Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/cfoWiwEsoQ749JGuPYrhGa5vxbk.roa
File:                     cfoWiwEsoQ749JGuPYrhGa5vxbk.roa (raw, json)
Hash identifier:          Cm6n9XpuEv5wtVCihy4c+mac7IE/df4Fc6MMIRvgImU=
Subject key identifier:   71:FA:16:8B:01:2C:A1:0E:F8:F4:91:AE:3D:8A:E1:19:AE:6F:C5:B9
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E8032DD51902B0D2D6CE30BFCB67AD
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/cfoWiwEsoQ749JGuPYrhGa5vxbk.roa
Signing time:             Mon 02 Jan 2023 05:15:31 +0000
ROA not before:           Mon 02 Jan 2023 05:15:31 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211479
IP address blocks:        2a0e:b107:1220::/44 maxlen: 48

Validation:               Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e8:03:2d:d5:19:02:b0:d2:d6:ce:30:bf:cb:67:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:31 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=71fa168b012ca10ef8f491ae3d8ae119ae6fc5b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:73:3f:3a:23:54:b2:cd:74:de:dc:de:77:62:
                    02:35:90:f4:b1:c5:4c:d6:21:34:90:76:5f:42:77:
                    7d:3e:92:76:45:d1:e7:08:11:e4:20:82:99:7f:ff:
                    10:d7:56:25:99:23:b7:55:f4:8e:b7:18:a5:d1:9c:
                    af:9c:46:f1:7b:f1:40:ed:2a:38:40:58:21:7e:da:
                    70:f3:e9:bd:15:d9:cf:b0:8d:a1:ab:8d:80:d9:ee:
                    a0:51:c6:9a:9b:03:bb:d4:be:6a:59:b7:f7:43:7e:
                    01:aa:6a:b4:86:fc:45:60:72:4e:62:48:2d:89:11:
                    ff:e3:a8:10:77:35:12:da:dc:7d:d5:5b:64:a9:45:
                    0b:6d:cc:64:7e:68:a7:30:c6:97:02:92:5f:cc:89:
                    d5:9e:97:42:93:ad:1d:42:db:1d:1d:22:48:a7:6e:
                    8b:8c:e5:8a:8b:58:92:92:42:47:21:91:82:84:24:
                    e2:44:9d:41:97:60:8d:36:8f:ce:4b:37:b5:12:26:
                    5a:33:e1:a7:92:93:61:38:cb:6e:f8:75:69:89:cd:
                    ee:dc:43:47:85:01:0f:aa:d4:95:96:e2:52:01:99:
                    50:a5:c7:e4:25:ee:a8:6a:64:0c:1c:d6:3f:c6:01:
                    e7:4c:86:08:4e:98:52:3f:40:ac:23:9d:e2:6e:c0:
                    ae:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:FA:16:8B:01:2C:A1:0E:F8:F4:91:AE:3D:8A:E1:19:AE:6F:C5:B9
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/cfoWiwEsoQ749JGuPYrhGa5vxbk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:1220::/44

    Signature Algorithm: sha256WithRSAEncryption
         c3:02:18:ad:93:e2:19:1f:9e:c8:59:3b:fa:f8:db:b7:e3:79:
         e3:41:d0:35:8a:26:aa:64:0a:95:0a:73:08:b6:96:14:94:77:
         ed:78:be:23:df:a0:8f:d4:2c:95:45:4b:a4:11:02:78:02:66:
         72:4a:07:9f:c6:d9:e4:19:29:6c:62:74:d7:d5:3f:ac:87:df:
         e5:ea:55:2a:05:b7:4b:ea:d4:be:9a:db:45:b9:6b:da:b2:af:
         e2:a2:17:c2:70:8a:b8:d6:f7:e9:ef:86:c4:3d:53:62:4f:b8:
         eb:05:12:bb:53:06:58:34:64:4c:92:0c:f7:a6:b5:6e:45:c1:
         a4:14:79:74:28:15:77:92:d7:b8:1f:e5:f2:1f:7d:e5:88:6a:
         63:0c:3d:11:53:ec:35:49:f2:06:58:ce:25:6e:c4:e0:1b:f7:
         8b:4d:de:22:07:ac:ee:5d:f7:61:3d:3d:2a:56:34:5e:39:e1:
         3d:be:e8:c7:ec:ff:10:e3:c7:a2:f3:c1:e2:45:d8:fb:ec:cc:
         65:a3:e7:90:f4:38:07:04:86:c6:ae:74:55:af:7d:37:52:08:
         1b:c9:57:c4:8b:be:bc:ee:40:aa:3c:e2:14:dd:48:05:3a:05:
         2b:0f:58:2e:6f:7f:73:da:93:68:d6:e7:89:66:91:14:e0:3a:
         0a:21:11:24
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw6AMt1RkCsNLWzjC/y2etMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWZhMTY4YjAxMmNhMTBlZjhmNDkxYWUzZDhhZTExOWFlNmZjNWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnM/OiNUss103tzed2ICNZD0scVM
1iE0kHZfQnd9PpJ2RdHnCBHkIIKZf/8Q11YlmSO3VfSOtxil0ZyvnEbxe/FA7So4
QFghftpw8+m9FdnPsI2hq42A2e6gUcaamwO71L5qWbf3Q34Bqmq0hvxFYHJOYkgt
iRH/46gQdzUS2tx91VtkqUULbcxkfminMMaXApJfzInVnpdCk60dQtsdHSJIp26L
jOWKi1iSkkJHIZGChCTiRJ1Bl2CNNo/OSze1EiZaM+GnkpNhOMtu+HVpic3u3ENH
hQEPqtSVluJSAZlQpcfkJe6oamQMHNY/xgHnTIYITphSP0CsI53ibsCu1wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHH6FosBLKEO+PSRrj2K4Rmub8W5MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvY2ZvV2l3RXNvUTc0OUpHdVBZcmhHYTV2eGJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxIg
MA0GCSqGSIb3DQEBCwUAA4IBAQDDAhitk+IZH57IWTv6+Nu343njQdA1iiaqZAqV
CnMItpYUlHfteL4j36CP1CyVRUukEQJ4AmZySgefxtnkGSlsYnTX1T+sh9/l6lUq
BbdL6tS+mttFuWvasq/iohfCcIq41vfp74bEPVNiT7jrBRK7UwZYNGRMkgz3prVu
RcGkFHl0KBV3kte4H+XyH33liGpjDD0RU+w1SfIGWM4lbsTgG/eLTd4iB6zuXfdh
PT0qVjReOeE9vujH7P8Q48ei88HiRdj77Mxlo+eQ9DgHBIbGrnRVr303UggbyVfE
i7687kCqPOIU3UgFOgUrD1gub39z2pNo1ueJZpEU4DoKIREk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:35 2024 by rpki-client on console-fra.rpki-client.org