Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/g0PxqcfLrgq4HHKEFJIns8Go6T8.roa
File:                     g0PxqcfLrgq4HHKEFJIns8Go6T8.roa (raw, json)
Hash identifier:          ArbANpN0X2xqQpb0KnCJrnkLo4QI0QIBNqiAqwmVVaw=
Subject key identifier:   83:43:F1:A9:C7:CB:AE:0A:B8:1C:72:84:14:92:27:B3:C1:A8:E9:3F
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018666110AF10C4D1AF58B89A82F9A3C8659
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/g0PxqcfLrgq4HHKEFJIns8Go6T8.roa
Signing time:             Sat 18 Feb 2023 19:47:18 +0000
ROA not before:           Sat 18 Feb 2023 19:47:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41732
IP address blocks:        2a0e:b107:9d0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Sun 19 Feb 2023 09:30:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:66:11:0a:f1:0c:4d:1a:f5:8b:89:a8:2f:9a:3c:86:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Feb 18 19:47:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8343f1a9c7cbae0ab81c7284149227b3c1a8e93f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:86:ab:5a:9b:34:19:7a:f8:0a:df:24:50:c4:
                    97:62:39:dd:36:fa:a6:96:36:b9:61:29:ea:72:ea:
                    3e:f7:00:98:f8:e7:5f:50:63:3a:e5:4f:27:8b:83:
                    b4:c0:7c:95:5c:bc:83:4c:6c:76:6b:2f:24:66:4f:
                    51:3a:0b:22:f2:bb:85:9c:3b:86:8d:2c:48:c9:be:
                    21:82:6d:89:e6:41:0b:e9:5b:0b:ea:78:be:1c:e4:
                    21:fc:7e:f3:36:d9:92:bc:34:6f:96:7a:49:ae:ad:
                    05:e7:d8:f8:ec:3d:c3:0d:a3:46:f0:2c:c9:b6:4b:
                    04:f1:56:47:67:69:ea:83:40:55:44:50:cf:f4:39:
                    11:68:cd:6d:49:1d:e4:d1:b8:c9:48:11:41:30:65:
                    c1:e0:92:76:64:aa:f7:a0:8a:18:42:43:49:a3:e2:
                    8f:84:05:21:98:3c:10:ea:74:bd:7f:7e:d5:41:77:
                    bd:a7:a2:09:a5:8a:4a:54:ac:90:d5:83:b0:b1:3a:
                    10:49:19:07:ff:3f:0b:00:2a:25:a4:c8:bc:db:b4:
                    06:14:ad:56:79:e8:97:f7:d7:d8:d3:d7:75:dc:e8:
                    97:26:d9:2a:f8:b2:46:1c:f7:e4:2f:be:e2:b1:2d:
                    c0:28:a1:88:25:2d:95:08:8c:16:e0:fa:66:cf:98:
                    49:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:43:F1:A9:C7:CB:AE:0A:B8:1C:72:84:14:92:27:B3:C1:A8:E9:3F
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/g0PxqcfLrgq4HHKEFJIns8Go6T8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:9d0::/44

    Signature Algorithm: sha256WithRSAEncryption
         7d:94:b2:48:9c:79:1b:1d:03:2f:fc:d0:88:3d:64:b7:d2:c1:
         28:22:47:f2:c3:7c:ff:5b:c3:00:6e:19:72:1b:a8:b2:02:6e:
         0f:93:5d:3d:54:f7:40:d7:79:83:55:1a:ba:f5:8a:b7:01:9b:
         90:20:f9:8a:8d:ce:a9:3d:3c:f8:4d:aa:f4:12:0e:c7:20:7f:
         f3:fe:47:f2:c6:95:f8:ae:51:c7:ef:04:3e:fc:fb:18:d0:86:
         ab:05:ee:6d:79:5a:1c:19:5d:b2:2d:8e:3e:39:34:fa:6e:5d:
         3e:37:77:a6:ae:da:79:3c:b4:55:32:f3:aa:25:c0:1a:b6:90:
         dd:59:3e:0b:a8:17:58:35:e3:05:cc:bc:a3:5f:a2:6b:4f:43:
         86:cc:51:f5:8b:90:08:29:92:52:4a:33:a2:33:ed:56:00:0e:
         9b:4e:a6:9d:46:fd:1f:bf:76:59:c9:8c:d4:bb:ba:ad:6d:e2:
         9b:04:a8:b5:92:77:6d:b9:67:2e:b7:96:09:12:75:75:e7:9d:
         96:10:75:d8:cb:ce:c3:83:2d:00:d6:5b:54:49:1c:27:c6:bf:
         40:34:fc:8a:05:e6:04:2f:b3:d8:f4:61:e2:07:68:3b:a9:34:
         e1:1e:24:40:d1:d4:64:ad:df:2e:ba:fe:ab:49:1a:ba:05:13:
         ce:58:52:c6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYZmEQrxDE0a9YuJqC+aPIZZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMjE4MTk0NzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzQzZjFhOWM3Y2JhZTBhYjgxYzcyODQxNDkyMjdiM2MxYThlOTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4arWps0GXr4Ct8kUMSXYjndNvqm
lja5YSnqcuo+9wCY+OdfUGM65U8ni4O0wHyVXLyDTGx2ay8kZk9ROgsi8ruFnDuG
jSxIyb4hgm2J5kEL6VsL6ni+HOQh/H7zNtmSvDRvlnpJrq0F59j47D3DDaNG8CzJ
tksE8VZHZ2nqg0BVRFDP9DkRaM1tSR3k0bjJSBFBMGXB4JJ2ZKr3oIoYQkNJo+KP
hAUhmDwQ6nS9f37VQXe9p6IJpYpKVKyQ1YOwsToQSRkH/z8LAColpMi827QGFK1W
eeiX99fY09d13OiXJtkq+LJGHPfkL77isS3AKKGIJS2VCIwW4Ppmz5hJJQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIND8anHy64KuBxyhBSSJ7PBqOk/MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZzBQeHFjZkxyZ3E0SEhLRUZKSW5zOEdvNlQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBwnQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB9lLJInHkbHQMv/NCIPWS30sEoIkfyw3z/W8MA
bhlyG6iyAm4Pk109VPdA13mDVRq69Yq3AZuQIPmKjc6pPTz4Tar0Eg7HIH/z/kfy
xpX4rlHH7wQ+/PsY0IarBe5teVocGV2yLY4+OTT6bl0+N3emrtp5PLRVMvOqJcAa
tpDdWT4LqBdYNeMFzLyjX6JrT0OGzFH1i5AIKZJSSjOiM+1WAA6bTqadRv0fv3ZZ
yYzUu7qtbeKbBKi1kndtuWcut5YJEnV1552WEHXYy87Dgy0A1ltUSRwnxr9ANPyK
BeYEL7PY9GHiB2g7qTThHiRA0dRkrd8uuv6rSRq6BRPOWFLG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:35 2024 by rpki-client on console-fra.rpki-client.org