Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/cuRv4YNvxKHBd3p8ubuDvvFxoks.roa
File:                     cuRv4YNvxKHBd3p8ubuDvvFxoks.roa (raw, json)
Hash identifier:          XWGy/BgtGClK6/X/Jl69RbqD5r3vEBsel8NVNL2ELzY=
Subject key identifier:   72:E4:6F:E1:83:6F:C4:A1:C1:77:7A:7C:B9:BB:83:BE:F1:71:A2:4B
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018BAB7C664F9E81E6C8BC760894476D09C6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/cuRv4YNvxKHBd3p8ubuDvvFxoks.roa
Signing time:             Tue 07 Nov 2023 20:32:18 +0000
ROA not before:           Tue 07 Nov 2023 20:32:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        194.50.111.0/24 maxlen: 24
                          2a0e:b107:1870::/48 maxlen: 48
                          2a0c:3b87:ff00::/40 maxlen: 48
                          2a0e:b107:9f4::/48 maxlen: 48
                          2a0c:3b87:ffff::/48 maxlen: 48
                          2a0e:97c0:791::/48 maxlen: 48
                          2a0e:b107:1b9e::/48 maxlen: 48
                          2a10:ccc3:ccce::/48 maxlen: 48
                          2a0e:97c4:ac00::/38 maxlen: 48
                          2a0e:97c0:792::/48 maxlen: 48
                          2a10:ccc0:111::/48 maxlen: 48
                          2a0e:97c0:750::/48 maxlen: 48
                          2a0e:b107:df2::/48 maxlen: 48
                          2a10:ccc7:9000::/38 maxlen: 48
                          2a10:ccc0:110::/48 maxlen: 48
                          2a0e:b107:9f6::/48 maxlen: 48
                          2a0e:97c0:76f::/48 maxlen: 48
                          2a0e:b107:278b::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 08 Nov 2023 00:24:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:ab:7c:66:4f:9e:81:e6:c8:bc:76:08:94:47:6d:09:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Nov  7 20:32:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=72e46fe1836fc4a1c1777a7cb9bb83bef171a24b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:30:0d:ed:66:e1:84:50:bd:a0:92:05:1d:a3:
                    d2:7c:16:d5:d4:82:f5:8b:5d:fa:aa:f1:52:27:60:
                    41:bf:9c:10:d4:27:fd:d8:54:87:71:8f:27:fb:a1:
                    87:ab:bf:4c:60:c8:68:3b:3f:2b:17:d0:94:c4:7b:
                    aa:87:39:0e:e8:85:4f:69:05:78:38:2f:bf:d4:40:
                    4d:e9:2f:72:35:c9:45:dd:2c:f8:71:a5:43:94:45:
                    f3:bf:8b:d3:35:18:a2:d7:ea:87:60:fd:96:1b:2e:
                    be:7c:33:0a:ef:57:08:bf:3b:62:57:a0:61:00:83:
                    41:26:46:51:28:0c:58:97:d0:8b:5d:35:d9:16:90:
                    42:97:8f:66:2f:3d:dd:7b:bc:11:12:6e:d1:1d:ba:
                    27:11:3d:f5:45:f2:77:69:6c:9a:a2:d6:62:32:e6:
                    29:23:e5:45:bf:4c:79:16:f2:6d:2d:25:16:11:29:
                    d9:c2:81:5f:83:2c:1b:c9:30:a7:52:78:e5:ca:8b:
                    0c:58:25:8f:6d:a3:f8:e2:1e:21:63:0b:0a:31:a7:
                    5c:3b:dd:6a:f6:07:81:38:a1:db:3a:9b:ad:02:9c:
                    bf:6f:4f:08:ea:52:8a:ee:51:cb:b5:b3:93:d0:2c:
                    4d:07:38:cd:e5:e0:ef:01:80:5e:43:21:a6:df:40:
                    61:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:E4:6F:E1:83:6F:C4:A1:C1:77:7A:7C:B9:BB:83:BE:F1:71:A2:4B
