Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YeXXNdiFKlyavgm7t0xlwbdwrsQ.roa
File:                     YeXXNdiFKlyavgm7t0xlwbdwrsQ.roa (raw, json)
Hash identifier:          fkZ6btLWdjDLmKt5mnZ95+n1zrrmsZIDiGPDYjWjDcE=
Subject key identifier:   61:E5:D7:35:D8:85:2A:5C:9A:BE:09:BB:B7:4C:65:C1:B7:70:AE:C4
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018B1F539F8C3747BFD6014DC0FE30D6A620
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YeXXNdiFKlyavgm7t0xlwbdwrsQ.roa
Signing time:             Wed 11 Oct 2023 15:20:55 +0000
ROA not before:           Wed 11 Oct 2023 15:20:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208328
IP address blocks:        2a0e:97c0:64d::/48 maxlen: 48
                          2a0e:97c0:640::/44 maxlen: 48
                          2a0e:97c0:643::/48 maxlen: 48
                          2a0e:97c0:644::/48 maxlen: 48
                          2a0e:97c0:644::/46 maxlen: 48
                          2a0e:97c0:642::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:1f:53:9f:8c:37:47:bf:d6:01:4d:c0:fe:30:d6:a6:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Oct 11 15:20:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=61e5d735d8852a5c9abe09bbb74c65c1b770aec4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:a4:a3:d4:18:65:92:4d:be:de:53:60:a7:7f:
                    3f:0e:f1:bf:bb:e2:cf:1a:d6:02:36:cd:d5:a3:24:
                    e6:3c:44:33:b1:29:11:99:a4:02:32:db:a6:23:81:
                    48:38:50:5b:80:08:07:4d:8a:10:ff:aa:23:d5:a9:
                    78:30:9b:47:e8:2e:2c:ce:16:a5:7d:d3:1c:41:0a:
                    79:bf:a2:cc:13:ae:9e:45:9e:72:07:96:4f:eb:15:
                    92:0a:8b:b2:35:56:d3:91:c3:b8:d2:4b:09:0b:69:
                    e2:42:c0:03:a0:3e:a7:dd:46:6d:0e:96:a6:ec:d2:
                    d5:b5:5e:a0:6a:11:a9:2a:be:1e:1f:01:69:4f:65:
                    33:3b:8c:a3:ce:75:0b:01:97:a9:07:87:e9:3d:78:
                    0c:d2:7f:2d:bc:b2:01:16:ae:16:28:e8:5e:ef:73:
                    da:24:7d:d3:53:00:6e:a7:1f:aa:44:2c:6d:c0:12:
                    08:88:7f:b3:79:e7:3d:0d:83:16:77:93:6a:2e:fb:
                    69:6d:8d:7c:7e:cc:af:ee:9e:d3:3c:a0:17:d3:c1:
                    19:24:f7:89:0a:93:d9:6f:61:a8:33:95:c4:13:77:
                    c0:ef:e3:b8:17:9d:e3:2b:e0:b8:eb:04:39:eb:c7:
                    36:d2:29:92:3a:9e:4c:9a:b3:78:8a:78:f6:6d:f8:
                    82:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:E5:D7:35:D8:85:2A:5C:9A:BE:09:BB:B7:4C:65:C1:B7:70:AE:C4
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YeXXNdiFKlyavgm7t0xlwbdwrsQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:640::/44

    Signature Algorithm: sha256WithRSAEncryption
         af:4c:c6:97:3e:73:47:5a:c0:5b:c8:e2:1a:1d:04:ce:c0:70:
         80:7a:d1:a4:94:8e:58:70:72:cf:87:74:74:2b:cf:4f:28:9f:
         a9:a3:62:59:85:45:06:cf:0e:43:73:19:f9:a3:cc:e0:dc:66:
         94:c8:36:e8:c5:13:e7:9e:54:2d:18:43:82:1b:77:24:b5:34:
         c0:07:69:82:b7:df:ca:6f:39:96:fa:a1:56:ae:d5:e2:2f:1d:
         8e:17:e7:91:70:fb:8e:7c:95:57:ca:e5:c9:74:b1:1d:c2:e8:
         6e:48:47:db:44:9f:dc:89:4c:aa:a4:3b:fd:ed:f2:a2:78:9c:
         9c:3f:15:43:47:14:58:cc:f5:28:36:43:85:c0:df:17:9f:0f:
         a6:4a:5a:0d:be:06:40:30:4e:17:c3:ae:4f:1b:a1:43:f4:7f:
         cd:d9:69:9e:c9:64:d9:35:d6:af:b0:12:37:4f:ae:14:ec:38:
         58:10:08:3f:30:b8:5c:26:cd:07:d8:39:67:3e:0c:37:f1:6d:
         b4:85:50:e4:42:9e:1f:02:c9:63:81:d6:c7:6c:b7:5f:8c:8a:
         92:59:50:3b:6d:4a:0e:79:a3:c3:70:41:b9:44:1a:68:d2:f4:
         c1:5d:c1:06:f5:3d:ac:ae:1c:d7:77:4a:13:20:71:e7:2c:88:
         da:e8:56:19
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYsfU5+MN0e/1gFNwP4w1qYgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMDExMTUyMDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWU1ZDczNWQ4ODUyYTVjOWFiZTA5YmJiNzRjNjVjMWI3NzBhZWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5KSj1Bhlkk2+3lNgp38/DvG/u+LP
GtYCNs3VoyTmPEQzsSkRmaQCMtumI4FIOFBbgAgHTYoQ/6oj1al4MJtH6C4szhal
fdMcQQp5v6LME66eRZ5yB5ZP6xWSCouyNVbTkcO40ksJC2niQsADoD6n3UZtDpam
7NLVtV6gahGpKr4eHwFpT2UzO4yjznULAZepB4fpPXgM0n8tvLIBFq4WKOhe73Pa
JH3TUwBupx+qRCxtwBIIiH+zeec9DYMWd5NqLvtpbY18fsyv7p7TPKAX08EZJPeJ
CpPZb2GoM5XEE3fA7+O4F53jK+C46wQ568c20imSOp5MmrN4inj2bfiCcwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGHl1zXYhSpcmr4Ju7dMZcG3cK7EMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWWVYWE5kaUZLbHlhdmdtN3QweGx3YmR3cnNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAZA
MA0GCSqGSIb3DQEBCwUAA4IBAQCvTMaXPnNHWsBbyOIaHQTOwHCAetGklI5YcHLP
h3R0K89PKJ+po2JZhUUGzw5Dcxn5o8zg3GaUyDboxRPnnlQtGEOCG3cktTTAB2mC
t9/KbzmW+qFWrtXiLx2OF+eRcPuOfJVXyuXJdLEdwuhuSEfbRJ/ciUyqpDv97fKi
eJycPxVDRxRYzPUoNkOFwN8Xnw+mSloNvgZAME4Xw65PG6FD9H/N2WmeyWTZNdav
sBI3T64U7DhYEAg/MLhcJs0H2DlnPgw38W20hVDkQp4fAsljgdbHbLdfjIqSWVA7
bUoOeaPDcEG5RBpo0vTBXcEG9T2srhzXd0oTIHHnLIja6FYZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:05 2024 by rpki-client on console-ams.rpki-client.org