Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/cc8c7Xr-rECe8e8dzolUXnmpweY.roa
File:                     cc8c7Xr-rECe8e8dzolUXnmpweY.roa (raw, json)
Hash identifier:          0q6wvhY+XKZpN1S0bbL132zLG7+pXMRnd44WcmLjpFE=
Subject key identifier:   71:CF:1C:ED:7A:FE:AC:40:9E:F1:EF:1D:CE:89:54:5E:79:A9:C1:E6
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018CBB95FF2A1A1D6A784F8564D0DF4B60B7
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/cc8c7Xr-rECe8e8dzolUXnmpweY.roa
Signing time:             Sat 30 Dec 2023 16:36:58 +0000
ROA not before:           Sat 30 Dec 2023 16:36:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209735
IP address blocks:        2a06:de01:f4::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:bb:95:ff:2a:1a:1d:6a:78:4f:85:64:d0:df:4b:60:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Dec 30 16:36:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=71cf1ced7afeac409ef1ef1dce89545e79a9c1e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:a4:81:c9:42:7f:8c:42:07:0e:a0:00:2c:34:
                    46:2f:1b:52:da:df:60:f5:5e:23:1f:38:93:89:18:
                    f1:32:2e:2b:bf:e5:69:cf:33:36:06:8f:3b:ba:68:
                    15:ec:16:cd:00:ef:c8:7c:68:90:07:c5:c2:08:f6:
                    0f:a0:96:82:60:97:28:9b:c2:a1:8e:13:79:16:fe:
                    75:4d:90:0a:1d:98:19:ba:56:17:60:d5:a8:20:f7:
                    5f:d1:5c:0c:dc:fe:51:d3:a2:10:ad:15:e2:c2:97:
                    60:bd:ab:38:8d:dd:6b:f9:cf:98:61:c4:d5:53:08:
                    79:37:1f:79:05:f5:46:7e:f6:a4:ff:7b:a3:ed:b0:
                    2c:fc:8b:51:a4:86:a4:7a:c8:5c:87:f4:c5:62:ff:
                    b5:bf:2c:6e:cb:51:25:2f:0e:7b:d4:36:49:4b:dd:
                    5f:3b:55:53:45:62:73:1b:59:4d:f7:10:f4:0a:3c:
                    2c:bb:fc:33:4d:3f:f6:10:d0:e8:cb:2b:da:dc:ef:
                    16:c2:5c:a7:cb:1a:0a:af:a2:55:46:5f:77:72:41:
                    41:8c:58:cb:02:98:d7:5c:47:c2:a9:1f:11:b9:f8:
                    f2:32:38:dd:de:3c:29:e9:9c:36:72:90:71:08:d5:
                    ea:df:25:eb:26:25:fb:90:84:11:b3:51:f8:5b:57:
                    2d:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:CF:1C:ED:7A:FE:AC:40:9E:F1:EF:1D:CE:89:54:5E:79:A9:C1:E6
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/cc8c7Xr-rECe8e8dzolUXnmpweY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:de01:f4::/48

    Signature Algorithm: sha256WithRSAEncryption
         76:9d:99:7a:7e:70:12:52:2c:f4:00:09:ce:a0:52:67:7f:b4:
         73:4c:0d:5b:8c:6d:3a:55:18:fb:2c:d0:8f:1d:d0:91:8e:9b:
         e3:d0:a2:13:9f:5c:e6:69:01:51:5b:85:47:78:a7:ac:d1:cc:
         6a:ac:f9:7e:b0:df:00:d6:2c:a6:c8:24:6e:63:ed:a5:11:5d:
         65:0f:9f:37:d2:ef:5c:ef:8a:66:13:cb:81:3b:2e:c2:a0:50:
         6b:21:95:5f:fa:fa:7f:c9:5e:29:20:c2:1e:18:5c:6e:8a:2e:
         60:8e:d7:b3:67:9c:ed:b9:71:bf:6a:ea:35:10:b6:9f:19:62:
         52:fe:1d:7a:3a:0d:cf:c5:d2:03:91:52:67:be:32:0c:f3:ee:
         72:8e:5c:00:37:0f:a6:d1:fb:9f:25:f7:6c:6c:b9:67:6c:6c:
         e0:88:e2:1d:b0:d2:ef:06:92:18:4d:9a:8a:f3:88:c2:54:45:
         fd:5c:8a:08:3f:49:9a:4b:a8:43:89:b6:95:b6:ca:db:4d:bf:
         31:a2:c4:16:7b:6a:3b:d9:3a:33:8c:2d:35:49:1e:c8:0a:1b:
         9b:2a:31:22:07:62:89:4f:4f:78:19:62:50:67:2e:34:c2:91:
         e6:e7:2a:ea:70:a5:7a:a8:fe:d3:4d:c7:0e:19:b1:3f:f2:69:
         15:f1:39:60
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYy7lf8qGh1qeE+FZNDfS2C3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjMwMTYzNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWNmMWNlZDdhZmVhYzQwOWVmMWVmMWRjZTg5NTQ1ZTc5YTljMWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaSByUJ/jEIHDqAALDRGLxtS2t9g
9V4jHziTiRjxMi4rv+VpzzM2Bo87umgV7BbNAO/IfGiQB8XCCPYPoJaCYJcom8Kh
jhN5Fv51TZAKHZgZulYXYNWoIPdf0VwM3P5R06IQrRXiwpdgvas4jd1r+c+YYcTV
Uwh5Nx95BfVGfvak/3uj7bAs/ItRpIakeshch/TFYv+1vyxuy1ElLw571DZJS91f
O1VTRWJzG1lN9xD0Cjwsu/wzTT/2ENDoyyva3O8WwlynyxoKr6JVRl93ckFBjFjL
ApjXXEfCqR8RufjyMjjd3jwp6Zw2cpBxCNXq3yXrJiX7kIQRs1H4W1ctPwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHHPHO16/qxAnvHvHc6JVF55qcHmMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvY2M4YzdYci1yRUNlOGU4ZHpvbFVYbm1wd2VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgbeAQD0
MA0GCSqGSIb3DQEBCwUAA4IBAQB2nZl6fnASUiz0AAnOoFJnf7RzTA1bjG06VRj7
LNCPHdCRjpvj0KITn1zmaQFRW4VHeKes0cxqrPl+sN8A1iymyCRuY+2lEV1lD583
0u9c74pmE8uBOy7CoFBrIZVf+vp/yV4pIMIeGFxuii5gjtezZ5ztuXG/auo1ELaf
GWJS/h16Og3PxdIDkVJnvjIM8+5yjlwANw+m0fufJfdsbLlnbGzgiOIdsNLvBpIY
TZqK84jCVEX9XIoIP0maS6hDibaVtsrbTb8xosQWe2o72TozjC01SR7IChubKjEi
B2KJT094GWJQZy40wpHm5yrqcKV6qP7TTccOGbE/8mkV8Tlg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:07 2024 by rpki-client on console-ams.rpki-client.org