Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hxqPmrOLK69sjtCXpYJmeB6UGGE.roa
File:                     hxqPmrOLK69sjtCXpYJmeB6UGGE.roa (raw, json)
Hash identifier:          qfwLYAjL4cWt4fA4lMXML1/Ito8MDPp/OzM/hohoWnM=
Subject key identifier:   87:1A:8F:9A:B3:8B:2B:AF:6C:8E:D0:97:A5:82:66:78:1E:94:18:61
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018CC9BD38980415619AD605779A3EF67889
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hxqPmrOLK69sjtCXpYJmeB6UGGE.roa
Signing time:             Tue 02 Jan 2024 10:34:30 +0000
ROA not before:           Tue 02 Jan 2024 10:34:30 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211622
IP address blocks:        2a0e:b107:1070::/44 maxlen: 48

Validation:               Failed, certificate revoked on Sun 07 Apr 2024 11:57:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bd:38:98:04:15:61:9a:d6:05:77:9a:3e:f6:78:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 10:34:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=871a8f9ab38b2baf6c8ed097a58266781e941861
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:37:57:b9:74:9f:ff:c2:10:22:a6:9e:72:82:
                    6d:c9:b2:2e:20:4a:61:98:ca:14:7d:72:59:a2:f5:
                    21:86:0f:81:05:41:91:43:5c:cb:30:20:f6:1f:c0:
                    c7:cf:b2:9c:1e:aa:4b:ec:08:58:ac:01:1f:82:e2:
                    11:5d:d6:c1:ac:fe:66:81:66:de:38:c4:07:27:7f:
                    18:83:e0:aa:f5:7e:8e:84:e7:1f:e4:47:11:88:b2:
                    8d:8e:66:8b:d5:cc:48:70:f5:80:b9:64:d1:2a:9c:
                    1a:90:25:9c:f5:a2:56:e6:af:1d:34:06:de:cc:20:
                    61:f1:6b:2e:f0:83:8e:99:7f:ff:fc:9d:4b:77:d6:
                    75:1b:60:ce:72:88:30:2b:38:f8:e8:87:fc:6d:e6:
                    9e:87:5b:22:a7:5b:2c:19:71:ee:4c:ee:bf:c8:ed:
                    d2:c4:b6:6b:96:d4:3c:6a:ea:92:4a:d4:13:d0:9b:
                    45:ab:4b:ed:bf:50:cd:1e:a5:b8:0a:1e:b7:ae:d4:
                    f6:57:8d:9e:dc:29:c3:f8:20:8c:e5:82:9b:49:1a:
                    b9:18:dd:08:e6:7f:17:73:be:c1:97:50:7c:40:a8:
                    e3:07:09:67:07:61:bf:56:47:fa:d4:40:6f:0b:74:
                    59:25:c6:36:67:8d:97:6e:4b:eb:e2:20:8c:e5:57:
                    8f:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:1A:8F:9A:B3:8B:2B:AF:6C:8E:D0:97:A5:82:66:78:1E:94:18:61
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hxqPmrOLK69sjtCXpYJmeB6UGGE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:1070::/44

    Signature Algorithm: sha256WithRSAEncryption
         72:f7:69:8b:42:27:af:37:8e:14:4e:8a:bc:5a:1f:a9:c3:98:
         13:f5:55:e2:88:7b:bd:fa:f5:e9:bc:78:9f:bb:1d:53:4b:1f:
         87:5f:b8:49:ab:78:86:4d:ce:fd:07:a1:c1:78:a7:3b:17:5e:
         65:4c:d7:fd:5c:26:03:97:1c:90:e0:a9:af:06:2d:f5:af:c1:
         47:11:10:35:47:d1:ca:07:9c:bd:fd:eb:3d:23:a6:91:f4:8f:
         b0:ca:e5:e8:5a:8b:cb:22:ab:37:6c:72:93:26:cf:ef:ec:b4:
         3c:41:c7:32:c4:19:44:33:59:a2:86:97:8c:b9:d4:c8:b7:21:
         16:4d:25:7a:0a:e9:6c:07:b5:0b:9d:a8:76:ba:1a:61:2d:17:
         a2:36:de:c7:b0:56:5d:f7:99:c6:91:a1:a3:29:93:c6:d6:f1:
         58:38:3b:ee:95:e3:85:e9:f1:8a:02:bc:44:1e:4f:9d:e8:1a:
         06:17:f8:6b:ee:c7:7a:fe:11:23:55:0d:7f:6e:d5:51:44:1c:
         d9:ee:05:81:61:d3:d4:20:db:0d:2a:75:36:3d:6f:96:47:37:
         74:cc:20:15:7b:cc:1f:84:94:da:c5:78:1e:17:52:f8:73:41:
         77:57:85:d1:ea:5d:4c:a6:60:1c:8e:c4:7b:c6:46:01:55:c3:
         66:18:7b:e0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvTiYBBVhmtYFd5o+9niJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzFhOGY5YWIzOGIyYmFmNmM4ZWQwOTdhNTgyNjY3ODFlOTQxODYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTdXuXSf/8IQIqaecoJtybIuIEph
mMoUfXJZovUhhg+BBUGRQ1zLMCD2H8DHz7KcHqpL7AhYrAEfguIRXdbBrP5mgWbe
OMQHJ38Yg+Cq9X6OhOcf5EcRiLKNjmaL1cxIcPWAuWTRKpwakCWc9aJW5q8dNAbe
zCBh8Wsu8IOOmX///J1Ld9Z1G2DOcogwKzj46If8beaeh1sip1ssGXHuTO6/yO3S
xLZrltQ8auqSStQT0JtFq0vtv1DNHqW4Ch63rtT2V42e3CnD+CCM5YKbSRq5GN0I
5n8Xc77Bl1B8QKjjBwlnB2G/Vkf61EBvC3RZJcY2Z42Xbkvr4iCM5VePdwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIcaj5qziyuvbI7Ql6WCZngelBhhMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaHhxUG1yT0xLNjlzanRDWHBZSm1lQjZVR0dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxBw
MA0GCSqGSIb3DQEBCwUAA4IBAQBy92mLQievN44UToq8Wh+pw5gT9VXiiHu9+vXp
vHifux1TSx+HX7hJq3iGTc79B6HBeKc7F15lTNf9XCYDlxyQ4KmvBi31r8FHERA1
R9HKB5y9/es9I6aR9I+wyuXoWovLIqs3bHKTJs/v7LQ8QccyxBlEM1mihpeMudTI
tyEWTSV6CulsB7ULnah2uhphLReiNt7HsFZd95nGkaGjKZPG1vFYODvuleOF6fGK
ArxEHk+d6BoGF/hr7sd6/hEjVQ1/btVRRBzZ7gWBYdPUINsNKnU2PW+WRzd0zCAV
e8wfhJTaxXgeF1L4c0F3V4XR6l1MpmAcjsR7xkYBVcNmGHvg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:10 2024 by rpki-client on console-ams.rpki-client.org