Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XY45EFGjbmVN6P-p08l2NIObyAw.roa
File:                     XY45EFGjbmVN6P-p08l2NIObyAw.roa (raw, json)
Hash identifier:          ihyZyO95nR7Ag4gNKZEWme8LtUmCdJw9Hq/u8NKVUIw=
Subject key identifier:   5D:8E:39:10:51:A3:6E:65:4D:E8:FF:A9:D3:C9:76:34:83:9B:C8:0C
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018725E722282E2A72D6B0D80AC48EF7BD0F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XY45EFGjbmVN6P-p08l2NIObyAw.roa
Signing time:             Tue 28 Mar 2023 01:48:37 +0000
ROA not before:           Tue 28 Mar 2023 01:48:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200950
IP address blocks:        2a10:cc45:121::/48 maxlen: 48
                          2a10:cc45:126::/48 maxlen: 48
                          2a10:cc45:12f::/48 maxlen: 48
                          2a10:cc45:124::/48 maxlen: 48
                          2a0e:97c0:c9e::/48 maxlen: 48
                          2a10:cc45:125::/48 maxlen: 48
                          2a10:cc45:122::/48 maxlen: 48
                          2a10:cc45:123::/48 maxlen: 48
                          2a10:cc45:120::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 28 Dec 2023 15:14:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:25:e7:22:28:2e:2a:72:d6:b0:d8:0a:c4:8e:f7:bd:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Mar 28 01:48:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5d8e391051a36e654de8ffa9d3c97634839bc80c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:c1:0a:77:2e:be:ed:f4:4e:10:f9:b5:8d:c1:
                    a1:79:25:c3:a9:19:3a:b9:fa:ec:80:a4:31:e5:26:
                    c5:1e:7d:70:e2:ac:b5:9d:5b:e4:89:f6:3b:d2:77:
                    2f:89:eb:58:5a:e5:98:97:0f:56:94:91:a7:17:e0:
                    38:43:47:97:e9:43:7e:d4:41:0d:51:62:2a:12:1c:
                    1c:cc:94:ef:c9:ae:8b:af:05:63:ec:50:96:22:b6:
                    50:22:22:82:40:78:15:92:b0:3d:2a:ce:2b:60:b0:
                    9e:06:25:25:32:42:95:b3:bb:de:5e:a9:c4:19:97:
                    3b:4e:8f:c4:e0:eb:e2:ab:61:34:7b:73:ed:66:66:
                    9b:f8:8d:c1:32:47:77:85:a2:c4:e3:3a:07:78:a8:
                    c6:1b:a7:60:b9:aa:3b:95:7b:99:6b:80:be:8b:13:
                    c5:1c:6f:bb:fb:cc:1c:2f:ce:bc:28:75:77:15:00:
                    43:7a:65:22:04:51:42:bd:33:71:89:92:37:92:ca:
                    4c:47:26:27:a8:88:36:b4:a8:da:44:5d:bb:1b:f5:
                    a3:cd:22:aa:73:8c:80:37:ed:7f:98:d8:c8:02:b7:
                    b5:fc:4d:45:79:64:ca:d8:d7:2e:5c:82:ac:2e:5c:
                    21:f1:43:75:5c:65:e8:62:e6:f5:b3:52:59:c8:6f:
                    c0:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:8E:39:10:51:A3:6E:65:4D:E8:FF:A9:D3:C9:76:34:83:9B:C8:0C
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XY45EFGjbmVN6P-p08l2NIObyAw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:c9e::/48
                  2a10:cc45:120::-2a10:cc45:126:ffff:ffff:ffff:ffff:ffff
                  2a10:cc45:12f::/48

    Signature Algorithm: sha256WithRSAEncryption
         af:f7:45:56:26:f9:4a:33:dc:6e:42:05:44:03:7d:5b:b4:8b:
         f3:f7:80:fe:35:a8:2f:30:a1:a4:98:36:33:8d:cf:c8:fa:4e:
         fe:38:41:8b:cd:4e:93:3a:2f:c0:7a:c9:8e:8c:cc:01:04:43:
         01:fe:f7:75:cb:a7:06:60:33:0e:f0:8f:c0:3b:a1:56:70:d3:
         42:f8:63:aa:12:38:c8:5a:50:74:73:88:9c:aa:a3:e1:a9:b0:
         00:b4:18:98:ba:2b:00:af:57:f3:6a:36:20:00:5e:ac:35:d7:
         32:f0:eb:57:a1:c5:a4:cf:2a:eb:d9:90:9b:f4:24:4d:f7:74:
         39:62:2e:9d:f5:97:a2:10:93:4e:55:f6:9c:f9:34:31:7a:c5:
         b4:21:51:92:62:11:5e:c9:87:40:93:f3:f0:5b:bc:30:4c:59:
         8d:b9:12:73:bb:80:b0:e9:3d:ff:38:54:b9:c6:24:e1:7f:67:
         49:bb:1b:e8:87:e4:89:44:a3:e0:9b:a5:80:87:06:d9:2b:e2:
         43:ee:bd:c6:fc:b3:fb:5f:92:4c:78:c9:58:81:2e:89:24:06:
         77:0a:f3:39:02:1b:42:f0:33:69:cb:dc:0e:1e:36:13:36:e5:
         29:34:50:b6:1c:ee:e9:2a:34:5a:86:1f:41:91:d1:93:3a:03:
         60:db:cb:87
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYcl5yIoLipy1rDYCsSO970PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMzI4MDE0ODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDhlMzkxMDUxYTM2ZTY1NGRlOGZmYTlkM2M5NzYzNDgzOWJjODBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8EKdy6+7fROEPm1jcGheSXDqRk6
ufrsgKQx5SbFHn1w4qy1nVvkifY70ncvietYWuWYlw9WlJGnF+A4Q0eX6UN+1EEN
UWIqEhwczJTvya6LrwVj7FCWIrZQIiKCQHgVkrA9Ks4rYLCeBiUlMkKVs7veXqnE
GZc7To/E4Oviq2E0e3PtZmab+I3BMkd3haLE4zoHeKjGG6dguao7lXuZa4C+ixPF
HG+7+8wcL868KHV3FQBDemUiBFFCvTNxiZI3kspMRyYnqIg2tKjaRF27G/WjzSKq
c4yAN+1/mNjIAre1/E1FeWTK2NcuXIKsLlwh8UN1XGXoYub1s1JZyG/ALQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFF2OORBRo25lTej/qdPJdjSDm8gMMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWFk0NUVGR2pibVZONlAtcDA4bDJOSU9ieUF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAwcAKg6XwAye
MBIDBwUqEMxFASADBwAqEMxFASYDBwAqEMxFAS8wDQYJKoZIhvcNAQELBQADggEB
AK/3RVYm+Uoz3G5CBUQDfVu0i/P3gP41qC8woaSYNjONz8j6Tv44QYvNTpM6L8B6
yY6MzAEEQwH+93XLpwZgMw7wj8A7oVZw00L4Y6oSOMhaUHRziJyqo+GpsAC0GJi6
KwCvV/NqNiAAXqw11zLw61ehxaTPKuvZkJv0JE33dDliLp31l6IQk05V9pz5NDF6
xbQhUZJiEV7Jh0CT8/BbvDBMWY25EnO7gLDpPf84VLnGJOF/Z0m7G+iH5IlEo+Cb
pYCHBtkr4kPuvcb8s/tfkkx4yViBLokkBncK8zkCG0LwM2nL3A4eNhM25Sk0ULYc
7ukqNFqGH0GR0ZM6A2Dby4c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:05 2024 by rpki-client on console-ams.rpki-client.org