Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/miWSvNkgAQr-iGUGLJe8-kemyYs.roa
File:                     miWSvNkgAQr-iGUGLJe8-kemyYs.roa (raw, json)
Hash identifier:          AUPm6IiaO0N6fj5p6J9G5pXmeGfJPsSrGbH9HV/UZiE=
Subject key identifier:   9A:25:92:BC:D9:20:01:0A:FE:88:65:06:2C:97:BC:FA:47:A6:C9:8B
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E793AD0C6DCEC3801B32CA9E2CF17F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/miWSvNkgAQr-iGUGLJe8-kemyYs.roa
Signing time:             Mon 02 Jan 2023 05:15:02 +0000
ROA not before:           Mon 02 Jan 2023 05:15:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     140731
IP address blocks:        2a0e:b107:c30::/44 maxlen: 48
                          2a0e:b107:11b0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Mon 23 Jan 2023 10:50:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:93:ad:0c:6d:ce:c3:80:1b:32:ca:9e:2c:f1:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9a2592bcd920010afe8865062c97bcfa47a6c98b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:28:34:75:ab:2f:6f:04:b2:01:c1:03:61:3f:
                    7d:a4:97:68:07:c0:97:91:b8:36:4b:ab:2f:8e:28:
                    f9:30:cb:ff:65:3d:3a:7f:ba:0f:be:ae:8e:ef:f6:
                    6b:bb:23:f5:73:3f:3b:69:5b:8f:92:8a:29:15:98:
                    bb:da:31:20:e4:77:a0:7d:0f:2d:0a:77:6f:0e:07:
                    cc:24:c4:7a:91:f5:fb:91:b8:a1:1f:18:0d:26:b8:
                    52:46:5a:28:f6:52:ef:54:20:4b:42:c3:29:98:29:
                    9a:4d:7e:d0:af:61:81:75:c8:c3:e6:c8:18:92:95:
                    31:93:d3:a5:cd:19:b1:63:99:4f:6a:e5:31:08:8c:
                    54:36:ee:8f:50:96:d1:83:79:28:30:81:cf:2e:a5:
                    bc:13:69:a8:5e:dd:57:e4:f6:17:71:c4:a0:39:ae:
                    4a:59:9a:3e:16:5e:18:82:f8:07:25:d3:83:f8:9e:
                    8b:fe:d6:35:93:57:2f:4a:d6:cf:12:5f:1f:3c:07:
                    0b:79:b9:c8:31:f6:fe:92:ba:da:4c:ae:e2:72:71:
                    37:ad:2c:96:32:e0:83:a1:d9:0a:dc:e3:55:25:b2:
                    c0:2a:3b:0f:ee:a1:cb:d0:a1:03:80:8e:23:b8:60:
                    14:dc:ef:64:c7:c7:50:62:e1:88:9a:6c:81:7e:dd:
                    9b:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:25:92:BC:D9:20:01:0A:FE:88:65:06:2C:97:BC:FA:47:A6:C9:8B
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/miWSvNkgAQr-iGUGLJe8-kemyYs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:c30::/44
                  2a0e:b107:11b0::/44

    Signature Algorithm: sha256WithRSAEncryption
         84:e8:bf:cd:92:05:93:f8:4f:26:27:5d:03:de:7a:a9:fd:4a:
         13:01:7e:4d:46:ba:99:b2:29:26:eb:e6:33:ef:d7:0e:9d:3d:
         e5:49:39:5f:12:7e:11:ee:26:22:95:3f:95:1d:c3:b5:12:9c:
         d9:dc:df:a3:be:65:32:21:81:bf:df:64:c2:44:ec:55:55:ca:
         8d:b7:93:40:eb:1c:33:9b:cc:39:b4:0a:15:d8:63:36:dd:55:
         49:e4:5d:44:1b:31:55:1c:cd:80:39:3e:3c:4a:27:e6:03:97:
         9b:3b:6d:d3:19:9b:a3:91:3a:a9:03:de:d7:2e:6d:b0:80:16:
         15:54:5a:24:50:df:2a:51:97:28:05:f1:27:ad:4e:08:21:f1:
         87:c3:8c:36:cd:85:a8:ff:36:f9:e2:14:25:cd:34:c7:d0:a0:
         67:48:31:39:38:a3:5c:3b:0d:50:62:20:82:f6:cf:d1:88:68:
         a0:01:c7:ec:68:c0:06:ca:8e:ca:9e:91:af:f5:aa:a6:05:58:
         0a:b5:91:2e:ab:0a:26:ea:c9:97:e8:35:5b:e5:58:5e:d6:45:
         90:ee:c8:fa:cf:8b:b6:27:cc:7d:85:c9:b3:d0:27:fc:6c:dd:
         e8:ee:c1:a1:bb:7b:fc:a7:78:bc:c2:1a:b5:57:a6:a1:9a:37:
         df:bd:a1:12
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw55OtDG3Ow4AbMsqeLPF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTI1OTJiY2Q5MjAwMTBhZmU4ODY1MDYyYzk3YmNmYTQ3YTZjOThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlig0dasvbwSyAcEDYT99pJdoB8CX
kbg2S6svjij5MMv/ZT06f7oPvq6O7/ZruyP1cz87aVuPkoopFZi72jEg5HegfQ8t
CndvDgfMJMR6kfX7kbihHxgNJrhSRloo9lLvVCBLQsMpmCmaTX7Qr2GBdcjD5sgY
kpUxk9OlzRmxY5lPauUxCIxUNu6PUJbRg3koMIHPLqW8E2moXt1X5PYXccSgOa5K
WZo+Fl4YgvgHJdOD+J6L/tY1k1cvStbPEl8fPAcLebnIMfb+krraTK7icnE3rSyW
MuCDodkK3ONVJbLAKjsP7qHL0KEDgI4juGAU3O9kx8dQYuGImmyBft2bOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJolkrzZIAEK/ohlBiyXvPpHpsmLMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbWlXU3ZOa2dBUXItaUdVR0xKZTgta2VteVlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBwww
AwcEKg6xBxGwMA0GCSqGSIb3DQEBCwUAA4IBAQCE6L/NkgWT+E8mJ10D3nqp/UoT
AX5NRrqZsikm6+Yz79cOnT3lSTlfEn4R7iYilT+VHcO1EpzZ3N+jvmUyIYG/32TC
ROxVVcqNt5NA6xwzm8w5tAoV2GM23VVJ5F1EGzFVHM2AOT48SifmA5ebO23TGZuj
kTqpA97XLm2wgBYVVFokUN8qUZcoBfEnrU4IIfGHw4w2zYWo/zb54hQlzTTH0KBn
SDE5OKNcOw1QYiCC9s/RiGigAcfsaMAGyo7KnpGv9aqmBVgKtZEuqwom6smX6DVb
5Vhe1kWQ7sj6z4u2J8x9hcmz0Cf8bN3o7sGhu3v8p3i8whq1V6ahmjffvaES
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:37 2024 by rpki-client on console-fra.rpki-client.org