Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YqJDyiOCsHNXz4vm5Pjmdv41e5M.roa
File:                     YqJDyiOCsHNXz4vm5Pjmdv41e5M.roa (raw, json)
Hash identifier:          PhjNuFSxeM0znkDosTDXs7aKAXXD3SBjInwIyCmO6UU=
Subject key identifier:   62:A2:43:CA:23:82:B0:73:57:CF:8B:E6:E4:F8:E6:76:FE:35:7B:93
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018678F120C49CEE1F465FAD2225BDB243C8
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YqJDyiOCsHNXz4vm5Pjmdv41e5M.roa
Signing time:             Wed 22 Feb 2023 11:45:13 +0000
ROA not before:           Wed 22 Feb 2023 11:45:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        2a0e:b107:1870::/48 maxlen: 48
                          2a0e:b107:5d0::/44 maxlen: 48
                          2a0e:97c0:750::/48 maxlen: 48
                          2a0e:b107:900::/44 maxlen: 48
                          2a0e:b107:df2::/48 maxlen: 48
                          2a0e:97c0:736::/48 maxlen: 48
                          2a0e:b107:9f4::/48 maxlen: 48
                          2a0e:b107:1b9e::/48 maxlen: 48
                          2a0e:b107:9f6::/48 maxlen: 48
                          2a0e:b102:12f::/48 maxlen: 48
                          2a0e:97c0:76f::/48 maxlen: 48
                          2a0e:97c0:73f::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 23 Feb 2023 19:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:78:f1:20:c4:9c:ee:1f:46:5f:ad:22:25:bd:b2:43:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Feb 22 11:45:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=62a243ca2382b07357cf8be6e4f8e676fe357b93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:d7:06:e7:fc:02:91:7a:87:50:b9:bd:9f:32:
                    05:75:fd:27:93:39:02:7c:34:df:ee:ae:6c:90:38:
                    c7:51:e5:c0:88:80:70:4d:83:b0:a4:b1:c1:5a:b5:
                    f6:da:6d:b2:fd:6d:c3:5b:53:04:1c:ed:de:19:9d:
                    cc:4e:ca:85:40:f8:40:b5:0e:15:bf:9c:bb:0f:56:
                    cf:28:f3:e9:5e:77:41:17:d9:d1:1e:7a:25:dd:30:
                    46:78:b2:d3:c3:62:0c:a3:00:7e:72:8e:66:3a:3d:
                    80:40:fb:6f:e0:40:fc:61:a4:85:dd:e5:1f:7f:1e:
                    08:9c:1b:d4:5f:23:0d:37:6c:5e:fc:fd:19:48:8e:
                    2a:67:f3:f0:5b:4c:d3:7f:e3:a3:aa:95:6a:b4:5a:
                    d5:7a:10:17:07:92:bd:93:3b:8e:5a:60:63:c0:6d:
                    a0:e8:9f:99:e9:0a:33:38:85:7d:3d:17:04:a1:a3:
                    ee:63:f0:81:e7:05:49:1a:5e:7d:78:0c:11:ba:22:
                    d3:19:f9:de:cf:da:97:b6:a3:f6:8c:54:2b:6a:96:
                    00:59:f8:67:4e:1b:7f:71:1c:60:24:86:2c:79:3a:
                    83:fa:eb:f9:50:e0:e0:96:b3:62:3f:13:8b:48:5d:
                    27:46:9f:24:8b:7d:94:5b:f4:25:d9:49:b9:8c:20:
                    eb:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:A2:43:CA:23:82:B0:73:57:CF:8B:E6:E4:F8:E6:76:FE:35:7B:93
