Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aJ7ugshyZUwKSt7rA107gh6e7uk.roa
File:                     aJ7ugshyZUwKSt7rA107gh6e7uk.roa (raw, json)
Hash identifier:          GBLl0WVWm+HKdYstM6kmUvAuaXXLf+HpWA7wSWILA4M=
Subject key identifier:   68:9E:EE:82:C8:72:65:4C:0A:4A:DE:EB:03:5D:3B:82:1E:9E:EE:E9
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018E879496139BD9CB217FFF00C70ADD215F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aJ7ugshyZUwKSt7rA107gh6e7uk.roa
Signing time:             Fri 29 Mar 2024 00:20:45 +0000
ROA not before:           Fri 29 Mar 2024 00:20:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211063
IP address blocks:        2a0e:97c0:480::/44 maxlen: 48
                          2a0e:b104:100::/44 maxlen: 48
                          2a0e:b107:1240::/44 maxlen: 48
                          2a10:2f00:172::/48 maxlen: 48

Validation:               Failed, certificate revoked on Fri 29 Mar 2024 16:15:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:87:94:96:13:9b:d9:cb:21:7f:ff:00:c7:0a:dd:21:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Mar 29 00:20:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=689eee82c872654c0a4adeeb035d3b821e9eeee9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:98:39:a7:b4:c9:b9:e4:db:4c:de:66:85:54:
                    ee:cc:e0:0e:c8:59:91:80:7e:a8:81:fe:11:4c:1a:
                    f4:d5:fe:0a:e1:93:5f:fc:25:2a:26:64:e2:ac:29:
                    55:14:46:6b:03:44:70:e5:ec:92:db:d9:04:3c:62:
                    95:db:38:3d:f5:a6:37:92:1b:6e:1e:a8:52:b6:34:
                    5a:d8:a5:fc:41:3c:27:f2:74:8f:ee:9f:f5:1f:f8:
                    5d:3d:b6:f9:d7:ef:03:92:29:9c:2c:07:ea:19:38:
                    05:92:d7:14:8e:99:6b:ab:54:6f:62:f2:d8:03:81:
                    05:fb:88:0d:5e:93:b3:23:db:e9:b3:b5:79:97:80:
                    3a:3f:f2:22:ee:71:45:fa:1d:b5:f1:b6:ca:f2:49:
                    fa:36:db:8f:f0:ed:f9:7d:a6:c0:86:f2:f0:84:7b:
                    07:e2:9a:67:0a:d2:8c:00:94:b7:3c:f8:90:91:99:
                    90:b9:62:96:0e:1b:ee:d0:5a:aa:9d:c5:9b:e4:f4:
                    39:82:57:e0:40:1a:01:9d:61:5a:2b:d7:bd:f0:f7:
                    2d:a1:f2:17:50:4d:8b:e2:2c:af:8e:3e:ea:7d:ee:
                    f3:82:ec:48:f1:4e:f4:a5:1b:09:27:9c:f4:78:fe:
                    9a:01:52:cb:87:82:36:f2:54:96:17:e7:ed:53:6c:
                    c5:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:9E:EE:82:C8:72:65:4C:0A:4A:DE:EB:03:5D:3B:82:1E:9E:EE:E9
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aJ7ugshyZUwKSt7rA107gh6e7uk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:480::/44
                  2a0e:b104:100::/44
                  2a0e:b107:1240::/44
                  2a10:2f00:172::/48

    Signature Algorithm: sha256WithRSAEncryption
         4f:d0:f9:dc:3c:3b:8c:bc:d8:20:d0:7e:77:df:28:6d:59:11:
         e9:8b:bd:02:f3:db:63:f8:2e:aa:8a:22:5e:12:11:6a:a1:35:
         cc:93:1e:e5:6a:0a:39:eb:9b:72:aa:91:65:31:83:ab:8b:aa:
         eb:aa:15:f7:3d:ac:b1:0a:33:30:59:34:72:59:c7:04:85:be:
         c8:7c:2f:94:2c:ec:ca:86:c1:c2:46:d0:fc:93:a5:fd:2d:e3:
         f1:cb:4a:1f:43:80:60:dc:29:11:da:a6:35:39:bc:b5:b7:69:
         29:0b:c3:cb:e6:42:6f:63:e7:7d:06:ba:b5:f8:37:91:d2:97:
         ae:af:39:05:d0:e3:67:a8:97:94:2d:61:1e:9f:e2:19:13:2f:
         a8:ba:96:c0:91:88:26:e0:02:12:cc:81:2e:44:c8:75:e3:61:
         39:98:a0:11:6d:04:d5:4a:b7:93:e5:23:f1:cd:69:3d:3d:b4:
         e3:54:cd:d1:3e:be:4e:dd:48:08:eb:77:a6:83:7c:19:bb:78:
         d1:41:55:01:5a:e7:8d:85:e0:3e:4d:21:8d:1d:8e:8c:7b:ba:
         06:f4:68:fe:67:e4:62:b8:35:bb:20:47:0b:24:dc:35:2d:26:
         b6:40:e4:8e:6f:e6:52:6a:cd:44:82:90:ea:f2:b7:f6:df:10:
         f1:8d:3c:7e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY6HlJYTm9nLIX//AMcK3SFfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMzI5MDAyMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODllZWU4MmM4NzI2NTRjMGE0YWRlZWIwMzVkM2I4MjFlOWVlZWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpg5p7TJueTbTN5mhVTuzOAOyFmR
gH6ogf4RTBr01f4K4ZNf/CUqJmTirClVFEZrA0Rw5eyS29kEPGKV2zg99aY3khtu
HqhStjRa2KX8QTwn8nSP7p/1H/hdPbb51+8DkimcLAfqGTgFktcUjplrq1RvYvLY
A4EF+4gNXpOzI9vps7V5l4A6P/Ii7nFF+h218bbK8kn6NtuP8O35fabAhvLwhHsH
4ppnCtKMAJS3PPiQkZmQuWKWDhvu0FqqncWb5PQ5glfgQBoBnWFaK9e98PctofIX
UE2L4iyvjj7qfe7zguxI8U70pRsJJ5z0eP6aAVLLh4I28lSWF+ftU2zFkwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGie7oLIcmVMCkre6wNdO4Ienu7pMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYUo3dWdzaHlaVXdLU3Q3ckExMDdnaDZlN3VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcEKg6XwASA
AwcEKg6xBAEAAwcEKg6xBxJAAwcAKhAvAAFyMA0GCSqGSIb3DQEBCwUAA4IBAQBP
0PncPDuMvNgg0H533yhtWRHpi70C89tj+C6qiiJeEhFqoTXMkx7lago565tyqpFl
MYOri6rrqhX3PayxCjMwWTRyWccEhb7IfC+ULOzKhsHCRtD8k6X9LePxy0ofQ4Bg
3CkR2qY1Oby1t2kpC8PL5kJvY+d9Brq1+DeR0peurzkF0ONnqJeULWEen+IZEy+o
upbAkYgm4AISzIEuRMh142E5mKARbQTVSreT5SPxzWk9PbTjVM3RPr5O3UgI63em
g3wZu3jRQVUBWueNheA+TSGNHY6Me7oG9Gj+Z+RiuDW7IEcLJNw1LSa2QOSOb+ZS
as1EgpDq8rf23xDxjTx+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:07 2024 by rpki-client on console-ams.rpki-client.org