0T9rt8Kqv3Rpy3-Hpmdf88-U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:768::/45

    Signature Algorithm: sha256WithRSAEncryption
         07:0d:11:d5:67:f4:bb:41:1c:29:72:7a:60:57:e8:77:fa:95:
         da:d0:94:3a:4c:d1:2d:68:c8:30:eb:7a:20:ef:8a:a9:d0:3a:
         24:31:3d:8c:19:6a:f3:e4:4f:68:38:68:02:1e:db:45:08:6d:
         c8:c4:c6:39:91:2c:7d:71:4d:a9:45:5b:2d:bb:59:78:c0:09:
         e3:eb:18:7a:de:a2:1c:a8:e9:22:4f:36:3e:fa:57:2b:c6:21:
         f0:eb:ad:1c:f7:fa:38:e5:7b:7a:c6:dc:83:24:42:b9:61:0d:
         b6:cf:f7:09:2e:a5:29:54:c6:00:03:76:f4:5d:5b:4c:94:05:
         b5:d6:82:3c:63:05:ef:db:16:dc:b7:23:37:60:62:7f:75:66:
         49:0c:ce:e7:3d:2a:c4:48:48:5b:e5:fd:11:0a:c1:46:a4:ec:
         d0:df:41:7b:32:89:af:67:99:a6:1f:58:e6:c3:6d:71:5d:1e:
         e0:07:9b:3c:88:c8:ae:c3:b0:ef:62:59:76:b0:18:6c:e1:cd:
         e9:6c:e9:21:54:66:1b:c2:03:72:c6:c2:39:ba:04:c3:6e:7e:
         9c:9f:8b:69:64:2a:02:c3:cb:a8:4b:a7:01:57:58:ab:ff:8e:
         3f:e9:8a:d5:00:cd:4f:5e:4e:3b:54:0c:66:ac:6b:fb:c1:be:
         b6:da:7d:d8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYtB2WCBxzlU7pXFxr0g1LuPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMDE4MDgxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzNmYjQ0ZmRhZWRmMGFhYWZkZDFhNzJkZmUxZTk5OWQ3ZmNmM2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtYfJrOURj5MBmetF1Mw6Albfa4L
prv5YMcdd38EBEMHczqXgml+J7yMNRIrW9+G/N80uRUU+xkVTEEFJWra70wTAb2y
Ej6/9aYgXPjMh40pHj2b/fQrW9//1DGCplGvd1nLSkr9QJmf5xWr8DezRrfcihV/
FYAnqlrmSNchvX/ogg4QLjAjgTe8Mda0ExV7fC0Nr+JqkYY6jmnPVzfAZKscCaQD
ud0Zhi+o3nIJ89EtivU0X38j8HBtcmzyelQBtsSCTCaMFbCCxQKh3CF4jQSvTS66
srewxGM+r8pqiveA8ywaYm8XVkaviEJYXXliB3FinRZIBwTa5UcgXqMn5QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEw/tE/a7fCqr90act/h6ZnX/PPlMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVEQtMFQ5cnQ4S3F2M1JweTMtSHBtZGY4OC1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcDKg6xBwdo
MA0GCSqGSIb3DQEBCwUAA4IBAQAHDRHVZ/S7QRwpcnpgV+h3+pXa0JQ6TNEtaMgw
63og74qp0DokMT2MGWrz5E9oOGgCHttFCG3IxMY5kSx9cU2pRVstu1l4wAnj6xh6
3qIcqOkiTzY++lcrxiHw660c9/o45Xt6xtyDJEK5YQ22z/cJLqUpVMYAA3b0XVtM
lAW11oI8YwXv2xbctyM3YGJ/dWZJDM7nPSrESEhb5f0RCsFGpOzQ30F7MomvZ5mm
H1jmw21xXR7gB5s8iMiuw7DvYll2sBhs4c3pbOkhVGYbwgNyxsI5ugTDbn6cn4tp
ZCoCw8uoS6cBV1ir/44/6YrVAM1PXk47VAxmrGv7wb622n3Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:32 2024 by rpki-client on console-fra.rpki-client.org