Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/UhftvfemxJTUto9f83S3Hvj_W64.roa
File:                     UhftvfemxJTUto9f83S3Hvj_W64.roa (raw, json)
Hash identifier:          cLTRdDCemzfhNZC/jcASXsnQia6oLm5srgnfe968W30=
Subject key identifier:   52:17:ED:BD:F7:A6:C4:94:D4:B6:8F:5F:F3:74:B7:1E:F8:FF:5B:AE
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018DAE408D6C0640DB2B0D9E543F283888D0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/UhftvfemxJTUto9f83S3Hvj_W64.roa
Signing time:             Thu 15 Feb 2024 19:31:22 +0000
ROA not before:           Thu 15 Feb 2024 19:31:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     14618
IP address blocks:        2a06:de00:10::/48 maxlen: 48
                          2a0e:97c0:411::/48 maxlen: 48
                          2a0e:97c0:8e0::/48 maxlen: 48
                          2a0e:b107:19a0::/48 maxlen: 48
                          2a0e:b107:1a63::/48 maxlen: 48
                          2a0e:b107:1a64::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sun 19 May 2024 10:21:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:ae:40:8d:6c:06:40:db:2b:0d:9e:54:3f:28:38:88:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Feb 15 19:31:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5217edbdf7a6c494d4b68f5ff374b71ef8ff5bae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:5a:a0:92:b0:5b:5c:2b:da:fc:16:8e:d9:f1:
                    4c:2e:0f:cc:2e:fb:18:ee:56:a2:60:f6:a5:61:a1:
                    a3:a6:57:f1:96:a3:0a:25:a1:c3:47:ab:f3:3f:9e:
                    c2:4c:0d:b9:fc:7b:f6:30:92:25:95:ac:35:a3:ab:
                    e7:28:02:e7:35:a4:76:b0:48:f2:7e:9e:f0:fd:4c:
                    09:d3:e9:ca:e5:0b:4c:91:a8:31:5d:11:37:f8:c5:
                    5e:52:2e:bf:37:f2:59:d8:1b:80:79:4e:ae:0b:4b:
                    43:4a:a5:53:d9:b2:17:87:01:d3:e7:44:d5:d6:e2:
                    25:f8:18:a3:c7:e5:41:f3:b6:8d:7b:90:da:d9:7b:
                    2e:7e:fd:5a:f2:8f:76:be:7c:f3:62:8c:cf:4b:d2:
                    0e:71:f0:3c:aa:73:59:5e:ab:24:a8:f4:c9:ed:b8:
                    bb:7f:73:cd:5a:00:00:44:85:d2:2b:3a:43:2c:ca:
                    df:be:50:a2:1a:be:48:37:ea:c9:07:93:8a:eb:e4:
                    d5:9f:89:85:28:3a:2b:fc:99:d5:6c:1c:2e:84:8e:
                    a8:72:8d:68:21:3a:bb:5a:21:22:1d:5a:3e:16:78:
                    3e:3b:10:bf:05:b9:e5:6a:24:7f:6f:54:e5:66:d4:
                    cd:f7:7a:8e:8f:6a:59:60:b2:b3:6d:40:9e:eb:85:
                    96:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:17:ED:BD:F7:A6:C4:94:D4:B6:8F:5F:F3:74:B7:1E:F8:FF:5B:AE
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/UhftvfemxJTUto9f83S3Hvj_W64.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:de00:10::/48
                  2a0e:97c0:411::/48
                  2a0e:97c0:8e0::/48
                  2a0e:b107:19a0::/48
                  2a0e:b107:1a63::-2a0e:b107:1a64:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         82:db:aa:eb:a8:6f:42:4b:05:e4:1d:94:2e:e4:c0:bb:d6:fe:
         cb:42:5d:6d:3c:54:47:f5:21:a8:1a:1d:0f:f3:84:70:81:08:
         a3:79:96:7b:b1:a0:55:42:36:1b:43:2a:17:43:55:d8:92:e2:
         01:37:f0:0c:c1:35:c9:a4:70:80:9b:eb:70:54:97:10:02:a0:
         88:38:78:87:fc:73:fb:c0:11:c4:0b:78:54:a1:f1:83:00:84:
         d5:d0:f1:02:74:e1:c0:db:8a:15:5c:8c:92:b7:80:d9:a5:de:
         4e:f8:8a:48:4b:15:4f:53:bc:04:10:bb:38:2d:b7:7b:51:57:
         c0:78:d2:34:5d:39:0f:d6:9d:18:0e:d3:88:35:ed:ca:e7:35:
         fb:09:52:cc:85:b3:ac:47:6a:75:00:a1:77:f7:03:76:25:74:
         48:53:6b:bd:8e:50:6e:d9:96:0f:64:74:09:5e:81:7f:0a:b8:
         9a:29:04:ad:b5:d7:9c:e9:09:f1:ca:79:38:d1:f5:3f:99:22:
         cd:0a:41:a7:8a:a3:a0:34:c8:28:25:90:06:d3:57:5d:74:c7:
         ab:51:a5:68:ef:08:6f:5f:9d:56:93:72:9f:ac:3f:b9:75:9f:
         a1:0c:d3:8f:1e:0c:69:8c:43:0b:ad:50:3c:d7:95:fa:51:31:
         9f:a1:34:8f
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY2uQI1sBkDbKw2eVD8oOIjQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjE1MTkzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjE3ZWRiZGY3YTZjNDk0ZDRiNjhmNWZmMzc0YjcxZWY4ZmY1YmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVqgkrBbXCva/BaO2fFMLg/MLvsY
7laiYPalYaGjplfxlqMKJaHDR6vzP57CTA25/Hv2MJIllaw1o6vnKALnNaR2sEjy
fp7w/UwJ0+nK5QtMkagxXRE3+MVeUi6/N/JZ2BuAeU6uC0tDSqVT2bIXhwHT50TV
1uIl+Bijx+VB87aNe5Da2Xsufv1a8o92vnzzYozPS9IOcfA8qnNZXqskqPTJ7bi7
f3PNWgAARIXSKzpDLMrfvlCiGr5IN+rJB5OK6+TVn4mFKDor/JnVbBwuhI6oco1o
ITq7WiEiHVo+Fng+OxC/BbnlaiR/b1TlZtTN93qOj2pZYLKzbUCe64WW6QIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFFIX7b33psSU1LaPX/N0tx74/1uuMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVWhmdHZmZW14SlRVdG85ZjgzUzNIdmpfVzY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwcAKgbeAAAQ
AwcAKg6XwAQRAwcAKg6XwAjgAwcAKg6xBxmgMBIDBwAqDrEHGmMDBwAqDrEHGmQw
DQYJKoZIhvcNAQELBQADggEBAILbquuob0JLBeQdlC7kwLvW/stCXW08VEf1Iaga
HQ/zhHCBCKN5lnuxoFVCNhtDKhdDVdiS4gE38AzBNcmkcICb63BUlxACoIg4eIf8
c/vAEcQLeFSh8YMAhNXQ8QJ04cDbihVcjJK3gNml3k74ikhLFU9TvAQQuzgtt3tR
V8B40jRdOQ/WnRgO04g17crnNfsJUsyFs6xHanUAoXf3A3YldEhTa72OUG7Zlg9k
dAlegX8KuJopBK2115zpCfHKeTjR9T+ZIs0KQaeKo6A0yCglkAbTV110x6tRpWjv
CG9fnVaTcp+sP7l1n6EM048eDGmMQwutUDzXlfpRMZ+hNI8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:32 2024 by rpki-client on console-fra.rpki-client.org