Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jlGQEwnR-xAFoWKgXYwIFAh69XE.roa
File:                     jlGQEwnR-xAFoWKgXYwIFAh69XE.roa (raw, json)
Hash identifier:          nWNOb+yLNf3yoDsDXCUWfWxeD6pYJ1kcM8iY76Q8nJk=
Subject key identifier:   8E:51:90:13:09:D1:FB:10:05:A1:62:A0:5D:8C:08:14:08:7A:F5:71
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018CB04CC209D5B895F6583688F8E1545184
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jlGQEwnR-xAFoWKgXYwIFAh69XE.roa
Signing time:             Thu 28 Dec 2023 12:01:09 +0000
ROA not before:           Thu 28 Dec 2023 12:01:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200598
IP address blocks:        2a06:de01:401::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:b0:4c:c2:09:d5:b8:95:f6:58:36:88:f8:e1:54:51:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Dec 28 12:01:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8e51901309d1fb1005a162a05d8c0814087af571
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:7c:01:e7:96:95:80:c7:45:ab:72:0b:14:2f:
                    45:a9:45:2d:97:c6:cd:18:23:a4:f7:77:81:1a:ea:
                    49:84:cf:9f:f7:14:dd:60:22:31:bb:64:13:80:24:
                    1d:69:53:01:41:bb:22:a3:d0:65:cf:59:fc:45:2f:
                    20:83:e3:62:cc:5e:99:dc:45:c4:af:42:20:3c:15:
                    49:4b:d7:ad:58:bc:f5:92:93:89:cb:34:c1:6f:fc:
                    4c:62:ce:ba:80:70:a7:96:f6:42:0d:cf:d9:82:af:
                    e2:96:57:e9:f4:d5:b4:94:b6:63:c8:09:ef:a0:c5:
                    57:44:18:2f:0f:e1:27:d0:e2:50:e2:6a:75:73:15:
                    83:a5:ec:bc:93:74:83:9f:54:1f:f3:8d:82:2f:91:
                    6d:82:fb:20:f5:c9:fc:d1:cd:e2:2e:10:c9:83:88:
                    37:01:58:33:eb:2c:70:fd:50:e1:1b:11:2e:e0:38:
                    c3:da:9a:35:4f:08:2b:24:6d:b9:4b:3c:7a:83:a0:
                    09:68:7d:99:97:c5:57:24:8c:89:1a:d8:35:d4:c8:
                    8b:8b:c8:89:00:a1:57:dd:1c:16:4e:1c:f8:39:d8:
                    c8:eb:e2:21:28:c4:16:97:bb:c7:80:26:3c:ce:00:
                    52:73:b4:ad:e9:05:e0:dd:df:0b:4d:f5:16:8a:a5:
                    80:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:51:90:13:09:D1:FB:10:05:A1:62:A0:5D:8C:08:14:08:7A:F5:71
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jlGQEwnR-xAFoWKgXYwIFAh69XE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:de01:401::/48

    Signature Algorithm: sha256WithRSAEncryption
         8d:03:0e:1d:a2:42:ea:01:8e:f3:d7:10:f3:cf:19:0a:75:f0:
         b4:aa:6b:be:2c:35:70:81:7a:81:86:91:fd:a4:14:b6:47:0f:
         ed:ef:50:c8:d0:92:0f:11:59:4e:ee:70:f9:58:2c:6a:56:b3:
         60:97:95:c7:5a:4e:75:52:4e:fe:97:5f:0a:d3:f2:4d:b3:b2:
         5c:81:ef:c0:23:f9:62:0d:b7:81:59:71:47:0a:d9:4d:c0:d1:
         7e:c4:5a:0a:02:71:d4:0d:ff:92:d7:c9:14:ca:88:52:9e:e5:
         d1:e6:d6:ae:64:88:34:55:63:ad:ac:af:d4:ad:13:d7:42:83:
         91:a7:c8:0f:a5:72:ce:70:0d:aa:f1:f2:e1:ac:11:d7:29:d9:
         2c:18:03:66:09:0c:82:a0:bb:2c:a4:67:4d:7b:2b:64:98:1a:
         19:f4:fd:38:d0:53:c5:f1:06:8a:e3:d3:23:11:fe:2e:96:fe:
         89:a7:e7:56:b7:8a:42:7f:ff:5a:e3:63:18:49:b1:97:35:98:
         dc:bc:96:3d:51:88:94:72:c1:4e:6e:22:ad:e6:97:e7:df:5c:
         00:28:b3:f4:28:2b:28:31:a3:4a:4b:21:04:d7:ec:cd:dc:17:
         79:3b:d5:75:2f:6a:80:21:ea:c5:48:68:e4:f0:40:9a:03:04:
         60:ac:47:a4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYywTMIJ1biV9lg2iPjhVFGEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjI4MTIwMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTUxOTAxMzA5ZDFmYjEwMDVhMTYyYTA1ZDhjMDgxNDA4N2FmNTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXwB55aVgMdFq3ILFC9FqUUtl8bN
GCOk93eBGupJhM+f9xTdYCIxu2QTgCQdaVMBQbsio9Blz1n8RS8gg+NizF6Z3EXE
r0IgPBVJS9etWLz1kpOJyzTBb/xMYs66gHCnlvZCDc/Zgq/illfp9NW0lLZjyAnv
oMVXRBgvD+En0OJQ4mp1cxWDpey8k3SDn1Qf842CL5Ftgvsg9cn80c3iLhDJg4g3
AVgz6yxw/VDhGxEu4DjD2po1TwgrJG25Szx6g6AJaH2Zl8VXJIyJGtg11MiLi8iJ
AKFX3RwWThz4OdjI6+IhKMQWl7vHgCY8zgBSc7St6QXg3d8LTfUWiqWADQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFI5RkBMJ0fsQBaFioF2MCBQIevVxMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvamxHUUV3blIteEFGb1dLZ1hZd0lGQWg2OVhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgbeAQQB
MA0GCSqGSIb3DQEBCwUAA4IBAQCNAw4dokLqAY7z1xDzzxkKdfC0qmu+LDVwgXqB
hpH9pBS2Rw/t71DI0JIPEVlO7nD5WCxqVrNgl5XHWk51Uk7+l18K0/JNs7Jcge/A
I/liDbeBWXFHCtlNwNF+xFoKAnHUDf+S18kUyohSnuXR5tauZIg0VWOtrK/UrRPX
QoORp8gPpXLOcA2q8fLhrBHXKdksGANmCQyCoLsspGdNeytkmBoZ9P040FPF8QaK
49MjEf4ulv6Jp+dWt4pCf/9a42MYSbGXNZjcvJY9UYiUcsFObiKt5pfn31wAKLP0
KCsoMaNKSyEE1+zN3Bd5O9V1L2qAIerFSGjk8ECaAwRgrEek
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:36 2024 by rpki-client on console-fra.rpki-client.org