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/cuRv4YNvxKHBd3p8ubuDvvFxoks.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.50.111.0/24
                IPv6:
                  2a0c:3b87:ff00::/40
                  2a0e:97c0:750::/48
                  2a0e:97c0:76f::/48
                  2a0e:97c0:791::-2a0e:97c0:792:ffff:ffff:ffff:ffff:ffff
                  2a0e:97c4:ac00::/38
                  2a0e:b107:9f4::/48
                  2a0e:b107:9f6::/48
                  2a0e:b107:df2::/48
                  2a0e:b107:1870::/48
                  2a0e:b107:1b9e::/48
                  2a0e:b107:278b::/48
                  2a10:ccc0:110::/47
                  2a10:ccc3:ccce::/48
                  2a10:ccc7:9000::/38

    Signature Algorithm: sha256WithRSAEncryption
         39:2d:5b:4a:4f:68:c7:9c:d0:5a:f0:17:ef:ba:91:b1:1a:8a:
         25:0e:c2:f4:ae:01:46:4c:57:31:83:99:ef:a0:b3:83:74:ba:
         ea:3f:59:01:54:37:1b:83:94:bf:ed:e6:ee:6f:52:6b:73:fb:
         7d:26:3b:2e:df:0f:f8:ea:45:81:76:31:43:c6:f7:31:25:ef:
         f5:76:03:dd:b8:f2:8a:d4:c6:17:49:2b:98:fe:85:82:70:24:
         86:33:01:cd:41:6e:6d:31:07:a1:3b:1f:0e:e4:fc:7a:89:53:
         63:9c:b9:d0:86:5b:74:d8:f9:93:78:16:1b:56:aa:08:c6:ab:
         01:c5:1f:2f:7c:1b:d4:a1:40:68:59:f3:1c:91:12:91:7a:3f:
         f4:49:ee:a0:9f:18:ef:67:d9:9c:de:8c:c7:26:17:cd:89:da:
         e3:ab:9a:40:e9:19:48:9c:d3:2e:18:f2:d0:44:eb:cb:08:e6:
         e3:09:4e:b0:73:33:7b:ee:0a:fe:6f:56:a5:01:b7:02:1c:34:
         ed:21:b6:c3:68:10:7a:6c:21:a6:6f:60:c3:b7:f5:5e:fb:3f:
         58:19:31:d7:12:b4:cb:50:7e:77:c0:09:49:83:42:77:d9:e1:
         86:37:5c:36:76:d7:c3:56:c8:82:6b:01:74:09:43:bb:e7:f9:
         08:ff:14:2a
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYurfGZPnoHmyLx2CJRHbQnGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMTA3MjAzMjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmU0NmZlMTgzNmZjNGExYzE3NzdhN2NiOWJiODNiZWYxNzFhMjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjAN7WbhhFC9oJIFHaPSfBbV1IL1
i136qvFSJ2BBv5wQ1Cf92FSHcY8n+6GHq79MYMhoOz8rF9CUxHuqhzkO6IVPaQV4
OC+/1EBN6S9yNclF3Sz4caVDlEXzv4vTNRii1+qHYP2WGy6+fDMK71cIvztiV6Bh
AINBJkZRKAxYl9CLXTXZFpBCl49mLz3de7wREm7RHbonET31RfJ3aWyaotZiMuYp
I+VFv0x5FvJtLSUWESnZwoFfgywbyTCnUnjlyosMWCWPbaP44h4hYwsKMadcO91q
9geBOKHbOputApy/b08I6lKK7lHLtbOT0CxNBzjN5eDvAYBeQyGm30BhtQIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFHLkb+GDb8ShwXd6fLm7g77xcaJLMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvY3VSdjRZTnZ4S0hCZDNwOHVidUR2dkZ4b2tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjAMBAIAATAGAwQAwjJv
MIGNBAIAAjCBhgMGACoMO4f/AwcAKg6XwAdQAwcAKg6XwAdvMBIDBwAqDpfAB5ED
BwAqDpfAB5IDBgIqDpfErAMHACoOsQcJ9AMHACoOsQcJ9gMHACoOsQcN8gMHACoO
sQcYcAMHACoOsQcbngMHACoOsQcniwMHASoQzMABEAMHACoQzMPMzgMGAioQzMeQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA5LVtKT2jHnNBa8BfvupGxGoolDsL0rgFGTFcx
g5nvoLODdLrqP1kBVDcbg5S/7ebub1Jrc/t9Jjsu3w/46kWBdjFDxvcxJe/1dgPd
uPKK1MYXSSuY/oWCcCSGMwHNQW5tMQehOx8O5Px6iVNjnLnQhlt02PmTeBYbVqoI
xqsBxR8vfBvUoUBoWfMckRKRej/0Se6gnxjvZ9mc3ozHJhfNidrjq5pA6RlInNMu
GPLQROvLCObjCU6wczN77gr+b1alAbcCHDTtIbbDaBB6bCGmb2DDt/Ve+z9YGTHX
ErTLUH53wAlJg0J32eGGN1w2dtfDVsiCawF0CUO75/kI/xQq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:35 2024 by rpki-client on console-fra.rpki-client.org