Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/f44QmSLuQTYzp7SSAm6AauJQumM.roa
File:                     f44QmSLuQTYzp7SSAm6AauJQumM.roa (raw, json)
Hash identifier:          EvzUqTfgSxWupf+Flvhv95HDcVCxzskYRVCNqLaTQ+A=
Subject key identifier:   7F:8E:10:99:22:EE:41:36:33:A7:B4:92:02:6E:80:6A:E2:50:BA:63
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E80C5441486D57204E71FBA22E90C8
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/f44QmSLuQTYzp7SSAm6AauJQumM.roa
Signing time:             Mon 02 Jan 2023 05:15:33 +0000
ROA not before:           Mon 02 Jan 2023 05:15:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211704
IP address blocks:        2a0e:97c0:230::/44 maxlen: 48
                          2a0e:b107:fb3::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e8:0c:54:41:48:6d:57:20:4e:71:fb:a2:2e:90:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7f8e109922ee413633a7b492026e806ae250ba63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:12:ad:f8:23:75:e4:27:15:35:cc:55:c9:21:
                    41:f6:5d:99:ac:b8:87:39:b6:a8:3b:d0:40:d1:48:
                    a0:af:e3:6d:09:e8:29:40:ae:40:f6:59:c1:8e:97:
                    da:b9:c8:56:58:cd:cb:76:22:b6:4e:0c:c8:e9:6c:
                    60:7d:89:45:81:4e:cb:36:fc:47:ac:68:f8:1f:27:
                    b2:97:ea:0e:fb:ce:22:d7:b5:95:8a:4f:77:a6:6a:
                    6b:96:1f:08:4e:1d:94:f7:99:2e:c9:57:57:93:c4:
                    02:55:29:ec:eb:3f:93:29:6f:5f:eb:b7:83:c0:c0:
                    96:7b:c0:0c:05:99:22:eb:dd:b7:cf:af:e6:5e:92:
                    b7:13:9b:37:68:9d:d4:4d:72:34:bf:ac:5e:21:7f:
                    71:bf:40:6a:b4:b7:e8:fb:06:ce:d4:17:c0:d0:a9:
                    63:c7:8e:be:09:4a:23:c4:ae:b8:a1:b7:bd:ca:37:
                    3b:b3:ec:89:c1:95:88:dd:26:b3:35:a1:69:fe:98:
                    1f:f0:fe:2c:ba:04:e1:8c:a6:17:42:09:15:49:4c:
                    a2:75:d4:69:06:56:05:d0:7b:1b:89:11:33:f5:30:
                    de:cd:b9:3d:ed:43:72:89:94:10:21:7b:00:72:41:
                    46:ef:d4:05:b2:9f:9d:10:c9:17:c9:0a:29:c1:c9:
                    2f:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:8E:10:99:22:EE:41:36:33:A7:B4:92:02:6E:80:6A:E2:50:BA:63
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/f44QmSLuQTYzp7SSAm6AauJQumM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:230::/44
                  2a0e:b107:fb3::/48

    Signature Algorithm: sha256WithRSAEncryption
         8e:1a:89:96:5c:b9:68:58:17:bb:d4:7d:aa:2b:42:41:a0:81:
         87:29:a8:fc:a7:ff:a0:50:ca:e0:18:df:3b:a5:d2:85:84:5a:
         60:a8:0b:17:2d:88:2c:1b:e9:67:58:e8:5c:35:a6:f8:40:3f:
         f4:df:7f:00:0b:70:40:e0:99:3a:73:a7:84:d3:71:4e:40:08:
         30:e3:1c:8b:ee:b9:d2:01:94:7c:a7:e6:74:ed:2f:0f:23:6b:
         dd:ce:68:a0:f6:a6:61:1c:04:1b:e0:0c:56:4c:d1:c5:d1:94:
         eb:ee:23:db:d0:2d:d5:8e:c7:40:2a:5b:0c:4c:9d:4d:d9:03:
         cc:17:a8:63:ce:b2:b5:90:a6:6c:89:75:89:d9:7d:67:c0:71:
         58:f0:73:c1:5c:df:f7:a8:67:f2:a0:4f:74:b8:40:ef:f1:ed:
         2a:88:e1:75:2a:d1:1c:43:ef:3b:1c:6d:24:2b:bb:dd:17:57:
         63:79:20:6a:59:5f:c0:a7:9c:47:38:d5:05:0f:02:4a:ec:a0:
         08:81:e1:1a:65:ba:c7:5d:43:a5:10:2f:3d:a1:b3:99:ef:b8:
         49:75:5c:c9:86:2f:e0:f6:9a:7b:35:02:95:9c:71:0a:1a:43:
         01:7e:57:9a:6e:cc:2d:df:09:43:90:1b:6e:a6:ea:5b:ee:bb:
         06:75:b7:a2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw6AxUQUhtVyBOcfuiLpDIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjhlMTA5OTIyZWU0MTM2MzNhN2I0OTIwMjZlODA2YWUyNTBiYTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRKt+CN15CcVNcxVySFB9l2ZrLiH
ObaoO9BA0Uigr+NtCegpQK5A9lnBjpfauchWWM3LdiK2TgzI6WxgfYlFgU7LNvxH
rGj4Hyeyl+oO+84i17WVik93pmprlh8ITh2U95kuyVdXk8QCVSns6z+TKW9f67eD
wMCWe8AMBZki6923z6/mXpK3E5s3aJ3UTXI0v6xeIX9xv0BqtLfo+wbO1BfA0Klj
x46+CUojxK64obe9yjc7s+yJwZWI3SazNaFp/pgf8P4sugThjKYXQgkVSUyiddRp
BlYF0HsbiREz9TDezbk97UNyiZQQIXsAckFG79QFsp+dEMkXyQopwckvWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH+OEJki7kE2M6e0kgJugGriULpjMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZjQ0UW1TTHVRVFl6cDdTU0FtNkFhdUpRdW1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAIw
AwcAKg6xBw+zMA0GCSqGSIb3DQEBCwUAA4IBAQCOGomWXLloWBe71H2qK0JBoIGH
Kaj8p/+gUMrgGN87pdKFhFpgqAsXLYgsG+lnWOhcNab4QD/0338AC3BA4Jk6c6eE
03FOQAgw4xyL7rnSAZR8p+Z07S8PI2vdzmig9qZhHAQb4AxWTNHF0ZTr7iPb0C3V
jsdAKlsMTJ1N2QPMF6hjzrK1kKZsiXWJ2X1nwHFY8HPBXN/3qGfyoE90uEDv8e0q
iOF1KtEcQ+87HG0kK7vdF1djeSBqWV/Ap5xHONUFDwJK7KAIgeEaZbrHXUOlEC89
obOZ77hJdVzJhi/g9pp7NQKVnHEKGkMBfleabswt3wlDkBtupupb7rsGdbei
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:35 2024 by rpki-client on console-fra.rpki-client.org