Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XfL0oBgXx-08wjiI6TX9teLMajE.roa
File:                     XfL0oBgXx-08wjiI6TX9teLMajE.roa (raw, json)
Hash identifier:          SQjK4+eFgzUkWQoP91QbnScxaCDclwfd2Wrr1JTiKr4=
Subject key identifier:   5D:F2:F4:A0:18:17:C7:ED:3C:C2:38:88:E9:35:FD:B5:E2:CC:6A:31
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018BE5551BB2FE1B1BF689E0B01CD616226A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XfL0oBgXx-08wjiI6TX9teLMajE.roa
Signing time:             Sun 19 Nov 2023 02:07:21 +0000
ROA not before:           Sun 19 Nov 2023 02:07:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     215980
IP address blocks:        2a10:ccc0:3001::/48 maxlen: 48
                          2a0e:97c0:e30::/48 maxlen: 48
                          2a10:ccc0:3000::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sun 24 Dec 2023 14:16:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:e5:55:1b:b2:fe:1b:1b:f6:89:e0:b0:1c:d6:16:22:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Nov 19 02:07:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5df2f4a01817c7ed3cc23888e935fdb5e2cc6a31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:f2:ff:47:0e:dd:76:5a:37:ec:88:af:b6:0b:
                    90:65:ed:d7:bf:57:03:d5:b8:b2:15:80:a9:72:9f:
                    4b:56:88:75:64:d6:d4:28:be:3e:d0:00:a3:2e:88:
                    e1:cc:62:48:60:6c:41:16:71:7e:59:05:35:23:d4:
                    6f:3f:48:bd:dd:44:6d:95:f9:34:80:6e:ad:a6:e1:
                    07:75:c6:f5:f4:29:33:e1:05:d4:66:1e:49:01:66:
                    f4:03:68:3d:21:d7:1b:84:bf:5a:f8:d4:53:e2:e0:
                    fb:39:b2:73:8f:56:52:f7:a7:6c:20:18:2c:fc:e4:
                    bc:4c:ff:5b:9c:fb:01:7d:ee:90:7f:3f:21:92:34:
                    25:0a:aa:a7:e9:47:e1:f3:54:ff:33:53:1a:da:8b:
                    e9:9e:3d:df:75:ea:e8:c5:6b:d2:b0:74:c9:d8:7e:
                    66:17:d4:61:a9:79:94:79:5d:22:fb:14:47:63:14:
                    45:76:03:79:cb:13:49:db:83:02:b1:99:68:98:b0:
                    2b:1a:b1:00:69:0e:aa:05:77:d2:4e:39:e9:c6:0b:
                    a5:da:30:31:f3:b4:1e:f7:d9:7c:69:b8:72:65:6d:
                    6c:88:34:9d:bf:62:4d:54:35:a3:8e:89:9f:d7:35:
                    ed:57:da:70:f9:5e:48:a4:c0:f1:9c:dc:d8:f0:97:
                    33:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:F2:F4:A0:18:17:C7:ED:3C:C2:38:88:E9:35:FD:B5:E2:CC:6A:31
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XfL0oBgXx-08wjiI6TX9teLMajE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:e30::/48
                  2a10:ccc0:3000::/47

    Signature Algorithm: sha256WithRSAEncryption
         4b:27:02:8e:5d:f7:74:3e:fe:85:4a:80:21:66:83:f5:83:53:
         7a:ed:b3:f8:4e:4f:7a:bc:80:8f:9f:8e:c7:7b:98:2a:77:24:
         d4:89:a1:6e:a1:2e:03:8f:33:1d:36:c9:90:ff:71:7d:26:74:
         88:fb:f5:ed:03:99:f3:0e:ae:ac:46:98:13:28:0e:0c:c2:06:
         e0:28:9b:52:a9:e6:b5:de:f3:64:3c:25:1f:83:9c:9f:ab:33:
         76:52:17:2a:41:e2:c0:7e:db:c5:30:e6:da:c8:74:0a:f5:26:
         79:84:bf:26:39:bb:e2:7a:01:46:d3:d5:7b:be:3b:db:52:08:
         d6:00:b2:15:bb:f2:74:51:fe:a7:fd:00:0e:b5:5e:35:c8:c6:
         60:10:e7:8a:14:d6:b3:45:32:0a:c4:d3:38:ea:ce:b6:db:27:
         60:27:12:53:dc:4d:e5:4b:0b:22:22:bc:61:6e:ed:2f:58:d4:
         2b:c2:91:65:1a:d4:06:5d:4d:85:51:a1:12:73:38:33:52:69:
         a3:98:cf:a9:82:55:77:27:34:b3:64:44:18:a6:e8:0d:cd:02:
         59:6d:c9:10:08:97:53:c8:ea:09:b7:b5:be:f8:37:41:cd:5a:
         e0:47:1c:69:87:83:27:1b:fa:f2:54:eb:88:10:63:e8:a6:3b:
         90:95:54:5c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvlVRuy/hsb9ongsBzWFiJqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMTE5MDIwNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGYyZjRhMDE4MTdjN2VkM2NjMjM4ODhlOTM1ZmRiNWUyY2M2YTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/L/Rw7ddlo37IivtguQZe3Xv1cD
1biyFYCpcp9LVoh1ZNbUKL4+0ACjLojhzGJIYGxBFnF+WQU1I9RvP0i93URtlfk0
gG6tpuEHdcb19Ckz4QXUZh5JAWb0A2g9IdcbhL9a+NRT4uD7ObJzj1ZS96dsIBgs
/OS8TP9bnPsBfe6Qfz8hkjQlCqqn6Ufh81T/M1Ma2ovpnj3fderoxWvSsHTJ2H5m
F9RhqXmUeV0i+xRHYxRFdgN5yxNJ24MCsZlomLArGrEAaQ6qBXfSTjnpxgul2jAx
87Qe99l8abhyZW1siDSdv2JNVDWjjomf1zXtV9pw+V5IpMDxnNzY8JczWQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF3y9KAYF8ftPMI4iOk1/bXizGoxMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWGZMMG9CZ1h4LTA4d2ppSTZUWDl0ZUxNYWpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6XwA4w
AwcBKhDMwDAAMA0GCSqGSIb3DQEBCwUAA4IBAQBLJwKOXfd0Pv6FSoAhZoP1g1N6
7bP4Tk96vICPn47He5gqdyTUiaFuoS4DjzMdNsmQ/3F9JnSI+/XtA5nzDq6sRpgT
KA4MwgbgKJtSqea13vNkPCUfg5yfqzN2UhcqQeLAftvFMObayHQK9SZ5hL8mObvi
egFG09V7vjvbUgjWALIVu/J0Uf6n/QAOtV41yMZgEOeKFNazRTIKxNM46s622ydg
JxJT3E3lSwsiIrxhbu0vWNQrwpFlGtQGXU2FUaESczgzUmmjmM+pglV3JzSzZEQY
pugNzQJZbckQCJdTyOoJt7W++DdBzVrgRxxph4MnG/ryVOuIEGPopjuQlVRc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:33 2024 by rpki-client on console-fra.rpki-client.org