Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lBAymQe8nK1eEG8vtVTNyGxSq_s.roa
File:                     lBAymQe8nK1eEG8vtVTNyGxSq_s.roa (raw, json)
Hash identifier:          MDjz4tO3cROWreUStvJKgSQF5vD/ZNwn8qTYGOpa5fk=
Subject key identifier:   94:10:32:99:07:BC:9C:AD:5E:10:6F:2F:B5:54:CD:C8:6C:52:AB:FB
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018A430DAF987EA6A1C70819EFE248B9DE94
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lBAymQe8nK1eEG8vtVTNyGxSq_s.roa
Signing time:             Tue 29 Aug 2023 20:48:04 +0000
ROA not before:           Tue 29 Aug 2023 20:48:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43607
IP address blocks:        2a0e:b107:27d0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sat 02 Sep 2023 16:11:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:43:0d:af:98:7e:a6:a1:c7:08:19:ef:e2:48:b9:de:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Aug 29 20:48:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9410329907bc9cad5e106f2fb554cdc86c52abfb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:6a:42:b9:e9:f6:95:d5:5e:ad:1d:82:68:16:
                    4b:92:01:64:d7:b0:58:a2:c8:08:73:1a:a1:bc:c1:
                    50:fc:99:7a:f9:82:e3:bc:38:b3:db:f2:aa:32:5d:
                    5c:83:c3:4d:16:99:67:bd:7b:7a:c6:ca:48:0d:90:
                    21:7e:fd:49:c2:12:43:d8:0c:62:8a:c3:ea:86:12:
                    50:d2:64:9f:d2:df:42:51:9c:70:7b:74:8b:4d:f2:
                    d1:f9:77:7f:91:1a:2a:d7:c8:fd:23:0b:7f:24:44:
                    38:11:b1:5b:be:b7:dd:57:32:d8:62:3e:2b:f0:3a:
                    b1:57:75:19:59:68:ef:cb:dd:c7:d6:07:d6:5d:8f:
                    f6:7c:46:1f:01:3f:77:6a:9e:33:73:8d:65:21:c1:
                    8a:08:6e:25:16:0a:b8:19:8e:bb:6e:3d:00:8d:d0:
                    aa:16:80:cb:6f:9d:41:23:23:cc:f4:6e:f4:ce:74:
                    91:c3:ae:1c:46:31:25:86:47:27:12:bf:03:96:13:
                    b8:94:0a:65:68:dc:88:53:30:27:40:c7:e4:5a:c6:
                    1d:54:66:aa:48:01:6d:06:d8:e6:0d:30:58:a0:e0:
                    7d:43:a9:22:c4:b7:87:ea:16:3e:7a:52:bc:93:2d:
                    24:f1:ac:92:6b:6e:b5:15:8c:53:ee:f5:1c:55:d5:
                    9a:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:10:32:99:07:BC:9C:AD:5E:10:6F:2F:B5:54:CD:C8:6C:52:AB:FB
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lBAymQe8nK1eEG8vtVTNyGxSq_s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:27d0::/48

    Signature Algorithm: sha256WithRSAEncryption
         44:1c:59:ba:cf:3d:9e:b3:fc:15:bf:b1:62:57:14:2e:4d:2e:
         54:24:e4:98:3e:24:11:89:71:dd:84:ca:60:ec:7e:38:de:28:
         bf:5f:13:97:20:52:ff:f7:aa:ab:b4:9b:c9:a6:b5:cd:9b:38:
         de:16:c2:c2:ee:78:24:22:25:b6:9c:15:9a:b5:76:1e:5f:df:
         39:7e:6c:c9:81:85:be:6e:ed:90:a8:6c:b6:52:df:2e:d3:6c:
         17:2a:66:41:03:cc:1d:0a:bf:00:86:5b:10:88:da:44:d3:af:
         bc:d4:00:90:6a:11:91:c0:c5:2b:e6:a4:f5:49:60:7c:65:7b:
         2a:3e:4f:ff:52:fe:89:99:e9:1d:7b:c9:40:46:50:79:c8:48:
         ca:28:82:4c:24:4c:d3:61:97:f7:f6:7b:41:d4:3b:57:74:e0:
         15:82:88:34:39:63:26:aa:9e:53:03:d2:57:28:3f:21:a4:2a:
         7c:0d:5c:02:08:dc:31:b8:90:00:86:80:85:06:70:58:ce:ee:
         bd:17:14:ae:d5:63:af:78:47:f9:69:86:54:72:ba:8d:72:64:
         58:f7:0c:01:b6:f0:a2:4e:30:ee:42:38:86:83:55:93:09:2e:
         b8:e4:62:f4:d1:39:27:8a:75:03:44:df:29:ea:13:a9:f2:00:
         fe:00:26:87
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYpDDa+YfqahxwgZ7+JIud6UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwODI5MjA0ODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDEwMzI5OTA3YmM5Y2FkNWUxMDZmMmZiNTU0Y2RjODZjNTJhYmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2pCuen2ldVerR2CaBZLkgFk17BY
osgIcxqhvMFQ/Jl6+YLjvDiz2/KqMl1cg8NNFplnvXt6xspIDZAhfv1JwhJD2Axi
isPqhhJQ0mSf0t9CUZxwe3SLTfLR+Xd/kRoq18j9Iwt/JEQ4EbFbvrfdVzLYYj4r
8DqxV3UZWWjvy93H1gfWXY/2fEYfAT93ap4zc41lIcGKCG4lFgq4GY67bj0AjdCq
FoDLb51BIyPM9G70znSRw64cRjElhkcnEr8DlhO4lAplaNyIUzAnQMfkWsYdVGaq
SAFtBtjmDTBYoOB9Q6kixLeH6hY+elK8ky0k8aySa261FYxT7vUcVdWa2wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJQQMpkHvJytXhBvL7VUzchsUqv7MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbEJBeW1RZThuSzFlRUc4dnRWVE55R3hTcV9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xByfQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBEHFm6zz2es/wVv7FiVxQuTS5UJOSYPiQRiXHd
hMpg7H443ii/XxOXIFL/96qrtJvJprXNmzjeFsLC7ngkIiW2nBWatXYeX985fmzJ
gYW+bu2QqGy2Ut8u02wXKmZBA8wdCr8AhlsQiNpE06+81ACQahGRwMUr5qT1SWB8
ZXsqPk//Uv6Jmekde8lARlB5yEjKKIJMJEzTYZf39ntB1DtXdOAVgog0OWMmqp5T
A9JXKD8hpCp8DVwCCNwxuJAAhoCFBnBYzu69FxSu1WOveEf5aYZUcrqNcmRY9wwB
tvCiTjDuQjiGg1WTCS645GL00TkninUDRN8p6hOp8gD+ACaH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:11 2024 by rpki-client on console-ams.rpki-client.org