Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/c1lkfjqbxpcGCRtiFTthNRA9lqA.roa
File:                     c1lkfjqbxpcGCRtiFTthNRA9lqA.roa (raw, json)
Hash identifier:          ntsS7I5v8b1Sa6otOv4zeW01FpABKmxoi4R3tOsvO0w=
Subject key identifier:   73:59:64:7E:3A:9B:C6:97:06:09:1B:62:15:3B:61:35:10:3D:96:A0
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018ED933FEA2197E6D3395CA4E493C40B82F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/c1lkfjqbxpcGCRtiFTthNRA9lqA.roa
Signing time:             Sat 13 Apr 2024 20:44:07 +0000
ROA not before:           Sat 13 Apr 2024 20:44:07 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215108
IP address blocks:        2a06:de01:120::/44 maxlen: 48

Validation:               Failed, certificate revoked on Sun 14 Apr 2024 09:59:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:d9:33:fe:a2:19:7e:6d:33:95:ca:4e:49:3c:40:b8:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Apr 13 20:44:07 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7359647e3a9bc69706091b62153b6135103d96a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:d2:89:c7:4f:34:0c:ac:80:11:e9:64:21:d3:
                    ba:3d:66:a4:b7:de:92:88:11:b1:69:18:0d:89:e4:
                    ac:ea:2d:45:bc:64:f3:23:09:bf:02:04:02:ae:db:
                    74:4b:75:1d:37:f5:be:85:80:c7:33:45:45:15:ff:
                    9c:85:6f:21:f6:ed:d0:c9:2c:f3:41:fb:51:e9:4f:
                    f0:a6:55:c4:0a:2e:62:aa:01:44:d6:bb:b3:d4:9b:
                    64:c7:2a:78:b8:eb:b2:81:08:97:12:3a:9f:39:3b:
                    52:7f:20:6f:b9:cb:01:82:b9:54:45:e0:92:7e:3c:
                    e8:af:00:8d:a5:7d:8f:68:ff:4d:d3:e5:16:43:08:
                    18:0b:d9:57:ef:15:0e:80:b3:32:99:d8:29:da:75:
                    31:3c:55:c9:44:a8:a7:b7:ae:4c:ed:f1:0f:5e:8c:
                    00:f8:8b:7f:b1:04:e9:35:ce:4a:12:9c:6b:1c:92:
                    0e:67:ea:d4:84:a8:5f:be:85:b9:e5:25:9e:b2:5f:
                    e5:4a:5a:02:f2:92:0b:0d:25:ef:20:d6:cd:87:ca:
                    0f:1c:28:9d:d5:2b:20:49:f5:73:a7:c7:eb:8f:dd:
                    0b:f1:de:60:02:92:88:32:17:85:69:9a:9a:89:a4:
                    45:01:c2:38:43:9b:e9:4b:df:35:c0:93:ca:35:71:
                    84:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:59:64:7E:3A:9B:C6:97:06:09:1B:62:15:3B:61:35:10:3D:96:A0
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/c1lkfjqbxpcGCRtiFTthNRA9lqA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:de01:120::/44

    Signature Algorithm: sha256WithRSAEncryption
         4b:b0:31:97:ca:0d:86:64:86:2a:d9:3c:0c:8c:93:35:a7:3d:
         86:25:1d:f4:4f:3f:28:9b:2b:a8:38:20:7f:08:56:1a:43:aa:
         48:ea:d8:67:c0:15:3d:c4:f5:c3:77:e0:77:70:d6:c3:1a:f1:
         2f:49:59:03:f9:4b:26:87:80:57:37:52:ca:a1:c8:0e:3f:14:
         24:1c:63:3b:30:ab:98:a7:f8:37:23:87:ce:d1:7a:5b:f0:1e:
         31:8c:37:f3:a1:d4:d4:f4:d0:df:de:ab:8d:2f:97:c8:8f:9c:
         3f:ef:c5:8d:fa:24:61:48:8c:e9:1b:6e:05:e4:52:43:18:01:
         bd:dc:7e:06:dd:d6:7c:9e:f8:f6:09:68:15:68:bd:39:4c:58:
         f4:63:2f:81:9b:a4:01:92:2d:2c:54:6f:66:44:cc:36:aa:64:
         04:2e:b1:c4:02:06:e3:de:e4:cc:92:b4:c8:8a:c2:af:ca:ab:
         6d:bd:99:8f:37:03:e9:8d:d1:80:75:6c:15:d0:19:7c:04:e8:
         f5:de:21:9d:a3:6b:79:a8:e6:03:0f:25:f6:2c:6c:28:38:dc:
         1c:d8:91:a6:6b:2c:e7:51:12:5a:e5:37:98:2f:d9:8b:a8:69:
         20:2a:27:cd:5e:42:ac:83:d2:83:c2:79:1f:8f:b1:e3:3d:53:
         0a:95:16:ea
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY7ZM/6iGX5tM5XKTkk8QLgvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNDEzMjA0NDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzU5NjQ3ZTNhOWJjNjk3MDYwOTFiNjIxNTNiNjEzNTEwM2Q5NmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNKJx080DKyAEelkIdO6PWakt96S
iBGxaRgNieSs6i1FvGTzIwm/AgQCrtt0S3UdN/W+hYDHM0VFFf+chW8h9u3QySzz
QftR6U/wplXECi5iqgFE1ruz1Jtkxyp4uOuygQiXEjqfOTtSfyBvucsBgrlUReCS
fjzorwCNpX2PaP9N0+UWQwgYC9lX7xUOgLMymdgp2nUxPFXJRKint65M7fEPXowA
+It/sQTpNc5KEpxrHJIOZ+rUhKhfvoW55SWesl/lSloC8pILDSXvINbNh8oPHCid
1SsgSfVzp8frj90L8d5gApKIMheFaZqaiaRFAcI4Q5vpS981wJPKNXGEuwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHNZZH46m8aXBgkbYhU7YTUQPZagMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYzFsa2ZqcWJ4cGNHQ1J0aUZUdGhOUkE5bHFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgbeAQEg
MA0GCSqGSIb3DQEBCwUAA4IBAQBLsDGXyg2GZIYq2TwMjJM1pz2GJR30Tz8omyuo
OCB/CFYaQ6pI6thnwBU9xPXDd+B3cNbDGvEvSVkD+Usmh4BXN1LKocgOPxQkHGM7
MKuYp/g3I4fO0Xpb8B4xjDfzodTU9NDf3quNL5fIj5w/78WN+iRhSIzpG24F5FJD
GAG93H4G3dZ8nvj2CWgVaL05TFj0Yy+Bm6QBki0sVG9mRMw2qmQELrHEAgbj3uTM
krTIisKvyqttvZmPNwPpjdGAdWwV0Bl8BOj13iGdo2t5qOYDDyX2LGwoONwc2JGm
ayznURJa5TeYL9mLqGkgKifNXkKsg9KDwnkfj7HjPVMKlRbq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:07 2024 by rpki-client on console-ams.rpki-client.org