Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hRN4-cZZiITD2pCFz1-na92VusI.roa
File:                     hRN4-cZZiITD2pCFz1-na92VusI.roa (raw, json)
Hash identifier:          elUilMUn+wEvuiCEDPNegWj3GsjCxcM5g915Ivmt1Rk=
Subject key identifier:   85:13:78:F9:C6:59:88:84:C3:DA:90:85:CF:5F:A7:6B:DD:95:BA:C2
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E815C75AA7D9997EF475FE5603FF6C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hRN4-cZZiITD2pCFz1-na92VusI.roa
Signing time:             Mon 02 Jan 2023 05:15:36 +0000
ROA not before:           Mon 02 Jan 2023 05:15:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212268
IP address blocks:        2a0e:b107:f28::/48 maxlen: 48
                          2a0e:b107:f2a::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e8:15:c7:5a:a7:d9:99:7e:f4:75:fe:56:03:ff:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=851378f9c6598884c3da9085cf5fa76bdd95bac2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:d9:50:de:14:d3:f7:85:35:39:dd:6a:fb:9b:
                    a6:26:24:ee:76:f0:98:8f:8d:9e:43:54:69:12:70:
                    d8:29:bf:58:36:8b:4c:7b:99:2e:82:da:37:85:b0:
                    8a:9f:64:1f:ac:19:c0:ea:a5:d1:99:9a:66:04:04:
                    1f:39:56:47:74:b3:94:d4:db:fc:f5:c2:19:ca:9b:
                    54:4d:31:af:f2:6d:b6:80:af:cf:7c:27:58:94:25:
                    2a:eb:aa:3e:d6:ac:80:e7:75:26:29:86:20:f0:7c:
                    df:49:da:49:ae:a1:7a:95:82:00:11:70:0b:3b:a1:
                    f1:11:48:26:21:2c:19:80:ae:10:b6:59:9d:cd:94:
                    c1:76:e1:7b:f5:dc:b2:eb:98:ac:ac:b4:45:ee:c8:
                    07:39:8a:4b:80:11:3b:2d:09:3d:e5:f3:86:7e:7b:
                    05:84:fe:8f:41:74:c6:a7:29:87:55:2e:8f:49:2b:
                    0b:a7:20:75:07:a6:00:05:0c:a7:28:e0:b5:9b:7b:
                    fd:35:68:72:31:34:88:70:bb:3b:2e:2b:d2:20:29:
                    b1:ea:b8:be:63:80:ef:6a:33:91:98:e1:af:54:3a:
                    4b:8b:88:c0:a1:bd:2f:2d:8f:00:2e:78:15:5b:a0:
                    eb:1c:37:a2:ae:18:1d:68:4a:5c:77:05:c0:7c:eb:
                    29:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:13:78:F9:C6:59:88:84:C3:DA:90:85:CF:5F:A7:6B:DD:95:BA:C2
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hRN4-cZZiITD2pCFz1-na92VusI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:f28::/48
                  2a0e:b107:f2a::/48

    Signature Algorithm: sha256WithRSAEncryption
         a1:b0:72:cd:45:9c:21:33:ee:58:52:65:e4:fa:e3:af:3d:73:
         79:38:c1:22:25:8c:c2:70:52:8d:4e:f0:ea:b9:07:42:6a:8f:
         7b:d0:c0:58:18:73:df:dd:49:c2:70:53:12:ed:11:39:12:0f:
         b7:fa:9e:22:7c:2b:6f:67:f5:61:3f:2a:92:d5:15:b2:2d:44:
         fb:de:c5:69:68:04:10:fc:76:80:a4:27:b9:21:9a:24:82:04:
         03:ab:2b:59:1b:91:d5:32:75:35:03:3e:54:86:f8:78:2e:5a:
         79:ae:54:90:a9:ed:d8:40:4a:17:07:70:a7:a8:3b:de:31:4a:
         ac:91:a4:ee:88:97:90:f9:2f:05:16:f0:f8:49:43:b8:57:a2:
         3d:2b:f6:e4:e3:e6:f9:0d:a0:96:71:6d:52:06:0d:a0:98:ba:
         65:56:7a:24:00:e1:df:76:34:a7:89:f5:df:3e:08:69:9d:86:
         78:f4:c9:c1:7a:0d:93:89:81:b7:6c:fe:61:2b:63:74:e5:b1:
         e4:0b:09:ed:8c:04:78:9c:f3:6f:d2:f2:d7:8c:0d:66:2e:11:
         60:6f:58:4c:b5:ce:1b:b8:67:1e:53:68:d7:92:86:16:91:ac:
         b2:a1:40:60:df:3f:09:4c:0d:5b:c2:0b:b2:83:39:c6:9f:9c:
         a0:64:6f:6b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw6BXHWqfZmX70df5WA/9sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTEzNzhmOWM2NTk4ODg0YzNkYTkwODVjZjVmYTc2YmRkOTViYWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdlQ3hTT94U1Od1q+5umJiTudvCY
j42eQ1RpEnDYKb9YNotMe5kugto3hbCKn2QfrBnA6qXRmZpmBAQfOVZHdLOU1Nv8
9cIZyptUTTGv8m22gK/PfCdYlCUq66o+1qyA53UmKYYg8HzfSdpJrqF6lYIAEXAL
O6HxEUgmISwZgK4QtlmdzZTBduF79dyy65isrLRF7sgHOYpLgBE7LQk95fOGfnsF
hP6PQXTGpymHVS6PSSsLpyB1B6YABQynKOC1m3v9NWhyMTSIcLs7LivSICmx6ri+
Y4DvajORmOGvVDpLi4jAob0vLY8ALngVW6DrHDeirhgdaEpcdwXAfOspfwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIUTePnGWYiEw9qQhc9fp2vdlbrCMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaFJONC1jWlppSVREMnBDRnoxLW5hOTJWdXNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBw8o
AwcAKg6xBw8qMA0GCSqGSIb3DQEBCwUAA4IBAQChsHLNRZwhM+5YUmXk+uOvPXN5
OMEiJYzCcFKNTvDquQdCao970MBYGHPf3UnCcFMS7RE5Eg+3+p4ifCtvZ/VhPyqS
1RWyLUT73sVpaAQQ/HaApCe5IZokggQDqytZG5HVMnU1Az5Uhvh4Llp5rlSQqe3Y
QEoXB3CnqDveMUqskaTuiJeQ+S8FFvD4SUO4V6I9K/bk4+b5DaCWcW1SBg2gmLpl
VnokAOHfdjSnifXfPghpnYZ49MnBeg2TiYG3bP5hK2N05bHkCwntjAR4nPNv0vLX
jA1mLhFgb1hMtc4buGceU2jXkoYWkayyoUBg3z8JTA1bwguygznGn5ygZG9r
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:09 2024 by rpki-client on console-ams.rpki-client.org