Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dWzE7uQXNfCFuFYkNGlw80xW7Co.roa
File:                     dWzE7uQXNfCFuFYkNGlw80xW7Co.roa (raw, json)
Hash identifier:          RXL5bRxk60c0uXjU8gXYj0V/Bnl1lCBswCmvYGh4lj0=
Subject key identifier:   75:6C:C4:EE:E4:17:35:F0:85:B8:56:24:34:69:70:F3:4C:56:EC:2A
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018CC9BD35D1DD28EFC78B7C11BAC82947FB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dWzE7uQXNfCFuFYkNGlw80xW7Co.roa
Signing time:             Tue 02 Jan 2024 10:34:29 +0000
ROA not before:           Tue 02 Jan 2024 10:34:29 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211481
IP address blocks:        2a0e:97c0:330::/44 maxlen: 48

Validation:               Failed, certificate revoked on Sat 31 Aug 2024 22:52:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bd:35:d1:dd:28:ef:c7:8b:7c:11:ba:c8:29:47:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 10:34:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=756cc4eee41735f085b85624346970f34c56ec2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:5c:22:b2:90:42:68:80:ba:8f:df:85:0d:a9:
                    46:64:c1:01:8b:02:e6:87:20:20:97:76:8a:f4:43:
                    54:72:6c:ce:0f:92:8c:d4:c4:d6:67:c9:c0:f1:dd:
                    fa:7f:75:ac:5e:ea:f9:8f:d3:76:54:27:38:90:8c:
                    21:93:6c:b7:95:a9:d7:60:9f:b1:a8:50:e9:f1:a0:
                    fa:40:b3:1d:37:2b:fe:51:fe:0a:3f:03:4c:d5:c8:
                    09:79:76:a3:c3:23:42:1c:59:8a:89:db:e8:e8:4b:
                    e7:20:2b:c2:42:cd:d0:c5:f1:98:6c:c1:96:aa:4d:
                    72:67:27:92:fb:4a:0d:14:e2:05:e4:09:03:3b:2d:
                    44:41:35:45:6f:5f:df:d8:66:db:03:3f:79:5b:0a:
                    84:31:92:c7:00:76:be:ba:b9:d9:a2:86:02:87:47:
                    d9:08:3a:e7:b3:6e:31:90:a6:9d:cf:34:19:cf:b7:
                    82:c4:66:a5:61:e1:fd:90:28:19:27:ea:a3:3e:3a:
                    2f:83:43:a9:ef:7b:05:73:f2:84:58:bb:1e:c1:5f:
                    c1:18:92:25:cd:a7:4a:a9:3d:cf:b6:e4:31:c8:7e:
                    ae:36:3b:e5:8b:b7:30:a4:79:31:d4:31:e6:d7:01:
                    76:45:01:9d:e5:0e:2e:e0:10:b4:52:5c:12:e5:d4:
                    3f:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:6C:C4:EE:E4:17:35:F0:85:B8:56:24:34:69:70:F3:4C:56:EC:2A
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dWzE7uQXNfCFuFYkNGlw80xW7Co.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:330::/44

    Signature Algorithm: sha256WithRSAEncryption
         00:b7:63:3a:5f:f1:76:7f:99:22:76:a0:96:2a:17:7b:51:08:
         f5:8a:e2:fb:a8:d5:51:a6:d9:81:c9:4a:be:91:11:b3:b5:0e:
         53:79:57:67:fb:92:43:80:5b:35:e6:a1:d7:bd:fa:f7:30:25:
         1a:3d:54:0a:c3:5f:9a:3a:4d:17:bd:2b:68:50:58:ef:b6:72:
         94:6f:e9:fa:b7:d2:46:fa:f8:44:8a:87:d9:ab:16:b8:4d:f6:
         7a:0e:07:00:f3:df:41:34:77:57:fb:f2:7a:fb:7f:88:46:fb:
         9c:f3:7c:dd:e7:fd:c9:e2:59:60:4a:98:46:a6:ef:29:73:30:
         da:19:b1:7c:d5:e5:ab:a9:aa:a7:85:79:9c:43:2c:9d:36:f9:
         81:69:d6:59:dc:e0:46:d9:40:f0:94:06:ff:4d:0b:56:b2:a2:
         af:d7:65:80:7a:ae:53:dc:a8:25:87:96:cc:70:d4:ef:fd:5f:
         d0:ef:32:46:3f:06:9c:a0:50:05:aa:d4:d5:30:02:8a:86:86:
         6c:8c:97:3c:ea:32:e5:bd:93:d3:52:2a:34:14:13:87:ff:69:
         63:af:47:2c:1e:92:c9:9e:2e:cc:74:ab:e4:2f:84:19:50:f8:
         bc:be:96:1f:63:de:e6:5c:8b:35:55:fe:57:ed:54:7b:54:6e:
         28:0b:68:bc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvTXR3Sjvx4t8EbrIKUf7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTZjYzRlZWU0MTczNWYwODViODU2MjQzNDY5NzBmMzRjNTZlYzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFwispBCaIC6j9+FDalGZMEBiwLm
hyAgl3aK9ENUcmzOD5KM1MTWZ8nA8d36f3WsXur5j9N2VCc4kIwhk2y3lanXYJ+x
qFDp8aD6QLMdNyv+Uf4KPwNM1cgJeXajwyNCHFmKidvo6EvnICvCQs3QxfGYbMGW
qk1yZyeS+0oNFOIF5AkDOy1EQTVFb1/f2GbbAz95WwqEMZLHAHa+urnZooYCh0fZ
CDrns24xkKadzzQZz7eCxGalYeH9kCgZJ+qjPjovg0Op73sFc/KEWLsewV/BGJIl
zadKqT3PtuQxyH6uNjvli7cwpHkx1DHm1wF2RQGd5Q4u4BC0UlwS5dQ/7QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHVsxO7kFzXwhbhWJDRpcPNMVuwqMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZFd6RTd1UVhOZkNGdUZZa05HbHc4MHhXN0NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAMw
MA0GCSqGSIb3DQEBCwUAA4IBAQAAt2M6X/F2f5kidqCWKhd7UQj1iuL7qNVRptmB
yUq+kRGztQ5TeVdn+5JDgFs15qHXvfr3MCUaPVQKw1+aOk0XvStoUFjvtnKUb+n6
t9JG+vhEiofZqxa4TfZ6DgcA899BNHdX+/J6+3+IRvuc83zd5/3J4llgSphGpu8p
czDaGbF81eWrqaqnhXmcQyydNvmBadZZ3OBG2UDwlAb/TQtWsqKv12WAeq5T3Kgl
h5bMcNTv/V/Q7zJGPwacoFAFqtTVMAKKhoZsjJc86jLlvZPTUio0FBOH/2ljr0cs
HpLJni7MdKvkL4QZUPi8vpYfY97mXIs1Vf5X7VR7VG4oC2i8
-----END CERTIFICATE-----
Generated at Sat Aug 31 23:31:07 2024 by rpki-client on console-fra.rpki-client.org