Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kZlGyPmoHIyGWkCMp4ZLCOjP5LQ.roa
File:                     kZlGyPmoHIyGWkCMp4ZLCOjP5LQ.roa (raw, json)
Hash identifier:          4RF/3ZG1gWkikofe3u0m5wxvoy7htxB/ruF6mil3aEw=
Subject key identifier:   91:99:46:C8:F9:A8:1C:8C:86:5A:40:8C:A7:86:4B:08:E8:CF:E4:B4
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018C86C1A61C1005F3EDE1AB0F36312E3A56
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kZlGyPmoHIyGWkCMp4ZLCOjP5LQ.roa
Signing time:             Wed 20 Dec 2023 10:24:47 +0000
ROA not before:           Wed 20 Dec 2023 10:24:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     215825
IP address blocks:        2a0e:97c0:e70::/44 maxlen: 48

Validation:               Failed, certificate revoked on Wed 20 Dec 2023 12:18:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:86:c1:a6:1c:10:05:f3:ed:e1:ab:0f:36:31:2e:3a:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Dec 20 10:24:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=919946c8f9a81c8c865a408ca7864b08e8cfe4b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:0c:fa:87:e3:93:e4:a1:5a:20:c0:8b:ca:18:
                    22:49:c3:7f:f5:8f:6e:dc:ce:b0:65:01:39:0a:b8:
                    8e:cf:1c:d7:5b:ff:73:37:c8:30:b0:9c:9d:55:e9:
                    15:36:85:7d:bd:f8:aa:78:c8:7f:19:cc:70:94:31:
                    3d:a6:53:56:52:9a:6b:4f:9b:36:9d:64:8a:88:ef:
                    16:f1:f9:c2:ca:b8:a0:36:38:ce:f3:c0:36:b8:49:
                    e3:82:60:1c:91:1e:68:3c:28:1f:9f:e7:a7:d7:76:
                    cc:8d:66:dd:40:6e:f9:68:15:24:c3:79:65:f9:31:
                    29:6f:eb:6e:7d:d3:ab:2c:c1:96:8a:08:07:7a:d0:
                    b4:1d:87:1d:a1:38:05:22:a5:88:db:59:04:97:60:
                    ab:6d:81:87:7f:8d:76:24:14:73:4b:42:8c:96:66:
                    68:b3:95:93:94:cf:dd:56:dc:c4:50:c8:28:d7:5f:
                    71:1c:57:cf:29:50:36:0a:12:47:cd:04:8f:07:30:
                    0d:01:f6:9e:76:24:66:07:d2:87:be:e4:f7:22:42:
                    b2:d5:52:46:4b:1a:1d:01:18:f7:b8:42:39:ff:db:
                    eb:56:20:cd:c1:04:66:fa:06:4e:fd:7b:81:a1:13:
                    e1:ac:1d:82:52:d8:ec:1e:0d:7c:01:b1:4b:8a:7b:
                    f8:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:99:46:C8:F9:A8:1C:8C:86:5A:40:8C:A7:86:4B:08:E8:CF:E4:B4
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kZlGyPmoHIyGWkCMp4ZLCOjP5LQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:e70::/44

    Signature Algorithm: sha256WithRSAEncryption
         8a:4b:08:5a:99:0c:28:44:88:38:4f:03:4b:78:5a:87:06:da:
         db:c9:b7:11:c3:5d:87:08:f8:3e:60:05:c1:e8:30:83:c8:fa:
         8c:07:34:fd:ec:cf:78:12:74:d5:17:a9:90:8d:d1:62:9d:60:
         a6:ba:00:4f:a6:81:af:55:51:eb:ea:b0:30:32:52:b0:75:db:
         45:13:54:c9:d4:e5:f1:b0:09:6c:8b:7a:a3:b9:f4:ab:3e:5c:
         45:97:df:83:7d:7a:bd:78:1e:95:fd:b5:47:37:59:35:27:31:
         63:95:5e:cf:ad:dc:9d:85:b0:c0:1a:9f:63:8c:51:35:4e:71:
         1d:b6:5b:9b:fd:73:9f:6d:1c:84:33:78:68:79:68:0f:eb:11:
         66:8b:cc:2d:c4:6d:12:0e:3a:c2:d5:a7:d0:49:9a:c2:bb:ff:
         d8:2b:08:3e:17:0b:b3:c5:5e:42:b0:35:db:3c:c7:7b:65:e1:
         de:3d:06:48:91:53:b0:b6:6c:55:22:35:30:94:f6:a7:42:b8:
         c5:42:4c:f4:e8:a8:e1:8c:d4:fc:98:1b:4a:39:52:cd:13:e0:
         dc:29:b4:43:5c:fd:3d:d5:e1:33:cf:f4:1b:64:a6:df:ab:c0:
         e2:6b:92:ad:91:23:14:59:5b:8a:73:a2:c1:cc:2d:9c:c6:b1:
         33:76:18:95
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYyGwaYcEAXz7eGrDzYxLjpWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjIwMTAyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTk5NDZjOGY5YTgxYzhjODY1YTQwOGNhNzg2NGIwOGU4Y2ZlNGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgz6h+OT5KFaIMCLyhgiScN/9Y9u
3M6wZQE5CriOzxzXW/9zN8gwsJydVekVNoV9vfiqeMh/GcxwlDE9plNWUpprT5s2
nWSKiO8W8fnCyrigNjjO88A2uEnjgmAckR5oPCgfn+en13bMjWbdQG75aBUkw3ll
+TEpb+tufdOrLMGWiggHetC0HYcdoTgFIqWI21kEl2CrbYGHf412JBRzS0KMlmZo
s5WTlM/dVtzEUMgo119xHFfPKVA2ChJHzQSPBzANAfaediRmB9KHvuT3IkKy1VJG
SxodARj3uEI5/9vrViDNwQRm+gZO/XuBoRPhrB2CUtjsHg18AbFLinv4vwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJGZRsj5qByMhlpAjKeGSwjoz+S0MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEva1psR3lQbW9ISXlHV2tDTXA0WkxDT2pQNUxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwA5w
MA0GCSqGSIb3DQEBCwUAA4IBAQCKSwhamQwoRIg4TwNLeFqHBtrbybcRw12HCPg+
YAXB6DCDyPqMBzT97M94EnTVF6mQjdFinWCmugBPpoGvVVHr6rAwMlKwddtFE1TJ
1OXxsAlsi3qjufSrPlxFl9+DfXq9eB6V/bVHN1k1JzFjlV7PrdydhbDAGp9jjFE1
TnEdtlub/XOfbRyEM3hoeWgP6xFmi8wtxG0SDjrC1afQSZrCu//YKwg+FwuzxV5C
sDXbPMd7ZeHePQZIkVOwtmxVIjUwlPanQrjFQkz06KjhjNT8mBtKOVLNE+DcKbRD
XP091eEzz/QbZKbfq8Dia5KtkSMUWVuKc6LBzC2cxrEzdhiV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:11 2024 by rpki-client on console-ams.rpki-client.org