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YqJDyiOCsHNXz4vm5Pjmdv41e5M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:736::/48
                  2a0e:97c0:73f::/48
                  2a0e:97c0:750::/48
                  2a0e:97c0:76f::/48
                  2a0e:b102:12f::/48
                  2a0e:b107:5d0::/44
                  2a0e:b107:900::/44
                  2a0e:b107:9f4::/48
                  2a0e:b107:9f6::/48
                  2a0e:b107:df2::/48
                  2a0e:b107:1870::/48
                  2a0e:b107:1b9e::/48

    Signature Algorithm: sha256WithRSAEncryption
         32:d6:52:96:cd:13:1b:66:4b:f5:e7:2c:c1:b8:ca:82:f0:32:
         90:ff:38:25:7c:d2:2f:14:50:4a:fb:89:fa:e9:fd:5f:26:f9:
         9a:2b:5c:01:f7:15:7d:95:a3:15:b7:4e:b6:e2:35:2c:64:c6:
         4a:1a:38:37:0c:9b:50:da:bc:2e:c9:3e:ec:2b:2f:de:b0:f6:
         44:4a:da:b2:a3:ca:a4:a6:b9:f6:a9:53:3a:9a:3d:b7:a6:37:
         35:16:a6:36:23:52:ae:9d:4e:82:ea:4f:26:33:0d:2a:f1:9f:
         dd:23:1c:09:12:0f:b6:8d:43:51:08:6c:5f:60:05:87:70:3b:
         ec:d5:c6:e7:5d:23:64:63:03:32:29:3f:50:6e:77:8f:81:1f:
         37:ff:88:13:f9:27:a2:7e:c2:50:7f:24:a9:5f:10:d6:1a:bf:
         22:9e:38:d6:c0:0f:39:58:e3:d7:35:ff:90:92:78:17:7f:7b:
         55:49:f1:de:66:93:76:15:99:66:6f:8c:70:74:ec:1e:16:25:
         6d:43:e0:80:29:67:5c:47:c1:99:f8:56:14:8b:1a:41:fd:d0:
         17:95:03:0c:e7:b4:46:cb:bb:d0:30:09:fa:c4:0c:81:b5:98:
         8f:70:43:86:be:2d:c1:f4:0c:19:10:44:d8:c5:31:3b:3c:6b:
         2c:38:05:93
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYZ48SDEnO4fRl+tIiW9skPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMjIyMTE0NTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmEyNDNjYTIzODJiMDczNTdjZjhiZTZlNGY4ZTY3NmZlMzU3YjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdcG5/wCkXqHULm9nzIFdf0nkzkC
fDTf7q5skDjHUeXAiIBwTYOwpLHBWrX22m2y/W3DW1MEHO3eGZ3MTsqFQPhAtQ4V
v5y7D1bPKPPpXndBF9nRHnol3TBGeLLTw2IMowB+co5mOj2AQPtv4ED8YaSF3eUf
fx4InBvUXyMNN2xe/P0ZSI4qZ/PwW0zTf+OjqpVqtFrVehAXB5K9kzuOWmBjwG2g
6J+Z6QozOIV9PRcEoaPuY/CB5wVJGl59eAwRuiLTGfnez9qXtqP2jFQrapYAWfhn
Tht/cRxgJIYseTqD+uv5UODglrNiPxOLSF0nRp8ki32UW/Ql2Um5jCDrQQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFGKiQ8ojgrBzV8+L5uT45nb+NXuTMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWXFKRHlpT0NzSE5YejR2bTVQam1kdjQxZTVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAIwbAMHACoOl8AH
NgMHACoOl8AHPwMHACoOl8AHUAMHACoOl8AHbwMHACoOsQIBLwMHBCoOsQcF0AMH
BCoOsQcJAAMHACoOsQcJ9AMHACoOsQcJ9gMHACoOsQcN8gMHACoOsQcYcAMHACoO
sQcbnjANBgkqhkiG9w0BAQsFAAOCAQEAMtZSls0TG2ZL9ecswbjKgvAykP84JXzS
LxRQSvuJ+un9Xyb5mitcAfcVfZWjFbdOtuI1LGTGSho4NwybUNq8Lsk+7Csv3rD2
RErasqPKpKa59qlTOpo9t6Y3NRamNiNSrp1OgupPJjMNKvGf3SMcCRIPto1DUQhs
X2AFh3A77NXG510jZGMDMik/UG53j4EfN/+IE/knon7CUH8kqV8Q1hq/Ip441sAP
OVjj1zX/kJJ4F397VUnx3maTdhWZZm+McHTsHhYlbUPggClnXEfBmfhWFIsaQf3Q
F5UDDOe0Rsu70DAJ+sQMgbWYj3BDhr4twfQMGRBE2MUxOzxrLDgFkw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:33 2024 by rpki-client on console-fra.rpki-client.org