Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lUzeFdwBjqgTKeRYyO4-Avi-3zg.roa
File:                     lUzeFdwBjqgTKeRYyO4-Avi-3zg.roa (raw, json)
Hash identifier:          O+WqCw9mOtZ2ZxSDVC0kymvH8X8suasW+nhb36ieSEo=
Subject key identifier:   95:4C:DE:15:DC:01:8E:A8:13:29:E4:58:C8:EE:3E:02:F8:BE:DF:38
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0185E48B0BF0C40A1CE58F86FBD9AB60397F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lUzeFdwBjqgTKeRYyO4-Avi-3zg.roa
Signing time:             Tue 24 Jan 2023 16:09:55 +0000
ROA not before:           Tue 24 Jan 2023 16:09:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212895
IP address blocks:        2a0e:b102:100::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e4:8b:0b:f0:c4:0a:1c:e5:8f:86:fb:d9:ab:60:39:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan 24 16:09:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=954cde15dc018ea81329e458c8ee3e02f8bedf38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:83:fa:6a:19:32:a8:07:7e:15:3e:f0:0a:56:
                    3a:29:4f:0f:63:d7:a7:6e:f5:ff:d6:d8:3d:e6:70:
                    15:91:7c:44:99:93:68:e7:0b:c0:f3:a8:63:3d:07:
                    bf:79:74:47:49:1b:0d:b3:10:93:16:cd:2c:19:07:
                    fa:13:af:9f:eb:22:37:ff:e3:e7:54:7f:d9:68:c4:
                    6a:9d:d3:28:0c:cc:64:6b:a4:de:b5:7d:2d:8a:ad:
                    05:a9:a8:ae:d8:61:53:1b:89:61:a1:d0:90:b1:67:
                    31:7a:11:a1:18:8d:34:c3:97:6b:65:03:a6:e9:3e:
                    5a:37:c1:19:e9:54:ec:e1:01:f1:79:75:5a:94:68:
                    7c:51:4b:a0:20:de:14:b4:58:5a:59:5c:1b:50:72:
                    0e:ac:f0:06:a5:45:36:86:37:06:4b:45:e6:9f:52:
                    dc:d6:3f:2a:f4:09:4f:1e:89:ab:9e:14:6b:16:cc:
                    98:42:31:21:2f:35:ed:e8:d7:3c:63:82:c3:13:b9:
                    85:e3:41:39:76:69:d2:2b:0c:41:85:dc:71:05:a1:
                    ea:ae:fd:43:d6:87:ae:8a:8f:e1:5f:09:84:96:66:
                    d1:7e:87:6e:f1:fc:d1:4e:ae:fa:e6:fd:9e:04:87:
                    3e:a8:6d:b2:2f:bf:85:64:bf:a0:66:1d:14:ba:24:
                    7a:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:4C:DE:15:DC:01:8E:A8:13:29:E4:58:C8:EE:3E:02:F8:BE:DF:38
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lUzeFdwBjqgTKeRYyO4-Avi-3zg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b102:100::/44

    Signature Algorithm: sha256WithRSAEncryption
         67:56:d4:80:39:9a:1a:95:11:89:13:81:21:28:1a:4d:db:be:
         67:51:a2:67:1e:47:52:af:7c:d9:9d:61:66:a3:c2:20:af:f4:
         4d:9d:cb:d7:09:51:5d:8a:76:e3:0a:53:fd:e7:20:ef:5b:c3:
         e1:1f:2a:62:da:7b:20:7a:e9:2a:a5:42:e4:a6:47:62:8c:2b:
         04:01:5a:06:8e:15:3f:10:af:c4:ee:5e:b6:e5:09:64:99:90:
         6b:e2:81:87:da:de:5b:52:46:c1:96:5b:85:da:01:b8:ed:50:
         b0:76:9c:f2:cc:56:3f:d9:1a:4d:07:fc:c2:c6:f0:4b:46:07:
         5a:73:2e:38:51:b4:62:90:a3:c9:38:5e:65:76:cf:59:ba:8a:
         68:88:0b:26:24:5a:a4:93:2c:86:d5:07:e4:f5:3a:b3:ad:31:
         6d:04:25:b2:21:a1:92:94:1d:5d:5a:20:f4:6f:14:a1:e3:2a:
         e2:e3:7b:63:a5:e1:12:ca:04:45:9d:89:9e:22:d2:72:91:cd:
         25:f4:7d:9b:f9:fa:4b:15:fd:85:12:d1:84:00:67:a3:8b:66:
         bb:c3:1f:09:54:15:4c:85:6a:a0:54:9e:b9:94:e6:db:a7:23:
         dc:33:97:9b:39:2d:19:fb:5c:16:4f:3a:31:da:72:6c:8f:99:
         2f:10:6a:b9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkiwvwxAoc5Y+G+9mrYDl/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTRjZGUxNWRjMDE4ZWE4MTMyOWU0NThjOGVlM2UwMmY4YmVkZjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYP6ahkyqAd+FT7wClY6KU8PY9en
bvX/1tg95nAVkXxEmZNo5wvA86hjPQe/eXRHSRsNsxCTFs0sGQf6E6+f6yI3/+Pn
VH/ZaMRqndMoDMxka6TetX0tiq0Fqaiu2GFTG4lhodCQsWcxehGhGI00w5drZQOm
6T5aN8EZ6VTs4QHxeXValGh8UUugIN4UtFhaWVwbUHIOrPAGpUU2hjcGS0Xmn1Lc
1j8q9AlPHomrnhRrFsyYQjEhLzXt6Nc8Y4LDE7mF40E5dmnSKwxBhdxxBaHqrv1D
1oeuio/hXwmElmbRfodu8fzRTq765v2eBIc+qG2yL7+FZL+gZh0UuiR6KwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJVM3hXcAY6oEynkWMjuPgL4vt84MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbFV6ZUZkd0JqcWdUS2VSWXlPNC1BdmktM3pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xAgEA
MA0GCSqGSIb3DQEBCwUAA4IBAQBnVtSAOZoalRGJE4EhKBpN275nUaJnHkdSr3zZ
nWFmo8Igr/RNncvXCVFdinbjClP95yDvW8PhHypi2nsgeukqpULkpkdijCsEAVoG
jhU/EK/E7l625QlkmZBr4oGH2t5bUkbBlluF2gG47VCwdpzyzFY/2RpNB/zCxvBL
Rgdacy44UbRikKPJOF5lds9ZuopoiAsmJFqkkyyG1Qfk9TqzrTFtBCWyIaGSlB1d
WiD0bxSh4yri43tjpeESygRFnYmeItJykc0l9H2b+fpLFf2FEtGEAGeji2a7wx8J
VBVMhWqgVJ65lObbpyPcM5ebOS0Z+1wWTzox2nJsj5kvEGq5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:37 2024 by rpki-client on console-fra.rpki-client.org