Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/asToFC21bWrPxI-z2oVpsMZ5MD4.roa
File:                     asToFC21bWrPxI-z2oVpsMZ5MD4.roa (raw, json)
Hash identifier:          O/NBAgE/wfM0uvkPvkf1gHLzsu9+0M3ALwS0xbtN4vo=
Subject key identifier:   6A:C4:E8:14:2D:B5:6D:6A:CF:C4:8F:B3:DA:85:69:B0:C6:79:30:3E
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018D96A33AA0AF5E36B9333D5FD044662595
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/asToFC21bWrPxI-z2oVpsMZ5MD4.roa
Signing time:             Sun 11 Feb 2024 05:28:16 +0000
ROA not before:           Sun 11 Feb 2024 05:28:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16509
IP address blocks:        2a06:de00:10::/48 maxlen: 48
                          2a0e:97c0:411::/48 maxlen: 48
                          2a0e:b107:19a0::/48 maxlen: 48
                          2a0e:b107:1a63::/48 maxlen: 48
                          2a0e:b107:1a64::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 15 Feb 2024 19:32:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:96:a3:3a:a0:af:5e:36:b9:33:3d:5f:d0:44:66:25:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Feb 11 05:28:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6ac4e8142db56d6acfc48fb3da8569b0c679303e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:32:04:1f:eb:16:25:ed:1d:1b:b7:c2:df:90:
                    ed:ad:8c:7c:6e:bf:97:8d:13:d1:48:a1:f2:65:5b:
                    54:be:8f:45:a0:5c:78:57:c8:93:f5:a4:45:8b:ea:
                    9a:9b:43:a2:76:f4:ca:85:aa:86:5c:09:05:79:08:
                    cc:8f:67:6e:2d:15:36:79:cc:cc:a3:65:77:c7:fd:
                    93:a8:10:f4:d3:a1:90:eb:9d:3d:b4:a9:9a:2e:c0:
                    de:99:31:f3:e2:78:44:ca:be:a3:00:d3:9a:3d:0f:
                    f1:b6:2a:35:9a:a2:0b:77:1f:50:3b:fc:eb:a7:18:
                    09:ff:1f:e0:c6:9e:32:d6:ff:d0:ff:4c:1b:46:74:
                    43:37:b9:96:58:bc:db:0f:c4:45:86:6e:95:6c:0a:
                    18:73:b2:15:92:92:7d:ae:ba:e7:9b:42:14:ac:da:
                    51:a9:46:dc:0d:a8:bf:95:72:fe:cc:4d:91:5e:64:
                    72:61:8a:6a:f4:ff:99:95:07:3a:97:e7:99:bb:65:
                    ed:2d:a9:11:27:0f:4a:c5:4d:37:36:96:48:6a:bc:
                    5e:be:ff:4a:8b:89:72:eb:20:0a:f7:7b:83:eb:c9:
                    cc:9e:c1:ae:e3:dc:da:bd:c2:c8:07:ee:06:0b:67:
                    1c:f3:76:0d:ef:57:45:e1:f6:60:56:11:a7:e8:63:
                    bb:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:C4:E8:14:2D:B5:6D:6A:CF:C4:8F:B3:DA:85:69:B0:C6:79:30:3E
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/asToFC21bWrPxI-z2oVpsMZ5MD4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:de00:10::/48
                  2a0e:97c0:411::/48
                  2a0e:b107:19a0::/48
                  2a0e:b107:1a63::-2a0e:b107:1a64:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         03:7a:3f:4c:92:7b:2f:97:b3:53:4d:ce:8f:bf:7d:1f:2c:e1:
         44:5c:56:fa:7b:71:6f:60:75:05:54:15:54:1a:00:38:b0:78:
         89:cc:9d:46:29:d6:a8:ca:6e:00:dd:ad:52:6e:50:66:9f:94:
         86:3c:53:6e:b3:e8:34:94:1e:5d:99:d3:af:f4:e9:1b:8f:cd:
         32:a6:90:49:5d:44:28:be:59:95:6d:d8:76:ef:fd:4c:23:6b:
         6b:43:9b:ff:4c:1f:77:a7:b2:48:4f:69:49:90:86:ef:92:ce:
         2d:fb:4b:9b:dd:3a:bf:a9:63:a1:6d:c8:4e:69:cb:24:6b:e2:
         a4:bb:f6:e9:f4:f6:df:43:a4:9c:a5:40:92:3a:35:5f:29:eb:
         ce:ac:d4:10:f2:2b:08:25:75:87:b9:d0:8b:64:5b:ec:32:90:
         14:0a:0d:a7:8f:0a:27:dc:1a:4b:d5:02:4d:ae:f5:53:7d:6d:
         4c:0f:e6:34:ae:55:93:c6:93:d9:92:1c:12:05:f4:be:87:fb:
         79:89:a9:17:ca:91:75:43:8e:61:e0:24:4a:20:1d:b6:32:5c:
         25:18:41:3a:5c:66:34:1d:95:b6:6d:fd:16:6c:fc:f1:21:d5:
         ce:7d:34:5e:b1:bd:c5:07:d4:5e:65:de:3a:57:a8:7c:91:19:
         e3:65:5e:88
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY2Wozqgr142uTM9X9BEZiWVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjExMDUyODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWM0ZTgxNDJkYjU2ZDZhY2ZjNDhmYjNkYTg1NjliMGM2NzkzMDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzIEH+sWJe0dG7fC35DtrYx8br+X
jRPRSKHyZVtUvo9FoFx4V8iT9aRFi+qam0OidvTKhaqGXAkFeQjMj2duLRU2eczM
o2V3x/2TqBD006GQ6509tKmaLsDemTHz4nhEyr6jANOaPQ/xtio1mqILdx9QO/zr
pxgJ/x/gxp4y1v/Q/0wbRnRDN7mWWLzbD8RFhm6VbAoYc7IVkpJ9rrrnm0IUrNpR
qUbcDai/lXL+zE2RXmRyYYpq9P+ZlQc6l+eZu2XtLakRJw9KxU03NpZIarxevv9K
i4ly6yAK93uD68nMnsGu49zavcLIB+4GC2cc83YN71dF4fZgVhGn6GO7MQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFGrE6BQttW1qz8SPs9qFabDGeTA+MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYXNUb0ZDMjFiV3JQeEktejJvVnBzTVo1TUQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAAjAvAwcAKgbeAAAQ
AwcAKg6XwAQRAwcAKg6xBxmgMBIDBwAqDrEHGmMDBwAqDrEHGmQwDQYJKoZIhvcN
AQELBQADggEBAAN6P0ySey+Xs1NNzo+/fR8s4URcVvp7cW9gdQVUFVQaADiweInM
nUYp1qjKbgDdrVJuUGaflIY8U26z6DSUHl2Z06/06RuPzTKmkEldRCi+WZVt2Hbv
/Uwja2tDm/9MH3enskhPaUmQhu+Szi37S5vdOr+pY6FtyE5pyyRr4qS79un09t9D
pJylQJI6NV8p686s1BDyKwgldYe50ItkW+wykBQKDaePCifcGkvVAk2u9VN9bUwP
5jSuVZPGk9mSHBIF9L6H+3mJqRfKkXVDjmHgJEogHbYyXCUYQTpcZjQdlbZt/RZs
/PEh1c59NF6xvcUH1F5l3jpXqHyRGeNlXog=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:34 2024 by rpki-client on console-fra.rpki-client.org