Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lQEAp7VDUjD9KRnlRKv06C8uFjs.roa
File:                     lQEAp7VDUjD9KRnlRKv06C8uFjs.roa (raw, json)
Hash identifier:          6QLp0q4exoI/6kVfessFKB397kxspgWUeiG9EQlgjc8=
Subject key identifier:   95:01:00:A7:B5:43:52:30:FD:29:19:E5:44:AB:F4:E8:2F:2E:16:3B
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       01885292151826037F8C6E243064B09091D9
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lQEAp7VDUjD9KRnlRKv06C8uFjs.roa
Signing time:             Thu 25 May 2023 11:01:25 +0000
ROA not before:           Thu 25 May 2023 11:01:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     151194
IP address blocks:        2a10:ccc0:ccc0::/44 maxlen: 48
                          2a10:ccc0:ccc0::/46 maxlen: 48
                          2a06:de00:de00::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:52:92:15:18:26:03:7f:8c:6e:24:30:64:b0:90:91:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: May 25 11:01:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=950100a7b5435230fd2919e544abf4e82f2e163b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:e7:be:b2:16:f8:3a:78:2f:26:da:26:01:27:
                    30:72:01:08:73:3e:84:fd:fd:0c:20:c4:08:ba:e1:
                    52:61:0a:0d:8d:af:c0:dd:18:15:2e:f7:69:d9:01:
                    36:f9:d2:43:62:d0:24:cc:af:2d:32:ab:16:29:33:
                    5c:55:0b:06:8f:ef:dd:62:82:c4:d7:0c:73:fa:c5:
                    82:19:b1:30:1a:d4:0d:f4:22:4b:65:e4:09:7d:27:
                    cb:a7:13:af:ef:90:76:2c:8d:63:ff:c7:7e:4c:69:
                    9c:d1:35:e9:7a:52:37:8e:4b:a0:14:31:e5:0a:31:
                    d6:ff:c2:b0:74:a8:8f:c9:fd:1d:10:9e:3d:b7:49:
                    06:70:3d:57:bb:f7:94:d7:70:2c:a3:38:88:ef:3a:
                    c1:eb:eb:b6:e5:ef:30:78:18:25:6b:0c:5c:9d:84:
                    69:ea:4d:05:39:2b:ce:32:68:a8:fe:c6:12:8d:15:
                    82:c0:f3:1b:eb:1e:13:7d:17:d8:41:08:77:7e:48:
                    b2:d1:38:9b:90:a5:a5:c7:fb:59:d5:b2:fd:20:db:
                    16:db:2b:66:e7:aa:59:61:53:b4:50:81:8d:26:c6:
                    a3:bd:74:d5:62:12:cb:0c:49:ba:e9:a7:af:0b:f6:
                    05:cb:49:4a:c4:2f:aa:7d:27:e0:6d:2f:1c:7e:ca:
                    2a:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:01:00:A7:B5:43:52:30:FD:29:19:E5:44:AB:F4:E8:2F:2E:16:3B
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lQEAp7VDUjD9KRnlRKv06C8uFjs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:de00:de00::/44
                  2a10:ccc0:ccc0::/44

    Signature Algorithm: sha256WithRSAEncryption
         97:ce:7a:77:e1:14:e7:5d:42:1c:2e:82:67:a8:68:9d:15:73:
         f9:a9:6f:c8:26:fe:b3:bb:96:c9:bb:d9:6e:f4:f7:9e:6a:27:
         d0:d4:52:fa:51:31:c8:86:1e:35:92:a5:2c:e7:e2:ea:bd:5c:
         96:bd:50:31:b9:d4:7c:64:3e:f0:4e:99:e1:41:52:bf:f4:42:
         14:b4:9b:63:8b:c4:77:0a:1c:74:83:d8:c6:c4:ac:b0:63:ab:
         11:72:a3:ad:c5:09:39:9a:6e:0f:ff:4a:00:c5:68:42:98:25:
         89:91:62:cd:9f:7e:66:cf:2f:c7:76:0d:40:82:89:a6:ac:e6:
         e8:0b:6d:d5:46:f7:22:5c:47:18:58:d6:31:a0:0b:ac:17:3a:
         2f:e9:18:73:10:7b:8f:16:ff:24:13:9b:16:d1:41:8a:a3:89:
         19:a8:65:39:f2:9d:15:a9:62:48:6a:17:82:b0:22:d3:a6:98:
         e2:c7:94:fb:c5:05:f1:e1:fa:dc:fe:08:30:25:8a:96:33:40:
         c0:20:8f:0f:4f:85:fb:2e:4c:cb:8a:a3:6a:e7:e0:dd:7a:45:
         df:90:15:36:6b:a3:c8:28:a1:34:65:38:2f:ca:08:f8:21:85:
         cf:10:4c:63:da:2d:65:02:e4:ea:36:33:1b:8f:78:cb:6d:94:
         01:5f:b0:d1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYhSkhUYJgN/jG4kMGSwkJHZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNTI1MTEwMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTAxMDBhN2I1NDM1MjMwZmQyOTE5ZTU0NGFiZjRlODJmMmUxNjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ue+shb4OngvJtomAScwcgEIcz6E
/f0MIMQIuuFSYQoNja/A3RgVLvdp2QE2+dJDYtAkzK8tMqsWKTNcVQsGj+/dYoLE
1wxz+sWCGbEwGtQN9CJLZeQJfSfLpxOv75B2LI1j/8d+TGmc0TXpelI3jkugFDHl
CjHW/8KwdKiPyf0dEJ49t0kGcD1Xu/eU13AsoziI7zrB6+u25e8weBglawxcnYRp
6k0FOSvOMmio/sYSjRWCwPMb6x4TfRfYQQh3fkiy0TibkKWlx/tZ1bL9INsW2ytm
56pZYVO0UIGNJsajvXTVYhLLDEm66aevC/YFy0lKxC+qfSfgbS8cfsoq7QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJUBAKe1Q1Iw/SkZ5USr9OgvLhY7MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbFFFQXA3VkRVakQ5S1JubFJLdjA2Qzh1RmpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgbeAN4A
AwcEKhDMwMzAMA0GCSqGSIb3DQEBCwUAA4IBAQCXznp34RTnXUIcLoJnqGidFXP5
qW/IJv6zu5bJu9lu9PeeaifQ1FL6UTHIhh41kqUs5+LqvVyWvVAxudR8ZD7wTpnh
QVK/9EIUtJtji8R3Chx0g9jGxKywY6sRcqOtxQk5mm4P/0oAxWhCmCWJkWLNn35m
zy/Hdg1AgommrOboC23VRvciXEcYWNYxoAusFzov6RhzEHuPFv8kE5sW0UGKo4kZ
qGU58p0VqWJIaheCsCLTppjix5T7xQXx4frc/ggwJYqWM0DAII8PT4X7LkzLiqNq
5+DdekXfkBU2a6PIKKE0ZTgvygj4IYXPEExj2i1lAuTqNjMbj3jLbZQBX7DR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:11 2024 by rpki-client on console-ams.rpki-client.org