Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hhAiKRqgV4ixZivSYvDWvHl7XIw.roa
File:                     hhAiKRqgV4ixZivSYvDWvHl7XIw.roa (raw, json)
Hash identifier:          uov1AybMvIZK4ezuqyGLERm295/7Qgu2NP3ODLcdjYg=
Subject key identifier:   86:10:22:29:1A:A0:57:88:B1:66:2B:D2:62:F0:D6:BC:79:7B:5C:8C
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E819D3A13506B1C1B73833D36D6F4D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hhAiKRqgV4ixZivSYvDWvHl7XIw.roa
Signing time:             Mon 02 Jan 2023 05:15:37 +0000
ROA not before:           Mon 02 Jan 2023 05:15:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212508
IP address blocks:        2a0e:b107:dd0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e8:19:d3:a1:35:06:b1:c1:b7:38:33:d3:6d:6f:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=861022291aa05788b1662bd262f0d6bc797b5c8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:22:0d:a5:30:59:05:20:03:db:47:9d:d2:29:
                    76:0c:42:f2:d7:c2:8d:3c:07:61:78:b9:b8:2f:97:
                    0b:76:a0:28:62:d3:eb:a2:6f:4a:d1:23:63:2b:1a:
                    9b:be:d6:4c:e3:21:00:7b:00:ab:c3:f2:48:17:73:
                    01:5e:99:e0:94:c7:cd:6e:35:de:ff:7c:61:ed:09:
                    9b:5a:ed:fb:b3:e2:fc:e7:0d:2d:4f:54:49:47:cd:
                    93:ae:ce:9b:67:ab:ea:3a:4c:fb:64:78:b1:ef:7b:
                    78:17:e7:eb:18:05:da:9c:88:5a:c1:5b:fd:3d:1d:
                    d2:a1:13:ce:b8:42:c5:43:66:a4:01:62:cb:3d:09:
                    63:17:29:00:aa:00:d7:28:7b:ce:01:51:bc:26:54:
                    91:7f:ba:dc:13:9b:f1:ae:ab:bd:72:f4:f4:2e:18:
                    12:22:6d:3e:ab:7d:91:66:96:03:21:48:49:49:81:
                    47:22:e9:de:99:55:fe:fc:53:ce:7c:3e:c7:03:3d:
                    5d:47:5c:8d:4b:de:84:dc:7e:ed:8b:b0:a9:4e:eb:
                    f8:12:dc:86:77:4b:a3:1e:de:95:ff:35:3f:9c:2b:
                    2a:58:39:61:3c:9f:bf:5e:54:26:be:f8:b5:e8:ab:
                    81:76:17:83:84:24:88:73:09:dd:28:ee:7b:ca:85:
                    20:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:10:22:29:1A:A0:57:88:B1:66:2B:D2:62:F0:D6:BC:79:7B:5C:8C
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hhAiKRqgV4ixZivSYvDWvHl7XIw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:dd0::/44

    Signature Algorithm: sha256WithRSAEncryption
         93:66:76:b1:1d:c8:bf:ef:04:c9:d9:9c:da:42:41:9e:cf:a5:
         8f:20:13:19:24:16:2a:85:06:2c:8a:8d:44:5d:af:9d:4e:a3:
         04:d4:f4:1f:6a:4c:86:1e:20:e1:21:a1:61:ba:ad:8c:22:71:
         e2:ee:a3:d0:e3:e7:7b:35:5a:c4:9a:ad:70:4d:ee:b8:dd:72:
         af:86:e2:17:ee:55:26:2b:1e:44:8e:29:ea:4c:33:fa:c2:b9:
         ef:64:54:d5:f8:fa:63:5c:1c:5b:89:8b:20:76:20:f9:a2:15:
         c0:ea:c1:34:5c:28:3f:40:ee:fa:ca:09:00:44:fa:07:ab:d0:
         d2:e0:13:a7:7d:e8:af:51:93:e7:bb:1d:bb:90:ca:e3:f0:30:
         d4:85:40:a1:e4:02:9b:43:ab:a1:60:2b:0d:3b:c3:6a:9c:96:
         83:82:02:8a:a9:6f:3d:5c:f4:12:1f:e3:0d:b5:63:0b:39:93:
         fe:d9:0b:d5:d8:0a:65:2d:fc:75:da:a0:fe:42:37:b8:e6:35:
         91:d4:63:17:50:9c:7d:48:50:4e:ad:a3:99:93:b9:d7:a1:95:
         89:23:aa:77:e3:79:14:55:10:af:53:49:ed:b8:83:d8:2f:1f:
         ef:63:1c:4d:d6:2d:39:38:aa:5e:b5:bb:da:bd:75:77:2a:a5:
         32:16:53:5e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw6BnToTUGscG3ODPTbW9NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjEwMjIyOTFhYTA1Nzg4YjE2NjJiZDI2MmYwZDZiYzc5N2I1YzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryINpTBZBSAD20ed0il2DELy18KN
PAdheLm4L5cLdqAoYtProm9K0SNjKxqbvtZM4yEAewCrw/JIF3MBXpnglMfNbjXe
/3xh7QmbWu37s+L85w0tT1RJR82Trs6bZ6vqOkz7ZHix73t4F+frGAXanIhawVv9
PR3SoRPOuELFQ2akAWLLPQljFykAqgDXKHvOAVG8JlSRf7rcE5vxrqu9cvT0LhgS
Im0+q32RZpYDIUhJSYFHIunemVX+/FPOfD7HAz1dR1yNS96E3H7ti7CpTuv4EtyG
d0ujHt6V/zU/nCsqWDlhPJ+/XlQmvvi16KuBdheDhCSIcwndKO57yoUgLwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIYQIikaoFeIsWYr0mLw1rx5e1yMMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaGhBaUtScWdWNGl4Wml2U1l2RFd2SGw3WEl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBw3Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCTZnaxHci/7wTJ2ZzaQkGez6WPIBMZJBYqhQYs
io1EXa+dTqME1PQfakyGHiDhIaFhuq2MInHi7qPQ4+d7NVrEmq1wTe643XKvhuIX
7lUmKx5EjinqTDP6wrnvZFTV+PpjXBxbiYsgdiD5ohXA6sE0XCg/QO76ygkARPoH
q9DS4BOnfeivUZPnux27kMrj8DDUhUCh5AKbQ6uhYCsNO8NqnJaDggKKqW89XPQS
H+MNtWMLOZP+2QvV2AplLfx12qD+Qje45jWR1GMXUJx9SFBOraOZk7nXoZWJI6p3
43kUVRCvU0ntuIPYLx/vYxxN1i05OKpetbvavXV3KqUyFlNe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:10 2024 by rpki-client on console-ams.rpki-client.org